[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Mon Jul 12 20:50:59 UTC 2021
New commits:
commit fba81a5f181e84ee6e8eaf095b22c71fcdd7ce2b
Author: Andrew Cagney <cagney at gnu.org>
Date: Mon Jul 12 14:21:12 2021 -0400
ikev2: use next_state() to find a state matching the incoming message
commit edeb1904fc76f26a0e8e3c2f73b9ce44c076a8f3
Author: Andrew Cagney <cagney at gnu.org>
Date: Mon Jul 12 11:49:01 2021 -0400
ikev2: speed up already pending check in code submitting a new child sa
Replace find_pending_phase2() with is_already_pending_child().
(called by submit_v2_CREATE_CHILD_SA_new_child()):
- pass in IKE SA
- return when first case found
- use next_state() by IKE SA (instead of searching allstates)
The reason for this code is puzzling:
- it's checking for a bogus state STATE_PARENT_I2
- shouldn't the caller have headed this case off at the pass?
commit 0e9210d625af0f6a4bcaf7713723732a223f1387
Author: Andrew Cagney <cagney at gnu.org>
Date: Mon Jul 12 15:35:12 2021 -0400
state: add next_state(ST, QUERY)
Initially intended as an alternative to find_state_by_ike_spis(),
however it could replace most lookups.
The interface follows the convention:
struct state_query = ...;
for (struct state *st = next_state(NULL, &query); st != NULL; st = next_state(st, &query))
...
with several twists:
- because the query parameter is storing iterator state, deleting
ST mid-loop is allowed
- because query pre-filters what is returned, simple queries may not
require a loop; save that for more esoteric lookups such as v1_msgid
- based on the search a shorter list may be used; for instance
searching by IKE SA, uses the IKE's SPIs (the fallback
is to search all state)
More information about the Swan-commit
mailing list