Clean up this header file...

use CTASSERTs now that we have them... Replace a draft w/ RFC that's over 10 years old. Note that _AALG and _EALG do not need to match what the IKE daemons think they should be.. This is part of the KABI... I decided to renumber AESCTR, but since we've never had working AESCTR mode, I'm not really breaking anything.. and it shortens a loop by quite a bit.. remove SKIPJACK IPsec support... SKIPJACK never made it out of draft (in 1999), only has 80bit key, NIST recommended it stop being used after 2010, and setkey nor any of the IKE daemons I checked supported it... jmgurney/ipsecgcm: a357a33, c75808b, e008669, b27b6d6 Reviewed by: gnn (earlier version)
author: jmg <jmg@FreeBSD.org> 2015-07-31 00:23:21 +0000
committer: jmg <jmg@FreeBSD.org> 2015-07-31 00:23:21 +0000
commit: c00fae0f3e4fd221e33f4655c2b03af537e8efce (patch)
tree: 072f9cc6a476463ec1d6d1ca1bef81287ecd6220 /sys/netipsec
parent: 37e3e3f76e862102cb1cc17045936361488f8f33 (diff)
download: FreeBSD-src-c00fae0f3e4fd221e33f4655c2b03af537e8efce.zip
FreeBSD-src-c00fae0f3e4fd221e33f4655c2b03af537e8efce.tar.gz
1 files changed, 0 insertions, 2 deletions
diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c
index dbb1a27..67551ca 100644
--- a/sys/netipsec/xform_esp.c
+++ b/sys/netipsec/xform_esp.c
@@ -115,8 +115,6 @@ esp_algorithm_lookup(int alg)
 		return &enc_xform_blf;
 	case SADB_X_EALG_CAST128CBC:
 		return &enc_xform_cast5;
-	case SADB_X_EALG_SKIPJACK:
-		return &enc_xform_skipjack;
 	case SADB_EALG_NULL:
 		return &enc_xform_null;
 	case SADB_X_EALG_CAMELLIACBC:
author	jmg <jmg@FreeBSD.org>	2015-07-31 00:23:21 +0000
committer	jmg <jmg@FreeBSD.org>	2015-07-31 00:23:21 +0000
commit	c00fae0f3e4fd221e33f4655c2b03af537e8efce (patch)
tree	072f9cc6a476463ec1d6d1ca1bef81287ecd6220 /sys/netipsec
parent	37e3e3f76e862102cb1cc17045936361488f8f33 (diff)
download	FreeBSD-src-c00fae0f3e4fd221e33f4655c2b03af537e8efce.zip FreeBSD-src-c00fae0f3e4fd221e33f4655c2b03af537e8efce.tar.gz