Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

esp proposals & some other variables not getting updated in the actual ike configuration #46

Open
VamshiKrishnaM13 opened this issue Nov 24, 2023 · 4 comments
Open

esp proposals & some other variables not getting updated in the actual ike configuration #46

VamshiKrishnaM13 opened this issue Nov 24, 2023 · 4 comments

Comments

@VamshiKrishnaM13
Copy link

image

Now, please check the logs in the below attached image:

image

As you can see in the logs, it is there in the ike conf map, but not in connection map which is after loading the connection.

What could be the possible reason, is it a bug & how to resolve it?
@VamshiKrishnaM13
Copy link
Author

@bronze1man any update?

@VamshiKrishnaM13
Copy link
Author

@bronze1man Please help me here, is it a bug or not?

@bronze1man
Copy link
Owner

bronze1man commented Nov 28, 2023
edited
Loading

I tried it with charon 5.8.2, looks like this library (goStrongswanVici) has a bug. Maybe This library is not compatible to charon 5.8.2

&goStrongswanVici.Version{Daemon:"charon", Version:"5.8.2", Sysname:"Linux", Release:"5.4.0-166-generic", Machine:"x86_64"}

inner output of the listConns call. from err = c.RegisterEvent("list-conn", func(response map[string]interface{}) {

{
 "test-connection": {
  "children": {
   "test-child-conn": {
    "close_action": "restart",
    "dpd_action": "clear",
    "local-ts": [
     "10.10.59.0/24"
    ],
    "mode": "TUNNEL",
    "rekey_bytes": "0",
    "rekey_packets": "0",
    "rekey_time": "600",
    "remote-ts": [
     "10.10.40.0/24"
    ]
   }
  },
  "local-1": {
   "cacerts": [],
   "cert_policy": [],
   "certs": [],
   "class": "pre-shared key",
   "groups": [],
   "id": "%any"
  },
  "local_addrs": [
   "192.168.198.10"
  ],
  "reauth_time": "0",
  "rekey_time": "0",
  "remote-1": {
   "cacerts": [],
   "cert_policy": [],
   "certs": [],
   "class": "pre-shared key",
   "groups": [],
   "id": "%any"
  },
  "remote_addrs": [
   "192.168.198.11"
  ],
  "unique": "UNIQUE_NO",
  "version": "IKEv1"
 }
}

actual output of the listConns call. ListConns

connection map:  {
 "test-connection": {
  "local_addrs": [
   "192.168.198.10"
  ],
  "remote_addrs": [
   "192.168.198.11"
  ],
  "version": "IKEv1",
  "encap": "",
  "keyingtries": "",
  "rekey_time": "0",
  "local": {
   "id": "",
   "auth": ""
  },
  "remote": {
   "id": "",
   "auth": ""
  },
  "children": {
   "test-child-conn": {
    "local_ts": null,
    "remote_ts": null,
    "start_action": "",
    "close_action": "restart",
    "rekey_time": "600",
    "mode": "TUNNEL",
    "policies": "",
    "dpd_action": "clear"
   }
  }
 }
}

@bronze1man
Copy link
Owner

bronze1man commented Nov 28, 2023
edited
Loading

@VamshiKrishnaM13 sorry, I do not solve your problem. This library is too old. Strongswan vici plugin introduce break change since the time i develop it... You may use json Marshal and some tools(like https://mholt.github.io/json-to-go/) to get the struct define from the vici server, then change this library, may solve your problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bronze1man @VamshiKrishnaM13