projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 067fb11) | patch
SUNRPC: Add build option to disable support for insecure enctypes
authorChuck Lever <chuck.lever@oracle.com>
Mon, 11 Feb 2019 16:24:43 +0000 (11:24 -0500)
committerAnna Schumaker <Anna.Schumaker@Netapp.com>
Wed, 13 Feb 2019 18:33:12 +0000 (13:33 -0500)
commitfe9a270519c72bccb3af524db7ea6c7b67700d50
treec3a0026af4b4f69ed5880fd508c3e776870f92abtree | snapshot
parent067fb11b12af1448f7bbcacca41e470cb775e9facommit | diff
SUNRPC: Add build option to disable support for insecure enctypes

Enable distributions to enforce the rejection of ancient and
insecure Kerberos enctypes in the kernel's RPCSEC_GSS
implementation. These are the single-DES encryption types that
were deprecated in 2012 by RFC 6649.

Enctypes that were deprecated more recently (by RFC 8429) remain
fully supported for now because they are still likely to be widely
used.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Acked-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
include/linux/sunrpc/gss_krb5_enctypes.h diff | blob | history
net/sunrpc/Kconfig diff | blob | history
net/sunrpc/auth_gss/gss_krb5_mech.c diff | blob | history
MicroBlaze GIT Repository