Bug Summary

File:programs/pluto/pluto_constants.c
Warning:line 400, column 3
Value stored to 'sep' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-redhat-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name pluto_constants.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fmath-errno -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/home/build/quick-libreswan-2/programs/pluto -resource-dir /usr/lib64/clang/13.0.0 -D TimeZoneOffset=timezone -D PIE -D NSS_IPSEC_PROFILE -D XFRM_LIFETIME_DEFAULT=30 -D USE_IKEv1 -D XFRM_SUPPORT -D USE_XFRM_INTERFACE -D USE_DNSSEC -D DEFAULT_DNSSEC_ROOTKEY_FILE="/var/lib/unbound/root.key" -D HAVE_LABELED_IPSEC -D HAVE_SECCOMP -D LIBCURL -D USE_LINUX_AUDIT -D HAVE_NM -D USE_PAM_AUTH -D USE_3DES -D USE_AES -D USE_CAMELLIA -D USE_CHACHA -D USE_DH31 -D USE_MD5 -D USE_SHA1 -D USE_SHA2 -D USE_PRF_AES_XCBC -D USE_NSS_KDF -D DEFAULT_RUNDIR="/run/pluto" -D IPSEC_CONF="/etc/ipsec.conf" -D IPSEC_CONFDDIR="/etc/ipsec.d" -D IPSEC_NSSDIR="/var/lib/ipsec/nss" -D IPSEC_CONFDIR="/etc" -D IPSEC_EXECDIR="/usr/local/libexec/ipsec" -D IPSEC_SBINDIR="/usr/local/sbin" -D IPSEC_VARDIR="/var" -D POLICYGROUPSDIR="/etc/ipsec.d/policies" -D IPSEC_SECRETS_FILE="/etc/ipsec.secrets" -D FORCE_PR_ASSERT -D USE_FORK=1 -D USE_VFORK=0 -D USE_DAEMON=0 -D USE_PTHREAD_SETSCHEDPRIO=1 -D GCC_LINT -D HAVE_LIBCAP_NG -I . -I ../../OBJ.linux.x86_64/programs/pluto -I ../../include -I /usr/include/nss3 -I /usr/include/nspr4 -I /home/build/quick-libreswan-2/programs/pluto/linux-copy -D HERE_FILENAME="programs/pluto/pluto_constants.c" -internal-isystem /usr/lib64/clang/13.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/bin/../lib/gcc/x86_64-redhat-linux/11/../../../../x86_64-redhat-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -std=gnu99 -fdebug-compilation-dir=/home/build/quick-libreswan-2/programs/pluto -ferror-limit 19 -stack-protector 3 -fgnuc-version=4.2.1 -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2022-01-01-205714-1273399-1 -x c /home/build/quick-libreswan-2/programs/pluto/pluto_constants.c
1/* tables of names for values defined in constants.h
2 *
3 * Copyright (C) 1998-2002,2013 D. Hugh Redelmeier <hugh@mimosa.com>
4 * Copyright (C) 2013-2019 Paul Wouters <pwouters@redhat.com>
5 * Copyright (C) 2015-2019 Andrew Cagney <cagney@gnu.org>
6 * Copyright (C) 2020 Yulia Kuzovkova <ukuzovkova@gmail.com>
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2 of the License, or (at your
11 * option) any later version. See <https://www.gnu.org/licenses/gpl2.txt>.
12 *
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16 * for more details.
17 *
18 */
19
20/*
21 * Note that the array sizes are all specified; this is to enable range
22 * checking by code that only includes constants.h.
23 */
24
25#include <stddef.h>
26#include <string.h>
27#include <stdio.h>
28#include <netinet/in.h>
29#ifdef XFRM_SUPPORT1
30#include "linux/xfrm.h" /* local (if configured) or system copy */
31#endif
32#include "passert.h"
33
34#include "jambuf.h"
35#include "constants.h"
36#include "enum_names.h"
37#include "defs.h"
38#include "kernel.h"
39
40/*
41 * To obsolete or convert to runtime options:
42 * IPSEC_CONNECTION_LIMIT
43 * NOTYET
44 * NOT_YET
45 * PFKEY
46 * PLUTO_GROUP_CTL
47 * SOFTREMOTE_CLIENT_WORKAROUND
48 * USE_3DES USE_AES USE_MD5 USE_SHA1 USE_SHA2
49 */
50
51static const char *const kern_interface_name[] = {
52 [USE_XFRM] = "netkey",
53 [USE_BSDKAME] = "bsdkame",
54};
55
56enum_names kern_interface_names = {
57 USE_XFRM, USE_BSDKAME,
58 ARRAY_REF(kern_interface_name)(kern_interface_name), (sizeof(kern_interface_name) / sizeof(
*(kern_interface_name))),
59 "USE_", /* prefix */
60 NULL((void*)0)
61};
62
63/* DPD actions */
64static const char *const dpd_action_name[] = {
65 "action:disabled",
66 "action:clear",
67 "action:hold",
68 "action:restart",
69};
70
71enum_names dpd_action_names = {
72 DPD_ACTION_DISABLED, DPD_ACTION_RESTART,
73 ARRAY_REF(dpd_action_name)(dpd_action_name), (sizeof(dpd_action_name) / sizeof(*(dpd_action_name
))),
74 NULL((void*)0), /* prefix */
75 NULL((void*)0)
76};
77
78#ifdef XFRM_SUPPORT1
79/* netkey SA direction names */
80static const char *const netkey_sa_dir_name[] = {
81 "XFRM_IN",
82 "XFRM_OUT",
83 "XFRM_FWD",
84};
85
86enum_names netkey_sa_dir_names = {
87 XFRM_POLICY_IN, XFRM_POLICY_FWD,
88 ARRAY_REF(netkey_sa_dir_name)(netkey_sa_dir_name), (sizeof(netkey_sa_dir_name) / sizeof(*(
netkey_sa_dir_name))),
89 NULL((void*)0), /* prefix */
90 NULL((void*)0)
91};
92#endif
93
94/* systemd watchdog action names */
95static const char *const sd_action_name[] = {
96 "action: exit", /* daemon exiting */
97 "action: start", /* daemon starting */
98 "action: watchdog", /* the keepalive watchdog ping */
99 "action: reloading", /* the keepalive watchdog ping */
100 "action: ready", /* the keepalive watchdog ping */
101 "action: stopping", /* the keepalive watchdog ping */
102};
103enum_names sd_action_names = {
104 PLUTO_SD_EXIT, PLUTO_SD_STOPPING,
105 ARRAY_REF(sd_action_name)(sd_action_name), (sizeof(sd_action_name) / sizeof(*(sd_action_name
))),
106 NULL((void*)0), /* prefix */
107 NULL((void*)0)
108};
109
110/* NAT methods */
111static const char *const natt_method_name[] = {
112 "none",
113 "draft-ietf-ipsec-nat-t-ike-02/03",
114 "draft-ietf-ipsec-nat-t-ike-05",
115 "RFC 3947 (NAT-Traversal)",
116
117 "I am behind NAT",
118 "peer behind NAT",
119};
120
121enum_names natt_method_names = {
122 NAT_TRAVERSAL_METHOD_none, NATED_PEER,
123 ARRAY_REF(natt_method_name)(natt_method_name), (sizeof(natt_method_name) / sizeof(*(natt_method_name
))),
124 NULL((void*)0), /* prefix */
125 NULL((void*)0)
126};
127
128/* routing status names */
129static const char *const routing_story_strings[] = {
130 "unrouted", /* RT_UNROUTED: unrouted */
131 "unrouted HOLD", /* RT_UNROUTED_HOLD: unrouted, but HOLD shunt installed */
132 "eroute eclipsed", /* RT_ROUTED_ECLIPSED: RT_ROUTED_PROSPECTIVE except bare HOLD or instance has eroute */
133 "prospective erouted", /* RT_ROUTED_PROSPECTIVE: routed, and prospective shunt installed */
134 "erouted HOLD", /* RT_ROUTED_HOLD: routed, and HOLD shunt installed */
135 "fail erouted", /* RT_ROUTED_FAILURE: routed, and failure-context shunt eroute installed */
136 "erouted", /* RT_ROUTED_TUNNEL: routed, and erouted to an IPSEC SA group */
137 "keyed, unrouted", /* RT_UNROUTED_KEYED: was routed+keyed, but it got turned into an outer policy */
138};
139
140enum_names routing_story = {
141 RT_UNROUTED, RT_UNROUTED_KEYED,
142 ARRAY_REF(routing_story_strings)(routing_story_strings), (sizeof(routing_story_strings) / sizeof
(*(routing_story_strings))),
143 NULL((void*)0), /* prefix */
144 NULL((void*)0) };
145
146static const char *const stf_status_strings[] = {
147#define A(S) [S] = #S
148 A(STF_SKIP_COMPLETE_STATE_TRANSITION),
149 A(STF_IGNORE),
150 A(STF_SUSPEND),
151 A(STF_OK),
152 A(STF_INTERNAL_ERROR),
153 A(STF_V2_DELETE_IKE_AUTH_INITIATOR),
154 A(STF_FATAL),
155 A(STF_FAIL),
156#undef A
157};
158
159enum_names stf_status_names = {
160 0, elemsof(stf_status_strings)(sizeof(stf_status_strings) / sizeof(*(stf_status_strings)))-1,
161 ARRAY_REF(stf_status_strings)(stf_status_strings), (sizeof(stf_status_strings) / sizeof(*(
stf_status_strings))),
162 NULL((void*)0), /* prefix */
163 NULL((void*)0)
164};
165
166/*
167 * Names for sa_policy_bits.
168 */
169static const char *const sa_policy_bit_name[] = {
170#define P(N) [N##_IX] = #N
171 P(POLICY_PSK((lset_t)1 << (POLICY_PSK_IX))),
172 P(POLICY_RSASIG((lset_t)1 << (POLICY_RSASIG_IX))),
173 P(POLICY_ECDSA((lset_t)1 << (POLICY_ECDSA_IX))),
174 P(POLICY_AUTH_NEVER((lset_t)1 << (POLICY_AUTH_NEVER_IX))),
175 P(POLICY_AUTH_NULL((lset_t)1 << (POLICY_AUTH_NULL_IX))),
176 P(POLICY_ENCRYPT((lset_t)1 << (POLICY_ENCRYPT_IX))),
177 P(POLICY_AUTHENTICATE((lset_t)1 << (POLICY_AUTHENTICATE_IX))),
178 P(POLICY_COMPRESS((lset_t)1 << (POLICY_COMPRESS_IX))),
179 P(POLICY_TUNNEL((lset_t)1 << (POLICY_TUNNEL_IX))),
180 P(POLICY_PFS((lset_t)1 << (POLICY_PFS_IX))),
181 P(POLICY_DECAP_DSCP((lset_t)1 << (POLICY_DECAP_DSCP_IX))),
182 P(POLICY_NOPMTUDISC((lset_t)1 << (POLICY_NOPMTUDISC_IX))),
183 P(POLICY_MSDH_DOWNGRADE((lset_t)1 << (POLICY_MSDH_DOWNGRADE_IX))),
184 P(POLICY_ALLOW_NO_SAN((lset_t)1 << (POLICY_ALLOW_NO_SAN_IX))),
185 P(POLICY_DNS_MATCH_ID((lset_t)1 << (POLICY_DNS_MATCH_ID_IX))),
186 P(POLICY_SHA2_TRUNCBUG((lset_t)1 << (POLICY_SHA2_TRUNCBUG_IX))),
187 P(POLICY_SHUNT0((lset_t)1 << (POLICY_SHUNT0_IX))),
188 P(POLICY_SHUNT1((lset_t)1 << (POLICY_SHUNT1_IX))),
189 P(POLICY_FAIL0((lset_t)1 << (POLICY_FAIL0_IX))),
190 P(POLICY_FAIL1((lset_t)1 << (POLICY_FAIL1_IX))),
191 P(POLICY_NEGO_PASS((lset_t)1 << (POLICY_NEGO_PASS_IX))),
192 P(POLICY_DONT_REKEY((lset_t)1 << (POLICY_DONT_REKEY_IX))),
193 P(POLICY_REAUTH((lset_t)1 << (POLICY_REAUTH_IX))),
194 P(POLICY_OPPORTUNISTIC((lset_t)1 << (POLICY_OPPORTUNISTIC_IX))),
195 P(POLICY_GROUP((lset_t)1 << (POLICY_GROUP_IX))),
196 P(POLICY_GROUTED((lset_t)1 << (POLICY_GROUTED_IX))),
197 P(POLICY_GROUPINSTANCE((lset_t)1 << (POLICY_GROUPINSTANCE_IX))),
198 P(POLICY_UP((lset_t)1 << (POLICY_UP_IX))),
199 P(POLICY_XAUTH((lset_t)1 << (POLICY_XAUTH_IX))),
200 P(POLICY_MODECFG_PULL((lset_t)1 << (POLICY_MODECFG_PULL_IX))),
201 P(POLICY_AGGRESSIVE((lset_t)1 << (POLICY_AGGRESSIVE_IX))),
202 P(POLICY_OVERLAPIP((lset_t)1 << (POLICY_OVERLAPIP_IX))),
203 P(POLICY_IKEV2_ALLOW_NARROWING((lset_t)1 << (POLICY_IKEV2_ALLOW_NARROWING_IX))),
204 P(POLICY_IKEV2_PAM_AUTHORIZE((lset_t)1 << (POLICY_IKEV2_PAM_AUTHORIZE_IX))),
205 P(POLICY_SEND_REDIRECT_ALWAYS((lset_t)1 << (POLICY_SEND_REDIRECT_ALWAYS_IX))),
206 P(POLICY_SEND_REDIRECT_NEVER((lset_t)1 << (POLICY_SEND_REDIRECT_NEVER_IX))),
207 P(POLICY_ACCEPT_REDIRECT_YES((lset_t)1 << (POLICY_ACCEPT_REDIRECT_YES_IX))),
208 P(POLICY_IKE_FRAG_ALLOW((lset_t)1 << (POLICY_IKE_FRAG_ALLOW_IX))),
209 P(POLICY_IKE_FRAG_FORCE((lset_t)1 << (POLICY_IKE_FRAG_FORCE_IX))),
210 P(POLICY_NO_IKEPAD((lset_t)1 << (POLICY_NO_IKEPAD_IX))),
211 P(POLICY_MOBIKE((lset_t)1 << (POLICY_MOBIKE_IX))),
212 P(POLICY_PPK_ALLOW((lset_t)1 << (POLICY_PPK_ALLOW_IX))),
213 P(POLICY_PPK_INSIST((lset_t)1 << (POLICY_PPK_INSIST_IX))),
214 P(POLICY_ESN_NO((lset_t)1 << (POLICY_ESN_NO_IX))),
215 P(POLICY_ESN_YES((lset_t)1 << (POLICY_ESN_YES_IX))),
216 P(POLICY_INTERMEDIATE((lset_t)1 << (POLICY_INTERMEDIATE_IX))),
217 P(POLICY_IGNORE_PEER_DNS((lset_t)1 << (POLICY_IGNORE_PEER_DNS_IX))),
218 P(POLICY_RSASIG_v1_5((lset_t)1 << (POLICY_RSASIG_v1_5_IX))),
219#undef P
220};
221
222static const enum_names sa_policy_bit_names = {
223 0, POLICY_IX_LASTPOLICY_RSASIG_v1_5_IX,
224 ARRAY_REF(sa_policy_bit_name)(sa_policy_bit_name), (sizeof(sa_policy_bit_name) / sizeof(*(
sa_policy_bit_name))),
225 "POLICY_", /* prefix */
226 NULL((void*)0)
227};
228
229
230/*
231 * Names for RFC 7427 IKEv2 AUTH signature hash algo sighash_policy_bits
232 */
233static const char *const sighash_policy_bit_name[] = {
234 "SHA2_256",
235 "SHA2_384",
236 "SHA2_512",
237};
238
239const struct enum_names sighash_policy_bit_names = {
240 POL_SIGHASH_SHA2_256_IX,
241 POL_SIGHASH_SHA2_512_IX,
242 ARRAY_REF(sighash_policy_bit_name)(sighash_policy_bit_name), (sizeof(sighash_policy_bit_name) /
sizeof(*(sighash_policy_bit_name))),
243 NULL((void*)0), /* prefix */
244 NULL((void*)0), /* next */
245};
246
247static const char *const keyword_authby_name[] = {
248 "unset",
249 "never",
250 "secret",
251 "rsasig",
252 "ecdsa",
253 "null",
254};
255
256enum_names keyword_authby_names = {
257 AUTHBY_UNSET, AUTHBY_NULL,
258 ARRAY_REF(keyword_authby_name)(keyword_authby_name), (sizeof(keyword_authby_name) / sizeof(
*(keyword_authby_name))),
259 NULL((void*)0), /* prefix */
260 NULL((void*)0)
261};
262
263static const char *const allow_global_redirect_name[] = {
264 "no",
265 "yes",
266 "auto",
267};
268
269enum_names allow_global_redirect_names = {
270 GLOBAL_REDIRECT_NO,
271 GLOBAL_REDIRECT_AUTO,
272 ARRAY_REF(allow_global_redirect_name)(allow_global_redirect_name), (sizeof(allow_global_redirect_name
) / sizeof(*(allow_global_redirect_name))),
273 NULL((void*)0),
274 NULL((void*)0)
275};
276
277static const char *const policy_shunt_names[4] = {
278 "TRAP",
279 "PASS",
280 "DROP",
281 "REJECT",
282};
283
284static const char *const policy_fail_names[4] = {
285 "NONE",
286 "PASS",
287 "DROP",
288 "REJECT",
289};
290
291static const char *const dns_auth_level_name[] = {
292 "PUBKEY_LOCAL",
293 "DNSSEC_INSECURE",
294 "DNSSEC_SECURE",
295};
296
297enum_names dns_auth_level_names = {
298 PUBKEY_LOCAL, DNSSEC_ROOF-1,
299 ARRAY_REF(dns_auth_level_name)(dns_auth_level_name), (sizeof(dns_auth_level_name) / sizeof(
*(dns_auth_level_name))),
300 NULL((void*)0), /* prefix */
301 NULL((void*)0)
302};
303
304/*
305 * enum sa_type
306 */
307
308static const char *const v1_sa_type_name[] = {
309 [IKE_SA] = "ISAKMP SA",
310 [IPSEC_SA] = "IPsec SA"
311};
312
313enum_names v1_sa_type_names = {
314 SA_TYPE_FLOOR0, SA_TYPE_ROOF(IPSEC_SA+1)-1,
315 ARRAY_REF(v1_sa_type_name)(v1_sa_type_name), (sizeof(v1_sa_type_name) / sizeof(*(v1_sa_type_name
))),
316 NULL((void*)0), /* prefix */
317 NULL((void*)0),
318};
319
320static const char *const v2_sa_type_name[] = {
321 [IKE_SA] = "IKE SA",
322 [IPSEC_SA] = "Child SA"
323};
324
325enum_names v2_sa_type_names = {
326 SA_TYPE_FLOOR0, SA_TYPE_ROOF(IPSEC_SA+1)-1,
327 ARRAY_REF(v2_sa_type_name)(v2_sa_type_name), (sizeof(v2_sa_type_name) / sizeof(*(v2_sa_type_name
))),
328 NULL((void*)0), /* prefix */
329 NULL((void*)0),
330};
331
332static const enum_names *sa_type_name[] = {
333 [IKEv1 - IKEv1] = &v1_sa_type_names,
334 [IKEv2 - IKEv1] = &v2_sa_type_names,
335};
336
337enum_enum_names sa_type_names = {
338 IKEv1, IKEv2,
339 ARRAY_REF(sa_type_name)(sa_type_name), (sizeof(sa_type_name) / sizeof(*(sa_type_name
))),
340};
341
342/* enum kernel_policy_op_names */
343
344static const char *kernel_policy_op_name[] = {
345 [0] = "KP_INVALID",
346#define S(E) [E] = #E
347 S(KP_ADD_OUTBOUND),
348 S(KP_REPLACE_OUTBOUND),
349 S(KP_DELETE_OUTBOUND),
350 S(KP_ADD_INBOUND),
351 S(KP_REPLACE_INBOUND),
352 S(KP_DELETE_INBOUND),
353#undef S
354};
355
356enum_names kernel_policy_op_names = {
357 0, elemsof(kernel_policy_op_name)(sizeof(kernel_policy_op_name) / sizeof(*(kernel_policy_op_name
)))-1,
358 ARRAY_REF(kernel_policy_op_name)(kernel_policy_op_name), (sizeof(kernel_policy_op_name) / sizeof
(*(kernel_policy_op_name))),
359 .en_prefix = "KP_",
360};
361
362/* */
363
364static const char *const perspective_name[] = {
365 [NO_PERSPECTIVE] = "NO_PERSPECTIVE",
366 [LOCAL_PERSPECTIVE] = "LOCAL_PERSPECTIVE",
367 [REMOTE_PERSPECTIVE] = "REMOTE_PERSPECTIVE"
368};
369
370enum_names perspective_names = {
371 NO_PERSPECTIVE, REMOTE_PERSPECTIVE,
372 ARRAY_REF(perspective_name)(perspective_name), (sizeof(perspective_name) / sizeof(*(perspective_name
))),
373 NULL((void*)0), /* prefix */
374 NULL((void*)0),
375};
376
377/* print a policy: like bitnamesof, but it also does the non-bitfields.
378 * Suppress the shunt and fail fields if 0.
379 */
380
381size_t jam_policy(struct jambuf *buf, lset_t policy)
382{
383 size_t s = 0;
384
385 lset_t other = policy & ~(POLICY_SHUNT_MASK(((lset_t)1 << (POLICY_SHUNT1_IX)) - ((lset_t)1 <<
(POLICY_SHUNT0_IX)) + ((lset_t)1 << (POLICY_SHUNT1_IX)
)) | POLICY_FAIL_MASK(((lset_t)1 << (POLICY_FAIL1_IX)) - ((lset_t)1 <<
(POLICY_FAIL0_IX)) + ((lset_t)1 << (POLICY_FAIL1_IX))));
386 const char *sep = "";
387 if (other != LEMPTY((lset_t)0)) {
388 s += jam_lset_short(buf, &sa_policy_bit_names, "+", other);
389 sep = "+";
390 }
391
392 lset_t shunt = (policy & POLICY_SHUNT_MASK(((lset_t)1 << (POLICY_SHUNT1_IX)) - ((lset_t)1 <<
(POLICY_SHUNT0_IX)) + ((lset_t)1 << (POLICY_SHUNT1_IX)
)));
393 if (shunt != POLICY_SHUNT_TRAP(SHUNT_DEFAULT * ((lset_t)1 << (POLICY_SHUNT0_IX)))) {
394 s += jam(buf, "%s%s", sep, policy_shunt_names[shunt >> POLICY_SHUNT_SHIFTPOLICY_SHUNT0_IX]);
395 sep = "+";
396 }
397 lset_t fail = (policy & POLICY_FAIL_MASK(((lset_t)1 << (POLICY_FAIL1_IX)) - ((lset_t)1 <<
(POLICY_FAIL0_IX)) + ((lset_t)1 << (POLICY_FAIL1_IX))));
398 if (fail != POLICY_FAIL_NONE(SHUNT_DEFAULT * ((lset_t)1 << (POLICY_FAIL0_IX)))) {
399 s += jam(buf, "%sfailure%s", sep, policy_fail_names[fail >> POLICY_FAIL_SHIFTPOLICY_FAIL0_IX]);
400 sep = "+";
Value stored to 'sep' is never read
401 }
402 return s;
403}
404
405const char *str_policy(lset_t policy, policy_buf *dst)
406{
407 struct jambuf buf = ARRAY_AS_JAMBUF(dst->buf)array_as_jambuf((dst->buf), sizeof(dst->buf));
408 jam_policy(&buf, policy);
409 return dst->buf;
410}
411
412static const enum_names *pluto_enum_names_checklist[] = {
413 &kern_interface_names,
414 &dpd_action_names,
415 &sd_action_names,
416 &natt_method_names,
417 &routing_story,
418 &stf_status_names,
419#ifdef XFRM_SUPPORT1
420 &netkey_sa_dir_names,
421#endif
422 &v1_sa_type_names,
423 &v2_sa_type_names,
424 &perspective_names,
425 &sa_policy_bit_names,
426 &kernel_policy_op_names,
427};
428
429void init_pluto_constants(void) {
430 check_enum_names(ARRAY_REF(pluto_enum_names_checklist)(pluto_enum_names_checklist), (sizeof(pluto_enum_names_checklist
) / sizeof(*(pluto_enum_names_checklist))));
431}