<div dir="ltr"><div>Heads up. If the IKE_AUTH rejects the child sa, but accepts authentication, it sends back auth + child failure notification - per the RFC. Unfortunately this is causing the testsuite to take a hit; sigh.</div><div><br></div><div>For instance:</div><div><br></div><div> 1v2 "westnet-eastnet-mismatch" #1: sent IKE_SA_INIT request<br> 002 "westnet-eastnet-mismatch" #1: WARNING: '@west' PSK length of 6 bytes is too short for PRF HMAC_SHA2_512 in FIPS mode (32 bytes required)<br> 1v2 "westnet-eastnet-mismatch" #1: sent IKE_AUTH request {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}<br>+002 "westnet-eastnet-mismatch" #1: WARNING: '@west' PSK length of 6 bytes is too short for PRF HMAC_SHA2_512 in FIPS mode (32 bytes required)<br>+003 "westnet-eastnet-mismatch" #1: authenticated using authby=secret and peer ID_FQDN '@east'</div><div><br></div><div>I guess some auth files need updating.</div><div><br>-003 "westnet-eastnet-mismatch" #2: IKE_AUTH response contained the error notification TS_UNACCEPTABLE<br>+003 "westnet-eastnet-mismatch" #2: IKE_AUTH response missing v2SA, v2TSi or v2TSr: not attempting to setup CHILD SA</div><div><br></div><div>The new log line is technically correct; but not very useful.</div><div><br>+002 "westnet-eastnet-mismatch" #1: sending IKE SA delete</div><div><br></div><div>This is allowed by the RFC. However, nice to have are to try the next pending child, or keep the SA open if configured.</div><div><br>+002 "westnet-eastnet-mismatch" #1: deleting other state #2 (STATE_V2_IKE_AUTH_CHILD_I0) and NOT sending notification<br>+002 "westnet-eastnet-mismatch" #1: deleting state (STATE_V2_ESTABLISHED_IKE_SA) and sending notification</div><div><br></div><div>Hmm, did a double delete get sent?</div><div><br>-000 "westnet-eastnet-mismatch" #1: scheduling retry attempt 1 of an unlimited number, but releasing whack<br>+002 "westnet-eastnet-mismatch" #1: deleting IKE SA but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS<br></div><div><br></div><div>The revive code's log line needs updating (this was hidden by releasing whack) to match what is really going on.</div><div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 28 May 2021 at 15:54, Andrew Cagney <<a href="mailto:cagney@vault.libreswan.fi">cagney@vault.libreswan.fi</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">New commits:<br>
commit 77c852df3648a0d238d8fcde61d308c06746db82<br>
Author: Andrew Cagney <<a href="mailto:cagney@gnu.org" target="_blank">cagney@gnu.org</a>><br>
Date: Fri May 28 15:36:01 2021 -0400<br>
<br>
ikev2: in IKE_AUTH responder, when CHILD SA fails don't delete IKE SA<br>
<br>
Instead just bundle in a notify.<br>
<br>
At least that is the theory. There are still a few code paths,<br>
such as when add_xfrmi() fail, that return STF_FATAL dropping<br>
everything on the floor.<br><br>
</blockquote></div></div>