[Swan-dev] errors reported by test suite
D. Hugh Redelmeier
hugh at mimosa.com
Sun Jul 9 20:33:40 UTC 2017
I get a lot of errors when I run the tests. Can folks work on fixing
them? In some cases, the fix is to update the referencee logs.
lost a data packet -- probably nothing to be done
ah-pluto-07-klips-netkey/OUTPUT/west.console.diff
ikev1-algo-esp-sha2-01-netkey-klips/OUTPUT/west.console.diff
ikev1-algo-esp-sha2-02-netkey-klips/OUTPUT/west.console.diff
?? different traffic, extra "src"
certoe-07-nat-2-clients/OUTPUT/road.console.diff
certoe-07-nat-2-clients/OUTPUT/east.console.diff
New warning? clear-or-private#192.1.2.0/24 #1 not fetching ipseckey that end rsasigkey != %dnsondemand can only query DNS for IPSECKEY for ID that is a FQDN, IPV4_ADDR, or IPV6_ADDR id type=ID_NULL IKEv2_AUTH_NULL remote=192.1.2.254 thatid=ID_NULL
certoe-08-nat-packet-cop-restart/OUTPUT/road.console.diff
certoe-08-nat-packet-cop-restart/OUTPUT/east.console.diff
New retransmit interval not reflected in logs?
delete-sa-04/OUTPUT/east.console.diff
... and states numbered differently?
delete-sa-04/OUTPUT/west.console.diff
tunnel missing?
dnsoe-01/OUTPUT/road.console.diff
dnsoe-01/OUTPUT/east.console.diff
dnsoe-02/OUTPUT/road.console.diff
dnsoe-02/OUTPUT/east.console.diff
dnssec-pluto-01/OUTPUT/west.console.diff
some lost traffic, different "src"
dpd-01/OUTPUT/west.console.diff
missing interfaces:
dynamic-iface-01/OUTPUT/west.console.diff
cert-related error?
+003 "westnet-eastnet-ikev2" #2: ID_DER_ASN1_DN 'E=user-east at testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA' does not match expected 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east at testing.libreswan.org'
fips-08-ikev2-x509/OUTPUT/west.console.diff
ikev1-27-uniqueid/OUTPUT/north.console.diff
ikev1-aggr-replace-01/OUTPUT/north.console.diff
script was updated -- bugs added
ikev1-02-fuzzer/OUTPUT/west.console.diff
missing connection
ikev1-aggr-sendcert-01/OUTPUT/north.console.diff
ikev1-aggr-sendcert-01/OUTPUT/east.console.diff
negotiation went off rails
ikev1-rekey-connswitch/OUTPUT/east.console.diff
ikev1-rekey-connswitch/OUTPUT/west.console.diff
different informational payload generated??
-003 "san" #1: ignoring informational payload INVALID_ID_INFORMATION, msgid=00000000, length=12
+003 "san" #1: ignoring informational payload INVALID_KEY_INFORMATION, msgid=00000000, length=12
ikev1-x509-05-san-firstemail-match/OUTPUT/west.console.diff
different informational payload generated??
-002 "san" #1: Peer public key is not available for this exchange
-218 "san" #1: STATE_MAIN_I3: INVALID_ID_INFORMATION
-002 "san" #1: sending encrypted notification INVALID_ID_INFORMATION to 192.1.2.23:500
+003 "san" #1: no RSA public key known for 'NOTeast at testing.libreswan.org'
+217 "san" #1: STATE_MAIN_I3: INVALID_KEY_INFORMATION
+002 "san" #1: sending encrypted notification INVALID_KEY_INFORMATION to 192.1.2.23:500
ikev1-x509-06-san-email-mismatch/OUTPUT/west.console.diff
ikev1-x509-08-san-dns-mismatch/OUTPUT/west.console.diff
different informational payload generated??
-003 "san" #1: ignoring informational payload INVALID_ID_INFORMATION, msgid=00000000, length=12
+003 "san" #1: ignoring informational payload INVALID_KEY_INFORMATION, msgid=00000000, length=12
ikev1-x509-07-san-ip-mismatch/OUTPUT/west.console.diff
ikev1-x509-aggr-05-san-firstemail-match/OUTPUT/west.console.diff
negotiation went off rails
+003 "san" #1: ignoring informational payload INVALID_KEY_INFORMATION, msgid=00000000, length=12
ikev1-x509-12-san-dn-match/OUTPUT/east.console.diff
ikev1-x509-12-san-dn-match/OUTPUT/west.console.diff
ikev1-x509-13-san-dn-mismatch/OUTPUT/east.console.diff
ikev1-x509-13-san-dn-mismatch/OUTPUT/west.console.diff
Here I ran out of time.
(I did a similar exercise last week but ran out of time and my results
got stale. So I'm sending this off now, before they get stale. I'm
sure that if people fix these errors, a lot of other failed tests will
be fixed as a side-effect.)
More information about the Swan-dev
mailing list