3 files changed, 3 insertions, 19 deletions

diff --git a/sys/netinet/ip_ipsec.c b/sys/netinet/ip_ipsec.c
index 0eb4673..b49b620 100644
--- a/sys/netinet/ip_ipsec.c
+++ b/sys/netinet/ip_ipsec.c
@@ -260,8 +260,7 @@ ip_ipsec_mtu(struct mbuf *m, int mtu)
  * -1 = packet was reinjected and stop processing packet
  */
 int
-ip_ipsec_output(struct mbuf **m, struct inpcb *inp, int *flags, int *error,
-    struct ifnet **ifp)
+ip_ipsec_output(struct mbuf **m, struct inpcb *inp, int *flags, int *error)
 {
 #ifdef IPSEC
 	struct secpolicy *sp = NULL;
@@ -390,20 +389,6 @@ ip_ipsec_output(struct mbuf **m, struct inpcb *inp, int *flags, int *error,
 		} else {
 			/* No IPsec processing for this packet. */
 		}
-#ifdef notyet
-		/*
-		 * If deferred crypto processing is needed, check that
-		 * the interface supports it.
-		 */ 
-		mtag = m_tag_find(*m, PACKET_TAG_IPSEC_OUT_CRYPTO_NEEDED, NULL);
-		if (mtag != NULL && ifp != NULL &&
-		    ((*ifp)->if_capenable & IFCAP_IPSEC) == 0) {
-			/* notify IPsec to do its own crypto */
-			ipsp_skipcrypto_unmark((struct tdb_ident *)(mtag + 1));
-			*error = EHOSTUNREACH;
-			goto bad;
-		}
-#endif
 	}
 done:
 	if (sp != NULL)
diff --git a/sys/netinet/ip_ipsec.h b/sys/netinet/ip_ipsec.h
index 31bc86a..2870c11 100644
--- a/sys/netinet/ip_ipsec.h
+++ b/sys/netinet/ip_ipsec.h
@@ -36,6 +36,5 @@ int	ip_ipsec_filtertunnel(struct mbuf *);
 int	ip_ipsec_fwd(struct mbuf *);
 int	ip_ipsec_input(struct mbuf *);
 int	ip_ipsec_mtu(struct mbuf *, int);
-int	ip_ipsec_output(struct mbuf **, struct inpcb *, int *, int *,
-	    struct ifnet **);
+int	ip_ipsec_output(struct mbuf **, struct inpcb *, int *, int *);
 #endif
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
index b5be6fd..8a53043 100644
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@@ -466,7 +466,7 @@ again:
 
 sendit:
 #ifdef IPSEC
-	switch(ip_ipsec_output(&m, inp, &flags, &error, &ifp)) {
+	switch(ip_ipsec_output(&m, inp, &flags, &error)) {
 	case 1:
 		goto bad;
 	case -1: