HomeFreeBSD
Diffusion FreeBSD src repository c2fd516f3a41

Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.
c2fd516f3a41
Actions

Description

Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.

All of these algorithms are either explicitly marked MUST NOT, or they
are implicitly MUST NOTs by virtue of not being included in IETF's
list of protocols at all despite having assignments from IANA.

Specifically, this adds warnings for the following ciphers:

  • des-cbc
  • blowfish-cbc
  • cast128-cbc
  • des-deriv
  • des-32iv
  • camellia-cbc

Warnings for the following authentication algorithms are also added:

  • hmac-md5
  • keyed-md5
  • keyed-sha1
  • hmac-ripemd160

Reviewed by: cem, gnn
MFC after: 3 days
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D20340

Details

Provenance
jhbAuthored on May 23 2019, 10:06 PM
Parents
rGfdb9b7af980b: Remove yet another unused variable.
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (2)

PathSize
sys/
netipsec/

rGc2fd516f3a41

View Options

sys/netipsec/xform_ah.c

Loading...
View Options

sys/netipsec/xform_esp.c

Loading...