I use cgd with blowfish. I assume this is about the key padding bug? It should 
not affect me as my keys are maximum length as it is, but if a back-compatible 
patch exists, perhaps use it?

Lund


Daniel Carosone wrote:
> On Tue, Sep 09, 2003 at 12:41:33AM -0400, Todd Vierling wrote:
> 
>>[Also posted to netbsd-users and current-users, but please keep discussion
>>to tech-kern]
>>
>>For my own personal needs, I had to backport cgd(4) to run on a system that
>>runs the 1.6 branch.  Thanks to the fact that this was developed in Sep-Oct
>>2002, not terribly long after the 1.6 branchpoint, the porting job was
>>surprisingly easy:  it consisted of a bunch of pulled up revisions with a
>>very minor amount of hand tweaking.
> 
> 
> Thanks, Todd, nice to see.
> 
> Note that there is presently an "issue" in current with cgd and
> blowfish (only). The bugfix for this is known, but has not yet been
> committed, pending some testing and a decision about whether anyone
> else is using this combo. I think I may be the only one.
> 
> It requires a flag day in the kernel to change, and while it's
> possible to provide some back-compatibility (which Roland has
> written), it involves adding hair to cgdconfig(8) that is certainly
> unnecessary if it's just for me :)
> 
> Before cgd(4) is pulled up, we should fix this. The back compatibility
> issue won't be relevant to 1.6 users, unless we make it so by
> introducing the present keying code.
> 
> --
> Dan.
> 
> 

-- 
Jorgen Lundman       | <lundman@lundman.net>
Unix Administrator   | +81 (0)3 -5456-2687 ext 1017 (work)
Shibuya-ku, Tokyo    | +81 (0)90-5578-8500          (cell)
Japan                | +81 (0)3 -3375-1767          (home)