On Thu, Apr 23, 2015 at 01:45:34PM +0200, Steffen Klassert wrote: > > Adding a second template for the correct implementation is > probaply the only thing that we can do if we don't want to > break backwards compatibility. But maybe we can add a warning > to the old implementation, such that users notice that they > use a broken version. If we are going to do a warning I think the place to do it would be in xfrm_algo.c. We could add an insecure/warning flag and if then print a warning if said algorithm is used. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
