[Swan-dev] clanger: ikev2_crypto_start
D. Hugh Redelmeier
hugh at mimosa.com
Sun Jun 10 21:23:27 UTC 2018
In front of this function, the following comment appears:
/*
* We need an md because the crypto continuation mechanism requires one
* but we don't have one because we are not responding to an
* incoming packet.
* Solution: build a fake one. How much do we need to fake?
* Note: almost identical code appears at the end of aggr_outI1.
*
* XXX: This code does a crypto continue using an indirect dispatch
* through the FSM. Beyond making the code flow confusing is this
* useful? For instance, since SA_INIT has only one code path, it can
* directly request ke and nonce with its dedicated continue function
* - no need to jump through all these hoops.
*/
And yet, two cases look into the md to get a v2KE (key exchange
payload). This seems contradictory.
Which is right? Can someone improve the comments to reflect the
resolution.
case STATE_V2_CREATE_R:
/*
* ??? if we don't have an md (see above) why are we referencing it?
* ??? clang 6.0.0 warns md might be NULL
*/
if (md->chain[ISAKMP_NEXT_v2KE] != NULL) {
request_ke_and_nonce("Child Responder KE and nonce nr",
st, st->st_oakley.ta_dh,
ikev2_crypto_continue);
} else {
request_nonce("Child Responder nonce nr",
st, ikev2_crypto_continue);
}
return STF_SUSPEND;
case STATE_V2_REKEY_CHILD_R:
/*
* ??? if we don't have an md (see above) why are we referencing it?
* ??? clang 6.0.0 warns md might be NULL
*/
if (md->chain[ISAKMP_NEXT_v2KE] != NULL) {
request_ke_and_nonce("Child Rekey Responder KE and nonce nr",
st, st->st_oakley.ta_dh,
ikev2_crypto_continue);
} else {
request_nonce("Child Rekey Responder nonce nr",
st, ikev2_crypto_continue);
}
return STF_SUSPEND;
More information about the Swan-dev
mailing list