From b10a0accee709a5efff2fadf0b0bbb79ff0ad759 Mon Sep 17 00:00:00 2001 From: Zack Weinberg Date: Fri, 29 Jun 2018 16:53:18 +0200 Subject: Disallow use of DES encryption functions in new programs. The functions encrypt, setkey, encrypt_r, setkey_r, cbc_crypt, ecb_crypt, and des_setparity should not be used in new programs, because they use the DES block cipher, which is unacceptably weak by modern standards. Demote all of them to compatibility symbols, and remove their prototypes from installed headers. cbc_crypt, ecb_crypt, and des_setparity were already compat symbols when glibc was configured with --disable-obsolete-rpc. POSIX requires encrypt and setkey to be available when _XOPEN_CRYPT is defined, so this change also removes the definition of X_OPEN_CRYPT from . The entire "DES Encryption" section is dropped from the manual, as is the mention of AUTH_DES and FIPS 140-2 in the introduction to crypt.texi. The documentation of 'memfrob' cross-referenced the DES Encryption section, which is replaced by a hyperlink to libgcrypt, and while I was in there I spruced up the actual documentation of 'memfrob' and 'strfry' a little. It's still fairly jokey, because those functions _are_ jokes, but they do also have real use cases, so people trying to use them for real should have all the information they need. DES-based authentication for Sun RPC is also insecure and should be deprecated or even removed, but maybe that can be left as TI-RPC's problem. --- NEWS | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'NEWS') diff --git a/NEWS b/NEWS index d1de6830a1..ebe63a2f40 100644 --- a/NEWS +++ b/NEWS @@ -116,6 +116,23 @@ Deprecated and removed features, and other changes affecting compatibility: fcntl and LFS support is handled transparently. Also for Linux, the OFD locks act as a cancellation entrypoint. +* The obsolete functions encrypt, encrypt_r, setkey, setkey_r, cbc_crypt, + ecb_crypt, and des_setparity are no longer available to newly linked + binaries, and the headers and are no + longer installed. These functions encrypted and decrypted data with the + DES block cipher, which is no longer considered secure. Software that + still uses these functions should switch to a modern cryptography library, + such as libgcrypt. + +* Reflecting the removal of the encrypt and setkey functions above, the + macro _XOPEN_CRYPT is no longer defined. As a consequence, the crypt + function is no longer declared unless _DEFAULT_SOURCE or _GNU_SOURCE is + enabled. + +* The obsolete function fcrypt is no longer available to newly linked + binaries. It was just another name for the standard function crypt, + and it has not appeared in any header file in many years. + Changes to build and runtime requirements: [Add changes to build and runtime requirements here] -- cgit v1.2.3