ikev2: add hint to the log when IDs do not match

Type: improvement Ticket: VPP-1908 Change-Id: I1d86ea18fcb6174b86c449d5d9403fd0e5715318 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
author: Filip Tehlar <ftehlar@cisco.com> 2021-01-26 22:06:48 +0000
committer: Beno�t Ganne <bganne@cisco.com> 2021-02-04 18:12:13 +0000
commit: bdd14fc2a3b438fe424257d707a69555b008fb04 (patch)
tree: 5459f37d72291abc268fc39d2756d3078dd76951
parent: a0951d4b3b2b13abf20d72fde02baed844a6b014 (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index 8bb327730c8..0236764e637 100644
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -1666,7 +1666,11 @@ ikev2_sa_auth (ikev2_sa_t * sa)
             sel_p = p;
             break;
           }
-
+	else
+	  {
+	    ikev2_elog_uint (IKEV2_LOG_ERROR, "shared key mismatch! ispi %lx",
+			     sa->ispi);
+	  }
       }
     else if (sa_auth->method == IKEV2_AUTH_METHOD_RSA_SIG)
       {
@@ -1679,6 +1683,11 @@ ikev2_sa_auth (ikev2_sa_t * sa)
             sel_p = p;
             break;
           }
+	else
+	  {
+	    ikev2_elog_uint (IKEV2_LOG_ERROR,
+			     "cert verification failed! ispi %lx", sa->ispi);
+	  }
       }
 
     vec_free(auth);
author	Filip Tehlar <ftehlar@cisco.com>	2021-01-26 22:06:48 +0000
committer	Beno�t Ganne <bganne@cisco.com>	2021-02-04 18:12:13 +0000
commit	bdd14fc2a3b438fe424257d707a69555b008fb04 (patch)
tree	5459f37d72291abc268fc39d2756d3078dd76951
parent	a0951d4b3b2b13abf20d72fde02baed844a6b014 (diff)