On Fri, 7 Sep 2018 at 08:54, D. Hugh Redelmeier <[email protected]> wrote: > > IKEv1 packet.h routines will fill in the next payload field automatically. > This was done by extending what Andrew had already done for v2.
thanks > It is intended for this to be set up correctly but removing the > pre-computing code might expose flaws. I don't expect any since the > automatic code checks that any already-filled-in next payload field > checks to see that the field is either unfilled or is already > filled with what it would have used. > > This should be visible in the debug output. I tried deleting the next payload type stuff around sending the KE payload but it messed up - basic tests started failing - so I dropped the patch for now (it is only IKEv1 after all ...). Instead I've pushed the (wip) test implair-ikev1-*-send-no-ike-ke (which is trying to not send KE) so we've something to look at (it currently gets a pexpect() since NP is all wrong). > One known flaw: in one routine ID payloads are just echoed from the input > payload into the output payload. The appropriate packet.h routines for > payload emission are not called. The proper next payload values are > jammed directly into the output buffer. Ugly, but it seems to work. I > haven't taken the time to rework that code. > _______________________________________________ > Swan-dev mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan-dev _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
