[Swan-dev] reggression testcase ikev2-connswitch-01
Tuomo Soini
tis at foobar.fi
Fri Jan 24 11:24:57 UTC 2020
On Fri, 24 Jan 2020 06:14:51 -0500 (EST)
Paul Wouters <paul at nohats.ca> wrote:
> On Fri, 24 Jan 2020, Antony Antony wrote:
>
> > while testing xfrmi Tuomo noticed reggression in connswitch code.
>
> It is not a regression. It is a fix. It does show we have another
> problem with connswitching. This issue, and the OE shunt issue
> and the two release blockers for 3.30
While it might be a fix it is a regression. It causes first matching
connection to fail instead of trying to find out a proper match.
If it is a fix, it is a wrong fix. You tried exactly same fix before and
we ended up reverting it because it broke responder.
This fix won't work and breaks all connection switching on responder.
Failure happens at wrong place in code. This works for initiator
because initiator knows which conn it is using and it won't switch.
But the case where I see regression is static tunnel.
At responder end, static tunnel hits RW connection. And then sits there
failing without trying to switch to correct connection. On responder
this place can't fail the connection.
--
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <https://foobar.fi/>
More information about the Swan-dev
mailing list