That was dead code. Please feel free to cleanup .Thanks. > -----Original Message----- > From: Joy Latten [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 19, 2006 2:11 PM > To: [EMAIL PROTECTED] > Cc: [email protected] > Subject: question about racoon patch > > > Venkat, > > I have been meaning to ask you about a part of the racoon patch. > In file src/racoon/policy.c, routines, cmpspidxstrict() and > cmpspidxwild(), > there is the following code, > > #ifdef HAVE_SECCTX > if (a->sec_ctx.ctx_alg != b->sec_ctx.ctx_alg > || a->sec_ctx.ctx_doi != b->sec_ctx.ctx_doi > #if 1 > || !within_range(a->sec_ctx.ctx_str, b->sec_ctx.ctx_str)) > #else > || a->sec_ctx.ctx_strlen != b->sec_ctx.ctx_strlen > || (memcmp(a->sec_ctx.ctx_str, b->sec_ctx.ctx_str, > a->sec_ctx.ctx_strlen) != 0)) > #endif > return 1; > #endif > > Since within_range() takes both contexts' sids (that of the > proposal and > that which is in the policy) and checks access, > I assume we no longer want to ensure the security contexts match > exactly. Only that one is permitted by the other, right? > Are you ok with me removing the code after the "#else"? > Or does the changes you will make soon, change this logic also > and I should leave it alone for now? Just cleaning up the code > and wondering about this. > > Thanks! > > Regards, > Joy >
-- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
