CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	jhb <jhb@FreeBSD.org>
	Fri, 31 May 2019 20:26:56 +0000 (20:26 +0000)
committer	jhb <jhb@FreeBSD.org>
	Fri, 31 May 2019 20:26:56 +0000 (20:26 +0000)
commit	04a501c3f4ee2fa4ba747b9845965837361cee19
tree	40c9dc0c87784c23238e0e99a6660c1335ddbb6c	tree \| snapshot
parent	b9c9a9780120480912c334ba34caa9497d818829	commit \| diff

MFC 348205:
Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.

All of these algorithms are either explicitly marked MUST NOT, or they
are implicitly MUST NOTs by virtue of not being included in IETF's
list of protocols at all despite having assignments from IANA.

Specifically, this adds warnings for the following ciphers:
- des-cbc
- blowfish-cbc
- cast128-cbc
- des-deriv
- des-32iv
- camellia-cbc

Warnings for the following authentication algorithms are also added:
- hmac-md5
- keyed-md5
- keyed-sha1
- hmac-ripemd160

Approved by: re (gjb)

sys/netipsec/xform_ah.c		diff \| blob \| history
sys/netipsec/xform_esp.c		diff \| blob \| history