Page MenuHomeFreeBSD

Add deprecation warnings for weaker algorithms to geli(4).
ClosedPublic

Authored by jhb on May 21 2019, 10:17 PM.

Details

Summary
  • Triple DES has been formally deprecated in Kerberos (RFC 8429) and is soon to be deprecated in IPsec (RFC 8221).
  • Blowfish is deprecated. FreeBSD doesn't support its successor (Twofish).
  • MD5 is generally considered a weak digest that has known attacks.

geli refuses to create new volumes using these algorithms via
'geli init'. It also warns when attaching to existing volumes or
creating temporary volumes via 'geli onetime' . The plan is to
fully remove support for these algorithms in FreeBSD 13.

Test Plan
  • geli onetime using deprecated warnings still works but generates a warning (one per invocation of 'geli onetime')
  • geli init fails to create volumes using deprecated algorithms, but still works for AES-XTS.

Diff Detail

Repository
rS FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

jhb created this revision.May 21 2019, 10:17 PM
delphij accepted this revision.May 21 2019, 10:49 PM
This revision is now accepted and ready to land.May 21 2019, 10:49 PM
cem accepted this revision.May 22 2019, 12:05 AM
cem added inline comments.
lib/geom/eli/geli.8
904 ↗(On Diff #57658)

This isn't one of the canonical mdoc(7) sections. There's ".Sh CAVEATS" or ".Sh SECURITY CONSIDERATIONS" that might fit.

This is kind of an odd thing to put in a manual page. Probably for deprecation in head, we should un-document options we intend to remove. I would guess this is targeted at 12.1 and maybe 11.x MFC?

906 ↗(On Diff #57658)

I think Nm is probably the wrong macro. For this page, it would usually be geli. Maybe one of Cm/Ar/Ic or quotes/emphasis?

jhb added inline comments.May 23 2019, 8:56 PM
lib/geom/eli/geli.8
904 ↗(On Diff #57658)

We have done this in the past when adding deprecation notices. It is intended to be MFC'd, yes. In head once the support is removed, this part of the manpage would get removed as well.

906 ↗(On Diff #57658)

Hmm. .Nm is indeed wrong, but it is what the rest of the manpage uses for algorithms (I just copied it from other places in the manpage).

This revision was automatically updated to reflect the committed changes.
ngie added subscribers: lwhsu, ngie.May 27 2019, 4:41 AM

A change related to this broke CI (example):

...
Fail: incorrect exit status: 1, expected: 0
stdout:

stderr:
geli: The 3DES-CBC encryption algorithm is deprecated.

I'm looking through to figure out what exactly caused this.

CC: @lwhsu

lwhsu added a subscriber: ygy.May 27 2019, 5:03 AM
In D20344#440836, @ngie wrote:

A change related to this broke CI (example):

...
Fail: incorrect exit status: 1, expected: 0
stdout:
stderr:
geli: The 3DES-CBC encryption algorithm is deprecated.

I'm looking through to figure out what exactly caused this.
CC: @lwhsu

It's because these algorithms are deprecated so it returns error on 13 and later, and sends a warning message to stderr, which mismatches the expected results. I think it's not urgent for now and I'm waiting @ygy to fix it as an exercise in the test code. If it takes too long, I'll remove tests of these algorithms first.