ikev2: add hint to the log when IDs do not match

[vpp.git] / src / plugins / ikev2 / ikev2.c

diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index 8bb3277..0236764 100644 (file)
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -1666,7 +1666,11 @@ ikev2_sa_auth (ikev2_sa_t * sa)
             sel_p = p;
             break;
           }
-
+       else
+         {
+           ikev2_elog_uint (IKEV2_LOG_ERROR, "shared key mismatch! ispi %lx",
+                            sa->ispi);
+         }
       }
     else if (sa_auth->method == IKEV2_AUTH_METHOD_RSA_SIG)
       {
@@ -1679,6 +1683,11 @@ ikev2_sa_auth (ikev2_sa_t * sa)
             sel_p = p;
             break;
           }
+       else
+         {
+           ikev2_elog_uint (IKEV2_LOG_ERROR,
+                            "cert verification failed! ispi %lx", sa->ispi);
+         }
       }
 
     vec_free(auth);