[hipl-commit] [trunk] Rev 4496: Remove pfkey/ipsec code.
- From: Diego Biurrun <diego@xxxxxxxxxx>
- To: hipl-commit@xxxxxxxxxxxxx
- Date: Wed, 12 May 2010 15:29:52 +0300
Committer: Diego Biurrun <diego@xxxxxxxxxx>
Date: 12/05/2010 at 15:29:52
Revision: 4496
Revision-id: diego@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Branch nick: trunk
Log:
Remove pfkey/ipsec code.
Modified:
D hipd/pfkeyapi.c
D lib/ipsec/
D lib/ipsec/ipsec_set_policy.3
D lib/ipsec/ipsec_strerror.3
D lib/ipsec/ipsec_strerror.c
D lib/ipsec/ipsec_strerror.h
D lib/ipsec/libpfkey.h
D lib/ipsec/pfkey.c
D lib/ipsec/pfkeyv2.h
D lib/ipsec/policy_parse.c
D lib/ipsec/policy_parse.h
D lib/ipsec/policy_parse.y
D lib/ipsec/policy_token.l
D lib/tool/pfkeysadb.c
D lib/tool/pfkeysadb.h
D patches/kernel/2.6.22.6/pfkey_xfrmuser_interfamily-2.6.22.6.patch
M COPYING
M Makefile.am
M configure.ac
M hipd/init.c
M lib/tool/xfrmapi.c
M tools/hipl_autobuild.sh
=== modified file 'COPYING'
--- COPYING 2010-03-30 12:41:08 +0000
+++ COPYING 2010-05-12 12:29:33 +0000
@@ -35,7 +35,6 @@
* firewall/user_ipsec_esp.c
* tools/DNS
* lib/tool
- * lib/ipsec
* i3
MIT (Expat) License
=== modified file 'Makefile.am'
--- Makefile.am 2010-05-12 10:09:10 +0000
+++ Makefile.am 2010-05-12 12:29:33 +0000
@@ -5,11 +5,9 @@
# For "make dist"
EXTRA_DIST = .vimrc debian doc patches release.version version.h
EXTRA_DIST += i3/i3-cfg-PL.xml i3/aeshash/aescpp.hh i3/i3/i3_debug.c
i3/utils/netwrap_win32.c
-EXTRA_DIST += lib/ipsec/policy_parse.c lib/ipsec/policy_parse.y
lib/ipsec/policy_token.l
EXTRA_DIST += packaging tools/maintainer
EXTRA_DIST += $(wildcard $(addprefix $(srcdir)/agent/,*.lang))
EXTRA_DIST += $(wildcard $(addprefix $(srcdir)/lib/dht/,*.txt))
-EXTRA_DIST += $(wildcard $(addprefix $(srcdir)/lib/ipsec/,*.3))
EXTRA_DIST += $(wildcard $(addprefix $(srcdir)/test/,*.pl *.sh))
EXTRA_DIST += $(wildcard $(addprefix $(srcdir)/tools/,*.cfg *.pl *.sh))
EXTRA_DIST += $(wildcard $(addprefix $(srcdir)/firewall/,*.cfg))
@@ -60,10 +58,6 @@
### libraries ###
lib_LTLIBRARIES = lib/core/libhipcore.la
-if HIP_PFKEY
-lib_LTLIBRARIES += lib/ipsec/libhipsec.la
-endif
-
if HIP_OPPORTUNISTIC
lib_LTLIBRARIES += lib/opphip/libopphip.la
endif
@@ -130,10 +124,6 @@
hipd_hipd_SOURCES += hipd/dht.c
endif
-if HIP_PFKEY
-hipd_hipd_SOURCES += hipd/pfkeyapi.c
-endif
-
if HIP_MIDAUTH
hipd_hipd_SOURCES += hipd/pisa.c
endif
@@ -221,7 +211,8 @@
lib/tool/checksum.c \
lib/tool/lutil.c \
lib/tool/nlink.c \
- lib/tool/pk.c
+ lib/tool/pk.c \
+ lib/tool/xfrmapi.c
if HIP_AGENT
lib_core_libhipcore_la_SOURCES += lib/core/sqlitedbapi.c
@@ -236,13 +227,6 @@
lib_core_libhipcore_la_SOURCES += lib/core/performance.c
endif
-# don't use libipsec, but xfrmapi
-if HIP_PFKEY
-lib_core_libhipcore_la_SOURCES += lib/tool/pfkeysadb.c
-else
-lib_core_libhipcore_la_SOURCES += lib/tool/xfrmapi.c
-endif # HIPPFKEY
-
lib_opphip_libopphip_la_SOURCES = lib/opphip/wrap.c \
lib/opphip/wrap_db.c
@@ -306,32 +290,6 @@
i3_chord_gen_conf_same_SOURCES = i3/chord/gen_conf_same.c
i3_chord_test_SOURCES = i3/chord/test.c
-############################ NOTE ##################################
-#
-# Note: when you upgrade this library, please do the following:
-#
-# 1. uncomment policy_parse.y and policy_token.l lines
-# 2. "make"
-# 3. disable the policy_parse.y and policy_token.l lines again
-# 4. commit the code (including lex/yacc generated c files)
-#
-# I could not make the lex/yacc stuff work with "make dist" which
-# is mandatory for building e.g. rpm packages. -mk
-####################################################################
-lib_ipsec_libhipsec_la_SOURCES = lib/ipsec/ipsec_strerror.c \
- lib/ipsec/pfkey.c \
- #lib/ipsec/policy_parse.y \
- #lib/ipsec/policy_token.l
-
-AM_YFLAGS = -d -p __libhipsec
-AM_LFLAGS = -P__libhipsec -olex.yy.c
-
-# version is current:revision:age.
-# See:
http://www.gnu.org/manual/libtool-1.4.2/html_chapter/libtool_6.html#SEC32
-#lib_ipsec_libhipsec_la_LDFLAGS = -version-info 0:1:0
-#lib_ipsec_libhipsec_la_LIBADD = $(LEXLIB)
-
-#DISTCLEANFILES = lib/ipsec/policy_parse.c lib/ipsec/policy_token.c
### library dependencies ###
@@ -349,10 +307,6 @@
hipd_hipd_LDADD += i3/libi3.la
endif
-if HIP_PFKEY
-hipd_hipd_LDADD += lib/ipsec/libhipsec.la
-endif
-
agent_hipagent_LDADD = lib/gui/libhipgui.la \
lib/core/libhipcore.la
=== modified file 'configure.ac'
--- configure.ac 2010-05-03 16:43:45 +0000
+++ configure.ac 2010-05-12 12:29:33 +0000
@@ -124,21 +124,6 @@
fi
AM_CONDITIONAL(HIP_AGENT, test x"$ac_cv_use_agent" = x"yes")
-AC_ARG_ENABLE(pfkey,
- AS_HELP_STRING([--enable-pfkey],
- [HIP pfkey extensions (default is NO)]),
- [ac_cv_use_pfkey=$enableval],
- [ac_cv_use_pfkey=no])
-AC_CACHE_CHECK([whether to use pfkey extensions],
- [ac_cv_use_pfkey],
- [ac_cv_use_pfkey=no])
-if test x"$ac_cv_use_pfkey" = x"yes"; then
- AC_DEFINE(CONFIG_HIP_PFKEY)
- AH_TEMPLATE(CONFIG_HIP_PFKEY, [Defined to 1 if pfkey is enabled.])
- AM_PROG_LEX
-fi
-AM_CONDITIONAL(HIP_PFKEY, test x"$ac_cv_use_pfkey" = x"yes")
-
AC_ARG_ENABLE(rvs,
AS_HELP_STRING([--enable-rvs],
[HIP Rendezvous Extensions (default is YES)]),
=== modified file 'hipd/init.c'
--- hipd/init.c 2010-05-12 10:09:10 +0000
+++ hipd/init.c 2010-05-12 12:29:33 +0000
@@ -182,8 +182,6 @@
* - XFRM_BEET changed from 2 to 4
* - crypto algo names changed
*/
-
-#ifndef CONFIG_HIP_PFKEY
if (rel[0] <= 2 && rel[1] <= 6 && rel[2] < 19) {
hip_xfrm_set_beet(2);
hip_xfrm_set_algo_names(0);
@@ -193,7 +191,6 @@
}
/* This requires new kernel versions (the 2.6.18 patch) - jk */
hip_xfrm_set_default_sa_prefix_len(128);
-#endif
}
#ifdef CONFIG_HIP_AGENT
@@ -1059,9 +1056,7 @@
goto out_err;
}
-#ifndef CONFIG_HIP_PFKEY
hip_xfrm_set_nl_ipsec(&hip_nl_ipsec);
-#endif
HIP_IFEL(hip_init_raw_sock_v6(&hip_raw_sock_output_v6, IPPROTO_HIP), -1,
"raw sock output v6\n");
HIP_IFEL(hip_init_raw_sock_v4(&hip_raw_sock_output_v4, IPPROTO_HIP), -1,
"raw sock output v4\n");
=== removed directory 'lib/ipsec'
=== modified file 'lib/tool/xfrmapi.c'
--- lib/tool/xfrmapi.c 2010-04-16 01:30:31 +0000
+++ lib/tool/xfrmapi.c 2010-05-12 12:29:33 +0000
@@ -530,7 +530,6 @@
in_port_t sport, dport;
// Ignore the dst_addr, because xfrm accepts only one address.
- // dst_addr is used only in pfkeyapi.c
_HIP_DEBUG("spi=0x%x\n", spi);
_HIP_DEBUG_IN6ADDR("SA daddr", peer_addr);
@@ -589,8 +588,7 @@
* @return zero on success and non-zero on error
* @note IPv4 addresses in IPv6 mapped format
* @note If you make changes to this function, please change also
- * hipd/user_ipsec_sadb_api.c:hip_userspace_ipsec_add_sa() and
- * pfkeyapi.c:add_sa()
+ * hipd/user_ipsec_sadb_api.c:hip_userspace_ipsec_add_sa().
*/
uint32_t hip_add_sa(const struct in6_addr *saddr,
const struct in6_addr *daddr,
=== modified file 'tools/hipl_autobuild.sh'
--- tools/hipl_autobuild.sh 2010-05-12 10:43:39 +0000
+++ tools/hipl_autobuild.sh 2010-05-12 12:29:33 +0000
@@ -109,10 +109,10 @@
run_program "make -j17 distcheck"
# PISA configuration
-compile --enable-firewall --disable-agent --disable-pfkey --disable-rvs
--disable-hipproxy --disable-i3 --disable-opportunistic --disable-dht
--disable-blind --disable-profiling --enable-debug --enable-midauth
--disable-performance --disable-demo
+compile --enable-firewall --disable-agent --disable-rvs --disable-hipproxy
--disable-i3 --disable-opportunistic --disable-dht --disable-blind
--disable-profiling --enable-debug --enable-midauth --disable-performance
--disable-demo
# Alternative path to vanilla
-compile --enable-firewall --enable-agent --enable-pfkey --disable-rvs
--disable-hipproxy --enable-i3 --disable-opportunistic --disable-dht
--enable-blind --enable-profiling --disable-debug --enable-midauth
--enable-performance --enable-demo
+compile --enable-firewall --enable-agent --disable-rvs --disable-hipproxy
--enable-i3 --disable-opportunistic --disable-dht --enable-blind
--enable-profiling --disable-debug --enable-midauth --enable-performance
--enable-demo
# Compile HIPL within an OpenWrt checkout
CONFIGURATION="OpenWrt ARM crosscompile"
Other related posts:
- » [hipl-commit] [trunk] Rev 4496: Remove pfkey/ipsec code. - Diego Biurrun
