freeipa

Clone
Source Code
GIT

#8111 [FIPS] Don't add camellia KRB5 encsalttypes in FIPS mode
Closed: fixed 4 years ago by rcritten. Opened 4 years ago by cheimes.

Closed: fixed
Reopen Issue

install/share/kerberos.ldif does not install camellia encsalttypes in FIPS mode. The lines are disables with a conditional comment. But install/updates/50-krbenctypes.update is missing the same conditional. An update may install camellia based algorithms in FIPS mode.

Metadata Update from @cheimes:
- Issue assigned to cheimes
4 years ago

Metadata Update from @cheimes:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/3846
4 years ago

Metadata Update from @cheimes:
- Issue tagged with: fips
4 years ago

Metadata Update from @rcritten:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1768959
4 years ago

Issue linked to Bugzilla: Bug 1768959

master:

  • bc56642 Block camellia in krbenctypes update in FIPS
  • 560acf3 Skip commented lines after substitution

ipa-4-8:

  • 9023033 Block camellia in krbenctypes update in FIPS
  • 6ab306a Skip commented lines after substitution

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
4 years ago

Login to comment on this ticket.

Metadata

fips

None
None
None
None
None
None
None
None
None
None
None
None
https://github.com/freeipa/freeipa/pull/3846
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1768959
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.