One of the quirks of ttosubnet() is that it will parse:
1.2.3.0/24:10
(I suspect the idea is to allow 1.2.3.4/32:10, i.e., a selector with
one address and one port)?
So when, if ever, is this valid? I couldn't find it being used in
test cases (at least the pattern /[0-9]*: didn't match).
Looking around I found ttosubnet() is called for:
{left,right}subnet=... as ttosubnet() and one_subnet_from_string()
--client <subnet>
if anything these are selectors and could allow a port; but
perhaps only protoport= is ever used?
virtual-private= aka virtual_ip.c:read_subnet()
maybe?
read_foodgroup() (the policies files)
perhaps
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
