[Swan] openpgp_peer
Paul Wouters
paul at nohats.ca
Fri Feb 15 07:11:13 EET 2013
On Fri, 15 Feb 2013, D. Hugh Redelmeier wrote:
> Here are all uses of openpgp_peer in .c and .h files:
>
> programs/pluto/ikev1_main.c:128:#if SEND_PLUTO_VID || defined(openpgp_peer)
> programs/pluto/ikev1_main.c:598: bool openpgp_peer = FALSE;
> programs/pluto/ikev1_main.c:611:#if SEND_PLUTO_VID || defined(openpgp_peer)
> programs/pluto/ikev1_main.c:615:#if defined(openpgp_peer)
> programs/pluto/ikev1_main.c:625: openpgp_peer = TRUE;
> programs/pluto/ikev1_main.c:810: if (SEND_PLUTO_VID || openpgp_peer)
> programs/pluto/ikev1_main.c:812: char *vendorid = (openpgp_peer) ?
>
> Does the preprocessor expression defined(openpgp_peer) make any sense
> since openpgp_peer is a C language variable, not a macro.
>
> If that macro is ever defined, it would probably curdle all uses of
> the C language variable.
>
> What is really meant here?
It should all be removed. The code has not been tested ever by us. I
don't know anyone else doing pgp certificates with IPsec.
I did notice the variable being the same name as the macro, which scared
me. The reason I haven't removed it yet is because it takes careful
attention with the vendorid chain. Which is where we are seeing more
warnings about unreachable cases right now that should get fixed. But
let's do that for version 3.2, provided we also have a bunch more test
cases up and running again by then.
Paul
More information about the Swan
mailing list