Issue #4580: Investigate SSF values when SASL/GSSAPI is used to authenticate to LDAP - freeipa

freeipa

#4580 Investigate SSF values when SASL/GSSAPI is used to authenticate to LDAP

Closed: duplicate 5 years ago by cheimes. Opened 9 years ago by simo.

In the past SASL/GSSAPI has used a fixed value of 56 regardless of actual algorithm in use (which could be much stronger).

We should investigate how to make SASL bubble up the actual value so that proper minssf can be set in LDAP configuration.

mkosek commented 9 years ago

We (Simo :) should try to investigate during 4.2 time frame.

mkosek commented 8 years ago

Processing leftovers from 4.2 backlog - this ticket was found as suitable for consideration in next big feature release - 4.4.

Metadata Update from @simo:
- Issue assigned to simo
- Issue set to the milestone: FreeIPA 4.5 backlog

7 years ago

Metadata Update from @cheimes:
- Issue close_status updated to: duplicate
- Issue status updated to: Closed (was: Open)

5 years ago

cheimes commented 5 years ago

The bug is more or less a duplicate of #7140.

tdudlak commented 5 years ago

master:

3509545 Require a minimum SASL security factor of 56

Metadata

Assignee

simo

Tags

None

Blocking

None

Depending on

None

Priority

low

Milestone

FreeIPA 4.5 backlog

None

affects_doc

None

source

None

knownissue

None

type

task

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#4580 Investigate SSF values when SASL/GSSAPI is used to authenticate to LDAP Closed: duplicate 5 years ago by cheimes. Opened 9 years ago by simo.

Metadata

#4580 Investigate SSF values when SASL/GSSAPI is used to authenticate to LDAP

Closed: duplicate 5 years ago by cheimes. Opened 9 years ago by simo.