
NEEDS FIXING

Starting UML /btmp/antony/ikev2/2008_01_14/UMLPOOL/west/start.sh
spawn /btmp/antony/ikev2/2008_01_14/UMLPOOL/west/start.sh single
Checking that ptrace can change system call numbers...OK
Checking syscall emulation patch for ptrace...OK
Checking advanced syscall emulation patch for ptrace...OK
Checking for tmpfs mount on /dev/shm...OK
Checking PROT_EXEC mmap in /dev/shm/...OK
Checking for the skas3 patch in the host:
  - /proc/mm...not found
  - PTRACE_FAULTINFO...not found
  - PTRACE_LDT...not found
UML running in SKAS0 mode
Checking that ptrace can change system call numbers...OK
Checking syscall emulation patch for ptrace...OK
Checking advanced syscall emulation patch for ptrace...OK
Linux version 2.6.18.6 (antony@cyclops) (gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)) #1 Mon Jan 14 16:26:00 EST 2008
Built 1 zonelists.  Total pages: 8192
Kernel command line: initrd=/btmp/antony/ikev2/2008_01_14/UMLPOOL/initrd.uml umlroot=/btmp/antony/ikev2/2008_01_14/UMLPOOL/west/root root=/dev/ram0 rw ssl=pty eth0=daemon,10:00:00:ab:cd:ff,unix,/tmp/umlIryn1i.d/west/ctl,/tmp/umlIryn1i.d/west/data eth1=daemon,10:00:00:64:64:45,unix,/tmp/umlIryn1i.d/public/ctl,/tmp/umlIryn1i.d/public/data eth2=daemon,10:00:00:32:64:45,unix,/tmp/umlIryn1i.d/admin/ctl,/tmp/umlIryn1i.d/admin/data init=/linuxrc single
PID hash table entries: 256 (order: 8, 1024 bytes)
Dentry cache hash table entries: 4096 (order: 2, 16384 bytes)
Inode-cache hash table entries: 2048 (order: 1, 8192 bytes)
Memory: 27292k available
Mount-cache hash table entries: 512
Checking for host processor cmov support...Yes
Checking for host processor xmm support...No
Checking that host ptys support output SIGIO...Yes
Checking that host ptys support SIGIO on close...No, enabling workaround
checking if image is initramfs...it isn't (bad gzip magic numbers); looks like an initrd
Freeing initrd memory: 1212k freed
Using 2.6 host AIO
umid "west" is already in use by pid 23985
Failed to initialize umid "west", trying with a random umid
NET: Registered protocol family 16
NET: Registered protocol family 2
IP route cache hash table entries: 256 (order: -2, 1024 bytes)
TCP established hash table entries: 1024 (order: 0, 4096 bytes)
TCP bind hash table entries: 512 (order: -1, 2048 bytes)
TCP: Hash tables configured (established 1024 bind 512)
TCP reno registered
klips_info:ipsec_init: KLIPS startup, Libreswan KLIPS IPsec stack version: 2.5.testing-g70d71a2f-dirty
NET: Registered protocol family 15
klips_info:ipsec_alg_init: KLIPS alg v=0.8.1-0 (EALG_MAX=255, AALG_MAX=251)
klips_info:ipsec_alg_init: calling ipsec_alg_static_init()
ipsec_aes_init(alg_type=15 alg_id=12 name=aes): ret=0
ipsec_aes_init(alg_type=14 alg_id=9 name=aes_mac): ret=0
ipsec_3des_init(alg_type=15 alg_id=3 name=3des): ret=0
daemon_setup : Ignoring data socket specification
Netdevice 0 (10:00:00:ab:cd:ff) : daemon backend (uml_switch version 3) - unix:/tmp/umlIryn1i.d/west/ctl
daemon_setup : Ignoring data socket specification
Netdevice 1 (10:00:00:64:64:45) : daemon backend (uml_switch version 3) - unix:/tmp/umlIryn1i.d/public/ctl
daemon_setup : Ignoring data socket specification
Netdevice 2 (10:00:00:32:64:45) : daemon backend (uml_switch version 3) - unix:/tmp/umlIryn1i.d/admin/ctl
Checking host MADV_REMOVE support...OK
mconsole (version 2) initialized on /home/antony/.uml/CCqrSg/mconsole
Host TLS support detected
Detected host type: i386
VFS: Disk quotas dquot_6.5.1
Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
Initializing Cryptographic API
io scheduler noop registered
io scheduler anticipatory registered (default)
io scheduler deadline registered
io scheduler cfq registered
RAMDISK driver initialized: 16 RAM disks of 4096K size 1024 blocksize
loop: loaded (max 8 devices)
nbd: registered device at major 43
PPP generic driver version 2.4.2
SLIP: version 0.8.4-NET3.019-NEWTTY (dynamic channels, max=256).
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Netfilter messages via NETLINK v0.30.
IPv4 over IPv4 tunneling driver
GRE over IPv4 tunneling driver
ip_conntrack version 2.4 (213 buckets, 1704 max) - 204 bytes per conntrack
ip_tables: (C) 2000-2006 Netfilter Core Team
arp_tables: (C) 2002 David S. Miller
TCP bic registered
TCP cubic registered
TCP westwood registered
TCP highspeed registered
TCP hybla registered
TCP htcp registered
TCP vegas registered
TCP scalable registered
NET: Registered protocol family 1
NET: Registered protocol family 17
Initialized stdio console driver
Console initialized on /dev/tty0
Initializing software serial port version 1
Failed to open 'root_fs', errno = 2
RAMDISK: cramfs filesystem found at block 0
RAMDISK: Loading 1212KiB [1 disk] into ram disk... |/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\done.
VFS: Mounted root (cramfs filesystem) readonly.
MOUNTING /btmp/antony/ikev2/2008_01_14/UMLPOOL/west/root for UML testing root.
Mounting a tmpfs over /dev...done.
Creating initial device nodes...done.
Invoked with Arguments: single
Creating initial device nodes...done.
crw-r--r--    1 root     root       5,   1 Feb 15 20:35 /dev/console
line_ioctl: tty0: ioctl KDSIGACCEPT called

INIT: version 2.78 booting

/dev/root on / type hostfs (rw)
proc on /proc type proc (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/shm on /tmp type tmpfs (rw)
/dev/shm on /var/run type tmpfs (rw)
none on /usr/share type hostfs (ro)
none on /testing type hostfs (ro,/home/antony/ikev2/testing)
none on /usr/src type hostfs (ro,/home/antony/ikev2)
none on /usr/obj type hostfs (ro,/home/antony/ikev2/OBJ.linux.i386)
none on /usr/local type hostfs (rw,/btmp/antony/ikev2/2008_01_14/UMLPOOL/west/root/usr/local)
none on /var/tmp type hostfs (rw,/btmp/antony/ikev2/2008_01_14/UMLPOOL/west/root/var/tmp)
none on /proc type proc (rw)
crw-r--r--    1 root     root       5,   1 Feb 15 20:35 /dev/console
mount: proc already mounted
Activating swap...
Checking all file systems...
Parallelizing fsck version 1.18 (11-Nov-1999)
Setting kernel variables.
Mounting local filesystems...
mount: devpts already mounted on /dev/pts
/dev/shm on /tmp type tmpfs (rw)
/dev/shm on /var/run type tmpfs (rw)
none on /usr/share type hostfs (ro)
none on /testing type hostfs (ro,/home/antony/ikev2/testing)
none on /usr/src type hostfs (ro,/home/antony/ikev2)
none on /usr/obj type hostfs (ro,/home/antony/ikev2/OBJ.linux.i386)
none on /usr/local type hostfs (rw,/btmp/antony/ikev2/2008_01_14/UMLPOOL/west/root/usr/local)
none on /var/tmp type hostfs (rw,/btmp/antony/ikev2/2008_01_14/UMLPOOL/west/root/var/tmp)
Enabling packet forwarding: done.
Configuring network interfaces: done.
Cleaning: /tmp /var/lock /var/run.
Initializing random number generator... done.
Recovering nvi editor sessions... done.
Give root password for maintenance
(or type Control-D for normal startup): 
west:~# echo Starting loading module
Starting loading module
west:~# exec bash --noediting
west:~# ulimit -c unlimited
west:~# echo Finished loading module
Finished loading module
west:~# klogd -c 4 -x -f /tmp/klog.log
west:~# : ==== start ====
west:~# TESTNAME=interop-ikev2-racoon-04-x509-responder
west:~# source /testing/pluto/bin/westlocal.sh
west:~# ping -n -c 1 192.0.2.254
PING 192.0.2.254 (192.0.2.254): 56 data bytes
64 bytes from 192.0.2.254: icmp_seq=0 ttl=64 time=32.6 ms

--- 192.0.2.254 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 32.6/32.6/32.6 ms
west:~# iptables -A INPUT -i eth1 -s 192.0.2.0/24 -j DROP
west:~# ping -n -c 1 192.0.2.254
PING 192.0.2.254 (192.0.2.254): 56 data bytes

--- 192.0.2.254 ping statistics ---
1 packets transmitted, 0 packets received, 100% packet loss
west:~# ipsec setup start
ipsec_setup: Starting Libreswan IPsec U2.5.testing-g21680e0d-dirty/K2.5.testing-g70d71a2f-dirty...
west:~# ipsec whack --whackrecord /var/tmp/ikev2.record
west:~# ipsec auto --add west--east-ikev2
037 can not load certificate file /testing/baseconfigs/all/etc/ipsec.d/certs/east.crt 
037 can not load certificate file /testing/baseconfigs/all/etc/ipsec.d/certs/west.crt 
west:~# ipsec auto --status
000 using kernel interface: klips
000 interface ipsec0/eth1 192.1.2.45
000 %myid = (none)
000 debug raw+crypt+parsing+emitting+control+lifecycle+klips+dns+oppo+controlmore+pfkey+nattraversal+x509
000  
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=64, keysizemin=192, keysizemax=192
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=128, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=9, name=AUTH_ALGORITHM_AES_CBC, keysizemin=128, keysizemax=128
000  
000 algorithm IKE encrypt: id=3, name=OAKLEY_BLOWFISH_CBC, blocksize=8, keydeflen=128
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=65004, name=OAKLEY_SERPENT_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=65005, name=OAKLEY_TWOFISH_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=65289, name=OAKLEY_TWOFISH_CBC_SSH, blocksize=16, keydeflen=128
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
000 algorithm IKE hash: id=4, name=OAKLEY_SHA2_256, hashsize=32
000 algorithm IKE hash: id=6, name=OAKLEY_SHA2_512, hashsize=64
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000  
000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} 
000  
000 "west--east-ikev2": 192.1.2.45<192.1.2.45>[C=ca, ST=Ontario, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=testing.libreswan.org,S-C]...192.1.2.23<192.1.2.23>[C=ca, ST=Ontario, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=testing.libreswan.org,S-C]; unrouted; eroute owner: #0
000 "west--east-ikev2":     myip=unset; hisip=unset; mycert=/testing/baseconfigs/all/etc/ipsec.d/certs/east.crt; hiscert=/testing/baseconfigs/all/etc/ipsec.d/certs/west.crt;
000 "west--east-ikev2":   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "west--east-ikev2":   policy: RSASIG+ENCRYPT+TUNNEL+PFS+!IKEv1+IKEv2ALLOW+IKEv2Init; prio: 32,32; interface: eth1; 
000 "west--east-ikev2":   newest ISAKMP SA: #0; newest IPsec SA: #0; 
000  
000  
west:~# /testing/pluto/bin/wait-until-pluto-started
west:~# echo done
done
west:~# : === NETJIG start of WEST westrun.sh 
west:~# ipsec auto --up  west--east-ikev2
133 "west--east-ikev2" #1: STATE_PARENT_I1: initiate
133 "west--east-ikev2" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
003 "west--east-ikev2" #1: multiple ipsec.secrets entries with distinct secrets match endpoints: first secret used
134 "west--east-ikev2" #2: STATE_PARENT_I2: sent v2I2, expected v2R2 {auth=IKEv2 cipher=oakley_3des_cbc_192 integ=sha1 prf=oakley_sha group=modp2048}
218 "west--east-ikev2" #2: STATE_PARENT_I2: INVALID_ID_INFORMATION
