[Bug 245832] sys.netipsec.tunnel.empty.v{4,6} fail after r359374
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri May 1 22:11:04 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245832
--- Comment #6 from John Baldwin <jhb at FreeBSD.org> ---
I just retested null on stock HEAD and it worked for me. I used the following
setkey configurations:
host with 172.16.0.1 interface:
flush;
spdflush;
# Host to host ESP
# Security Associations
add 172.16.0.1 172.16.0.2 esp 0x10000 -E null 0xffff;
add 172.16.0.2 172.16.0.1 esp 0x10001 -E null 0xffff;
# Security Policies
spdadd 172.16.0.1 172.16.0.2 any -P out ipsec
esp/tunnel/172.16.0.1-172.16.0.2/require;
spdadd 172.16.0.2 172.16.0.1 any -P in ipsec
esp/tunnel/172.16.0.2-172.16.0.1/require;
Host with 172.16.0.2 interface:
flush;
spdflush;
# Host to host ESP
# Security Associations
add 172.16.0.1 172.16.0.2 esp 0x10000 -E null 0xffff;
add 172.16.0.2 172.16.0.1 esp 0x10001 -E null 0xffff;
# Security Policies
spdadd 172.16.0.1 172.16.0.2 any -P in ipsec
esp/tunnel/172.16.0.1-172.16.0.2/require;
spdadd 172.16.0.2 172.16.0.1 any -P out ipsec
esp/tunnel/172.16.0.2-172.16.0.1/require;
I'll look to see what kind of setkey config files the test creates, but I
didn't change any of the parsing for setkey in the OCF rework changes, and I
would expect setkey to report an error to stderr (which it didn't from what I
can tell) if it had a parse error or got an error back when trying to setup the
SA.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-testing
mailing list