[Swan-dev] clanger: ikev2_resp_accept_child_ts
D. Hugh Redelmeier
hugh at mimosa.com
Sun Jun 10 21:16:51 UTC 2018
(1) it isn't clear to me why the streq(best->name, t->name) is not negated
Could someone add a comment expaining this? Paul? Antony?
929 if (LIN(POLICY_GROUPINSTANCE, t->policy) && (t->kind == CK_TEMPLATE)) {
930 /* ??? clang 6.0.0 thinks best might be NULL but I don't see how */
931 if (!streq(t->foodgroup, best->foodgroup) ||
932 streq(best->name, t->name) ||
933 !subnetinsubnet(&best->spd.that.client, &t->spd.that.client) ||
934 !sameaddr(&best->spd.this.client.addr, &t->spd.this.client.addr))
935 continue;
936
937 /* ??? why require best->name and t->name to be different */
(2) the comment in the following code explains what I don't understand.
Can someone explain why we can assume that tsi_n and tsr_n are both one?
It would be good to add a comment to expain the idea.
/*
* ??? this code seems to assume that tsi and tsr contain exactly one element.
* Any fewer and the code references an uninitialized value.
* Any more would be ignored, and that's surely wrong.
* It would be nice if the purpose of this block of code were documented.
*/
pexpect(tsi_n == 1);
int t_sport = tsi[0].startport == tsi[0].endport ? tsi[0].startport :
tsi[0].startport == 0 && tsi[0].endport == 65535 ? 0 : -1;
pexpect(tsr_n == 1);
int t_dport = tsr[0].startport == tsr[0].endport ? tsr[0].startport :
tsr[0].startport == 0 && tsr[0].endport == 65535 ? 0 : -1;
More information about the Swan-dev
mailing list