[prev in list] [next in list] [prev in thread] [next in thread]
List: libreswan-dev
Subject: Re: [Swan-dev] two new test failures
From: Paul Wouters <paul () nohats ! ca>
Date: 2017-06-20 23:32:17
Message-ID: alpine.LRH.2.21.1706201927260.12307 () bofh ! nohats ! ca
[Download RAW message or body]
On Tue, 20 Jun 2017, D. Hugh Redelmeier wrote:
> There are two new "failures" in the test runs. This is from two
> instances of a new message.
>
> ./xauth-pluto-07/OUTPUT/road.console.diff:+005 "modecfg-road-eastnet-psk" #1: \
> Subnet 192.0.2.0/24 already has an spd_route - ignoring
> ./xauth-pluto-08/OUTPUT/road.console.diff:+005 "modecfg-road-eastnet-psk" #1: \
> Subnet 192.0.2.0/24 already has an spd_route - ignoring
> These message were added in 835d41d1 by Oleg Rosowiecki.
>
> I think that the message is correct and I'm wondering if it should be
> expected or it is a misconfiguration of the tests.
It is not a misconfiguration.
> In these tests, the subnet in question is hardwired into the conn and
> is also passed in the xauth/modeconfig exchange.
That is indeed what is causing the attempt at the duplicate spd_route.
The duplicate is ignored, but when removing these at down time, there
is an error when the 2nd delete can't find its spd_route entry.
> If this is a mistake in the configuration:
>
> - should the diagnostic be treated as more serious?
>
> - should the test configurations be fixed?
>
> - should the reference logs be fixed?
Different XAUTH clients apparently can behave slightly differently.
Note with remote-peer-type=cisco, the 0th spd_route is skipped
and the "conn" leftsubnet/rightsubnet is never established.
We aren't checking where the duplicate came from, it could be from
multiple duplicate CISCO_SPLIT_INC directives too.
We could either test if the SPLIT directive maps to the rightsubnet
we already have configured and skip the spd_route (and prevent the
warning) or we could ignore the warning (and fixup the test output)
Paul
_______________________________________________
Swan-dev mailing list
Swan-dev@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic