On Wed, 8 May 2019, Antony Antony wrote:
I am not commenting on 229e2d24a4, instead the line of argument you made.
your statement sounds a bit scary to me. If true it would mean we went back
to stone ages!
Why do you say - "stupid thing of IKEv2 using STATE_PARENT_I3 and
STATE_PARENT_R2 for both IKE and CHILD SA" ?
The states STATE_PARENT_I3 STATE_PARENT_R2 are not shared between IKE and
Child SA state since the following commits.
svm entry change e58685b2b8
Added constant fa3ecaa60
The terminal states of Child SA are STATE_V2_IPSEC_I STATE_V2_IPSEC_R.
Ahhh right. That is true. It is not as bad currently as I remembered it
was in the past. Still, changing such fundamental macros just before a
release is scary. Code might still depend on the parts removed from the
macro.
NOTE as far as I recollect - there one place where parent and child share
same state name - only on the initiator for STATE_PARENT_I2, it is only for
short while. Then it become STATE_V2_IPSEC_I. I haven trying to find a quiet
period, test results are stable for a week or so, to change this. See the
wiki page for the propsed change. May be you are confused because of this.
But we agreed a few weeks ago to do that change post 3.28 as well :)
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
