[Swan-dev] testing/pluto/ikev2-03-basic-rawrsa-ckaid

Andrew Cagney andrew.cagney at gmail.com
Sun Feb 3 21:21:38 UTC 2019


On Sat, 2 Feb 2019 at 22:06, Paul Wouters <paul at nohats.ca> wrote:
>
> On Sat, 2 Feb 2019, Andrew Cagney wrote:
>
> > Already fixed.
> > testing: update ikev2-03-basic-rawrsa-ckaid to expect new output
> > (but I suspect the sanitizer tweak broke something)
>
> But what does this really test?

>From my POV, it demonstrates how CKAIDs with raw private keys can
sometimes seem to work when really they don't.

> conn westnet-eastnet-ikev2
>         also=east-rightckaid
>         also=west-leftrsasigkey
>         also=east-rightrsasigkey
>
> The test also has no empty secrets files, so it gets the default one
> with the rsasigkey in ipsec.secrets, which is why it works. But that's
> a workaround :P
>
> The test does pass for me now.
>
> Paul


More information about the Swan-dev mailing list