/testing/guestbin/swan-prep --x509
Preparing X.509 files
west #
 certutil -D -n east -d sql:/etc/ipsec.d
west #
 ipsec start
Redirecting to: [initsystem]
west #
 /testing/pluto/bin/wait-until-pluto-started
west #
 ipsec auto --add san
002 added IKEv1 connection "san"
west #
 echo "initdone"
initdone
west #
 ipsec whack --impair suppress-retransmits
west #
 # this should succeed
west #
 ipsec auto --up san
002 "san" #1: initiating IKEv1 Main Mode connection
1v1 "san" #1: sent Main Mode request
1v1 "san" #1: sent Main Mode I2
002 "san" #1: I am sending my cert
002 "san" #1: I am sending a certificate request
1v1 "san" #1: sent Main Mode I3
002 "san" #1: Peer ID is ID_USER_FQDN: 'east@testing.libreswan.org'
002 "san" #1: certificate verified OK: E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
003 "san" #1: authenticated using RSA with SHA-1
004 "san" #1: IKE SA established {auth=RSA_SIG cipher=AES_CBC_256 integ=HMAC_SHA2_256 group=MODP2048}
002 "san" #2: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+IKE_FRAG_ALLOW+ESN_NO
1v1 "san" #2: sent Quick Mode request
004 "san" #2: IPsec SA established tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive}
west #
 echo "done"
done
west #
 # confirm the right ID types were sent/received
west #
 grep "ID type" /tmp/pluto.log | sort | uniq
|    ID type: ID_USER_FQDN (0x3)
west #
 ../bin/check-for-core.sh
west #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
west #
 
