[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Tue Jan 22 05:16:25 EET 2013
New commits:
commit a38479b931dcf4b000a3ba7fe0ead353c9978e17
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon Jan 21 22:10:32 2013 -0500
* libipsecconf: policy misuse due to type change from int to lset_t
Some code is still using policy as if it was an int, but it is an lset_t.
This would cause problems for every policy bit > 31, which up to now was
only the SAref tracking policy bits:
POLICY_SAREF_TRACK = LELEM(32), /* Saref tracking via _updown */
POLICY_SAREF_TRACK_CONNTRACK = LELEM(33), /* use conntrack optimization */
But I will be adding the IKE fragmentation policy flags, so this
became an issue in confwrite.c.
The assumption that c->policy is of type int is probably all over the
code and needs a thorough review.
More information about the Swan-commit
mailing list