[strongSwan] Changes in secrets file handling in 4.4.1

John Southworth john.southworth at vyatta.com
Wed Aug 24 00:58:08 CEST 2011


We (Vyatta) updated strongswan in our last release to 4.4.1, previously we were using 4.3.2. I'm observing a change in the handling of /etc/ipsec.secrets. In 4.3.2 if a FQDN (not prepended with an '@') was used in the ipsec.secrets file it was resolved to the IP address when the file was read in. 

In 4.4.1 however this resolution doesn't occur. Unless I missed something the new code for identification processing in this version isn't written to do the name resolution. 

Was this behavior change intentional? If so what was the rational behind this?


John Southworth
Network Software Engineer
Vyatta Inc.

More information about the Users mailing list