[Swan-dev] new test failures

Paul Wouters paul at nohats.ca
Wed Feb 13 15:16:06 UTC 2019


On Wed, 13 Feb 2019, D. Hugh Redelmeier wrote:

> I ran the tests last evening.  The new failures look simple to fix.
>
> I include a diff of the summary from the previous run
> (summary produced by "testing/utils/kvmresults.py testing/pluto/").

I'm going to ignore the changes due to andrew's algorithm changes from
the last few days, assuming those will be updated.


> - testing/pluto/ikev2-liveness-09 failed in its mysterious way:
> -| xfrm acquire rtattribute type 5
> -| xfrm acquire rtattribute type 16

  grep -E "liveness: action|acquire" OUTPUT/west.pluto.log

that's an odd grep line. I think the case is really only looking
for:

 	initiate on demand from 192.0.1.254:8 to 192.0.2.254:0 proto=1 because: acquire

> - testing/pluto/nat-pluto-04 failed in another mysterious way
> +? (192.139.70.77) at fe:00:00:dc:bc:ff [ether] on eth0

NetName:        MIMOSAL

That IP is your LAN. Why is it leaking into the tests? :)

>> testing/pluto/ikev2-child-03-dh-none-pfs-no failed west:output-different
> testing/pluto/ikev2-child-03-dh-none-pfs-no/OUTPUT/west.console.diff
> -004 "westnet-eastnet-ikev2" #2: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive}
> +004 "westnet-eastnet-ikev2" #2: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_CBC_256-HMAC_SHA2_512_256 NATOA=none NATD=none DPD=passive}

Ah few cases got their default key size to go from 128 to 256? Probably
as a result of the proposal parser changes? I'm fine with that. Let uses
go back to 128 key manually if they really want to do that.

Paul


More information about the Swan-dev mailing list