search

bronze1man / goStrongswanVici

a golang implement of strongswan vici plugin client.
MIT License
39 stars 34 forks source link

esp proposals & some other variables not getting updated in the actual ike configuration #46

Open VamshiKrishnaM13 opened 1 year ago

VamshiKrishnaM13 commented 1 year ago

image

Now, please check the logs in the below attached image:

image

As you can see in the logs, it is there in the ike conf map, but not in connection map which is after loading the connection.

What could be the possible reason, is it a bug & how to resolve it?

VamshiKrishnaM13 commented 1 year ago

@bronze1man any update?

VamshiKrishnaM13 commented 1 year ago

@bronze1man Please help me here, is it a bug or not?

bronze1man commented 1 year ago

I tried it with charon 5.8.2, looks like this library (goStrongswanVici) has a bug. Maybe This library is not compatible to charon 5.8.2

&goStrongswanVici.Version{Daemon:"charon", Version:"5.8.2", Sysname:"Linux", Release:"5.4.0-166-generic", Machine:"x86_64"}

inner output of the listConns call. from err = c.RegisterEvent("list-conn", func(response map[string]interface{}) {

{
 "test-connection": {
  "children": {
   "test-child-conn": {
    "close_action": "restart",
    "dpd_action": "clear",
    "local-ts": [
     "10.10.59.0/24"
    ],
    "mode": "TUNNEL",
    "rekey_bytes": "0",
    "rekey_packets": "0",
    "rekey_time": "600",
    "remote-ts": [
     "10.10.40.0/24"
    ]
   }
  },
  "local-1": {
   "cacerts": [],
   "cert_policy": [],
   "certs": [],
   "class": "pre-shared key",
   "groups": [],
   "id": "%any"
  },
  "local_addrs": [
   "192.168.198.10"
  ],
  "reauth_time": "0",
  "rekey_time": "0",
  "remote-1": {
   "cacerts": [],
   "cert_policy": [],
   "certs": [],
   "class": "pre-shared key",
   "groups": [],
   "id": "%any"
  },
  "remote_addrs": [
   "192.168.198.11"
  ],
  "unique": "UNIQUE_NO",
  "version": "IKEv1"
 }
}

actual output of the listConns call. ListConns

connection map:  {
 "test-connection": {
  "local_addrs": [
   "192.168.198.10"
  ],
  "remote_addrs": [
   "192.168.198.11"
  ],
  "version": "IKEv1",
  "encap": "",
  "keyingtries": "",
  "rekey_time": "0",
  "local": {
   "id": "",
   "auth": ""
  },
  "remote": {
   "id": "",
   "auth": ""
  },
  "children": {
   "test-child-conn": {
    "local_ts": null,
    "remote_ts": null,
    "start_action": "",
    "close_action": "restart",
    "rekey_time": "600",
    "mode": "TUNNEL",
    "policies": "",
    "dpd_action": "clear"
   }
  }
 }
}
bronze1man commented 1 year ago

@VamshiKrishnaM13 sorry, I do not solve your problem. This library is too old. Strongswan vici plugin introduce break change since the time i develop it... You may use json Marshal and some tools(like https://mholt.github.io/json-to-go/) to get the struct define from the vici server, then change this library, may solve your problem.