On Tue, 28 Jan 2020, Antony Antony wrote:
there are 3 tests I am not quite sure wheather related xfrmi or not.
From a quick comparison of testrun these appear as regression due xfrmi
merge. However, I suspect these are connection switch and ID fixes related
and not xfrmi related. Paul could y
I found the root cause of this issue, fix in commit f2967f3bffd18.
It was not related to xfrmi code. xfrmi merge made an existing bug more
visible.
The fix also changed a few other test's v2-auth-hash-policy default to
SHA2_256+SHA2_384+SHA2_512 previosly it was none and authenticated using
RSA1
I tracked the regression to addconn. You will see difference ipsec status
after adding the connection: v2-auth-hash-policy: none
with "none" the initiator will only propose RSASIG-v1.5. Before it was
proposing Digital signature, rsa-sha2_512.
seemingly unrelated one line change to a conn changes
after xfrmi merge a change IPsec algorithm was noticed. Sorry I didn't
notice this on xfrmi branch alone.
Careful committing new console outputs before this is fixed. If you commit
new outputs now once this regression is fixed those tests may flip back.
cagney: is pointing at commit 32e11cc9b4