[strongSwan] %any in ipsec.secrets

Germano Veit Michel germanovmichel at aim.com
Fri Mar 9 20:22:37 CET 2012

Hello Andreas,

I tried that but still no go:

 |    length/value: 1
 |    [1 is pre-shared key]
 "x-ethernet0" #1: Can't authenticate: no preshared key found for '' and ''.  Attribute OAKLEY_AUTHENTICATION_METHOD
 "x-ethernet0" #1: no acceptable Oakley Transform
 "x-ethernet0" #1: sending notification NO_PROPOSAL_CHOSEN to

If I do : PSK "test123" 

then it works like a charm.

However, I took some time to look at the code and found this function:

const secret_t* match_secret(identification_t *my_id, identification_t *his_id, secret_kind_t kind)

A part of this function is the following:

                        enumerator = s->ids->create_enumerator(s->ids);
                        while (enumerator->enumerate(enumerator, &id))
                                if (my_id->equals(my_id, id))
                                        match |= match_me;
                                if (his_id->equals(his_id, id))
                                        match |= match_him;

Read some comments on the code and then i changed 

and now it recognizes the %any keyword properly.

But I'm not sure if I didn't break anything. What do you think about it?

By the way, strongswan v4.6.2

Thanks for your time

Germano Veit Michel
germanovmichel at aim.com

Germano Veit Michel
germanovmichel at aim.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120309/d3e2e380/attachment.html>

More information about the Users mailing list