[Swan-dev] pluto: ikev2_create_responder_child_state() skip comparing againt self
D. Hugh Redelmeier
hugh at mimosa.com
Wed Sep 2 17:44:12 EEST 2015
| From: Paul Wouters <paul at vault.libreswan.fi>
| commit bd1e93b605c4c4aa9d47ee41a89532047c2e825b
| Author: Paul Wouters <pwouters at redhat.com>
| Date: Sun Aug 30 21:18:54 2015 -0400
|
| pluto: ikev2_create_responder_child_state() skip comparing againt self
Does this fix a real problem? Does it create new ones? Do we have a
test case?
(I don't really understand ikev2_create_responder_child_state. When I
tried to, I added a few ??? notes that still haven't been cleared up.)
Is there a reason that "c" should not end up the winner in this
search? I suspect that the added statement precludes this.
Formatting:
- the continue should not be on the same line as the if.
+ if (d == c)
+ continue; /* skip comparing againt self */
+
- the second half of the comment line that was broken for length
ought to be indented to make the structure of the comment clearer.
+ * else if c->spd.this.id.kind == ID_NONE,
+ * same_id treats it as a wildcard and
+ * match_id does not. Odd.
commit bd1e93b605c4c4aa9d47ee41a89532047c2e825b
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Aug 30 21:18:54 2015 -0400
pluto: ikev2_create_responder_child_state() skip comparing againt self
diff --git a/programs/pluto/ikev2_child.c b/programs/pluto/ikev2_child.c
index 97a3d14..d3d9e73 100644
--- a/programs/pluto/ikev2_child.c
+++ b/programs/pluto/ikev2_child.c
@@ -816,13 +816,16 @@ static stf_status ikev2_create_responder_child_state(
struct spd_route *sr;
int wildcards, pathlen; /* XXX */
+ if (d == c) continue; /* skip comparing againt self */
+
if (d->policy & POLICY_GROUP)
continue;
/*
* ??? same_id && match_id seems redundant.
* if d->spd.this.id.kind == ID_NONE, both TRUE
- * else if c->spd.this.id.kind == ID_NONE, same_id treats it as a wildcard and match_id does not. Odd.
+ * else if c->spd.this.id.kind == ID_NONE, same_id
+ * treats it as a wildcard and match_id does not. Odd.
* else if kinds differ, match_id FALSE
* else if kind ID_DER_ASN1_DN, wildcards are forbidden by same_id
* else match_id just calls same_id.
More information about the Swan-dev
mailing list