Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp33056pxb;
        Wed, 18 Aug 2021 15:10:49 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwrZ51DmJNgE41Z0Qkzy9DZR0R5Tfw3KW894Hic9wqmvhglD3M6eTe8uTg5L5Q1uo6vCpwJ
X-Received: by 2002:a05:6e02:1bc5:: with SMTP id x5mr7814791ilv.167.1629324648816;
        Wed, 18 Aug 2021 15:10:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1629324648; cv=none;
        d=google.com; s=arc-20160816;
        b=JBj0LCED3VG8hMS10BsC+/I6h3GJKQ4yu4MMO/wW/m/qN0U+F20kzMjAOIqmrcp/jT
         ncn/qNzMroDUWOtfijrLnn5qpRDtD1prBvVzWj9YntFhlbzHjTHxMZC1DzYBxqnX2uUi
         QgzCz/gTkLW5jEL6T+t8b3bhLy7rwJqyUnKPxCQqf590CTCD3YvtzU3PwABVKf348E5u
         EVsNUP57SG6wpO4ivmYAcRNcI8jC+ZqvMzznn609aKGqv9IZIs8XGiefc6NywxJjLpD2
         efQzCxURDluzhaq4O7c9KMGQGTalxEUv6u7QiZY4fZ846IU2jZhrJMi0JCeZo78g0JrP
         5zOQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=b4g4SEhAddpkGw+mNPm/hbqxy4/sjK3Z76/i6DxlUvU=;
        b=o6NVa6WzBPP00HD/yoiEHR0960OUaaOhbOxPlyNKG8suDL9wnrHgQmsVyIlXy8+dVB
         5oSDBKmiLXv67o8yfzVRSVHI9tOAzEfHxnpymiLq779Y5wyL1ekqc2dUPn3XMGPzG+af
         SzSAu8XUOQgQEwDKGacGUdaUMcw3HESPhnMQ70kztH3FT8YRF7s9AsPyJGduOqLGPo7v
         ZYUE+U56Q3m8v8RlUNEDPxuZgSZDcsKL3IlkZHtWv+vvkXhXvJk+IpAfhkp3S/8rlbOu
         JtZuTGbwnPKc3ruU6xVzOtyf0jmMtyT/JwdCYojVPLNyZAHab2D8iytWPpHokazxIKn1
         UJkA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b="IK1M/XGJ";
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id q17si980096iow.102.2021.08.18.15.10.36;
        Wed, 18 Aug 2021 15:10:48 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b="IK1M/XGJ";
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234362AbhHRWLB (ORCPT <rfc822;will.sands.v@gmail.com>
        + 99 others); Wed, 18 Aug 2021 18:11:01 -0400
Received: from mail.kernel.org ([198.145.29.99]:47320 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S234121AbhHRWLA (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Wed, 18 Aug 2021 18:11:00 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 8A75161104;
        Wed, 18 Aug 2021 22:10:25 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1629324625;
        bh=sDBzNw75J5/eNBK4sO+1Vj5AeZa+B85FYHSELHvSFEM=;
        h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
        b=IK1M/XGJVpyZM5kqE4KeFWxMdfgiKj29X5qURIIv7L3TinJNhB15kvxeWQK3IaGFJ
         tkOKq1fZy7FAZDfoHmttdJefBjCjgEeAPnm3kpSb7BrGWcG5+Q5aQwObfDcZOdGIhK
         GWy/TOAdxPcQSV0dcU2BPwGMPhKJ13qh3xfaI1odeknxEee0HE7exRPkVEig7MErBR
         9b5+20Xi+ooOZ0VHHO/rYl5bdO912tx0z48zmUpFd8qQOrQ796BmTG87n9xpyKq4uZ
         FiTFbWo4f8/3TD9R7r2YrVzWRFMgPS/kEgVTgXeTM0peWAxBX4OESHJqZbJfYfh4Qy
         bXEuvQ1l3x3xw==
Received: by mail-oo1-f48.google.com with SMTP id z3-20020a4a98430000b029025f4693434bso1190453ooi.3;
        Wed, 18 Aug 2021 15:10:25 -0700 (PDT)
X-Gm-Message-State: AOAM533fL/HYZLjUtcIlvCWTgT3D2xu/HCP9W4MGrFTLpFUfIE/io/KZ
        CM3LA62Bba1kYIdnsisf0JtRnbzOnE2KCY3q8ts=
X-Received: by 2002:a4a:dfac:: with SMTP id k12mr8612844ook.41.1629324624922;
 Wed, 18 Aug 2021 15:10:24 -0700 (PDT)
MIME-Version: 1.0
References: <20210818144617.110061-1-ardb@kernel.org> <946591db-36aa-23db-a5c4-808546eab762@gmail.com>
 <CAMj1kXEjHojAZ0_DPkogHAbmS6XAOFN3t8-4VB0+zN8ruTPVCg@mail.gmail.com> <24606605-71ae-f918-b71a-480be7d68e43@gmail.com>
In-Reply-To: <24606605-71ae-f918-b71a-480be7d68e43@gmail.com>
From:   Ard Biesheuvel <ardb@kernel.org>
Date:   Thu, 19 Aug 2021 00:10:13 +0200
X-Gmail-Original-Message-ID: <CAMj1kXEO8PwLfT8uAYgeFF7T3TznWz4E=R1JArvCdKXk8qiAMQ@mail.gmail.com>
Message-ID: <CAMj1kXEO8PwLfT8uAYgeFF7T3TznWz4E=R1JArvCdKXk8qiAMQ@mail.gmail.com>
Subject: Re: [PATCH 0/2] crypto: remove MD4 generic shash
To:     Denis Kenzior <denkenz@gmail.com>
Cc:     Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Eric Biggers <ebiggers@kernel.org>,
        ronnie sahlberg <ronniesahlberg@gmail.com>,
        linux-cifs <linux-cifs@vger.kernel.org>,
        Steve French <sfrench@samba.org>,
        David Howells <dhowells@redhat.com>, keyrings@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Wed, 18 Aug 2021 at 18:23, Denis Kenzior <denkenz@gmail.com> wrote:
>
> Hi Ard,
>
> >>   The previous ARC4 removal
> >> already caused some headaches [0].
> >
> > This is the first time this has been reported on an upstream kernel list.
> >
> > As you know, I went out of my way to ensure that this removal would
> > happen as smoothly as possible, which is why I contributed code to
> > both iwd and libell beforehand, and worked with distros to ensure that
> > the updated versions would land before the removal of ARC4 from the
> > kernel.
> >
> > It is unfortunate that one of the distros failed to take that into
> > account for the backport of a newer kernel to an older distro release,
> > but I don't think it is fair to blame that on the process.
>
> Please don't misunderstand, I don't blame you at all.  I was in favor of ARC4
> removal since the kernel AF_ALG implementation was broken and the ell
> implementation had to work around that.  And you went the extra mile to make
> sure the migration was smooth.  The reported bug is still a fairly minor
> inconvenience in the grand scheme of things.
>
> But, I'm not in favor of doing the same for MD4...
>

Fair enough.

> >
> >>   Please note that iwd does use MD4 for MSCHAP
> >> and MSCHAPv2 based 802.1X authentication.
> >>
> >
> > Thanks for reporting that.
> >
> > So what is your timeline for retaining MD4 support in iwd? You are
> > aware that it has been broken since 1991, right? Please, consider
> > having a deprecation path, so we can at least agree on *some* point in
> > time (in 6 months, in 6 years, etc) where we can start culling this
> > junk.
> >
>
> That is not something that iwd has any control over though?  We have to support
> it for as long as there are  organizations using TTLS + MD5 or PEAPv0.  There
> are still surprisingly many today.
>

Does that code rely on MD4 as well?