[Swan-dev] new test failures

Paul Wouters paul at nohats.ca
Wed Feb 13 15:16:06 UTC 2019

On Wed, 13 Feb 2019, D. Hugh Redelmeier wrote:

> I ran the tests last evening.  The new failures look simple to fix.
> I include a diff of the summary from the previous run
> (summary produced by "testing/utils/kvmresults.py testing/pluto/").

I'm going to ignore the changes due to andrew's algorithm changes from
the last few days, assuming those will be updated.

> - testing/pluto/ikev2-liveness-09 failed in its mysterious way:
> -| xfrm acquire rtattribute type 5
> -| xfrm acquire rtattribute type 16

  grep -E "liveness: action|acquire" OUTPUT/west.pluto.log

that's an odd grep line. I think the case is really only looking

 	initiate on demand from to proto=1 because: acquire

> - testing/pluto/nat-pluto-04 failed in another mysterious way
> +? ( at fe:00:00:dc:bc:ff [ether] on eth0

NetName:        MIMOSAL

That IP is your LAN. Why is it leaking into the tests? :)

>> testing/pluto/ikev2-child-03-dh-none-pfs-no failed west:output-different
> testing/pluto/ikev2-child-03-dh-none-pfs-no/OUTPUT/west.console.diff
> -004 "westnet-eastnet-ikev2" #2: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive}
> +004 "westnet-eastnet-ikev2" #2: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_CBC_256-HMAC_SHA2_512_256 NATOA=none NATD=none DPD=passive}

Ah few cases got their default key size to go from 128 to 256? Probably
as a result of the proposal parser changes? I'm fine with that. Let uses
go back to 128 key manually if they really want to do that.


More information about the Swan-dev mailing list