self.psk_hosts = {}
self.cert_hosts = {}
+ if not os.path.isdir(self.cert_dir):
+ os.mkdir(self.cert_dir)
+
# Clean out stale peer certs from previous runs
for ovs_cert in glob.glob("%s/ovs-*.pem" % self.cert_dir):
try:
self.call_setkey("spdflush;")
def spd_add(self, local_ip, remote_ip):
- cmds = ("spdadd %s %s gre -P out ipsec esp/transport//default;\n" %
+ cmds = ("spdadd %s %s gre -P out ipsec esp/transport//require;\n" %
(local_ip, remote_ip))
- cmds += ("spdadd %s %s gre -P in ipsec esp/transport//default;" %
+ cmds += ("spdadd %s %s gre -P in ipsec esp/transport//require;" %
(remote_ip, local_ip))
self.call_setkey(cmds)