[Swan-dev] rightcert=north rightca=%same

Andrew Cagney andrew.cagney at gmail.com
Thu Oct 29 02:49:04 UTC 2020

in ikev2-x509-20-multicert-rightid-san-wildcard, this causes right to
leak "issuer ca":
- right.ca=%same, so remember to set right.ca to left.ca
- rightcert=north, so set right.ca to clone(north.der, "issuer ca")
- oh, just remembered, set right.ca to clone(left.ca), leaking old value
(vis-à-vis left)
So is the above valid?

More information about the Swan-dev mailing list