ikev2: add hint to the log when IDs do not match Type: improvement Ticket: VPP-1908 Change-Id: I1d86ea18fcb6174b86c449d5d9403fd0e5715318 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>

commit: bdd14fc2a3b438fe424257d707a69555b008fb04 [log] [tgz]
author: Filip Tehlar <ftehlar@cisco.com> Tue Jan 26 22:06:48 2021 +0000
committer: Beno�t Ganne <bganne@cisco.com> Thu Feb 04 18:12:13 2021 +0000
tree: 5459f37d72291abc268fc39d2756d3078dd76951
parent: a0951d4b3b2b13abf20d72fde02baed844a6b014 [diff]
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index 8bb3277..0236764 100644
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c

@@ -1666,7 +1666,11 @@
             sel_p = p;
             break;
           }
-
+	else
+	  {
+	    ikev2_elog_uint (IKEV2_LOG_ERROR, "shared key mismatch! ispi %lx",
+			     sa->ispi);
+	  }
       }
     else if (sa_auth->method == IKEV2_AUTH_METHOD_RSA_SIG)
       {
@@ -1679,6 +1683,11 @@
             sel_p = p;
             break;
           }
+	else
+	  {
+	    ikev2_elog_uint (IKEV2_LOG_ERROR,
+			     "cert verification failed! ispi %lx", sa->ispi);
+	  }
       }
 
     vec_free(auth);
commit	bdd14fc2a3b438fe424257d707a69555b008fb04	[log] [tgz]
author	Filip Tehlar <ftehlar@cisco.com>	Tue Jan 26 22:06:48 2021 +0000
committer	Beno�t Ganne <bganne@cisco.com>	Thu Feb 04 18:12:13 2021 +0000
tree	5459f37d72291abc268fc39d2756d3078dd76951
parent	a0951d4b3b2b13abf20d72fde02baed844a6b014 [diff]