Handling of ASN1.DN values for RSA IPsec during upgrades from previous versions
The certificate CNs are interpreted differently by raccoon and strongSwan, for example:
C=US, ST=Whatever, L=Springfield, O=Springfield Power Plant/emailAddressemail@example.com, CN=springfield.powerplant.com
"C=US, ST=Whatever, L=Springfield, O=Springfield Power Plant, Efirstname.lastname@example.org, CN=springfield.powerplant.com"
So on upgrades from v2.1.x and before, some regex needs to be done on the ASN1DN field.
Also, the value needs to be surrounded in quotes, but be careful because if the identity prefix is provided, the prefix must be included within the quotes, eg: rightid = "asn1dn:#whateverhexvalue..."
This will depend on how the identity type prefixes are handled (related to bug 4792 )
- Add a upgrade code to fix asn1dn string format to match strongSwan needs
- Bump config version to 11.8