Hello Andreas,
I tried that but still no go:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 1
| [1 is pre-shared key]
"x-ethernet0" #1: Can't authenticate: no preshared key found for '10.1.1.1'
and '10.1.1.2'. Attribute OAKLEY_AUTHENTICATION_METHOD
"x-ethernet0" #1: no acceptable Oakley Transform
"x-ethernet0" #1: sending notification NO_PROPOSAL_CHOSEN to 10.1.1.2:500
If I do
10.1.1.1 10.1.1.2 : PSK "test123"
then it works like a charm.
However, I took some time to look at the code and found this function:
const secret_t* match_secret(identification_t *my_id, identification_t *his_id,
secret_kind_t kind)
A part of this function is the following:
enumerator = s->ids->create_enumerator(s->ids);
while (enumerator->enumerate(enumerator, &id))
{
if (my_id->equals(my_id, id))
{
match |= match_me;
}
if (his_id->equals(his_id, id))
{
match |= match_him;
}
}
enumerator->destroy(enumerator);
Read some comments on the code and then i changed
my_id->equals(...,...)
to
my_id->matches(....,....)
and now it recognizes the %any keyword properly.
But I'm not sure if I didn't break anything. What do you think about it?
By the way, strongswan v4.6.2
Thanks for your time
Germano Veit Michel
germanovmic...@aim.com
Germano Veit Michel
germanovmic...@aim.com
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
