[Swan-dev] xauth_send_request has a comment that confuses me

[Antony Antony]

On Mon, Oct 02, 2017 at 01:50:18PM -0400, Paul Wouters wrote:
> On Mon, 2 Oct 2017, Antony Antony wrote:
> 
> > well if the comment was true I could avoid double sending in server.c
> 
> I don't understand that part. We still have the issue of sending some
> kind of Main or Aggressive Mode message, immediately following by an
> XAUTH request message. I'm not sure why it matters which Mode the message
> went out as?
> 
> > Paul, do you know how to check in resend_ike_v1_msg wheater a st is Main
> > mode or Aggressive mode? Both cases current state is STATE_XAUTH_R0. I want
> > to know the previous one, STATE_AGGR_R2 or STATE_MAIN_R3.
> 
> You could look at (st->st_connection->policy & POLICY_AGGRESSIVE) to
> determine that. But again, I don't see why knowing this should make a
> difference to the retransmit timer code.

It seems different. Atleast in our test cases, and smc entry supprt this 
theory.
To understand it follow state changes on east in xauth-pluto-16(main mode) 
and xauth-pluto-08(aggressive) closely, notice when east initiate XAUTH_R0.
And what it receive and send just before this.

Due to the difference between main mode and aggressive mode, when 
retransmitting aggressive mode do not re-transmit last aggressive mode 
message, just XAUTH_R0. Where as main mode will first retransmit last main 
mode message and 80msec later re-create XAUTH_R0 and send it. 

You can also see aggressive mode smc entry is different from the main mode.

STATE_MAIN_R2, STATE_MAIN_R3 got SMF_REPLY (MAIN_R2 + XAUTH_R0)
STATE_AGGR_R1, STATE_AGGR_R2 no SMF_REPLY (just XAUTH_R0)

I just pushed the change df642ec190d534

-antony