Why this code can work?

Thread: Why this code can work?

Search this list only Search all lists
Why this code can work?
	2007-04-18 03:37:04
Hi,all: Recently, I am reading the pluto source code and I am confused by the following code. In init_demux(), we can see the following comment: /* fill ike_microcode_index: * make ike_microcode_index[s] point to first entry in * state_microcode_table for state s (backward scan makes this easier). * Check that table is in order -- catch coding errors. * For what it's worth, this routine is idempotent. */ So after we call init_demux(), ike_microcode_index[s]point to first entry in state_microcode_table for state s. But, for a certain state there may be more than one entry in state_microcode_table. For example, there are two entries for STATE_AGGR_R0 in state_microcode_table,as follows: ..... { STATE_AGGR_R0, STATE_AGGR_R1, SMF_PSK_AUTH| SMF_REPLY, P(SA) | P(KE) | P(NONCE) | P(ID), P(VID), PT(NONE), EVENT_RETRANSMIT, aggr_inI1_outR1_psk }, { STATE_AGGR_R0, STATE_AGGR_R1, SMF_DS_AUTH | SMF_REPLY, P(SA) | P(KE) | P(NONCE) | P(ID), P(VID), PT(NONE), EVENT_RETRANSMIT, aggr_inI1_outR1_rsasig }, ..... After calling init_demux(), the pointer in ike_microcode_index[] for STATE_AGGR_R0 will point to the following entry: { STATE_AGGR_R0, STATE_AGGR_R1, SMF_PSK_AUTH| SMF_REPLY, P(SA) | P(KE) | P(NONCE) | P(ID), P(VID), PT(NONE), EVENT_RETRANSMIT, aggr_inI1_outR1_psk }, My question is: What if I use RSASIG authentication in IKE phase 1? It SHOULD call aggr_inI1_outR1_rsasig() not aggr_inI1_outR1_psk() to process the packet. Jacky ÇÀ×¢£¡ÍøÒסÖØÍƳöÐÂÒ»´úÃâ·ÑÓÊÏä>>