[Openswan dev] coexistence of RSA connections with and without Xauth

Andrey Alexandrenko aalexandrenko at telco-tech.de
Tue Aug 21 09:56:50 EDT 2012


I have prepared a patch witch solves for me following issue with Xauth 
in Openswan.  Pluto may refuse to connect with a road warrior If some 
misc connections (with and without Xauth) are configured. The reason is 
that pluto do not regard Xauth policy in main_inI1_outR2 and may just 
choose a not suitable connection for proceeding. In my patch I evaluate 
XAUTH VID and use this information by connection finding.
The patch was prepared for openswan-2.6.35, but it works with 
openswan-2.6.38 as well.

Any feedback on the patch is appreciated.

Regards, Andrey Alexandrenko
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openswan-2.6.35-xauth_vid.patch
Type: text/x-patch
Size: 4031 bytes
Desc: not available
URL: <http://lists.openswan.org/pipermail/dev/attachments/20120821/0917fdc4/attachment.bin>

More information about the Dev mailing list