In article <CAGisHBc5MxHLdt+S+=x749x1prrqisyou31lc7fpzhrzydq...@mail.gmail.com>,
Jose Luis Rodriguez Garcia <[email protected]> wrote:
>arc4 isn' t used in the kernel. I think that it must be deleted the
>directory: /usr/src/sys/crypto/arc4
>I have searched for arc4_setkey in OpenGrok and I haven't found a
>reference about its use.
>
>Doing a grep for arc4_setkey in syssrc, I have found that it is only
>used until NetBSD 3. There is
>only a reference for this function in usr/src/sys/net80211/ieee80211_crypto.c
>
>It was changed by other funtions in revision 1.7 :
>http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/net80211/ieee80211_crypto.c?only_with_tag=MAIN
>
>I was polishing the patch of Aran Clauson in gnats 47618, of the
>package mppe-lkm :
>mppe encryption for pptp (I know that it is weak cryptography, but
>better than clear text). This patch
>includes the arc4 functions.
>
>I have seen than GENERIC amd64 version 6.1.5 doesn't include the
>arc4_setkey function an friends, but in
>version 7 BETA they are included in GENERIC.
>
>The question:
>
>What must be done for NetBSD 7 and current?
>
>1- Remove arc4 functions from kernel and add to the package.
>
>2- Or add ppp_mppe to the kernel and keep arc4 functions. The sources
>says that it is dual licensed: a
> similar license to the BSD 2-clause license or GPL. mppe is a bad
>encryption, but it always will be better
> than clear text.
I'd go for 2. The licenses in this code are fishy. The code in
ppp_mppe_compress.c is strikingly similar to:
http://web.mit.edu/darwin/src/modules/ppp/Drivers/PPTP/PPTP-extension/ppp_mppe.c
and yet neither of the files mentions the other. I'd say provide
a clean BSD licensed implementation of mppe_compress.c (or figure
out if any of these can be BSD licensed), and we can include it in
the kernel. If you find one already written, even better. It is
simple to do, and after all it is just a few hundred lines of code
to write.
christos
