From 00a4311adc197c3518f5d60c69e00c4e80d065fd Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Thu, 4 Jun 2020 22:58:37 +0000 Subject: [PATCH] Refer to AES-CBC as "aes-cbc" rather than "rijndael-cbc" for IPsec. At this point, AES is the more common name for Rijndael128. setkey(8) will still accept the old name, and old constants remain for compatiblity. Reviewed by: cem, bcr (manpages) MFC after: 2 weeks Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D24964 --- lib/libipsec/pfkey_dump.c | 4 ++-- sbin/setkey/setkey.8 | 4 ++-- sbin/setkey/token.l | 3 ++- sys/net/pfkeyv2.h | 1 + usr.bin/netstat/ipsec.c | 2 +- 5 files changed, 8 insertions(+), 6 deletions(-) diff --git a/lib/libipsec/pfkey_dump.c b/lib/libipsec/pfkey_dump.c index a002bc459038..365f0ef833af 100644 --- a/lib/libipsec/pfkey_dump.c +++ b/lib/libipsec/pfkey_dump.c @@ -159,8 +159,8 @@ static struct val2str str_alg_enc[] = { #ifdef SADB_X_EALG_RC5CBC { SADB_X_EALG_RC5CBC, "rc5-cbc", }, #endif -#ifdef SADB_X_EALG_RIJNDAELCBC - { SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", }, +#ifdef SADB_X_EALG_AESCBC + { SADB_X_EALG_AESCBC, "aes-cbc", }, #endif #ifdef SADB_X_EALG_TWOFISHCBC { SADB_X_EALG_TWOFISHCBC, "twofish-cbc", }, diff --git a/sbin/setkey/setkey.8 b/sbin/setkey/setkey.8 index 4d72a72fe89a..0d271b84792e 100644 --- a/sbin/setkey/setkey.8 +++ b/sbin/setkey/setkey.8 @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 04, 2020 +.Dd June 4, 2020 .Dt SETKEY 8 .Os .\" @@ -612,7 +612,7 @@ parameter: .Bd -literal -offset indent algorithm keylen (bits) comment null 0 to 2048 rfc2410 -rijndael-cbc 128/192/256 rfc3602 +aes-cbc 128/192/256 rfc3602 aes-ctr 160/224/288 rfc3686 aes-gcm-16 160/224/288 rfc4106 .Ed diff --git a/sbin/setkey/token.l b/sbin/setkey/token.l index 86d10fee4532..9a0cc9ea1915 100644 --- a/sbin/setkey/token.l +++ b/sbin/setkey/token.l @@ -159,7 +159,8 @@ tcp { yylval.num = 0; return(PR_TCP); } {hyphen}E { BEGIN S_ENCALG; return(F_ENC); } null { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC); } simple { yylval.num = SADB_EALG_NULL; BEGIN INITIAL; return(ALG_ENC_OLD); } -rijndael-cbc { yylval.num = SADB_X_EALG_RIJNDAELCBC; BEGIN INITIAL; return(ALG_ENC); } +rijndael-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } +aes-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC_SALT); } aes-gcm-16 { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC_SALT); } diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h index 7bbdd577a5f5..a4c95a70588a 100644 --- a/sys/net/pfkeyv2.h +++ b/sys/net/pfkeyv2.h @@ -383,6 +383,7 @@ _Static_assert(sizeof(struct sadb_x_sa_replay) == 8, "struct size mismatch"); #define SADB_EALG_NULL 11 #define SADB_X_EALG_RIJNDAELCBC 12 #define SADB_X_EALG_AES 12 +#define SADB_X_EALG_AESCBC 12 #define SADB_X_EALG_AESCTR 13 #define SADB_X_EALG_AESGCM8 18 /* RFC4106 */ #define SADB_X_EALG_AESGCM12 19 diff --git a/usr.bin/netstat/ipsec.c b/usr.bin/netstat/ipsec.c index 679b1ce6320a..e57d7f4905b5 100644 --- a/usr.bin/netstat/ipsec.c +++ b/usr.bin/netstat/ipsec.c @@ -139,7 +139,7 @@ static struct val2str ipsec_ahnames[] = { static struct val2str ipsec_espnames[] = { { SADB_EALG_NONE, "none", }, { SADB_EALG_NULL, "null", }, - { SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", }, + { SADB_X_EALG_AESCBC, "aes-cbc", }, { SADB_X_EALG_AESCTR, "aes-ctr", }, { SADB_X_EALG_AESGCM16, "aes-gcm-16", }, { SADB_X_EALG_AESGMAC, "aes-gmac", },