[strongSwan] How do dump additional data during IKEv2 AUTH verification
Tobias Brunner
tobias at strongswan.org
Tue Sep 18 18:08:11 CEST 2012
Hi Dennis,
> in charon.log i see the following:
> 11[IKE] octets = message + nonce + prf(Sk_px, IDx') => 413 bytes @
> 0xaf004190
>
> Is there any way for me to have strongswan dump or for me to otherwise
> access the entire 413 bytes generated by strongswan here for the AUTH
> signature validation?
You mean you don't see output like this after the line you quoted above?
20[IKE] octets = message + nonce + prf(Sk_px, IDx') => 537 bytes @ 0x1837290
20[IKE] 0: 52 01 94 08 A5 7A F6 05 47 02 DC 30 AD D3 8C 98
R....z..G..0....
20[IKE] 16: 21 20 22 20 00 00 00 00 00 00 01 E5 22 00 00 30 ! "
........"..0
20[IKE] 32: 00 00 00 2C 01 01 00 04 03 00 00 0C 01 00 00 0C
...,............
Which strongSwan version do you use? On what platform do you run it?
How did you configure the logging in strongswan.conf or ipsec.conf (also
see [1])?
Regards,
Tobias
[1] http://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration
More information about the Users
mailing list