cagney
cagney
``` # ipsec whack --shutdown ``` is turned into: ``` # ipsec -n whack --shutdown /usr/local/libexec/ipsec/whack --ctlsocket /run/pluto/pluto.ctl --shutdown ``` i.e., there's both the basic option `--shutdown` and non-basic option...
Setting .magic to the wrong value for --shutdown is a really old bug (
I've pushed what I think is the minimum change. I'll follow up with a re-org of the whack struct so that the basic commands are clearly separate.
I'm going to assume that all the (sane) init systems send a SIGTERM to shutdown pluto and don't try to use `ipsec whack --shutdown`
The complication is: ``` * Policy Packet nic offload requires us to poke an IPsec policy * hole that allows IKE packets. This installs one IPsec policy * per interface...
I've been playing probing when adding connections. I find the behaviour a little weird - announcing that an interface supports offload better fits with adding the interface and not the...
moving to 5.2; #1753 provides an immediate solution
I'll change: ``` @@ -515,6 +555,7 @@ static bool sendrecv_xfrm_msg(struct nlmsghdr *hdr, */ ldbg(logger, "%s() netlink response for %s %s included non-error error", __func__, description, story); + llog_ext_ack(DEBUG_STREAM, logger, &rsp.n);...