[Swan-dev] [Swan-commit] Changes to ref refs/heads/master

Andrew Cagney andrew.cagney at gmail.com
Fri Mar 1 15:56:56 UTC 2019

On Thu, 28 Feb 2019 at 15:50, Paul Wouters <paul at nohats.ca> wrote:
> On Thu, 28 Feb 2019, Andrew Cagney wrote:
> > That's the case I'm looking at.  Not doing it is demonstrably wrong,
> > yet you're suggesting it shouldn't be done?  Is there a test case?
> interop-ikev1-strongswan-01-xauth

Is there another test?  That test seems to pass when I enable the
"correct" code in send_notification() (in fact, the code in question
isn't executed).


diff --git a/programs/pluto/ikev1_main.c b/programs/pluto/ikev1_main.c
index 5fbca1a95d..daab0b21d7 100644
--- a/programs/pluto/ikev1_main.c
+++ b/programs/pluto/ikev1_main.c
@@ -1977,6 +1977,7 @@ static void send_notification(struct state
*sndst, notification_t type,
                        msgid_t msgid, u_char *icookie, u_char *rcookie,
                        u_char protoid)
+       pexpect(0);
        /* buffer in which to marshal our notification.
         * We don't use reply_buffer/reply_stream because they might be in use.
@@ -2116,9 +2117,10 @@ static void send_notification(struct state
*sndst, notification_t type,

                hmac_init(&ctx, encst->st_oakley.ta_prf,
+#if 0
                /* the caller has done a htonl(msgid) already?? */
                hmac_update(&ctx, (u_char *) &msgid, sizeof(msgid_t));
-#if 0
                passert(sizeof(msgid_t) == sizeof(uint32_t));
                msgid_t raw_msgid = htonl(msgid);
                hmac_update(&ctx, (const void *)&raw_msgid, sizeof(raw_msgid));

> I also confirm my iphone to vpn.nohats.ca with git head doing proper DPD
> and deletes with the code as is in master now.
> Paul

More information about the Swan-dev mailing list