[Swan-dev] interop-ikev2-strongswan-35-initiator-rekey not working
Antony Antony
antony at phenome.org
Fri Feb 28 07:34:36 UTC 2020
a quick respond. I quickly double checked with whack --rekey uncommented
It works as expected. So I pushed the change. Lets see output
testing.libreswan.org produce, however, pluto.log might be empty.
One odd thing is empty pluto.log in master. That makes it a bit harder to
analyze.
https://testing.libreswan.org/v3.30-162-g412a6e8d86-master/interop-ikev2-strongswan-35-initiator-rekey/OUTPUT/
notice 35 bytes west.pluto.log.gz
If you notice rekey issues, I would like to see the test's full output.
including pluto.log and charon.log. Without it I can can't respond or
comment.
-antony
On Fri, Feb 28, 2020 at 12:06:51AM -0500, Paul Wouters wrote:
>
> It seems interop-ikev2-strongswan-35-initiator-rekey is not working.
>
> The config file has commented out values for "timer based rekey" and
> the shell script has commented out values for "command based rekey".
> Due to that, the reference output does not show traces of rekey.
> So this test never seems to actually do a rekey against strongswan.
>
> When I changed it to timer based rekey, because according to comments,
> 3.29 rekey command is broken, I still do not see strongswan rejecting
> anything bad if west is libreswan 3.29 or 3.30. I was epxecting the
> test to succeed for 3.29 and fail for 3.30.
>
> I was hoping to confirm my patch to be stricter about address family
> check in TS TYPE using this test, but I can't seem to make this test
> work to ever show a failure during rekey over a bad address family
> towards strongswan.
>
> Paul
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev
mailing list