[Swan-dev] resolve_myid()
Paul Wouters
paul at nohats.ca
Tue Jul 4 10:08:34 UTC 2017
> What's the point of resolve_myid()? It seems like it doesn't do anything
> (formally: it is the identity function). Did it formerly have a
> purpose? Does it have a future purpose?
It was used for roadwarriors to declare their ID to allow forward DNS
lookups for IPSECKEY (aka "Initiator only OE")
It probably has less of a use now, as our aim has changed to keep
roadwarriors anonymous using AUTH_NULL.
> If it is pointless, let's get rid of it. And the sourcefile lswid.c that
> contains only the definition of resolve_myid().
I'm okay with removing it. Someone who would really need it could edit
the OE conns and add their own custom leftid=
Paul
More information about the Swan-dev
mailing list