diff options
| author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2015-03-26 12:21:38 +0000 |
|---|---|---|
| committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2015-03-26 12:21:38 +0000 |
| commit | e34346950920ad7bef89ad3a7de52c4f51e9e449 (patch) | |
| tree | 4593ad98747639b64b5fbed4dc1db482ef160d33 /sys/net/pfkeyv2.c | |
| parent | a5d28101df23ce5bc6e82ccba29919fe0d63d086 (diff) | |
Remove bits of unfinished IPsec proxy support. DNS' KX records, anyone?
ok markus, hshoexer
Diffstat (limited to 'sys/net/pfkeyv2.c')
| -rw-r--r-- | sys/net/pfkeyv2.c | 18 |
1 files changed, 2 insertions, 16 deletions
diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c index 0af998fcf4d..93a88777180 100644 --- a/sys/net/pfkeyv2.c +++ b/sys/net/pfkeyv2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2.c,v 1.138 2014/12/19 17:14:40 tedu Exp $ */ +/* $OpenBSD: pfkeyv2.c,v 1.139 2015/03/26 12:21:37 mikeb Exp $ */ /* * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 @@ -523,9 +523,6 @@ pfkeyv2_get(struct tdb *sa, void **headers, void **buffer, int *lenp) i += sizeof(struct sadb_address) + PADUP(SA_LEN(&sa->tdb_src.sa)); i += sizeof(struct sadb_address) + PADUP(SA_LEN(&sa->tdb_dst.sa)); - if (sa->tdb_proxy.sa.sa_family) - i += sizeof(struct sadb_address) + PADUP(SA_LEN(&sa->tdb_proxy.sa)); - if (sa->tdb_srcid) i += sizeof(struct sadb_ident) + PADUP(sa->tdb_srcid->ref_len); @@ -628,12 +625,6 @@ pfkeyv2_get(struct tdb *sa, void **headers, void **buffer, int *lenp) headers[SADB_EXT_ADDRESS_DST] = p; export_address(&p, (struct sockaddr *) &sa->tdb_dst); - /* Export TDB proxy address, if present */ - if (SA_LEN(&sa->tdb_proxy.sa)) { - headers[SADB_EXT_ADDRESS_PROXY] = p; - export_address(&p, (struct sockaddr *) &sa->tdb_proxy); - } - /* Export source identity, if present */ if (sa->tdb_srcid) { headers[SADB_EXT_IDENTITY_SRC] = p; @@ -1027,8 +1018,6 @@ pfkeyv2_send(struct socket *socket, void *message, int len) headers[SADB_EXT_ADDRESS_SRC]); import_address((struct sockaddr *) &newsa->tdb_dst, headers[SADB_EXT_ADDRESS_DST]); - import_address((struct sockaddr *) &newsa->tdb_proxy, - headers[SADB_EXT_ADDRESS_PROXY]); import_lifetime(newsa, headers[SADB_EXT_LIFETIME_CURRENT], PFKEYV2_LIFETIME_CURRENT); @@ -1095,8 +1084,7 @@ pfkeyv2_send(struct socket *socket, void *message, int len) * change lifetimes and some other information; we're * not allowed to change keys, addresses or identities. */ - if (headers[SADB_EXT_ADDRESS_PROXY] || - headers[SADB_EXT_KEY_AUTH] || + if (headers[SADB_EXT_KEY_AUTH] || headers[SADB_EXT_KEY_ENCRYPT] || headers[SADB_EXT_IDENTITY_SRC] || headers[SADB_EXT_IDENTITY_DST] || @@ -1193,8 +1181,6 @@ pfkeyv2_send(struct socket *socket, void *message, int len) headers[SADB_EXT_ADDRESS_SRC]); import_address((struct sockaddr *) &newsa->tdb_dst, headers[SADB_EXT_ADDRESS_DST]); - import_address((struct sockaddr *) &newsa->tdb_proxy, - headers[SADB_EXT_ADDRESS_PROXY]); import_lifetime(newsa, headers[SADB_EXT_LIFETIME_CURRENT], |