[Swan-dev] The curious case of expire_ike_because_child_not_used()
Antony Antony
antony at phenome.org
Fri Feb 15 20:06:01 UTC 2019
On Fri, Feb 15, 2019 at 02:05:47PM -0500, Andrew Cagney wrote:
> On Sun, 10 Feb 2019 at 23:18, Paul Wouters <paul at nohats.ca> wrote:
>
> > It is called from v2_event_sa_rekey() and v2_event_sa_replace()
> >
> > The calls pass a child st state.
>
> [...]
>
> > Then it checks:
> >
> > if (IS_IKE_SA(st)) {
> > ike = pexpect_ike_sa(st);
> > cst = state_with_serialno(c->newest_ipsec_sa);
> >
> >
> > This seems questionable, as we only ever pass in child states.....
>
> Are you sure? Greping the test results for 'rekeying stale IKE SA'
> and 'replacing stale IKE SA' both get matches.
back in the days the event was EVENT_v2_SA_REPLACE_IF_USED.
and I just greped an old test run from 2018-07-04
It only show up oe tests.
my recollection is from 2015 EVENT_v2_SA_REPLACE_IF_USED was for OE.
And grep seems to support that idea.
the new one "'rekeying stale IKE SA'" seems to be showing up else where too.
That looks weired to me. this is my 2 min greping.
Is there any way to grep what event was set?
I am not familier with code changes since 2018 Oct or so.
More information about the Swan-dev
mailing list