diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/pluto/kernel.c | 21 | ||||
| -rw-r--r-- | src/pluto/kernel.h | 46 | ||||
| -rw-r--r-- | src/pluto/server.c | 3 |
3 files changed, 0 insertions, 70 deletions
diff --git a/src/pluto/kernel.c b/src/pluto/kernel.c index c140d6777..9654ef387 100644 --- a/src/pluto/kernel.c +++ b/src/pluto/kernel.c @@ -1763,8 +1763,6 @@ failed: return result; } -const struct kernel_ops *kernel_ops; - /** * Data for acquire events */ @@ -1822,25 +1820,6 @@ METHOD(kernel_listener_t, acquire, bool, void init_kernel(void) { #ifdef KLIPS - -#if defined(linux) && defined(KERNEL26_SUPPORT) - { - bool linux_ipsec = 0; - struct stat buf; - - linux_ipsec = (stat("/proc/net/pfkey", &buf) == 0); - if (linux_ipsec) - { - plog("Using Linux 2.6 IPsec interface code"); - kernel_ops = &linux_kernel_ops; - } - else - { - plog("Using KLIPS IPsec interface code"); - } - } -#endif - /* register SA types that we can negotiate */ can_do_IPcomp = FALSE; /* until we get a response from the kernel */ pfkey_register(); diff --git a/src/pluto/kernel.h b/src/pluto/kernel.h index b1bc023d5..ca6c5424a 100644 --- a/src/pluto/kernel.h +++ b/src/pluto/kernel.h @@ -75,52 +75,6 @@ struct kernel_sa { const char *text_said; }; -struct kernel_ops { - enum { - KERNEL_TYPE_NONE, - KERNEL_TYPE_KLIPS, - KERNEL_TYPE_LINUX, - } type; - bool inbound_eroute; - bool policy_lifetime; - int *async_fdp; - - void (*init)(void); - void (*pfkey_register)(void); - void (*pfkey_register_response)(const struct sadb_msg *msg); - void (*process_queue)(void); - void (*process_msg)(void); - bool (*raw_eroute)(const ip_address *this_host, - const ip_subnet *this_client, - const ip_address *that_host, - const ip_subnet *that_client, - ipsec_spi_t spi, - unsigned int satype, - unsigned int transport_proto, - const struct pfkey_proto_info *proto_info, - time_t use_lifetime, - unsigned int op, - const char *text_said); - bool (*get_policy)(const struct kernel_sa *sa, bool inbound, - time_t *use_time); - bool (*add_sa)(const struct kernel_sa *sa, bool replace); - bool (*grp_sa)(const struct kernel_sa *sa_outer, - const struct kernel_sa *sa_inner); - bool (*del_sa)(const struct kernel_sa *sa); - bool (*get_sa)(const struct kernel_sa *sa, u_int *bytes); - ipsec_spi_t (*get_spi)(const ip_address *src, - const ip_address *dst, - int proto, - bool tunnel_mode, - unsigned reqid, - ipsec_spi_t min, - ipsec_spi_t max, - const char *text_said); -}; - - -extern const struct kernel_ops *kernel_ops; - extern void show_shunt_status(void); #endif diff --git a/src/pluto/server.c b/src/pluto/server.c index 1f90039a8..64697afcb 100644 --- a/src/pluto/server.c +++ b/src/pluto/server.c @@ -468,7 +468,6 @@ create_socket(struct raw_iface *ifp, const char *v_name, int port) #endif #if defined(linux) && defined(KERNEL26_SUPPORT) - if (!no_klips && kernel_ops->type == KERNEL_TYPE_LINUX) { struct sadb_x_policy policy; int level, opt; @@ -579,7 +578,6 @@ process_raw_ifaces(struct raw_iface *rifaces) * "after" allows us to avoid double reporting. */ #if defined(linux) && defined(KERNEL26_SUPPORT) - if (!no_klips && kernel_ops->type == KERNEL_TYPE_LINUX) { if (after) { @@ -604,7 +602,6 @@ process_raw_ifaces(struct raw_iface *rifaces) continue; #if defined(linux) && defined(KERNEL26_SUPPORT) - if (!no_klips && kernel_ops->type == KERNEL_TYPE_LINUX) { v = ifp; goto add_entry; |