/testing/guestbin/swan-prep --x509
Preparing X.509 files
west #
 ipsec certutil -D -n east
west #
 ipsec start
Redirecting to: [initsystem]
west #
 ../../guestbin/wait-until-pluto-started
west #
 ipsec auto --add san
"san": added IKEv1 connection
west #
 echo "initdone"
initdone
west #
 ipsec whack --impair suppress_retransmits
west #
 # this should succeed
west #
 ipsec auto --up san
"san" #1: initiating IKEv1 Aggressive Mode connection
"san" #1: I am sending a certificate request
"san" #1: sent Aggressive Mode request
"san" #1: Peer ID is IPV4_ADDR: '192.1.2.23'
"san" #1: authenticated peer certificate '192.1.2.23' and 3nnn-bit RSA with SHA1 signature issued by 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
"san" #1: I am sending my cert
"san" #1: ISAKMP SA established {auth=RSA_SIG cipher=AES_CBC_256 integ=HMAC_SHA1 group=MODP1536}
"san" #2: initiating Quick Mode IKEv1+RSASIG+ENCRYPT+TUNNEL+PFS+UP+AGGRESSIVE+IKE_FRAG_ALLOW+ESN_NO+ESN_YES {using isakmp#1 msgid:MSGID proposal=AES_CBC-HMAC_SHA1_96, AES_CBC-HMAC_SHA2_512_256, AES_CBC-HMAC_SHA2_256_128, AES_GCM_16_128-NONE, AES_GCM_16_256-NONE, 3DES_CBC-HMAC_SHA1_96, 3DES_CBC-HMAC_SHA2_512_256, 3DES_CBC-HMAC_SHA2_256_128 pfsgroup=MODP1536}
"san" #2: sent Quick Mode request
"san" #2: IPsec SA established tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_CBC_128-HMAC_SHA1_96 DPD=passive}
west #
 echo "done"
done
west #
 # confirm the right ID types were sent/received
west #
 grep "ID type" /tmp/pluto.log | sort | uniq
|    ID type: ID_IPV4_ADDR (0x1)
west #
