freeipa

IntenseWebs/freeipa

Fork 0

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-26 17:01:14 -06:00

Commit Graph

Author	SHA1	Message	Date
Christian Heimes	90a75f0d43	Use system-wide crypto-policies on Fedora HTTPS connections from IPA framework and bind named instance now use system-wide crypto-policies on Fedora. For HTTPS the 'DEFAULT' crypto policy also includes unnecessary ciphers for PSK, SRP, aDSS and 3DES. Since these ciphers are not used by freeIPA, they are explicitly excluded. See: https://bugzilla.redhat.com/show_bug.cgi?id=1179925 See: https://bugzilla.redhat.com/show_bug.cgi?id=1179220 Fixes: https://pagure.io/freeipa/issue/4853 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>	2018-02-20 17:01:52 +01:00
Christian Heimes	1785a3e17b	Replace wsgi package conflict with config file Instead of a package conflict, freeIPA now uses an Apache config file to enforce the correct wsgi module. The workaround only applies to Fedora since it is the only platform that permits parallel installation of Python 2 and Python 3 mod_wsgi modules. RHEL 7 has only Python 2 and Debian doesn't permit installation of both variants. See: https://pagure.io/freeipa/issue/7161 Fixes: https://pagure.io/freeipa/issue/7394 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>	2018-02-09 08:28:11 +01:00
Tomas Babej	a487e42d3f	ipaplatform: Add constants submodule Introduce a ipaplatform/constants.py file to store platform related constants, which are not paths. Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Petr Spacek <pspacek@redhat.com>	2015-07-21 17:29:33 +02:00

Author

SHA1

Message

Date

Christian Heimes

90a75f0d43

Use system-wide crypto-policies on Fedora

HTTPS connections from IPA framework and bind named instance now use
system-wide crypto-policies on Fedora.

For HTTPS the 'DEFAULT' crypto policy also includes unnecessary ciphers
for PSK, SRP, aDSS and 3DES. Since these ciphers are not used by freeIPA,
they are explicitly excluded.

See: https://bugzilla.redhat.com/show_bug.cgi?id=1179925
See: https://bugzilla.redhat.com/show_bug.cgi?id=1179220
Fixes: https://pagure.io/freeipa/issue/4853
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>

2018-02-20 17:01:52 +01:00

Christian Heimes

1785a3e17b

Replace wsgi package conflict with config file

Instead of a package conflict, freeIPA now uses an Apache config file to
enforce the correct wsgi module. The workaround only applies to Fedora
since it is the only platform that permits parallel installation of
Python 2 and Python 3 mod_wsgi modules. RHEL 7 has only Python 2 and
Debian doesn't permit installation of both variants.

See: https://pagure.io/freeipa/issue/7161
Fixes: https://pagure.io/freeipa/issue/7394
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>

2018-02-09 08:28:11 +01:00

Tomas Babej

a487e42d3f

ipaplatform: Add constants submodule

Introduce a ipaplatform/constants.py file to store platform related
constants, which are not paths.

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Spacek <pspacek@redhat.com>

2015-07-21 17:29:33 +02:00

3 Commits