[Swan-dev] what to do when adding a connection with a dud certificate?

Paul Wouters paul at nohats.ca
Wed Apr 17 18:27:33 UTC 2019


This could be tricky,

We support authby=rsasig,null 

But the goal of that option is not to fallback to null due to bad cert.

So unless anyone finds a reason to, I’m fine with not loading such a connection.

Paul

Sent from mobile device

> On Apr 17, 2019, at 19:44, Andrew Cagney <andrew.cagney at gmail.com> wrote:
> 
> I'm looking at this code in connections.c
> 
>    same_leftca = extract_end(&c->spd.this, &wm->left, "left");
>    same_rightca = extract_end(&c->spd.that, &wm->right, "right");
> 
>    if (same_rightca == -1 || same_leftca == -1) {
>        loglog(RC_LOG_SERIOUS, "extract_end() as failed - ID or
> certificate might be unset and cause failure");
>    }
> 
> added with:
> 
>    commit becaafd3c62f4209b1d8d882ab194c9b129d49ef
>    pluto: extract_end() ignored failures and stumbled on. Now it
> aborts properly.
> 
> While extract_end() is aborted, the connection proper still gets
> added.  Should the code instead reject the connection:
> 
> - when the cert is unknown
> - when the cert is "invalid" (see bug 339)
> 
> ?
> 
> Andrew
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev



More information about the Swan-dev mailing list