svn commit: r359945 - in head: lib/geom/eli sys/geom/eli
John Baldwin
jhb at FreeBSD.org
Wed Apr 15 15:39:52 UTC 2020
On 4/14/20 5:22 PM, Alan Somers wrote:
> On Tue, Apr 14, 2020 at 6:15 PM John Baldwin <jhb at freebsd.org> wrote:
>
>> Author: jhb
>> Date: Wed Apr 15 00:14:50 2020
>> New Revision: 359945
>> URL: https://svnweb.freebsd.org/changeset/base/359945
>>
>> Log:
>> Remove support for geli(4) algorithms deprecated in r348206.
>>
>> This removes support for reading and writing volumes using the
>> following algorithms:
>>
>> - Triple DES
>> - Blowfish
>> - MD5 HMAC integrity
>>
>> In addition, this commit adds an explicit whitelist of supported
>> algorithms to give a better error message when an invalid or
>> unsupported algorithm is used by an existing volume.
>>
>> Reviewed by: cem
>> Sponsored by: Chelsio Communications
>> Differential Revision: https://reviews.freebsd.org/D24343
>>
>
> Why remove read-only support? That will make it much harder to convert old
> volumes.
The goal is to remove the actual crypto code (and drivers that only
implement old algorithms). Read-only support means you still have to
support the algorithm. 12.x already refuses to create new volumes
with these algorithms but permits access to existing ones.
--
John Baldwin
More information about the svn-src-head
mailing list