1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-11-22 07:20:00 +00:00

Remove support for IPsec algorithms deprecated in r348205 and r360202.

Examples of depecrated algorithms in manual pages and sample configs
are updated where relevant.  I removed the one example of combining
ESP and AH (vs using a cipher and auth in ESP) as RFC 8221 says this
combination is NOT RECOMMENDED.

Specifically, this removes support for the following ciphers:
- des-cbc
- 3des-cbc
- blowfish-cbc
- cast128-cbc
- des-deriv
- des-32iv
- camellia-cbc

This also removes support for the following authentication algorithms:
- hmac-md5
- keyed-md5
- keyed-sha1
- hmac-ripemd160

Reviewed by:	cem, gnn (older verisons)
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24342
This commit is contained in:
John Baldwin 2020-05-02 00:06:58 +00:00
parent 4d7e9134bb
commit 16aabb761c
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=360557
11 changed files with 53 additions and 202 deletions

View File

@ -57,22 +57,10 @@ __FBSDID("$FreeBSD$");
#include "libpfkey.h"
/* cope with old kame headers - ugly */
#ifndef SADB_X_AALG_MD5
#define SADB_X_AALG_MD5 SADB_AALG_MD5
#endif
#ifndef SADB_X_AALG_SHA
#define SADB_X_AALG_SHA SADB_AALG_SHA
#endif
#ifndef SADB_X_AALG_NULL
#define SADB_X_AALG_NULL SADB_AALG_NULL
#endif
#ifndef SADB_X_EALG_BLOWFISHCBC
#define SADB_X_EALG_BLOWFISHCBC SADB_EALG_BLOWFISHCBC
#endif
#ifndef SADB_X_EALG_CAST128CBC
#define SADB_X_EALG_CAST128CBC SADB_EALG_CAST128CBC
#endif
#ifndef SADB_X_EALG_RC5CBC
#ifdef SADB_EALG_RC5CBC
#define SADB_X_EALG_RC5CBC SADB_EALG_RC5CBC
@ -147,10 +135,7 @@ static char *str_state[] = {
static struct val2str str_alg_auth[] = {
{ SADB_AALG_NONE, "none", },
{ SADB_AALG_MD5HMAC, "hmac-md5", },
{ SADB_AALG_SHA1HMAC, "hmac-sha1", },
{ SADB_X_AALG_MD5, "md5", },
{ SADB_X_AALG_SHA, "sha", },
{ SADB_X_AALG_NULL, "null", },
{ SADB_X_AALG_TCP_MD5, "tcp-md5", },
#ifdef SADB_X_AALG_SHA2_256
@ -162,9 +147,6 @@ static struct val2str str_alg_auth[] = {
#ifdef SADB_X_AALG_SHA2_512
{ SADB_X_AALG_SHA2_512, "hmac-sha2-512", },
#endif
#ifdef SADB_X_AALG_RIPEMD160HMAC
{ SADB_X_AALG_RIPEMD160HMAC, "hmac-ripemd160", },
#endif
#ifdef SADB_X_AALG_AES_XCBC_MAC
{ SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac", },
#endif
@ -173,14 +155,10 @@ static struct val2str str_alg_auth[] = {
static struct val2str str_alg_enc[] = {
{ SADB_EALG_NONE, "none", },
{ SADB_EALG_DESCBC, "des-cbc", },
{ SADB_EALG_3DESCBC, "3des-cbc", },
{ SADB_EALG_NULL, "null", },
#ifdef SADB_X_EALG_RC5CBC
{ SADB_X_EALG_RC5CBC, "rc5-cbc", },
#endif
{ SADB_X_EALG_CAST128CBC, "cast128-cbc", },
{ SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", },
#ifdef SADB_X_EALG_RIJNDAELCBC
{ SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", },
#endif
@ -192,9 +170,6 @@ static struct val2str str_alg_enc[] = {
#endif
#ifdef SADB_X_EALG_AESGCM16
{ SADB_X_EALG_AESGCM16, "aes-gcm-16", },
#endif
#ifdef SADB_X_EALG_CAMELLIACBC
{ SADB_X_EALG_CAMELLIACBC, "camellia-cbc", },
#endif
{ -1, NULL, },
};

View File

@ -34,9 +34,9 @@
# parameters when you configure by manual keying.
# ESP transport mode is recommended for TCP port number 110 between
# Host-A and Host-B. Encryption algorithm is blowfish-cbc whose key
# is "kamekame", and authentication algorithm is hmac-sha1 whose key
# is "this is the test key".
# Host-A and Host-B. Encryption algorithm is aes-cbc whose key
# is "kamekamekamekamekamekamekamekame", and authentication algorithm is
# hmac-sha2-512 whose key is "this is the test key".
#
# ============ ESP ============
# | |
@ -50,17 +50,17 @@ spdadd fec0::11[110] fec0::10[any] tcp -P in ipsec
esp/transport//use ;
add fec0::10 fec0::11 esp 0x10001
-m transport
-E blowfish-cbc "kamekame"
-A hmac-sha1 "this is the test key" ;
-E aes-cbc "kamekamekamekamekamekamekamekame"
-A hmac-sha2-512 "this is the test key" ;
add fec0::11 fec0::10 esp 0x10002
-m transport
-E blowfish-cbc "kamekame"
-A hmac-sha1 "this is the test key" ;
-E aes-cbc "kamekamekamekamekamekamekamekame"
-A hmac-sha2-512 "this is the test key" ;
# "[any]" is wildcard of port number. Note that "[0]" is the number of
# zero in port number.
# Security protocol is old AH tunnel mode, i.e. RFC1826, with keyed-md5
# Security protocol is old AH tunnel mode, i.e. RFC1826, with hmac-sha2-256
# whose key is "this is the test" as authentication algorithm.
# That protocol takes place between Gateway-A and Gateway-B.
#
@ -76,10 +76,10 @@ spdadd 10.0.2.0/24 10.0.1.0/24 any -P in ipsec
ah/tunnel/172.16.0.2-172.16.0.1/require ;
add 172.16.0.1 172.16.0.2 ah-old 0x10003
-m any
-A keyed-md5 "this is the test" ;
-A hmac-sha2-256 "this is the test" ;
add 172.16.0.2 172.16.0.1 ah-old 0x10004
-m any
-A keyed-md5 "this is the test" ;
-A hmac-sha2-256 "this is the test" ;
# If port number field is omitted such above then "[any]" is employed.
# -m specifies the mode of SA to be used. "-m any" means wildcard of
@ -93,15 +93,15 @@ spdadd 10.0.1.0/24 10.0.2.0/24 any -P in ipsec
ah/tunnel/172.16.0.1-172.16.0.2/require ;
add 172.16.0.1 172.16.0.2 ah-old 0x10003
-m tunnel
-A keyed-md5 "this is the test" ;
-A hmac-sha2-256 "this is the test" ;
add 172.16.0.2 172.16.0.1 ah-old 0x10004
-m tunnel
-A keyed-md5 "this is the test" ;
-A hmac-sha2-256 "this is the test" ;
# AH transport mode followed by ESP tunnel mode is required between
# Gateway-A and Gateway-B.
# Encryption algorithm is 3des-cbc, and authentication algorithm for ESP
# is hmac-sha1. Authentication algorithm for AH is hmac-md5.
# Encryption algorithm is aes-cbc, and authentication algorithm for ESP
# is hmac-sha2-512. Authentication algorithm for AH is hmac-sha2-256.
#
# ========== AH =========
# | ======= ESP ===== |
@ -118,25 +118,25 @@ spdadd fec0:0:0:2::/64 fec0:0:0:1::/64 any -P in ipsec
ah/transport//require ;
add fec0:0:0:1::1 fec0:0:0:2::1 esp 0x10001
-m tunnel
-E 3des-cbc "kamekame12341234kame1234"
-A hmac-sha1 "this is the test key" ;
-E aes-cbc "kamekame12341234kamekame12341234"
-A hmac-sha2-512 "this is the test key" ;
add fec0:0:0:1::1 fec0:0:0:2::1 ah 0x10001
-m transport
-A hmac-md5 "this is the test" ;
-A hmac-sha2-256 "this is the test" ;
add fec0:0:0:2::1 fec0:0:0:1::1 esp 0x10001
-m tunnel
-E 3des-cbc "kamekame12341234kame1234"
-A hmac-sha1 "this is the test key" ;
-E aes-cbc "kamekame12341234kamekame12341234"
-A hmac-sha2-512 "this is the test key" ;
add fec0:0:0:2::1 fec0:0:0:1::1 ah 0x10001
-m transport
-A hmac-md5 "this is the test" ;
-A hmac-sha2-256 "this is the test" ;
# ESP tunnel mode is required between Host-A and Gateway-A.
# Encryption algorithm is cast128-cbc, and authentication algorithm
# for ESP is hmac-sha1.
# Encryption algorithm is aes-cbc, and authentication algorithm
# for ESP is hmac-sha2-256.
# ESP transport mode is recommended between Host-A and Host-B.
# Encryption algorithm is rc5-cbc, and authentication algorithm
# for ESP is hmac-md5.
# Encryption algorithm is aes-ctr, and authentication algorithm
# for ESP is hmac-sha2-512.
#
# ================== ESP =================
# | ======= ESP ======= |
@ -153,18 +153,18 @@ spdadd fec0:0:0:2::1[80] fec0:0:0:1::1[any] tcp -P in ipsec
esp/tunnel/fec0:0:0:2::1-fec0:0:0:1::1/require ;
add fec0:0:0:1::1 fec0:0:0:2::2 esp 0x10001
-m transport
-E cast128-cbc "12341234"
-A hmac-sha1 "this is the test key" ;
-E aes-cbc "kamekame12341234kamekame12341234"
-A hmac-sha2-256 "this is the test key" ;
add fec0:0:0:1::1 fec0:0:0:2::1 esp 0x10002
-E rc5-cbc "kamekame"
-A hmac-md5 "this is the test" ;
-E aes-ctr "kamekame12341234kamekame12341234f00f"
-A hmac-sha2-512 "this is the test" ;
add fec0:0:0:2::2 fec0:0:0:1::1 esp 0x10003
-m transport
-E cast128-cbc "12341234"
-A hmac-sha1 "this is the test key" ;
-E aes-cbc "kamekame12341234kamekame12341234"
-A hmac-sha2-256 "this is the test key" ;
add fec0:0:0:2::1 fec0:0:0:1::1 esp 0x10004
-E rc5-cbc "kamekame"
-A hmac-md5 "this is the test" ;
-E aes-ctr "kamekame12341234kamekame12341234f00f"
-A hmac-sha2-512 "this is the test" ;
# By "get" command, you can get a entry of either SP or SA.
get fec0:0:0:1::1 fec0:0:0:2::2 ah 0x10004 ;
@ -189,29 +189,14 @@ flush ah ;
# XXX
add ::1 ::1 esp 10001 -m transport -E null ;
add ::1 ::1 esp 10002 -m transport -E des-deriv "12341234" ;
add ::1 ::1 esp-old 10003 -m transport -E des-32iv "12341234" ;
add ::1 ::1 esp 10004 -m transport -E null -A null ;
add ::1 ::1 esp 10005 -m transport -E null -A hmac-md5 "1234123412341234" ;
add ::1 ::1 esp 10006 -m tunnel -E null -A hmac-sha1 "12341234123412341234" ;
add ::1 ::1 esp 10007 -m transport -E null -A keyed-md5 "1234123412341234" ;
add ::1 ::1 esp 10008 -m any -E null -A keyed-sha1 "12341234123412341234" ;
add ::1 ::1 esp 10009 -m transport -E des-cbc "testtest" ;
add ::1 ::1 esp 10010 -m transport -E 3des-cbc "testtest12341234testtest" ;
add ::1 ::1 esp 10011 -m tunnel -E cast128-cbc "testtest1234" ;
add ::1 ::1 esp 10012 -m tunnel -E blowfish-cbc "testtest1234" ;
add ::1 ::1 esp 10013 -m tunnel -E rc5-cbc "testtest1234" ;
add ::1 ::1 esp 10014 -m any -E rc5-cbc "testtest1234" ;
add ::1 ::1 esp 10015 -m transport -f zero-pad -E null ;
add ::1 ::1 esp 10016 -m tunnel -f random-pad -r 8 -lh 100 -ls 80 -E null ;
add ::1 ::1 esp 10017 -m transport -f seq-pad -f nocyclic-seq -E null ;
add ::1 ::1 esp 10018 -m transport -E null ;
#add ::1 ::1 ah 20000 -m transport -A null ;
add ::1 ::1 ah 20001 -m any -A hmac-md5 "1234123412341234";
add ::1 ::1 ah 20002 -m tunnel -A hmac-sha1 "12341234123412341234";
add ::1 ::1 ah 20003 -m transport -A keyed-md5 "1234123412341234";
add ::1 ::1 ah-old 20004 -m transport -A keyed-md5 "1234123412341234";
add ::1 ::1 ah 20005 -m transport -A keyed-sha1 "12341234123412341234";
#add ::1 ::1 ipcomp 30000 -C oui ;
add ::1 ::1 ipcomp 30001 -C deflate ;
#add ::1 ::1 ipcomp 30002 -C lzs ;

View File

@ -29,7 +29,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd April 9, 2017
.Dd May 01, 2020
.Dt SETKEY 8
.Os
.\"
@ -588,14 +588,8 @@ of the
parameter:
.Bd -literal -offset indent
algorithm keylen (bits) comment
hmac-md5 128 ah: rfc2403
128 ah-old: rfc2085
hmac-sha1 160 ah: rfc2404
160 ah-old: 128bit ICV (no document)
keyed-md5 128 ah: 96bit ICV (no document)
128 ah-old: rfc1828
keyed-sha1 160 ah: 96bit ICV (no document)
160 ah-old: 128bit ICV (no document)
null 0 to 2048 for debugging
hmac-sha2-256 256 ah: 128bit ICV (RFC4868)
256 ah-old: 128bit ICV (no document)
@ -603,8 +597,6 @@ hmac-sha2-384 384 ah: 192bit ICV (RFC4868)
384 ah-old: 128bit ICV (no document)
hmac-sha2-512 512 ah: 256bit ICV (RFC4868)
512 ah-old: 128bit ICV (no document)
hmac-ripemd160 160 ah: 96bit ICV (RFC2857)
ah-old: 128bit ICV (no document)
aes-xcbc-mac 128 ah: 96bit ICV (RFC3566)
128 ah-old: 128bit ICV (no document)
tcp-md5 8 to 640 tcp: rfc2385
@ -619,16 +611,10 @@ of the
parameter:
.Bd -literal -offset indent
algorithm keylen (bits) comment
des-cbc 64 esp-old: rfc1829, esp: rfc2405
3des-cbc 192 rfc2451
null 0 to 2048 rfc2410
blowfish-cbc 40 to 448 rfc2451
cast128-cbc 40 to 128 rfc2451
des-deriv 64 ipsec-ciph-des-derived-01
rijndael-cbc 128/192/256 rfc3602
aes-ctr 160/224/288 draft-ietf-ipsec-ciph-aes-ctr-03
aes-gcm-16 160/224/288 rfc4106
camellia-cbc 128/192/256 rfc4312
.Ed
.Pp
Note that the first 128/192/256 bits of a key for
@ -653,24 +639,17 @@ deflate rfc2394
.\"
.Sh EXAMPLES
Add an ESP SA between two IPv6 addresses using the
des-cbc encryption algorithm.
AES-GCM encryption algorithm.
.Bd -literal -offset indent
add 3ffe:501:4819::1 3ffe:501:481d::1 esp 123457
-E des-cbc 0x3ffe05014819ffff ;
-E aes-gcm-16 0x3ffe050148193ffe050148193ffe050148193ffe ;
.Pp
.Ed
.\"
Add an authentication SA between two FQDN specified hosts:
.Bd -literal -offset indent
add -6 myhost.example.com yourhost.example.com ah 123456
-A hmac-sha1 "AH SA configuration!" ;
.Pp
.Ed
Use both ESP and AH between two numerically specified hosts:
.Bd -literal -offset indent
add 10.0.11.41 10.0.11.33 esp 0x10001
-E des-cbc 0x3ffe05014819ffff
-A hmac-md5 "authentication!!" ;
-A hmac-sha2-256 "AH SA configuration!" ;
.Pp
.Ed
Get the SA information associated with first example above:

View File

@ -319,15 +319,15 @@ key_setsadbprop()
m_prop.sadb_prop_reserved[1] = 0;
m_prop.sadb_prop_reserved[2] = 0;
/* the 1st is ESP DES-CBC HMAC-MD5 */
/* the 1st is ESP AES-GCM-16 */
m_comb = (struct sadb_comb *)buf;
m_comb->sadb_comb_auth = SADB_AALG_MD5HMAC;
m_comb->sadb_comb_encrypt = SADB_EALG_DESCBC;
m_comb->sadb_comb_auth = SADB_AALG_NONE;
m_comb->sadb_comb_encrypt = SADB_X_EALG_AESGCM16;
m_comb->sadb_comb_flags = 0;
m_comb->sadb_comb_auth_minbits = 8;
m_comb->sadb_comb_auth_maxbits = 96;
m_comb->sadb_comb_encrypt_minbits = 64;
m_comb->sadb_comb_encrypt_maxbits = 64;
m_comb->sadb_comb_auth_minbits = 0;
m_comb->sadb_comb_auth_maxbits = 0;
m_comb->sadb_comb_encrypt_minbits = 128;
m_comb->sadb_comb_encrypt_maxbits = 256;
m_comb->sadb_comb_reserved = 0;
m_comb->sadb_comb_soft_allocations = 0;
m_comb->sadb_comb_hard_allocations = 0;
@ -338,15 +338,15 @@ key_setsadbprop()
m_comb->sadb_comb_soft_usetime = 0;
m_comb->sadb_comb_hard_usetime = 0;
/* the 2st is ESP 3DES-CBC and AH HMAC-SHA1 */
/* the 2nd is ESP AES-CBC and AH HMAC-SHA2-256 */
m_comb = (struct sadb_comb *)(buf + sizeof(*m_comb));
m_comb->sadb_comb_auth = SADB_AALG_SHA1HMAC;
m_comb->sadb_comb_encrypt = SADB_EALG_3DESCBC;
m_comb->sadb_comb_auth = SADB_X_AALG_SHA2_256;
m_comb->sadb_comb_encrypt = SADB_X_EALG_RIJNDAELCBC;
m_comb->sadb_comb_flags = 0;
m_comb->sadb_comb_auth_minbits = 8;
m_comb->sadb_comb_auth_maxbits = 96;
m_comb->sadb_comb_encrypt_minbits = 64;
m_comb->sadb_comb_encrypt_maxbits = 64;
m_comb->sadb_comb_auth_minbits = 256;
m_comb->sadb_comb_auth_maxbits = 256;
m_comb->sadb_comb_encrypt_minbits = 128;
m_comb->sadb_comb_encrypt_maxbits = 256;
m_comb->sadb_comb_reserved = 0;
m_comb->sadb_comb_soft_allocations = 0;
m_comb->sadb_comb_hard_allocations = 0;
@ -457,8 +457,8 @@ key_setsadbsa()
m_sa.sadb_sa_spi = htonl(0x12345678);
m_sa.sadb_sa_replay = 4;
m_sa.sadb_sa_state = 0;
m_sa.sadb_sa_auth = SADB_AALG_MD5HMAC;
m_sa.sadb_sa_encrypt = SADB_EALG_DESCBC;
m_sa.sadb_sa_auth = SADB_AALG_NONE;
m_sa.sadb_sa_encrypt = SADB_X_EALG_AESGCM16;
m_sa.sadb_sa_flags = 0;
memcpy(m_buf + m_len, &m_sa, sizeof(struct sadb_sa));

View File

@ -147,31 +147,20 @@ tcp { yylval.num = 0; return(PR_TCP); }
/* authentication alogorithm */
{hyphen}A { BEGIN S_AUTHALG; return(F_AUTH); }
<S_AUTHALG>hmac-md5 { yylval.num = SADB_AALG_MD5HMAC; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>hmac-sha1 { yylval.num = SADB_AALG_SHA1HMAC; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>keyed-md5 { yylval.num = SADB_X_AALG_MD5; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>keyed-sha1 { yylval.num = SADB_X_AALG_SHA; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>hmac-sha2-256 { yylval.num = SADB_X_AALG_SHA2_256; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>hmac-sha2-384 { yylval.num = SADB_X_AALG_SHA2_384; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>hmac-sha2-512 { yylval.num = SADB_X_AALG_SHA2_512; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>hmac-ripemd160 { yylval.num = SADB_X_AALG_RIPEMD160HMAC; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>aes-xcbc-mac { yylval.num = SADB_X_AALG_AES_XCBC_MAC; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>tcp-md5 { yylval.num = SADB_X_AALG_TCP_MD5; BEGIN INITIAL; return(ALG_AUTH); }
<S_AUTHALG>null { yylval.num = SADB_X_AALG_NULL; BEGIN INITIAL; return(ALG_AUTH_NOKEY); }
/* encryption alogorithm */
{hyphen}E { BEGIN S_ENCALG; return(F_ENC); }
<S_ENCALG>des-cbc { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>3des-cbc { yylval.num = SADB_EALG_3DESCBC; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); }
<S_ENCALG>blowfish-cbc { yylval.num = SADB_X_EALG_BLOWFISHCBC; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>cast128-cbc { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>des-deriv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); }
<S_ENCALG>des-32iv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); }
<S_ENCALG>rijndael-cbc { yylval.num = SADB_X_EALG_RIJNDAELCBC; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC_SALT); }
<S_ENCALG>camellia-cbc { yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>aes-gcm-16 { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC_SALT); }
/* compression algorithms */

View File

@ -217,11 +217,6 @@ SYSCTL_INT(_net_inet_ipsec, OID_AUTO, filtertunnel,
SYSCTL_VNET_PCPUSTAT(_net_inet_ipsec, OID_AUTO, ipsecstats, struct ipsecstat,
ipsec4stat, "IPsec IPv4 statistics.");
struct timeval ipsec_warn_interval = { .tv_sec = 1, .tv_usec = 0 };
SYSCTL_TIMEVAL_SEC(_net_inet_ipsec, OID_AUTO, crypto_warn_interval, CTLFLAG_RW,
&ipsec_warn_interval,
"Delay in seconds between warnings of deprecated IPsec crypto algorithms.");
#ifdef REGRESSION
/*
* When set to 1, IPsec will send packets with the same sequence number.

View File

@ -287,8 +287,6 @@ VNET_DECLARE(int, crypto_support);
VNET_DECLARE(int, async_crypto);
VNET_DECLARE(int, natt_cksum_policy);
extern struct timeval ipsec_warn_interval;
#define IPSECSTAT_INC(name) \
VNET_PCPUSTAT_ADD(struct ipsecstat, ipsec4stat, name, 1)
#define V_ip4_esp_trans_deflev VNET(ip4_esp_trans_deflev)

View File

@ -583,13 +583,8 @@ static struct supported_ealgs {
int sadb_alg;
const struct enc_xform *xform;
} supported_ealgs[] = {
{ SADB_EALG_DESCBC, &enc_xform_des },
{ SADB_EALG_3DESCBC, &enc_xform_3des },
{ SADB_X_EALG_AES, &enc_xform_rijndael128 },
{ SADB_X_EALG_BLOWFISHCBC, &enc_xform_blf },
{ SADB_X_EALG_CAST128CBC, &enc_xform_cast5 },
{ SADB_EALG_NULL, &enc_xform_null },
{ SADB_X_EALG_CAMELLIACBC, &enc_xform_camellia },
{ SADB_X_EALG_AESCTR, &enc_xform_aes_icm },
{ SADB_X_EALG_AESGCM16, &enc_xform_aes_nist_gcm },
{ SADB_X_EALG_AESGMAC, &enc_xform_aes_nist_gmac },
@ -600,11 +595,7 @@ static struct supported_aalgs {
const struct auth_hash *xform;
} supported_aalgs[] = {
{ SADB_X_AALG_NULL, &auth_hash_null },
{ SADB_AALG_MD5HMAC, &auth_hash_hmac_md5 },
{ SADB_AALG_SHA1HMAC, &auth_hash_hmac_sha1 },
{ SADB_X_AALG_RIPEMD160HMAC, &auth_hash_hmac_ripemd_160 },
{ SADB_X_AALG_MD5, &auth_hash_key_md5 },
{ SADB_X_AALG_SHA, &auth_hash_key_sha1 },
{ SADB_X_AALG_SHA2_256, &auth_hash_hmac_sha2_256 },
{ SADB_X_AALG_SHA2_384, &auth_hash_hmac_sha2_384 },
{ SADB_X_AALG_SHA2_512, &auth_hash_hmac_sha2_512 },
@ -6381,8 +6372,6 @@ key_getsizes_ah(const struct auth_hash *ah, int alg, u_int16_t* min,
* key size is restricted. Enforce this here.
*/
switch (alg) {
case SADB_X_AALG_MD5: *min = *max = 16; break;
case SADB_X_AALG_SHA: *min = *max = 20; break;
case SADB_X_AALG_NULL: *min = 1; *max = 256; break;
case SADB_X_AALG_SHA2_256: *min = *max = 32; break;
case SADB_X_AALG_SHA2_384: *min = *max = 48; break;
@ -6413,7 +6402,6 @@ key_getcomb_ah()
#if 1
/* we prefer HMAC algorithms, not old algorithms */
if (i != SADB_AALG_SHA1HMAC &&
i != SADB_AALG_MD5HMAC &&
i != SADB_X_AALG_SHA2_256 &&
i != SADB_X_AALG_SHA2_384 &&
i != SADB_X_AALG_SHA2_512)

View File

@ -108,7 +108,6 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_ah, IPSECCTL_STATS, stats, struct ahstat,
#endif
static unsigned char ipseczeroes[256]; /* larger than an ip6 extension hdr */
static struct timeval md5warn, ripewarn, kpdkmd5warn, kpdksha1warn;
static int ah_input_cb(struct cryptop*);
static int ah_output_cb(struct cryptop*);
@ -185,25 +184,6 @@ ah_init0(struct secasvar *sav, struct xformsw *xsp,
return EINVAL;
}
switch (sav->alg_auth) {
case SADB_AALG_MD5HMAC:
if (ratecheck(&md5warn, &ipsec_warn_interval))
gone_in(13, "MD5-HMAC authenticator for IPsec");
break;
case SADB_X_AALG_RIPEMD160HMAC:
if (ratecheck(&ripewarn, &ipsec_warn_interval))
gone_in(13, "RIPEMD160-HMAC authenticator for IPsec");
break;
case SADB_X_AALG_MD5:
if (ratecheck(&kpdkmd5warn, &ipsec_warn_interval))
gone_in(13, "Keyed-MD5 authenticator for IPsec");
break;
case SADB_X_AALG_SHA:
if (ratecheck(&kpdksha1warn, &ipsec_warn_interval))
gone_in(13, "Keyed-SHA1 authenticator for IPsec");
break;
}
/*
* Verify the replay state block allocation is consistent with
* the protocol type. We check here so we can make assumptions
@ -317,11 +297,7 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
ip->ip_tos = 0;
ip->ip_ttl = 0;
ip->ip_sum = 0;
if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK)
ip->ip_off &= htons(IP_DF);
else
ip->ip_off = htons(0);
ip->ip_off = htons(0);
ptr = mtod(m, unsigned char *);

View File

@ -94,8 +94,6 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_esp, IPSECCTL_STATS, stats,
struct espstat, espstat,
"ESP statistics (struct espstat, netipsec/esp_var.h");
static struct timeval deswarn, blfwarn, castwarn, camelliawarn, tdeswarn;
static int esp_input_cb(struct cryptop *op);
static int esp_output_cb(struct cryptop *crp);
@ -159,29 +157,6 @@ esp_init(struct secasvar *sav, struct xformsw *xsp)
return EINVAL;
}
switch (sav->alg_enc) {
case SADB_EALG_DESCBC:
if (ratecheck(&deswarn, &ipsec_warn_interval))
gone_in(13, "DES cipher for IPsec");
break;
case SADB_EALG_3DESCBC:
if (ratecheck(&tdeswarn, &ipsec_warn_interval))
gone_in(13, "3DES cipher for IPsec");
break;
case SADB_X_EALG_BLOWFISHCBC:
if (ratecheck(&blfwarn, &ipsec_warn_interval))
gone_in(13, "Blowfish cipher for IPsec");
break;
case SADB_X_EALG_CAST128CBC:
if (ratecheck(&castwarn, &ipsec_warn_interval))
gone_in(13, "CAST cipher for IPsec");
break;
case SADB_X_EALG_CAMELLIACBC:
if (ratecheck(&camelliawarn, &ipsec_warn_interval))
gone_in(13, "Camellia cipher for IPsec");
break;
}
/* subtract off the salt, RFC4106, 8.1 and RFC3686, 5.1 */
keylen = _KEYLEN(sav->key_enc) - SAV_ISCTRORGCM(sav) * 4;
if (txform->minkey > keylen || keylen > txform->maxkey) {

View File

@ -123,15 +123,11 @@ struct val2str {
static struct val2str ipsec_ahnames[] = {
{ SADB_AALG_NONE, "none", },
{ SADB_AALG_MD5HMAC, "hmac-md5", },
{ SADB_AALG_SHA1HMAC, "hmac-sha1", },
{ SADB_X_AALG_MD5, "keyed-md5", },
{ SADB_X_AALG_SHA, "keyed-sha1", },
{ SADB_X_AALG_NULL, "null", },
{ SADB_X_AALG_SHA2_256, "hmac-sha2-256", },
{ SADB_X_AALG_SHA2_384, "hmac-sha2-384", },
{ SADB_X_AALG_SHA2_512, "hmac-sha2-512", },
{ SADB_X_AALG_RIPEMD160HMAC, "hmac-ripemd160", },
{ SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac", },
{ SADB_X_AALG_TCP_MD5, "tcp-md5", },
{ SADB_X_AALG_AES128GMAC, "aes-gmac-128", },
@ -142,13 +138,8 @@ static struct val2str ipsec_ahnames[] = {
static struct val2str ipsec_espnames[] = {
{ SADB_EALG_NONE, "none", },
{ SADB_EALG_DESCBC, "des-cbc", },
{ SADB_EALG_3DESCBC, "3des-cbc", },
{ SADB_EALG_NULL, "null", },
{ SADB_X_EALG_CAST128CBC, "cast128-cbc", },
{ SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", },
{ SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", },
{ SADB_X_EALG_CAMELLIACBC, "camellia-cbc", },
{ SADB_X_EALG_AESCTR, "aes-ctr", },
{ SADB_X_EALG_AESGCM16, "aes-gcm-16", },
{ SADB_X_EALG_AESGMAC, "aes-gmac", },