From owner-svn-src-head@freebsd.org  Fri May 24 00:51:31 2019
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 859171591324;
 Fri, 24 May 2019 00:51:31 +0000 (UTC)
 (envelope-from freebsd@gndrsh.dnsmgr.net)
Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id DAD946BB47;
 Fri, 24 May 2019 00:51:30 +0000 (UTC)
 (envelope-from freebsd@gndrsh.dnsmgr.net)
Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1])
 by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id x4O0pS8s093117;
 Thu, 23 May 2019 17:51:28 -0700 (PDT)
 (envelope-from freebsd@gndrsh.dnsmgr.net)
Received: (from freebsd@localhost)
 by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id x4O0pSI3093116;
 Thu, 23 May 2019 17:51:28 -0700 (PDT) (envelope-from freebsd)
From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Message-Id: <201905240051.x4O0pSI3093116@gndrsh.dnsmgr.net>
Subject: Re: svn commit: r348205 - head/sys/netipsec
In-Reply-To: <201905232206.x4NM6vQt085245@repo.freebsd.org>
To: John Baldwin <jhb@freebsd.org>
Date: Thu, 23 May 2019 17:51:28 -0700 (PDT)
CC: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Reply-To: rgrimes@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL121h (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
X-Rspamd-Queue-Id: DAD946BB47
X-Spamd-Bar: ------
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-6.97 / 15.00];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_SHORT(-0.98)[-0.976,0]; REPLY(-4.00)[];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 24 May 2019 00:51:31 -0000

> Author: jhb
> Date: Thu May 23 22:06:57 2019
> New Revision: 348205
> URL: https://svnweb.freebsd.org/changeset/base/348205
> 
> Log:
>   Add deprecation warnings for IPsec algorithms deprecated in RFC 8221.
>   
>   All of these algorithms are either explicitly marked MUST NOT, or they
>   are implicitly MUST NOTs by virtue of not being included in IETF's
>   list of protocols at all despite having assignments from IANA.

Can you provide me these specific ones and I'll investigate
the Ietf datatracker and IANA documents and see if I can
get the long story.  Ie what IANA assignments are you refering
to that do not appear in RFC, it may simply be the case there
is a final RFC that says "new foo are assigned numbers by IANA
and no RFC is needed"   That is how port numbers and other
such things just are, there is not a RFC for everything!


>   Specifically, this adds warnings for the following ciphers:
>   - des-cbc
>   - blowfish-cbc
>   - cast128-cbc
>   - des-deriv
>   - des-32iv
>   - camellia-cbc
>   
>   Warnings for the following authentication algorithms are also added:
>   - hmac-md5
>   - keyed-md5
>   - keyed-sha1
>   - hmac-ripemd160
>   
>   Reviewed by:	cem, gnn
>   MFC after:	3 days
>   Sponsored by:	Chelsio Communications
>   Differential Revision:	https://reviews.freebsd.org/D20340
> 
> Modified:
>   head/sys/netipsec/xform_ah.c
>   head/sys/netipsec/xform_esp.c
> 
> Modified: head/sys/netipsec/xform_ah.c
> ==============================================================================
> --- head/sys/netipsec/xform_ah.c	Thu May 23 22:01:05 2019	(r348204)
> +++ head/sys/netipsec/xform_ah.c	Thu May 23 22:06:57 2019	(r348205)
> @@ -108,6 +108,8 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_ah, IPSECCTL_STATS, sta
>  #endif
>  
>  static unsigned char ipseczeroes[256];	/* larger than an ip6 extension hdr */
> +static struct timeval md5warn, ripewarn, kpdkmd5warn, kpdksha1warn;
> +static struct timeval warninterval = { .tv_sec = 1, .tv_usec = 0 };
>  
>  static int ah_input_cb(struct cryptop*);
>  static int ah_output_cb(struct cryptop*);
> @@ -184,6 +186,26 @@ ah_init0(struct secasvar *sav, struct xformsw *xsp, st
>  			__func__, sav->alg_auth));
>  		return EINVAL;
>  	}
> +
> +	switch (sav->alg_auth) {
> +	case SADB_AALG_MD5HMAC:
> +		if (ratecheck(&md5warn, &warninterval))
> +			gone_in(13, "MD5-HMAC authenticator for IPsec");
> +		break;
> +	case SADB_X_AALG_RIPEMD160HMAC:
> +		if (ratecheck(&ripewarn, &warninterval))
> +			gone_in(13, "RIPEMD160-HMAC authenticator for IPsec");
> +		break;
> +	case SADB_X_AALG_MD5:
> +		if (ratecheck(&kpdkmd5warn, &warninterval))
> +			gone_in(13, "Keyed-MD5 authenticator for IPsec");
> +		break;
> +	case SADB_X_AALG_SHA:
> +		if (ratecheck(&kpdksha1warn, &warninterval))
> +			gone_in(13, "Keyed-SHA1 authenticator for IPsec");
> +		break;
> +	}
> +
>  	/*
>  	 * Verify the replay state block allocation is consistent with
>  	 * the protocol type.  We check here so we can make assumptions
> 
> Modified: head/sys/netipsec/xform_esp.c
> ==============================================================================
> --- head/sys/netipsec/xform_esp.c	Thu May 23 22:01:05 2019	(r348204)
> +++ head/sys/netipsec/xform_esp.c	Thu May 23 22:06:57 2019	(r348205)
> @@ -94,6 +94,9 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_esp, IPSECCTL_STATS, st
>      struct espstat, espstat,
>      "ESP statistics (struct espstat, netipsec/esp_var.h");
>  
> +static struct timeval deswarn, blfwarn, castwarn, camelliawarn;
> +static struct timeval warninterval = { .tv_sec = 1, .tv_usec = 0 };
> +
>  static int esp_input_cb(struct cryptop *op);
>  static int esp_output_cb(struct cryptop *crp);
>  
> @@ -156,6 +159,26 @@ esp_init(struct secasvar *sav, struct xformsw *xsp)
>  			__func__));
>  		return EINVAL;
>  	}
> +
> +	switch (sav->alg_enc) {
> +	case SADB_EALG_DESCBC:
> +		if (ratecheck(&deswarn, &warninterval))
> +			gone_in(13, "DES cipher for IPsec");
> +		break;
> +	case SADB_X_EALG_BLOWFISHCBC:
> +		if (ratecheck(&blfwarn, &warninterval))
> +			gone_in(13, "Blowfish cipher for IPsec");
> +		break;
> +	case SADB_X_EALG_CAST128CBC:
> +		if (ratecheck(&castwarn, &warninterval))
> +			gone_in(13, "CAST cipher for IPsec");
> +		break;
> +	case SADB_X_EALG_CAMELLIACBC:
> +		if (ratecheck(&camelliawarn, &warninterval))
> +			gone_in(13, "Camellia cipher for IPsec");
> +		break;
> +	}
> +
>  	/* subtract off the salt, RFC4106, 8.1 and RFC3686, 5.1 */
>  	keylen = _KEYLEN(sav->key_enc) - SAV_ISCTRORGCM(sav) * 4;
>  	if (txform->minkey > keylen || keylen > txform->maxkey) {
> 
> 

-- 
Rod Grimes                                                 rgrimes@freebsd.org