[Swan-dev] a question on whack exit codes (libreswan-up-down.sh)

Andrew Cagney andrew.cagney at gmail.com
Mon May 7 14:25:23 UTC 2018

To follow up IRC (and now that I've fixed the more serious bug), below
is a breakdown of the first failure in:

The test is running the script testing/pluto/bin/libreswan-up-down.sh
which is set up to abort on first failure (i.e, simplified):

set -eu
config=$1 ; shift
ipsec auto --add ${config}
ipsec auto --up ${config}        # was exiting with non-zero status
${bindir}/wait-until-alive "$@"

In the past, if the connection didn't come up immediately, 'ipsec auto
--up ${config}' would fail and the script would stop.  With recent
changes, that operation now succeeds and the script continues
executing wait-until-alive (that script runs ping, and the ping then
tricks east into trying to bring up the connection ....):

--- MASTER/testing/pluto/ikev2-unknown-payload-03-auth-sk/west.console.txt
+++ OUTPUT/testing/pluto/ikev2-unknown-payload-03-auth-sk/west.console.txt
@@ -55,6 +55,12 @@
 134 "westnet-eastnet-ipv4-psk-ikev2" #4: STATE_PARENT_I2: sent v2I2,
expected v2R2 {auth=IKEv2 cipher=aes_gcm_16_256 integ=n/a prf=sha2_512
 002 "westnet-eastnet-ipv4-psk-ikev2" #4: IKE SA authentication
 000 "westnet-eastnet-ipv4-psk-ikev2" #4: scheduling retry attempt 1
of an unlimited number, but releasing whack
+ping -n -c 1 -w 4 -I
+PING ( from : 56(84) bytes of data.
+--- ping statistics ---
+4 packets transmitted, 0 received, 100% packet loss, time XXXX
+pipe 4
+destination -I is dead
 west #
  echo done

Given the connection neither succeed nor failed, what should the exit code be?


PS: For the moment I'm sitting on a tweak to libreswan-up-down.sh that
works regardless of the exit code

More information about the Swan-dev mailing list