git: Remove IPsec and related code from the system.

Sascha Wildner swildner at crater.dragonflybsd.org
Sat Apr 21 14:31:35 PDT 2018


commit 755d70b8f2c28b016b6c0330273e7daa38038f27
Author: Sascha Wildner <saw at online.de>
Date:   Sat Apr 21 23:26:37 2018 +0200

    Remove IPsec and related code from the system.
    
    It was unmaintained ever since we inherited it from FreeBSD 4.8.
    
    In fact, we had two implementations from that time: IPSEC and FAST_IPSEC.
    FAST_IPSEC is the implementation to which FreeBSD has moved since, but
    it didn't even build in DragonFly.
    
    Fixes for dports have been committed to DeltaPorts.
    
    Requested-by: dillon
    Dports-testing-and-fixing: zrj

Summary of changes:
 Makefile_upgrade.inc                 |   24 +
 UPDATING                             |    8 +
 etc/defaults/rc.conf                 |    2 -
 etc/mtree/BSD.include.dist           |    4 -
 etc/rc.d/Makefile                    |    3 +-
 etc/rc.d/ipsec                       |   70 -
 etc/rc.d/rtadvd                      |    9 -
 gnu/usr.bin/groff/tmac/fr.ISO8859-1  |    1 -
 gnu/usr.bin/groff/tmac/ru.KOI8-R     |    1 -
 include/Makefile                     |    5 +-
 lib/Makefile                         |    1 -
 lib/libc/gen/sysctl.3                |    9 +-
 lib/libc/net/getnameinfo.c           |    1 -
 lib/libipsec/Makefile                |   56 -
 lib/libipsec/ipsec_dump_policy.c     |  299 --
 lib/libipsec/ipsec_get_policylen.c   |   47 -
 lib/libipsec/ipsec_set_policy.3      |  277 --
 lib/libipsec/ipsec_strerror.3        |   88 -
 lib/libipsec/ipsec_strerror.c        |   88 -
 lib/libipsec/ipsec_strerror.h        |   64 -
 lib/libipsec/libpfkey.h              |   91 -
 lib/libipsec/pfkey.c                 | 1986 ---------
 lib/libipsec/pfkey_dump.c            |  587 ---
 lib/libipsec/policy_parse.y          |  425 --
 lib/libipsec/policy_token.l          |  151 -
 lib/libipsec/test-policy.c           |  334 --
 sbin/ping/Makefile                   |    5 -
 sbin/ping/ping.8                     |   11 +-
 sbin/ping/ping.c                     |   77 +-
 sbin/ping6/Makefile                  |    6 +-
 sbin/ping6/ping6.8                   |   22 +-
 sbin/ping6/ping6.c                   |  121 +-
 share/initrd/sbin.libcrypto/Makefile |    1 -
 share/initrd/sbin/Makefile           |    2 +-
 share/man/man4/Makefile              |    2 -
 share/man/man4/aesni.4               |    3 +-
 share/man/man4/crypto.4              |    3 +-
 share/man/man4/fast_ipsec.4          |  107 -
 share/man/man4/hifn.4                |    5 +-
 share/man/man4/ip6.4                 |   10 +-
 share/man/man4/ipsec.4               |  326 --
 share/man/man4/padlock.4             |    9 +-
 share/man/man4/pfsync.4              |   22 +-
 share/man/man4/safe.4                |    5 +-
 share/man/man4/tcp.4                 |    5 +-
 share/man/man4/txp.4                 |   12 +-
 share/man/man4/ubsec.4               |    6 +-
 share/man/man5/rc.conf.5             |   15 +-
 share/man/man7/hier.7                |    4 +-
 share/man/man9/crypto.9              |   24 +-
 share/mk/bsd.libnames.mk             |    1 -
 sys/conf/files                       |   39 -
 sys/conf/options                     |   10 +-
 sys/config/LINT64                    |   41 +-
 sys/config/VKERNEL64                 |    4 -
 sys/crypto/blowfish/bf_ecb.c         |   85 -
 sys/net/pf/if_pfsync.c               |   17 -
 sys/net/pfkeyv2.h                    |  402 --
 sys/netinet/in.h                     |    4 +-
 sys/netinet/in_pcb.c                 |   35 -
 sys/netinet/in_pcb.h                 |    4 +-
 sys/netinet/in_proto.c               |  116 -
 sys/netinet/ip_divert.c              |    1 -
 sys/netinet/ip_icmp.c                |   22 -
 sys/netinet/ip_input.c               |  205 -
 sys/netinet/ip_output.c              |  336 --
 sys/netinet/raw_ip.c                 |   41 -
 sys/netinet/tcp_input.c              |   34 -
 sys/netinet/tcp_output.c             |   18 -
 sys/netinet/tcp_subr.c               |   58 -
 sys/netinet/tcp_syncache.c           |   23 -
 sys/netinet/tcp_usrreq.c             |    5 -
 sys/netinet/udp_usrreq.c             |   44 -
 sys/netinet6/ah.h                    |  102 -
 sys/netinet6/ah6.h                   |   63 -
 sys/netinet6/ah_core.c               | 1537 -------
 sys/netinet6/ah_input.c              | 1037 -----
 sys/netinet6/ah_output.c             |  574 ---
 sys/netinet6/esp.h                   |  112 -
 sys/netinet6/esp6.h                  |   60 -
 sys/netinet6/esp_aesctr.c            |  447 ---
 sys/netinet6/esp_camellia.c          |   81 -
 sys/netinet6/esp_core.c              | 1057 -----
 sys/netinet6/esp_input.c             |  978 -----
 sys/netinet6/esp_output.c            |  699 ----
 sys/netinet6/esp_rijndael.c          |  109 -
 sys/netinet6/icmp6.c                 |   16 -
 sys/netinet6/in6.h                   |    4 -
 sys/netinet6/in6_pcb.c               |   24 -
 sys/netinet6/in6_proto.c             |   77 -
 sys/netinet6/ip6_forward.c           |  193 -
 sys/netinet6/ip6_input.c             |   36 -
 sys/netinet6/ip6_output.c            |  287 +-
 sys/netinet6/ipcomp.h                |   79 -
 sys/netinet6/ipcomp6.h               |   56 -
 sys/netinet6/ipcomp_core.c           |  342 --
 sys/netinet6/ipcomp_input.c          |  345 --
 sys/netinet6/ipcomp_output.c         |  363 --
 sys/netinet6/ipsec.c                 | 3474 ----------------
 sys/netinet6/ipsec.h                 |  352 --
 sys/netinet6/ipsec6.h                |   87 -
 sys/netinet6/nd6_nbr.c               |    8 -
 sys/netinet6/raw_ip6.c               |   51 -
 sys/netinet6/udp6_output.c           |    8 -
 sys/netinet6/udp6_usrreq.c           |   63 -
 sys/netproto/ipsec/ah.h              |   57 -
 sys/netproto/ipsec/ah_var.h          |   79 -
 sys/netproto/ipsec/esp.h             |   70 -
 sys/netproto/ipsec/esp_var.h         |   82 -
 sys/netproto/ipsec/ipcomp.h          |   56 -
 sys/netproto/ipsec/ipcomp_var.h      |   68 -
 sys/netproto/ipsec/ipip_var.h        |   66 -
 sys/netproto/ipsec/ipsec.c           | 1854 ---------
 sys/netproto/ipsec/ipsec.h           |  390 --
 sys/netproto/ipsec/ipsec6.h          |   91 -
 sys/netproto/ipsec/ipsec_input.c     |  782 ----
 sys/netproto/ipsec/ipsec_mbuf.c      |  479 ---
 sys/netproto/ipsec/ipsec_output.c    |  754 ----
 sys/netproto/ipsec/key.c             | 6966 --------------------------------
 sys/netproto/ipsec/key.h             |  115 -
 sys/netproto/ipsec/key_debug.c       |  725 ----
 sys/netproto/ipsec/key_debug.h       |   89 -
 sys/netproto/ipsec/key_var.h         |   73 -
 sys/netproto/ipsec/keydb.h           |  182 -
 sys/netproto/ipsec/keysock.c         |  584 ---
 sys/netproto/ipsec/keysock.h         |   83 -
 sys/netproto/ipsec/xform.h           |  127 -
 sys/netproto/ipsec/xform_ah.c        | 1205 ------
 sys/netproto/ipsec/xform_esp.c       |  971 -----
 sys/netproto/ipsec/xform_ipcomp.c    |  618 ---
 sys/netproto/ipsec/xform_ipip.c      |  707 ----
 sys/netproto/key/key.c               | 7366 ----------------------------------
 sys/netproto/key/key.h               |   84 -
 sys/netproto/key/key_debug.c         |  726 ----
 sys/netproto/key/key_debug.h         |   89 -
 sys/netproto/key/key_var.h           |   73 -
 sys/netproto/key/keydb.c             |  195 -
 sys/netproto/key/keydb.h             |  181 -
 sys/netproto/key/keysock.c           |  641 ---
 sys/netproto/key/keysock.h           |   83 -
 sys/platform/pc64/conf/files         |    2 -
 sys/platform/vkernel64/conf/files    |    2 -
 sys/sys/mbuf.h                       |   13 -
 sys/sys/param.h                      |    3 +-
 sys/sys/priv.h                       |    7 +-
 tools/tools/crypto/Makefile          |    6 +-
 tools/tools/crypto/ipsecstats.c      |  180 -
 usr.bin/kdump/mkioctls               |    2 +-
 usr.bin/netstat/Makefile             |    3 +-
 usr.bin/netstat/ipsec.c              |  314 --
 usr.bin/netstat/main.c               |   61 +-
 usr.bin/netstat/netstat.1            |    8 +-
 usr.bin/netstat/netstat.h            |    7 -
 usr.bin/telnet/Makefile              |    4 -
 usr.bin/telnet/commands.c            |   38 -
 usr.bin/telnet/externs.h             |    8 -
 usr.bin/telnet/main.c                |   28 +-
 usr.sbin/Makefile                    |    1 -
 usr.sbin/authpf/authpf.8             |   56 +-
 usr.sbin/inetd/Makefile              |    7 +-
 usr.sbin/inetd/inetd.8               |   30 +-
 usr.sbin/inetd/inetd.c               |  134 -
 usr.sbin/inetd/inetd.h               |    3 -
 usr.sbin/mld6query/Makefile          |    2 +-
 usr.sbin/rrenumd/Makefile            |    6 +-
 usr.sbin/rrenumd/rrenumd.c           |  160 +-
 usr.sbin/rtadvd/rtadvd.8             |    3 +-
 usr.sbin/setkey/Makefile             |   54 -
 usr.sbin/setkey/parse.y              |  937 -----
 usr.sbin/setkey/sample.cf            |  220 -
 usr.sbin/setkey/scriptdump           |   56 -
 usr.sbin/setkey/setkey.8             |  627 ---
 usr.sbin/setkey/setkey.c             |  635 ---
 usr.sbin/setkey/test-pfkey.c         |  501 ---
 usr.sbin/setkey/test-policy.c        |  161 -
 usr.sbin/setkey/token.l              |  323 --
 usr.sbin/setkey/vchar.h              |   37 -
 usr.sbin/traceroute6/Makefile        |    6 +-
 usr.sbin/traceroute6/traceroute6.c   |   98 -
 179 files changed, 163 insertions(+), 50991 deletions(-)
 delete mode 100644 etc/rc.d/ipsec
 delete mode 100644 lib/libipsec/Makefile
 delete mode 100644 lib/libipsec/ipsec_dump_policy.c
 delete mode 100644 lib/libipsec/ipsec_get_policylen.c
 delete mode 100644 lib/libipsec/ipsec_set_policy.3
 delete mode 100644 lib/libipsec/ipsec_strerror.3
 delete mode 100644 lib/libipsec/ipsec_strerror.c
 delete mode 100644 lib/libipsec/ipsec_strerror.h
 delete mode 100644 lib/libipsec/libpfkey.h
 delete mode 100644 lib/libipsec/pfkey.c
 delete mode 100644 lib/libipsec/pfkey_dump.c
 delete mode 100644 lib/libipsec/policy_parse.y
 delete mode 100644 lib/libipsec/policy_token.l
 delete mode 100644 lib/libipsec/test-policy.c
 delete mode 100644 share/man/man4/fast_ipsec.4
 delete mode 100644 share/man/man4/ipsec.4
 delete mode 100644 sys/crypto/blowfish/bf_ecb.c
 delete mode 100644 sys/net/pfkeyv2.h
 delete mode 100644 sys/netinet6/ah.h
 delete mode 100644 sys/netinet6/ah6.h
 delete mode 100644 sys/netinet6/ah_core.c
 delete mode 100644 sys/netinet6/ah_input.c
 delete mode 100644 sys/netinet6/ah_output.c
 delete mode 100644 sys/netinet6/esp.h
 delete mode 100644 sys/netinet6/esp6.h
 delete mode 100644 sys/netinet6/esp_aesctr.c
 delete mode 100644 sys/netinet6/esp_camellia.c
 delete mode 100644 sys/netinet6/esp_core.c
 delete mode 100644 sys/netinet6/esp_input.c
 delete mode 100644 sys/netinet6/esp_output.c
 delete mode 100644 sys/netinet6/esp_rijndael.c
 delete mode 100644 sys/netinet6/ipcomp.h
 delete mode 100644 sys/netinet6/ipcomp6.h
 delete mode 100644 sys/netinet6/ipcomp_core.c
 delete mode 100644 sys/netinet6/ipcomp_input.c
 delete mode 100644 sys/netinet6/ipcomp_output.c
 delete mode 100644 sys/netinet6/ipsec.c
 delete mode 100644 sys/netinet6/ipsec.h
 delete mode 100644 sys/netinet6/ipsec6.h
 delete mode 100644 sys/netproto/ipsec/ah.h
 delete mode 100644 sys/netproto/ipsec/ah_var.h
 delete mode 100644 sys/netproto/ipsec/esp.h
 delete mode 100644 sys/netproto/ipsec/esp_var.h
 delete mode 100644 sys/netproto/ipsec/ipcomp.h
 delete mode 100644 sys/netproto/ipsec/ipcomp_var.h
 delete mode 100644 sys/netproto/ipsec/ipip_var.h
 delete mode 100644 sys/netproto/ipsec/ipsec.c
 delete mode 100644 sys/netproto/ipsec/ipsec.h
 delete mode 100644 sys/netproto/ipsec/ipsec6.h
 delete mode 100644 sys/netproto/ipsec/ipsec_input.c
 delete mode 100644 sys/netproto/ipsec/ipsec_mbuf.c
 delete mode 100644 sys/netproto/ipsec/ipsec_output.c
 delete mode 100644 sys/netproto/ipsec/key.c
 delete mode 100644 sys/netproto/ipsec/key.h
 delete mode 100644 sys/netproto/ipsec/key_debug.c
 delete mode 100644 sys/netproto/ipsec/key_debug.h
 delete mode 100644 sys/netproto/ipsec/key_var.h
 delete mode 100644 sys/netproto/ipsec/keydb.h
 delete mode 100644 sys/netproto/ipsec/keysock.c
 delete mode 100644 sys/netproto/ipsec/keysock.h
 delete mode 100644 sys/netproto/ipsec/xform.h
 delete mode 100644 sys/netproto/ipsec/xform_ah.c
 delete mode 100644 sys/netproto/ipsec/xform_esp.c
 delete mode 100644 sys/netproto/ipsec/xform_ipcomp.c
 delete mode 100644 sys/netproto/ipsec/xform_ipip.c
 delete mode 100644 sys/netproto/key/key.c
 delete mode 100644 sys/netproto/key/key.h
 delete mode 100644 sys/netproto/key/key_debug.c
 delete mode 100644 sys/netproto/key/key_debug.h
 delete mode 100644 sys/netproto/key/key_var.h
 delete mode 100644 sys/netproto/key/keydb.c
 delete mode 100644 sys/netproto/key/keydb.h
 delete mode 100644 sys/netproto/key/keysock.c
 delete mode 100644 sys/netproto/key/keysock.h
 delete mode 100644 tools/tools/crypto/ipsecstats.c
 delete mode 100644 usr.bin/netstat/ipsec.c
 delete mode 100644 usr.sbin/setkey/Makefile
 delete mode 100644 usr.sbin/setkey/parse.y
 delete mode 100644 usr.sbin/setkey/sample.cf
 delete mode 100644 usr.sbin/setkey/scriptdump
 delete mode 100644 usr.sbin/setkey/setkey.8
 delete mode 100644 usr.sbin/setkey/setkey.c
 delete mode 100644 usr.sbin/setkey/test-pfkey.c
 delete mode 100644 usr.sbin/setkey/test-policy.c
 delete mode 100644 usr.sbin/setkey/token.l
 delete mode 100644 usr.sbin/setkey/vchar.h

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/755d70b8f2c28b016b6c0330273e7daa38038f27


-- 
DragonFly BSD source repository


More information about the Commits mailing list