mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-24 11:25:43 +00:00
a40cf7530d
Fill in entries in the supported_gss_krb5_enctypes array for the encryption types defined in RFC 8009. These new enctypes use the SHA-256 and SHA-384 message digest algorithms (as defined in FIPS-180) instead of the deprecated SHA-1 algorithm, and are thus more secure. Note that NIST has scheduled SHA-1 for deprecation: https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm Thus these new encryption types are placed under a separate CONFIG option to enable distributors to separately introduce support for the AES-SHA2 enctypes and deprecate support for the current set of AES-SHA1 encryption types as their user space allows. As this implementation is still a "beta", the default is to not build it automatically. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> |
||
---|---|---|
.. | ||
addr.h | ||
auth.h | ||
auth_gss.h | ||
bc_xprt.h | ||
cache.h | ||
clnt.h | ||
debug.h | ||
gss_api.h | ||
gss_asn1.h | ||
gss_err.h | ||
gss_krb5.h | ||
metrics.h | ||
msg_prot.h | ||
rpc_pipe_fs.h | ||
rpc_rdma.h | ||
rpc_rdma_cid.h | ||
sched.h | ||
stats.h | ||
svc.h | ||
svc_rdma.h | ||
svc_rdma_pcl.h | ||
svc_xprt.h | ||
svcauth.h | ||
svcauth_gss.h | ||
svcsock.h | ||
timer.h | ||
types.h | ||
xdr.h | ||
xprt.h | ||
xprtmultipath.h | ||
xprtrdma.h | ||
xprtsock.h |