[strongSwan-dev] route reinstallation test report and analysis

Tobias Brunner tobias at strongswan.org
Mon May 7 12:05:52 CEST 2012


Hi Mirko,

Thanks for testing the patches and the feedback.

> My test scenario looks like ikev2/net2net-cert.

It's good you tested this in such a scenario.  I think I only tested the
road warrior and virtual IP cases where the preferred source is
installed on the outgoing interface.

> The change lookup code uses an uninitialized struct member

Actually, no.  For structs initialized like this all members not
assigned are initialized to 0/NULL (this is a feature of C99 called
designated initializers and GCC also supports it for C89).

> reinstall_routes() compares the route's preferred source IP and the
> route's outgoing network interface to the IP address and interface as
> reported by the RTM_NEWADDR netlink message.
>
> In the netlink message, IP address and network interface belong
> together, while the route's preferred source IP belongs to an
> interface different from the route's outgoing one.
>
> That's why reinstall_routes() cannot match the net_change created by
> RTM_NEWADDR to any recorded route.

Ok, how about the attached patch.  I changed the lookup so that the
interface that has the preferred source address installed is also
considered if it is different from the outgoing interface.  Also, no IP
specific changes are queued now (I tried to avoid unnecessary updates
but that was probably overkill).

Regards,
Tobias
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-route-reinstallation-if-preferred-source-IP-is-n.patch
Type: text/x-patch
Size: 4729 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20120507/2cd922b9/attachment.bin>


More information about the Dev mailing list