svn commit: r286100 - in head/sys: net netipsec
NGie Cooper
yaneurabeya at gmail.com
Fri Jul 31 00:41:21 UTC 2015
On Thu, Jul 30, 2015 at 5:23 PM, John-Mark Gurney <jmg at freebsd.org> wrote:
> Author: jmg
> Date: Fri Jul 31 00:23:21 2015
> New Revision: 286100
> URL: https://svnweb.freebsd.org/changeset/base/286100
>
> Log:
> Clean up this header file...
>
> use CTASSERTs now that we have them...
>
> Replace a draft w/ RFC that's over 10 years old.
>
> Note that _AALG and _EALG do not need to match what the IKE daemons
> think they should be.. This is part of the KABI... I decided to
> renumber AESCTR, but since we've never had working AESCTR mode, I'm
> not really breaking anything.. and it shortens a loop by quite
> a bit..
>
> remove SKIPJACK IPsec support... SKIPJACK never made it out of draft
> (in 1999), only has 80bit key, NIST recommended it stop being used
> after 2010, and setkey nor any of the IKE daemons I checked supported
> it...
>
> jmgurney/ipsecgcm: a357a33, c75808b, e008669, b27b6d6
>
> Reviewed by: gnn (earlier version)
Relnotes: yes (removing SKIPJACK IPsec support + ?)
More information about the svn-src-head
mailing list