Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 5045

Summary: wrong dir for x509 in freeswan 1.98b
Product: Gentoo Linux Reporter: Nils Ohlmeier <develop>
Component: New packagesAssignee: Jared H. Hudson <gentoo>
Status: RESOLVED FIXED    
Severity: minor CC: webmaster
Priority: High    
Version: 1.2   
Hardware: x86   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Nils Ohlmeier 2002-07-15 13:23:39 UTC 
The X.509 Patch expects its directory strucutre for the certificates at
/etc/ipsec.d but on gentoo its reside at /etc/ipsec/ipsec.d. For certs a full
path can be given as workaround, but for the private key this is not possible.

Possible soultions:
- move /etc/ipsec/ipsec.d to /etc/ipsec.d
- create a link at /etc to ipsec.d (like i did)
- maybe the default path for ipsec.d can configured or patched to the gentoo way
Comment 1 Brian Rozmierski 2002-07-15 21:44:47 UTC 
I noticed this with 1.97 as well... It's not really a showstopper, but I'll give
you that's it's somewhat annoying. Either we should apply a patch (to the patch
of the source... ugh) to change the search paths, documentation, etc, in the
X509 patches, or revert to it's defaults.

Personally I'd rather have it in a subdirectory anyway - it's a bit cleaner.
Perhaps perstering the patch maintainer would be better in the long-haul.

And BTW, you can set explicit paths for private keys, in ipsec.secrets use a
line like this:

: RSA /etc/ipsec/ipsec.d/private/userKey.pem "yourpasswordhere-ifneeded"
Comment 2 Larry Mitchell 2002-12-18 11:11:56 UTC 
*** Bug 12400 has been marked as a duplicate of this bug. ***