On 4/14/20 5:22 PM, Alan Somers wrote: > On Tue, Apr 14, 2020 at 6:15 PM John Baldwin <j...@freebsd.org> wrote: > >> Author: jhb >> Date: Wed Apr 15 00:14:50 2020 >> New Revision: 359945 >> URL: https://svnweb.freebsd.org/changeset/base/359945 >> >> Log: >> Remove support for geli(4) algorithms deprecated in r348206. >> >> This removes support for reading and writing volumes using the >> following algorithms: >> >> - Triple DES >> - Blowfish >> - MD5 HMAC integrity >> >> In addition, this commit adds an explicit whitelist of supported >> algorithms to give a better error message when an invalid or >> unsupported algorithm is used by an existing volume. >> >> Reviewed by: cem >> Sponsored by: Chelsio Communications >> Differential Revision: https://reviews.freebsd.org/D24343 >> > > Why remove read-only support? That will make it much harder to convert old > volumes.
The goal is to remove the actual crypto code (and drivers that only implement old algorithms). Read-only support means you still have to support the algorithm. 12.x already refuses to create new volumes with these algorithms but permits access to existing ones. -- John Baldwin _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
