]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2b13873) | patch
Remove support for MD2
authorTobias Brunner <tobias@strongswan.org>
Tue, 23 Sep 2025 12:59:37 +0000 (14:59 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 23 Sep 2025 13:59:35 +0000 (15:59 +0200)
commitb3011e8e87a1fad1bfb026448fc37b80b7cfc007
tree09fbc66402b0a1b82b61884a1b668f39a75bfd6atree | snapshot
parent2b13873c0fd4e21f046f6fd654d5b62238f2f782commit | diff
Remove support for MD2

No part of IKE/IPsec or X.509 uses MD2 anymore, so there really is no
reason to still support it (unlike MD4 that is used in EAP-MSCHAPv2,
MD5 that's used in EAP-MD5, or SHA-1 that's used for e.g. NAT-D hashes).

It caused test vectors to fail on systems where OpenSSL is built with
MD2 support but has it disabled at runtime.
13 files changed:
src/libstrongswan/asn1/oid.txt diff | blob | blame | history
src/libstrongswan/credentials/containers/pkcs12.c diff | blob | blame | history
src/libstrongswan/crypto/hashers/hasher.c diff | blob | blame | history
src/libstrongswan/crypto/hashers/hasher.h diff | blob | blame | history
src/libstrongswan/crypto/xofs/xof.c diff | blob | blame | history
src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c diff | blob | blame | history
src/libstrongswan/plugins/openssl/openssl_plugin.c diff | blob | blame | history
src/libstrongswan/plugins/pkcs11/pkcs11_hasher.c diff | blob | blame | history
src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c diff | blob | blame | history
src/libstrongswan/plugins/test_vectors/Makefile.am diff | blob | blame | history
src/libstrongswan/plugins/test_vectors/test_vectors.h diff | blob | blame | history
src/libstrongswan/plugins/test_vectors/test_vectors/md2.c [deleted file] blob | blame | history
src/libstrongswan/tests/suites/test_hasher.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.