On 9 May 2018 at 11:29, Paul Wouters <[email protected]> wrote: > On Mon, 7 May 2018, Andrew Cagney wrote: > >>> This log message has the wrong RC_XXX type. >>> >>> Looking closer, it seems that RC_WHACK_PROBLEM is unfortunately placed >>> in lswlog.h. I'll push a fix. >> >> >> I don't think that helped. > > > Can you elaborate? I do think it fixed something, but you might run into > other messages using a wrong RC_* code ?
In this test: http://testing.libreswan.org/results/v3.22-1343-g648051a-master/ikev2-unknown-payload-03-auth-sk/OUTPUT/west.console.diff The 'ipsec auto --up <connection>' didn't establish - something screwed up so it is retrying in the background. Previously, the exit code would have been non zero, but now it is zero. However, ... >> Here all the initiator knows is that something is wrong. >> >> Because the other end never proved their identity, the initiator can't >> trust what is coming back so it should back off for a bit and then try >> again. > > > The RC code for that can be RC_LOG or RC_RETRANSMISSION. Both should > cause the return code for whack to be 0. you're saying that for this case the exit code should be zero from whack? >> As an aside, all the ikev2-unknown-payload-* tests prod this area, and >> highlight how inconsistent pluto is with handling this case. Hmm, >> just noticed that ikev2-unknown-payload-03-auth-sk-critical doesn't >> try again :-/ > > > That's a bug then, but fortunately pretty minor. > > Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
