On Thu, 20 Feb 2020, Andrew Cagney wrote:
Instead of storing the message digest's notify payloads directly into struct state or local variables, store them in the message digest, and then access the values as needed.
How does that work after the exchange is completely processed? Are there cases where we need to remember having received these before? For IPsec, I guess we can look things up in the IPsec SA, and ensure we send only the things we did last time. Is there anything we might have received for the IKE SA that we need to remember for a rekey? Looking through the payloads now, I don't see anything. So this might be okay for now. Also, if we are doing this, why should we store some of these in a new structure as bools? Couldn't we just write wrapper functions that just re-read the parsed list of notifies? eg ntfy->payload.v2n.isan_type[x] Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
