Site Navigation

Date:      Thu, 23 May 2019 17:51:28 -0700 (PDT)
From:      "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
To:        John Baldwin <jhb@freebsd.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r348205 - head/sys/netipsec
Message-ID:  <201905240051.x4O0pSI3093116@gndrsh.dnsmgr.net>
In-Reply-To: <201905232206.x4NM6vQt085245@repo.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

> Author: jhb
> Date: Thu May 23 22:06:57 2019
> New Revision: 348205
> URL: https://svnweb.freebsd.org/changeset/base/348205
> 
> Log:
>   Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.
>   
>   All of these algorithms are either explicitly marked MUST NOT, or they
>   are implicitly MUST NOTs by virtue of not being included in IETF's
>   list of protocols at all despite having assignments from IANA.

Can you provide me these specific ones and I'll investigate
the Ietf datatracker and IANA documents and see if I can
get the long story.  Ie what IANA assignments are you refering
to that do not appear in RFC, it may simply be the case there
is a final RFC that says "new foo are assigned numbers by IANA
and no RFC is needed"   That is how port numbers and other
such things just are, there is not a RFC for everything!


>   Specifically, this adds warnings for the following ciphers:
>   - des-cbc
>   - blowfish-cbc
>   - cast128-cbc
>   - des-deriv
>   - des-32iv
>   - camellia-cbc
>   
>   Warnings for the following authentication algorithms are also added:
>   - hmac-md5
>   - keyed-md5
>   - keyed-sha1
>   - hmac-ripemd160
>   
>   Reviewed by:	cem, gnn
>   MFC after:	3 days
>   Sponsored by:	Chelsio Communications
>   Differential Revision:	https://reviews.freebsd.org/D20340
> 
> Modified:
>   head/sys/netipsec/xform_ah.c
>   head/sys/netipsec/xform_esp.c
> 
> Modified: head/sys/netipsec/xform_ah.c
> ==============================================================================
> --- head/sys/netipsec/xform_ah.c	Thu May 23 22:01:05 2019	(r348204)
> +++ head/sys/netipsec/xform_ah.c	Thu May 23 22:06:57 2019	(r348205)
> @@ -108,6 +108,8 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_ah, IPSECCTL_STATS, sta
>  #endif
>  
>  static unsigned char ipseczeroes[256];	/* larger than an ip6 extension hdr */
> +static struct timeval md5warn, ripewarn, kpdkmd5warn, kpdksha1warn;
> +static struct timeval warninterval = { .tv_sec = 1, .tv_usec = 0 };
>  
>  static int ah_input_cb(struct cryptop*);
>  static int ah_output_cb(struct cryptop*);
> @@ -184,6 +186,26 @@ ah_init0(struct secasvar *sav, struct xformsw *xsp, st
>  			__func__, sav->alg_auth));
>  		return EINVAL;
>  	}
> +
> +	switch (sav->alg_auth) {
> +	case SADB_AALG_MD5HMAC:
> +		if (ratecheck(&md5warn, &warninterval))
> +			gone_in(13, "MD5-HMAC authenticator for IPsec");
> +		break;
> +	case SADB_X_AALG_RIPEMD160HMAC:
> +		if (ratecheck(&ripewarn, &warninterval))
> +			gone_in(13, "RIPEMD160-HMAC authenticator for IPsec");
> +		break;
> +	case SADB_X_AALG_MD5:
> +		if (ratecheck(&kpdkmd5warn, &warninterval))
> +			gone_in(13, "Keyed-MD5 authenticator for IPsec");
> +		break;
> +	case SADB_X_AALG_SHA:
> +		if (ratecheck(&kpdksha1warn, &warninterval))
> +			gone_in(13, "Keyed-SHA1 authenticator for IPsec");
> +		break;
> +	}
> +
>  	/*
>  	 * Verify the replay state block allocation is consistent with
>  	 * the protocol type.  We check here so we can make assumptions
> 
> Modified: head/sys/netipsec/xform_esp.c
> ==============================================================================
> --- head/sys/netipsec/xform_esp.c	Thu May 23 22:01:05 2019	(r348204)
> +++ head/sys/netipsec/xform_esp.c	Thu May 23 22:06:57 2019	(r348205)
> @@ -94,6 +94,9 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_esp, IPSECCTL_STATS, st
>      struct espstat, espstat,
>      "ESP statistics (struct espstat, netipsec/esp_var.h");
>  
> +static struct timeval deswarn, blfwarn, castwarn, camelliawarn;
> +static struct timeval warninterval = { .tv_sec = 1, .tv_usec = 0 };
> +
>  static int esp_input_cb(struct cryptop *op);
>  static int esp_output_cb(struct cryptop *crp);
>  
> @@ -156,6 +159,26 @@ esp_init(struct secasvar *sav, struct xformsw *xsp)
>  			__func__));
>  		return EINVAL;
>  	}
> +
> +	switch (sav->alg_enc) {
> +	case SADB_EALG_DESCBC:
> +		if (ratecheck(&deswarn, &warninterval))
> +			gone_in(13, "DES cipher for IPsec");
> +		break;
> +	case SADB_X_EALG_BLOWFISHCBC:
> +		if (ratecheck(&blfwarn, &warninterval))
> +			gone_in(13, "Blowfish cipher for IPsec");
> +		break;
> +	case SADB_X_EALG_CAST128CBC:
> +		if (ratecheck(&castwarn, &warninterval))
> +			gone_in(13, "CAST cipher for IPsec");
> +		break;
> +	case SADB_X_EALG_CAMELLIACBC:
> +		if (ratecheck(&camelliawarn, &warninterval))
> +			gone_in(13, "Camellia cipher for IPsec");
> +		break;
> +	}
> +
>  	/* subtract off the salt, RFC4106, 8.1 and RFC3686, 5.1 */
>  	keylen = _KEYLEN(sav->key_enc) - SAV_ISCTRORGCM(sav) * 4;
>  	if (txform->minkey > keylen || keylen > txform->maxkey) {
> 
> 

-- 
Rod Grimes                                                 rgrimes@freebsd.org

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201905240051.x4O0pSI3093116>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact