Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ipsec: Remove dead code for IPsec node encryption #28898

Merged
merged 1 commit into from Nov 6, 2023
Merged

ipsec: Remove dead code for IPsec node encryption #28898

merged 1 commit into from Nov 6, 2023

Conversation

pchaigno
Copy link
Member

Node encryption for IPsec hasn't been supported since 1d2674d ("docs: ipsec: remove node-to-node encryption") and subsequent commits. The feature also wasn't working since several releases.

This commit simply removes the code for that feature. This code has no use now and makes changes to IPsec slightly more difficult.

Commit 1d2674d was merged in v1.12 so I marked this code removal for backports to v1.13 and v1.14 to simplify backports there as well.

@pchaigno pchaigno added area/encryption Impacts encryption support such as IPSec, WireGuard, or kTLS. release-note/misc This PR makes changes that have no direct user impact. needs-backport/1.13 This PR / issue needs backporting to the v1.13 branch needs-backport/1.14 This PR / issue needs backporting to the v1.14 branch labels Oct 31, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from main in 1.14.4 Oct 31, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from main in 1.13.9 Oct 31, 2023
@pchaigno pchaigno force-pushed the remove-ipsec-node-encryption-code branch from 482fda0 to 1647c49 Compare October 31, 2023 11:19
@pchaigno
ipsec: Remove dead code for IPsec node encryption
66261a7 
Node encryption for IPsec hasn't been supported since 1d2674d ("docs:
ipsec: remove node-to-node encryption") and subsequent commits. The
feature also wasn't working since several releases.

This commit simply removes the code for that feature. This code has no
use now and makes changes to IPsec slightly more difficult.

Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
@pchaigno pchaigno force-pushed the remove-ipsec-node-encryption-code branch from 1647c49 to 66261a7 Compare October 31, 2023 20:19
@pchaigno
Copy link
Member Author

/test

@pchaigno pchaigno marked this pull request as ready for review November 2, 2023 10:43
@pchaigno pchaigno requested review from a team as code owners November 2, 2023 10:43
jschwinger233
jschwinger233 reviewed Nov 2, 2023
View reviewed changes
Copy link
Member

@jschwinger233 jschwinger233 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we delete EncryptNode field definition at the same time?

@pchaigno
Copy link
Member Author

pchaigno commented Nov 2, 2023

Should we delete EncryptNode field definition at the same time?

Do you mean the flag? It's still used for WireGuard node encryption.

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Nov 2, 2023
@pchaigno pchaigno removed the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Nov 2, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Nov 2, 2023
@pchaigno pchaigno added dont-merge/bad-bot To prevent MLH from marking ready-to-merge. and removed ready-to-merge This PR has passed all tests and received consensus from code owners to merge. dont-merge/bad-bot To prevent MLH from marking ready-to-merge. labels Nov 2, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Nov 4, 2023
@pchaigno pchaigno merged commit df969b7 into cilium:main Nov 6, 2023
62 checks passed
@pchaigno pchaigno deleted the remove-ipsec-node-encryption-code branch November 6, 2023 07:25
@jibi jibi mentioned this pull request Nov 7, 2023
Merged
15 tasks
@jibi jibi added backport-pending/1.14 The backport for Cilium 1.14.x for this PR is in progress. and removed needs-backport/1.14 This PR / issue needs backporting to the v1.14 branch labels Nov 7, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from main to Backport pending to v1.14 in 1.14.4 Nov 7, 2023
@jibi jibi mentioned this pull request Nov 7, 2023
Merged
7 tasks
@jibi jibi added backport-pending/1.13 The backport for Cilium 1.13.x for this PR is in progress. and removed needs-backport/1.13 This PR / issue needs backporting to the v1.13 branch labels Nov 7, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from main to Backport pending to v1.13 in 1.13.9 Nov 7, 2023
@github-actions github-actions bot added backport-done/1.13 The backport for Cilium 1.13.x for this PR is done. and removed backport-pending/1.13 The backport for Cilium 1.13.x for this PR is in progress. labels Nov 8, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot removed this from Backport pending to v1.13 in 1.13.9 Nov 8, 2023
@github-actions github-actions bot added backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. and removed backport-pending/1.14 The backport for Cilium 1.14.x for this PR is in progress. labels Nov 8, 2023
@thorn3r thorn3r mentioned this pull request Nov 9, 2023
Merged
@nathanjsweet nathanjsweet mentioned this pull request Nov 12, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jschwinger233 jschwinger233 jschwinger233 approved these changes

Assignees
No one assigned
Labels
area/encryption Impacts encryption support such as IPSec, WireGuard, or kTLS. backport-done/1.13 The backport for Cilium 1.13.x for this PR is done. backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.
Projects
No open projects
1.14.4
Backport pending to v1.14
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@pchaigno @jschwinger233 @jibi