From 17a5d5bff1df5e12899e9316f4a4364d2512a64f Mon Sep 17 00:00:00 2001
From: Florence Blanc-Renaud <flo@redhat.com>
Date: Fri, 9 Dec 2022 10:45:56 +0100
Subject: [PATCH] FIPS setup: fix typo filtering camellia encryption

The config file /var/kerberos/krb5kdc/kdc.conf is customized
during IPA server installation with a list of supported
encryption types.
In FIPS mode, camellia encryption is not supported and should
be filtered out. Because of a typo in the filtering method,
the camellia encryptions are appended while they should not.

Fix the typo (camelia vs camellia) in order to filter properly.

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
 ipaserver/install/krbinstance.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index a5eaa7b17..dc77050b9 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -282,7 +282,7 @@ class KrbInstance(service.Service):
 
         if fips_enabled:
             supported_enctypes = list(
-                filter(lambda e: not e.startswith('camelia'),
+                filter(lambda e: not e.startswith('camellia'),
                        SUPPORTED_ENCTYPES))
         else:
             supported_enctypes = SUPPORTED_ENCTYPES