IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Block camellia in krbenctypes update in FIPS

Browse Source 
Add FIPS conditional to updates to prevent updater from adding camellia
encsalttypes.

Fixes: https://pagure.io/freeipa/issue/8111
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
Christian Heimes
2019-11-04 10:08:33 +01:00
committed by Rob Crittenden
parent f16c08b7d6
commit bc56642bf9
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
install/updates/50-krbenctypes.update
View File

@@ -1,8 +1,8 @@
dn: cn=$REALM,cn=kerberos,$SUFFIX
add: krbSupportedEncSaltTypes: camellia128-cts-cmac:normal
add: krbSupportedEncSaltTypes: camellia128-cts-cmac:special
add: krbSupportedEncSaltTypes: camellia256-cts-cmac:normal
add: krbSupportedEncSaltTypes: camellia256-cts-cmac:special
${FIPS}add: krbSupportedEncSaltTypes: camellia128-cts-cmac:normal
${FIPS}add: krbSupportedEncSaltTypes: camellia128-cts-cmac:special
${FIPS}add: krbSupportedEncSaltTypes: camellia256-cts-cmac:normal
${FIPS}add: krbSupportedEncSaltTypes: camellia256-cts-cmac:special
add: krbSupportedEncSaltTypes: aes128-sha2:normal
add: krbSupportedEncSaltTypes: aes128-sha2:special
add: krbSupportedEncSaltTypes: aes256-sha2:normal