From: Florian Westphal <fw@strlen.de>
To: Antony Antony <antony.antony@secunet.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>,
Florian Westphal <fw@strlen.de>,
Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
Andreas Gruenbacher <agruenba@redhat.com>,
devel@linux-ipsec.org, netdev@vger.kernel.org
Subject: Re: [RFC PATCH ipsec-next] udpencap: Remove Obsolete UDP_ENCAP_ESPINUDP_NON_IKE Support
Date: Tue, 24 Oct 2023 17:20:22 +0200 [thread overview]
Message-ID: <20231024152022.GC29201@breakpoint.cc> (raw)
In-Reply-To: <b604dc470c708e1e70c954f1513e4b461531e7cc.1698136108.git.antony.antony@secunet.com>
Antony Antony <antony.antony@secunet.com> wrote:
> The UDP_ENCAP_ESPINUDP_NON_IKE mode, introduced into the Linux kernel
> in 2004 [2], has remained inactive and obsolete for an extended period.
>
> This mode was originally defined in an early version of an IETF draft
> [1] from 2001. By the time it was integrated into the kernel in 2004 [2],
> it had already been replaced by UDP_ENCAP_ESPINUDP [3] in later
> versions of draft-ietf-ipsec-udp-encaps, particularly in version 06.
>
> Over time, UDP_ENCAP_ESPINUDP_NON_IKE has lost its relevance, with no
> known use cases.
>
> With this commit, we remove support for UDP_ENCAP_ESPINUDP_NON_IKE,
> simplifying the code base and eliminating unnecessary complexity.
>
> References:
> [1] https://datatracker.ietf.org/doc/html/draft-ietf-ipsec-udp-encaps-00.txt
>
> [2] Commit that added UDP_ENCAP_ESPINUDP_NON_IKE to the Linux historic
> repository.
>
> Author: Andreas Gruenbacher <agruen@suse.de>
> Date: Fri Apr 9 01:47:47 2004 -0700
>
> [IPSEC]: Support draft-ietf-ipsec-udp-encaps-00/01, some ipec impls need it.
>
> [3] Commit that added UDP_ENCAP_ESPINUDP to the Linux historic
> repository.
>
> Author: Derek Atkins <derek@ihtfp.com>
> Date: Wed Apr 2 13:21:02 2003 -0800
>
> [IPSEC]: Implement UDP Encapsulation framework.
>
> Should I leave the '#define UDP_ENCAP_ESPINUDP_NON_IKE' in the uapi/linux/udp.h?
> since it is a chnage to ABI?
Yes, but you can add e.g. append "(obsolete)" or "(not supported
anymore)" or something like that to the trailing comment.
And you could wrap it in "#ifndef __KERNEL__" to have build breakage
if anytning in the kernel tries to make use of it.
Patch LGTM.
next prev parent reply other threads:[~2023-10-24 15:20 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-24 8:42 [RFC PATCH ipsec-next] udpencap: Remove Obsolete UDP_ENCAP_ESPINUDP_NON_IKE Support Antony Antony
2023-10-24 15:20 ` Florian Westphal [this message]
2023-10-24 16:56 ` [devel-ipsec] " Paul Wouters
2023-10-24 17:23 ` Willem de Bruijn
2023-10-24 17:31 ` [devel-ipsec] " Paul Wouters
2023-11-17 11:26 ` [PATCH " Antony Antony
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231024152022.GC29201@breakpoint.cc \
--to=fw@strlen.de \
--cc=agruenba@redhat.com \
--cc=antony.antony@secunet.com \
--cc=devel@linux-ipsec.org \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
--cc=willemdebruijn.kernel@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.