On Thu, 19 Aug 2010, Harald Jenny wrote:
I think I found something:
in programs/pluto/connections.c, line 816
if(!valid_cert) {
whack_log(RC_FATAL, "can not load certificate file %s\n"
, filename);
/* clear the ID, we're expecting it via %fromcert */
dst->id.kind = ID_NONE;
return;
}
This is an incorrect assumption because since version 2.5.16 leftid does not
default anymore to %fromcert. On the other hand it seems that in 2.4.12 the
leftid value is kept even when no leftcert is present. What implications would
a removal of
dst->id.kind = ID_NONE;
have?
I don't think it would hurt. But we're still looking at why an incorrectly
configured configuration that happened to work, "broke".
The check could be changed to see if dst->id.kind is loaded with "%fromcert"
before clearing it.
Paul
Paul
Kind regards
Harald
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
