[Swan-dev] {left,right}rsasigkey2=...
Andrew Cagney
andrew.cagney at gmail.com
Tue Sep 22 20:14:34 UTC 2020
Regardless of the end, a line like:
leftrsasigkey=
leftrsasigkey2=...
will always add public keys like:
(generated?) leftid / leftrsasigkey
(generated?) leftid / leftrsasigkey2
to the list of raw public keys. Left will then try all raw public keys
matching <id>.
The problem is that the above aren't tied to "left". Any connection,
provided the id matches, will use the raw public key; and sometimes use the
wrong one.
Are there any ideas on how to extract us from this quirky mis-feature? For
instance:
- let ipsec.secrets define raw public keys?
- come up with a syntax that makes it clear that it is shared?
- tie it to the connection's end somehow?
- drop it?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20200922/c8a13088/attachment.html>
More information about the Swan-dev
mailing list