[Swan-dev] resolve_myid()
D. Hugh Redelmeier
hugh at mimosa.com
Tue Jul 4 15:59:05 UTC 2017
I'm sorry that my question wasn't clearer.
Here's the definition:
const struct id *resolve_myid(const struct id *id)
{
return id;
}
It clearly does NOTHING. It does not allow roadwarriors to declare their
ID since it does nothing.
If we intend to build on it later, that's fine. But as-is, I don't see
why we have it (or its source file).
Are we intending to make it do something useful?
If so, we should document this with comments on the function.
If not, shall we delete it?
| From: Paul Wouters <paul at nohats.ca>
|
| > What's the point of resolve_myid()? It seems like it doesn't do anything
| > (formally: it is the identity function). Did it formerly have a
| > purpose? Does it have a future purpose?
|
| It was used for roadwarriors to declare their ID to allow forward DNS
| lookups for IPSECKEY (aka "Initiator only OE")
|
| It probably has less of a use now, as our aim has changed to keep
| roadwarriors anonymous using AUTH_NULL.
|
| > If it is pointless, let's get rid of it. And the sourcefile lswid.c that
| > contains only the definition of resolve_myid().
|
| I'm okay with removing it. Someone who would really need it could edit
| the OE conns and add their own custom leftid=
More information about the Swan-dev
mailing list