[Swan-dev] msg.magic != WHACK_MAGIC

[Andrew Cagney]

there's code in rcv_whack.c that shuts down pluto when .magic is
unknown.  I'm adding this comment:

     * XXX:
     *
     * I'm guessing to ensure upgrades work and a new whack can
     * shutdown an old pluto, the code below reads .whack_shutdown
     * regardless of the value of .magic.
     *
     * The assumption seems to be that the opening stanza of
     * struct whack_message doesn't change so reading the
     * .whack_shutdown field is robust.
     *
     * Except it isn't.
     *
     * The opening stanza of struct whack_message has changed (for
     * instance adding FIPS status et.al.) moving
     * .whack_shutdown's offset.  There's even a comment in
     * comment in whack.h ("If you change anything earlier in this
     * struct, update WHACK_BASIC_MAGIC.").  So if .magic isn't
     * WHACK_MAGIC, .whack_shutdown is probably wrong, and when it
     * also isn't WHACK_BASIC_MAGIC, it is definitely wrong.

this is something that would have been nice to fix in 4.0, oops