[Swan-dev] why I added a consistency check to pbs_in_struct

[D. Hugh Redelmeier]

| commit 9945236619b17fa13dfd1cfbe60359dcbf3fcd21
| Author: D. Hugh Redelmeier <hugh at mimosa.com>
| Date:   Fri May 7 23:58:52 2021 -0400
| 
|     pluto: packet.c: add consistency check to pbs_in_struct
|     
|     pbs_in_struct now requires that if and only if the structure has a
|     length field then the obj_pbs isn't NULL.
|     
|     There are a few places where this part was intentionally ignored.
|     This required adding a dummy pbs variable ("ignored").

Structs, as understood by packet.h, sometimes have variable parts
after the fixed fields.

Here's an extract from the ancient comments at the head of
pbs_in_struct.  The last parameter of pbs_in_struct is
	struct pbs_in *obj_pbs"
The phrase "is supplied" means "is not NULL".

 * If obj_pbs is supplied, a new pb_stream is created for the
 * variable part of the structure (this depends on their
 * being one length field in the structure).  The cursor of this
 * new PBS is set to after the parsed part of the struct.

The new code just checks that the caller conforms to this:

- if there is no length field, there is no variable part, and obj_pbs
  must not be supplied

- if there is a length field in the struct, there is a variable part,
  and obj_pbs must be supplied.

- there must not be more than one length field

There were a few calls in our code that didn't supply an obj_pbs, even
though the struct contained a length.  They were just going to ignore
the variable part.  I had to change them to receive the variable part,
but ignore it.

I was prompted to add this because it would have caught a mistake we
made but never committed.  It has not caught any actual bugs in our
code.  The more checking, the more confidence we can have in our code.