[Swan-dev] rightcert=north rightca=%same
Andrew Cagney
andrew.cagney at gmail.com
Thu Oct 29 02:49:04 UTC 2020
in ikev2-x509-20-multicert-rightid-san-wildcard, this causes right to
leak "issuer ca":
https://testing.libreswan.org/v4.1-83-g9d775e57d4-main/ikev2-x509-20-multicert-rightid-san-wildcard/OUTPUT/east.console.diff
- right.ca=%same, so remember to set right.ca to left.ca
- rightcert=north, so set right.ca to clone(north.der, "issuer ca")
- oh, just remembered, set right.ca to clone(left.ca), leaking old value
(vis-à-vis left)
So is the above valid?
More information about the Swan-dev
mailing list