[Swan-dev] test cases to look into before release
Paul Wouters
paul at nohats.ca
Sat Jan 26 03:53:23 UTC 2019
On Fri, 25 Jan 2019, Paul Wouters wrote:
>>> Now, the one thing that is wrong is that we should not delete #4 without
>>> sending a notify - we are supposed to send a DELETE notify with
>>> AUTHENTICATION_FAILED payload.
>>
>> Right, this is a long standing bug.
>>
>> (as an aside the above should be blaming state #3, and not #4, for all
>> the auth problems)
>
> Yes, and on top of it, it should just delete state #4. It has no more
> chance of ever becoming a valid IPsec SA.
I pushed the change that schedules the immediate deletion of the partial
child state.
But you are right, the whack is not released properly, so the *-mismatch
tests still time out :/
Paul
More information about the Swan-dev
mailing list