diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2012-09-18 09:24:46 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2012-09-18 09:24:46 +0000 |
| commit | d969a0350bb560c21fa288513e0acdb96c341448 (patch) | |
| tree | dc5167bf22d07ffb5deb1ae4b984954d87266fef /sys/net | |
| parent | 61bab7bd2e23df36bb061a4c0daf8b829b1ae8be (diff) | |
remove the SADB_X_SAFLAGS_{HALFIV,RANDOMPADDING,NOREPLAY} pfkey-API (not set
anywhere) as well as the matching TDBF_{HALFIV,RANDOMPADDING,NOREPLAY} code.
ok mikeb@
Diffstat (limited to 'sys/net')
| -rw-r--r-- | sys/net/pfkeyv2.h | 5 | ||||
| -rw-r--r-- | sys/net/pfkeyv2_convert.c | 21 |
2 files changed, 2 insertions, 24 deletions
diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h index 5720d37dd69..1cd95ed971b 100644 --- a/sys/net/pfkeyv2.h +++ b/sys/net/pfkeyv2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2.h,v 1.61 2012/06/29 14:48:04 mikeb Exp $ */ +/* $OpenBSD: pfkeyv2.h,v 1.62 2012/09/18 09:24:45 markus Exp $ */ /* * @(#)COPYRIGHT 1.1 (NRL) January 1998 * @@ -331,11 +331,8 @@ struct sadb_x_tap { #define SADB_X_CALG_MAX 3 #define SADB_SAFLAGS_PFS 0x001 /* perfect forward secrecy */ -#define SADB_X_SAFLAGS_HALFIV 0x002 /* Used for ESP-old */ #define SADB_X_SAFLAGS_TUNNEL 0x004 /* Force tunneling */ #define SADB_X_SAFLAGS_CHAINDEL 0x008 /* Delete whole SA chain */ -#define SADB_X_SAFLAGS_RANDOMPADDING 0x080 /* Random ESP padding */ -#define SADB_X_SAFLAGS_NOREPLAY 0x100 /* No replay counter */ #define SADB_X_SAFLAGS_UDPENCAP 0x200 /* ESP in UDP */ #define SADB_X_SAFLAGS_ESN 0x400 /* Extended Sequence Number */ diff --git a/sys/net/pfkeyv2_convert.c b/sys/net/pfkeyv2_convert.c index d265d58985d..2f3dc890e6a 100644 --- a/sys/net/pfkeyv2_convert.c +++ b/sys/net/pfkeyv2_convert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2_convert.c,v 1.36 2012/06/29 14:48:04 mikeb Exp $ */ +/* $OpenBSD: pfkeyv2_convert.c,v 1.37 2012/09/18 09:24:45 markus Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@keromytis.org) * @@ -135,18 +135,9 @@ import_sa(struct tdb *tdb, struct sadb_sa *sadb_sa, struct ipsecinit *ii) if (sadb_sa->sadb_sa_flags & SADB_SAFLAGS_PFS) tdb->tdb_flags |= TDBF_PFS; - if (sadb_sa->sadb_sa_flags & SADB_X_SAFLAGS_HALFIV) - tdb->tdb_flags |= TDBF_HALFIV; - if (sadb_sa->sadb_sa_flags & SADB_X_SAFLAGS_TUNNEL) tdb->tdb_flags |= TDBF_TUNNELING; - if (sadb_sa->sadb_sa_flags & SADB_X_SAFLAGS_RANDOMPADDING) - tdb->tdb_flags |= TDBF_RANDOMPADDING; - - if (sadb_sa->sadb_sa_flags & SADB_X_SAFLAGS_NOREPLAY) - tdb->tdb_flags |= TDBF_NOREPLAY; - if (sadb_sa->sadb_sa_flags & SADB_X_SAFLAGS_UDPENCAP) tdb->tdb_flags |= TDBF_UDPENCAP; @@ -279,19 +270,9 @@ export_sa(void **p, struct tdb *tdb) if (tdb->tdb_flags & TDBF_PFS) sadb_sa->sadb_sa_flags |= SADB_SAFLAGS_PFS; - /* Only relevant for the "old" IPsec transforms. */ - if (tdb->tdb_flags & TDBF_HALFIV) - sadb_sa->sadb_sa_flags |= SADB_X_SAFLAGS_HALFIV; - if (tdb->tdb_flags & TDBF_TUNNELING) sadb_sa->sadb_sa_flags |= SADB_X_SAFLAGS_TUNNEL; - if (tdb->tdb_flags & TDBF_RANDOMPADDING) - sadb_sa->sadb_sa_flags |= SADB_X_SAFLAGS_RANDOMPADDING; - - if (tdb->tdb_flags & TDBF_NOREPLAY) - sadb_sa->sadb_sa_flags |= SADB_X_SAFLAGS_NOREPLAY; - if (tdb->tdb_flags & TDBF_UDPENCAP) sadb_sa->sadb_sa_flags |= SADB_X_SAFLAGS_UDPENCAP; |