[Swan-dev] what to do when adding a connection with a dud certificate?

Andrew Cagney andrew.cagney at gmail.com
Wed Apr 17 17:44:04 UTC 2019


I'm looking at this code in connections.c

    same_leftca = extract_end(&c->spd.this, &wm->left, "left");
    same_rightca = extract_end(&c->spd.that, &wm->right, "right");

    if (same_rightca == -1 || same_leftca == -1) {
        loglog(RC_LOG_SERIOUS, "extract_end() as failed - ID or
certificate might be unset and cause failure");
    }

added with:

    commit becaafd3c62f4209b1d8d882ab194c9b129d49ef
    pluto: extract_end() ignored failures and stumbled on. Now it
aborts properly.

While extract_end() is aborted, the connection proper still gets
added.  Should the code instead reject the connection:

- when the cert is unknown
- when the cert is "invalid" (see bug 339)

?

Andrew


More information about the Swan-dev mailing list