Date: Fri, 18 Feb 2011 13:21:31 +0000 (UTC) From: VANHULLEBUS Yvan <vanhu@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r218796 - head Message-ID: <201102181321.p1IDLVU6059065@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: vanhu Date: Fri Feb 18 13:21:30 2011 New Revision: 218796 URL: http://svn.freebsd.org/changeset/base/218796 Log: Moved the general note about FreeBSD 9.x at the beginning of the list. Modified: head/UPDATING Modified: head/UPDATING ============================================================================== --- head/UPDATING Fri Feb 18 09:47:58 2011 (r218795) +++ head/UPDATING Fri Feb 18 13:21:30 2011 (r218796) @@ -9,16 +9,6 @@ handbook. Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. -20110218: - IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868 - compliant, and will now use half of hash for authentication. - This will break interoperability with all stacks (including all - actual FreeBSD versions) who implement - draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for - authentication). - The only workaround with such peers is to use another HMAC - algorithm for IPsec ("phase 2") authentication. - NOTE TO PEOPLE WHO THINK THAT FreeBSD 9.x IS SLOW: FreeBSD 9.x has many debugging features turned on, in both the kernel and userland. These features attempt to detect incorrect use of @@ -32,6 +22,16 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 9. machines to maximize performance. (To disable malloc debugging, run ln -s aj /etc/malloc.conf.) +20110218: + IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868 + compliant, and will now use half of hash for authentication. + This will break interoperability with all stacks (including all + actual FreeBSD versions) who implement + draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for + authentication). + The only workaround with such peers is to use another HMAC + algorithm for IPsec ("phase 2") authentication. + 20110207: Remove the uio_yield prototype and symbol. This function has been misnamed since it was introduced and should not be
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201102181321.p1IDLVU6059065>