[Swan-dev] broken delete behaviour on ikev2 ?
Paul Wouters
paul at nohats.ca
Thu Sep 25 22:28:44 EEST 2014
On Thu, 25 Sep 2014, Antony Antony wrote:
> Another data point, in master for other testcase I see the message from Aug 14th. I am not familiar with these testcases, so don't know how to interpret them yet. Are these dpds or delete due reauth/rekey. Lets look at them later.
These are informational messages, which can be DPD/liveness or delete
messages. I think there might be related bugs in setting the Original
Initiator ISAKMP flag, which seems partially handled/hacked by
send_notification() variations send_informational_from_md() and
send_informational_by_state() but I don't think correctly.
We seem to jump through hoopes checking states to see if we are
the original initiator or not. Some tests use state names, other
use the IS_v2_INITIATOR() macro. I think it is getting overly
complicated and decentralised. It seems much easier to have
our initiator states (IKE_INIT_I1 and CREATE_CHILD_I1?) to
mark this in the state. We could create a new bool, or we could
change st_ikev2 from a bool to an enum no|o_init|o_resp.
> 2014-08-14-blackswan-v3.9-252-gf808d8a-master/ikev2-17-rekey/OUTPUT/east.pluto.log:packet from 192.1.2.45:500: received
> too old retransmit: 1 < 2
> 2014-08-14-blackswan-v3.9-252-gf808d8a-master/ikev2-17-rekey/OUTPUT/east.pluto.log:packet from 192.1.2.45:500: received
> too old retransmit: 1 < 2
> 2014-08-14-blackswan-v3.9-252-gf808d8a-master/ikev2-17-rekey/OUTPUT/east.pluto.log:packet from 192.1.2.45:500: received
> too old retransmit: 1 < 2
> 2014-08-14-blackswan-v3.9-252-gf808d8a-master/ikev2-19-x509-auto-start/OUTPUT/east.pluto.log:packet from 192.1.3.209:500
> : received too old retransmit: 1 < 2
>
> The fist one I mentioned was for delete test cases.
More information about the Swan-dev
mailing list