[Swan-dev] test cases to look into before release
Andrew Cagney
andrew.cagney at gmail.com
Thu Jan 24 14:50:20 UTC 2019
On Thu, 24 Jan 2019 at 00:06, Paul Wouters <paul at nohats.ca> wrote:
>
> On Mon, 21 Jan 2019, Paul Wouters wrote:
>
> > - ikev2-26-keyingtries
>
> Fixed - it used the wrong EVENT type
Yea, that code is pretty messed up (and it always used the wrong
event). Unfortunately the change poked the IKE vs CHILD switch
monster. We now see:
002 "nss-cert-incorrect" #4: Peer public key SubjectAltName does not
match peer ID for this connection
002 "nss-cert-incorrect" #4: X509: CERT payload does not match connection ID
224 "nss-cert-incorrect" #4: STATE_PARENT_I2: v2N_AUTHENTICATION_FAILED
-002 "nss-cert-incorrect" #4: deleting other state #4
(STATE_PARENT_I2) and NOT sending notification
-002 "nss-cert-incorrect" #3: deleting state (STATE_PARENT_I2) and NOT
sending notification
-west #
+002 "nss-cert-incorrect" #5: initiating v2 parent SA to replace #3
+133 "nss-cert-incorrect" #5: STATE_PARENT_I0: initiate, replacing #3
+031 "nss-cert-incorrect" #4: STATE_PARENT_I2: 60 second timeout
exceeded after 0 retransmits. Possible authentication failure: no
acceptable response to our first encrypted message
+000 "nss-cert-incorrect" #4: starting keying attempt 2 of an
unlimited number, but releasing whack
+133 "nss-cert-incorrect" #5: STATE_PARENT_I1: sent v2I1, expected v2R1
+*** exception running script westrun.sh ***
https://testing.libreswan.org/v3.27-663-gd1dfedaf7-master/nss-cert-08-mismatch/OUTPUT/west.console.diff
More information about the Swan-dev
mailing list