5045 – wrong dir for x509 in freeswan 1.98b

Bug 5045 - wrong dir for x509 in freeswan 1.98b

Summary: wrong dir for x509 in freeswan 1.98b

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	x86 Linux

Importance:	High minor (vote)
Assignee:	Jared H. Hudson

URL:
Whiteboard:
Keywords:

Duplicates (1):	12400 (view as bug list)
Depends on:
Blocks:

Reported:	2002-07-15 13:23 UTC by Nils Ohlmeier
Modified:	2003-02-04 19:42 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Nils Ohlmeier 2002-07-15 13:23:39 UTC

The X.509 Patch expects its directory strucutre for the certificates at
/etc/ipsec.d but on gentoo its reside at /etc/ipsec/ipsec.d. For certs a full
path can be given as workaround, but for the private key this is not possible.

Possible soultions:
- move /etc/ipsec/ipsec.d to /etc/ipsec.d
- create a link at /etc to ipsec.d (like i did)
- maybe the default path for ipsec.d can configured or patched to the gentoo way

Comment 1 Brian Rozmierski 2002-07-15 21:44:47 UTC

I noticed this with 1.97 as well... It's not really a showstopper, but I'll give
you that's it's somewhat annoying. Either we should apply a patch (to the patch
of the source... ugh) to change the search paths, documentation, etc, in the
X509 patches, or revert to it's defaults.

Personally I'd rather have it in a subdirectory anyway - it's a bit cleaner.
Perhaps perstering the patch maintainer would be better in the long-haul.

And BTW, you can set explicit paths for private keys, in ipsec.secrets use a
line like this:

: RSA /etc/ipsec/ipsec.d/private/userKey.pem "yourpasswordhere-ifneeded"

Comment 2 Larry Mitchell 2002-12-18 11:11:56 UTC

*** Bug 12400 has been marked as a duplicate of this bug. ***