[Swan] Fw: Libreswan 3.27 left=%eth1 is not resolving local IP
Paul Wouters
paul at nohats.ca
Tue Apr 14 03:08:10 UTC 2020
On Tue, 3 Mar 2020, Rene Neumann wrote:
> Subject: Re: [Swan] Fw: Libreswan 3.27 left=%eth1 is not resolving local IP
>
> Hello Paul,
>
> A colleague of mine went through the setup again and the last working version was 3.20,
> Attached are the log files and an example of the test.conf which we are currently using for the tests. As we did
> some other changes on our site as well, will I try to rule out any of that.
> One question I have is what is libreswan using to identify the IP's, when I do a normal IPsec status the
> interfaces have the correct IP's.
Note that git master should be working with this now.
Antony found the issue and fixed it. Included the diff below for you.
Paul
diff --git a/lib/libipsecconf/confread.c b/lib/libipsecconf/confread.c
index 04cfb5dd18..0dd410959a 100644
--- a/lib/libipsecconf/confread.c
+++ b/lib/libipsecconf/confread.c
@@ -480,7 +480,7 @@ static bool validate_end(struct starter_conn *conn_st,
if (end->strings[KSCF_IP][0] == '%') {
pfree(end->iface);
- end->iface = clone_str(end->strings[KSCF_IP], "KH_IPADDR end->iface");
+ end->iface = clone_str(end->strings[KSCF_IP] + 1, "KH_IPADDR end->iface");
if (!starter_iface_find(end->iface, hostfam,
&end->addr,
&end->nexthop))
Paul
More information about the Swan
mailing list