Diffusion FreeBSD src repository - subversion rS348205

Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.
rS348205
Actions

Description

Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.

All of these algorithms are either explicitly marked MUST NOT, or they
are implicitly MUST NOTs by virtue of not being included in IETF's
list of protocols at all despite having assignments from IANA.

Specifically, this adds warnings for the following ciphers:

des-cbc
blowfish-cbc
cast128-cbc
des-deriv
des-32iv
camellia-cbc

Warnings for the following authentication algorithms are also added:

hmac-md5
keyed-md5
keyed-sha1
hmac-ripemd160

Reviewed by: cem, gnn
MFC after: 3 days
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D20340

Details

Provenance

jhb	Authored on

Reviewer

cem

Differential Revision

D20340: Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.

Parents

rS348204: Remove yet another unused variable.

Branches

Unknown

Tags

Unknown

Event Timeline

jhb committed rS348205: Add deprecation warnings for IPsec algorithms deprecated in RFC 8221..May 23 2019, 10:06 PM

Changes (2)

Path

Size

head/

sys/

netipsec/

xform_ah.c

xform_esp.c

rS348205

View Options

head/sys/netipsec/xform_ah.c