mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-24 11:25:43 +00:00
a40cf7530d
Fill in entries in the supported_gss_krb5_enctypes array for the encryption types defined in RFC 8009. These new enctypes use the SHA-256 and SHA-384 message digest algorithms (as defined in FIPS-180) instead of the deprecated SHA-1 algorithm, and are thus more secure. Note that NIST has scheduled SHA-1 for deprecation: https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm Thus these new encryption types are placed under a separate CONFIG option to enable distributors to separately introduce support for the AES-SHA2 enctypes and deprecate support for the current set of AES-SHA1 encryption types as their user space allows. As this implementation is still a "beta", the default is to not build it automatically. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> |
||
|---|---|---|
| .. | ||
| addr.h | ||
| auth.h | ||
| auth_gss.h | ||
| bc_xprt.h | ||
| cache.h | ||
| clnt.h | ||
| debug.h | ||
| gss_api.h | ||
| gss_asn1.h | ||
| gss_err.h | ||
| gss_krb5.h | ||
| metrics.h | ||
| msg_prot.h | ||
| rpc_pipe_fs.h | ||
| rpc_rdma.h | ||
| rpc_rdma_cid.h | ||
| sched.h | ||
| stats.h | ||
| svc.h | ||
| svc_rdma.h | ||
| svc_rdma_pcl.h | ||
| svc_xprt.h | ||
| svcauth.h | ||
| svcauth_gss.h | ||
| svcsock.h | ||
| timer.h | ||
| types.h | ||
| xdr.h | ||
| xprt.h | ||
| xprtmultipath.h | ||
| xprtrdma.h | ||
| xprtsock.h | ||