[Swan-dev] spd list in a struct connection

D. Hugh Redelmeier hugh at mimosa.com
Mon Nov 16 06:22:35 UTC 2015


I don't really understand this.  So I added passerts to find out when the 
list had more than one entry.  Apparently never in our test suite.  (If I 
remember correctly, which is questionable.)

But Paul removed one of the passerts, surely because it was firing in
the Real World.  See ec90950ab9044e71e9a44c22f2443ace6a940fb6

Paul: when did this arise?  The commit comment isn't explicit enough for 
me ("xauth: remove passert that is false for conns going up -> down -> 
up").

This passert was in modecfg_inR1(), within handling ISAKMP_CFG_REPLY, 
handling CISCO_SPLIT_INC.
	passert(last_spd->spd_next == NULL);

The thing is, if the passert would fail, later code is suspect:

	tmp_spd->spd_next = NULL;
	last_spd->spd_next = tmp_spd;
	last_spd = tmp_spd;

It sure looks to me as if whatever was in last_spd->spd_next is lost.
At best, this is a leak.  But if the value had a meaning, that meaning
has been lost.

We need to be able to duplicate this case in the test suite.

Heh, and some explanatatory comments would be nice.  That was my goal at 
one time but I got distracted.


More information about the Swan-dev mailing list