Re: ipsec: remove unused `PolicyHead' from 'sockaddr_encap' structure

2021-07-13 Thread Vitaliy Makkoveev 
On Mon, Jul 12, 2021 at 01:47:25PM +0200, Tobias Heider wrote:
> On Sun, Jul 11, 2021 at 05:33:18AM +0300, Vitaliy Makkoveev wrote:
> > This member is never set or used. Also I kept 'SENT_IP6' definition for
> > prevent the potential break of third party software. Is it ok to
> > redefine it to '0x0002'? At least openswan wants this [1].
> > 
> > 1. 
> > https://github.com/xelerance/Openswan/blob/master/include/openswan/ipsec_encap.h#L20
> 
> I wouldn't worry about third party software. Those defines are within
> #ifdef _KERNEL so everyone using those is doing it wrong anyway.
> 

'sockaddr_encap' structure defined outside _KERNEL boundaries but some
related definitions like 'sen_*' and 'SENT_*' are defined within. This
makes 'sockaddr_encap' definition inconsistent. We don't use this
structure outside kernel, so it looks like it should not be visible to
userland too.

> ok with SENT_IP6 changed to 0x0002.
> 

Commited, thanks.

Re: ipsec: remove unused `PolicyHead' from 'sockaddr_encap' structure

2021-07-12 Thread Tobias Heider 
On Sun, Jul 11, 2021 at 05:33:18AM +0300, Vitaliy Makkoveev wrote:
> This member is never set or used. Also I kept 'SENT_IP6' definition for
> prevent the potential break of third party software. Is it ok to
> redefine it to '0x0002'? At least openswan wants this [1].
> 
> 1. 
> https://github.com/xelerance/Openswan/blob/master/include/openswan/ipsec_encap.h#L20

I wouldn't worry about third party software. Those defines are within
#ifdef _KERNEL so everyone using those is doing it wrong anyway.

ok with SENT_IP6 changed to 0x0002.

> 
> Index: sys/netinet/ip_ipsp.h
> ===
> RCS file: /cvs/src/sys/netinet/ip_ipsp.h,v
> retrieving revision 1.200
> diff -u -p -r1.200 ip_ipsp.h
> --- sys/netinet/ip_ipsp.h 8 Jul 2021 21:07:19 -   1.200
> +++ sys/netinet/ip_ipsp.h 11 Jul 2021 02:25:17 -
> @@ -113,8 +113,6 @@ struct sockaddr_encap {
>   u_int16_t   Sport;
>   u_int16_t   Dport;
>   } Sip6;
> -
> - struct ipsec_policy *PolicyHead;/* SENT_IPSP */
>   } Sen;
>  };
>  
> @@ -208,7 +206,6 @@ struct m_tag;
>  #define  sen_ip6_sport   Sen.Sip6.Sport
>  #define  sen_ip6_dport   Sen.Sip6.Dport
>  #define  sen_ip6_direction   Sen.Sip6.Direction
> -#define  sen_ipspSen.PolicyHead
>  
>  /*
>   * The "type" is really part of the address as far as the routing
> @@ -219,7 +216,6 @@ struct m_tag;
>   */
>  
>  #define  SENT_IP40x0001  /* data is two struct in_addr */
> -#define  SENT_IPSP   0x0002  /* data as in IP4/6 plus SPI */
>  #define  SENT_IP60x0004
>  
>  #define  SENT_LENsizeof(struct sockaddr_encap)
>