On Fri, 15 Aug 2025 14:50:09 -0700 Eric Biggers wrote:

quoted

quoted

It'd be great to get an ack / review from SCTP maintainers, otherwise
we'll apply by Monday..  

Other than that, LGTM.
Sorry for the late reply, I was running some SCTP-auth related tests
against the patchset.  

Ideally we'd just fail the write and remove the last mentions of md5 and
sha1 from the code.  But I'm concerned there could be a case where
userspace is enabling cookie authentication by setting
cookie_hmac_alg=md5 or cookie_hmac_alg=sha1, and by just failing the
write the system would end up with cookie authentication not enabled.

It would have been nice if this sysctl had just been a boolean toggle.

A deprecation warning might be a good idea.  How about the following on
top of this patch:

No strong opinion but I find the deprecation warnings futile.
Chances are we'll be printing this until the end of time.
Either someone hard-cares and we'll need to revert, or nobody
does and we can deprecate today.