[Swan-dev] a question on whack exit codes (libreswan-up-down.sh)

Paul Wouters paul at nohats.ca
Wed May 9 15:29:47 UTC 2018

On Mon, 7 May 2018, Andrew Cagney wrote:

>> This log message has the wrong RC_XXX type.
>> Looking closer, it seems that RC_WHACK_PROBLEM is unfortunately placed
>> in lswlog.h. I'll push a fix.
> I don't think that helped.

Can you elaborate? I do think it fixed something, but you might run into
other messages using a wrong RC_* code ?

> Here all the initiator knows is that something is wrong.
> Because the other end never proved their identity, the initiator can't
> trust what is coming back so it should back off for a bit and then try
> again.

The RC code for that can be RC_LOG or RC_RETRANSMISSION. Both should
cause the return code for whack to be 0.

> As an aside, all the ikev2-unknown-payload-* tests prod this area, and
> highlight how inconsistent pluto is with handling this case.  Hmm,
> just noticed that ikev2-unknown-payload-03-auth-sk-critical doesn't
> try again :-/

That's a bug then, but fortunately pretty minor.


More information about the Swan-dev mailing list