[Swan-dev] subnetwithin and protoport anomalies
D. Hugh Redelmeier
hugh at mimosa.com
Sat May 28 07:07:54 UTC 2016
In lib/libipsecconf/keywords.c, these are the only keywords that have
kv_conn but neither kv_auto nor kv_manual. (I'm not counting the ""
keyword because I think that it is special.)
I would guess that they should be kv_auto. Is this correct?
Note: kv_manual NEVER seems to actually be used except in the table
initialization. In other words, either it is accessed surreptitious or it
is pointless.
kv_auto is used in confwrite. It is used as part of the argument
"keying_context" in calls to two functions. Each function then uses that
argument in a test:
if (keying_context != 0 && (k->validity & keying_context) == 0)
continue;
This might be where a surreptitions use would creep in, but I don't
see it.
SUMMARY:
- it seems like the two keywords should be kv_auto
- is there a real use for kv_manual?
If so: implement that use.
If not: remove the attribute.
More information about the Swan-dev
mailing list