[Swan-dev] subnetwithin and protoport anomalies

Paul Wouters paul at nohats.ca
Sat May 28 21:50:29 UTC 2016

I think those were only used for manual keying parameters like spi= and spigroup=

I believe it can be removed along with  kv_auto because everything is auto now.

Sent from my iPhone

> On May 28, 2016, at 03:07, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
> In lib/libipsecconf/keywords.c, these are the only keywords that have 
> kv_conn but neither kv_auto nor kv_manual.  (I'm not counting the "" 
> keyword because I think that it is special.)
> I would guess that they should be kv_auto.  Is this correct?
> Note: kv_manual NEVER seems to actually be used except in the table 
> initialization.  In other words, either it is accessed surreptitious or it 
> is pointless.
> kv_auto is used in confwrite.  It is used as part of the argument 
> "keying_context" in calls to two functions.  Each function then uses that 
> argument in a test:
>    if (keying_context != 0 && (k->validity & keying_context) == 0)
>        continue;
> This might be where a surreptitions use would creep in, but I don't
> see it.
> - it seems like the two keywords should be kv_auto
> - is there a real use for kv_manual?
>  If so: implement that use.
>  If not: remove the attribute.
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev

More information about the Swan-dev mailing list