projects / paraslash.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 9090ef9 dbf829a)
Merge branch 'refs/heads/t/rm_rc4'
authorAndre Noll <maan@tuebingen.mpg.de>
Sun, 16 Apr 2017 18:15:35 +0000 (20:15 +0200)
committerAndre Noll <maan@tuebingen.mpg.de>
Sun, 16 Apr 2017 18:17:20 +0000 (20:17 +0200)
This patch removes support for RC4, making the AES-based stream
cipher mandadory. The aes_ctr128 server feature is made a no-op,
breaking support with very old clients (<= 0.5.1).

Cooking for three months.

* refs/heads/t/rm_rc4:
  crypt: Remove RC4 support.

1  2 
NEWS.md patch | diff1 | diff2 | blob | history
crypt.c patch | diff1 | diff2 | blob | history
crypt.h patch | diff1 | diff2 | blob | history
gcrypt.c patch | diff1 | diff2 | blob | history
web/manual.md patch | diff1 | diff2 | blob | history

diff --cc NEWS.md
index fb6665293bbd45acc8a1cf892f4773e7c0d86156,d9326db76cfa80b50a8a268fef1b29f966cdeb09..08acd22cbc81adeee24d88f784d813207ff47b63
--- 1/NEWS.md
--- 2/NEWS.md
+++ b/NEWS.md
@@@ -1,22 -1,6 +1,25 @@@
  NEWS
  ====
  
 +------------------------------------
 +0.6.0 (to be announced) "fuzzy flux"
 +------------------------------------
 +- Support for Mac OS X has been removed.
 +- On Linux systems, glibc-2.17 or newer is required to build the
 +  source tree.
 +- Support for RSA public keys in ASN format (as generated by openssl
 +  genrsa) has been removed. These keys have been deprecated since
 +  2011, so users should have long switched to keys generated with
 +  ssh-keygen(1).
 +- If libgcrypt is used as the crypto library, we now require version
 +  1.5.0 (released in 2011) or later.
++- The insecure RC4 stream cipher has been removed. It was superseded
++  by aes_ctr128 three years ago but the RC4 code had been kept for
++  backwards compatibility.
 +
 +Downloads:
 +[tarball](./releases/paraslash-git.tar.bz2),
 +
  -------------------------------------
  0.5.7 (2016-12-31) "semantic density"
  -------------------------------------
diff --cc crypt.c
Simple merge
diff --cc crypt.h
Simple merge
diff --cc gcrypt.c
Simple merge
diff --cc web/manual.md
Simple merge
paraslash - network audio streaming tools