mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
639bb71940
Client connections no longer override TLS version range and ciphers by default. Instead clients use the default settings from the system's crypto policy. Minimum TLS version is now TLS 1.2. The default crypto policy on RHEL 8 sets TLS 1.2 as minimum version, while Fedora 31 sets TLS 1.0 as minimum version. The minimum version is configured with OpenSSL 1.1.1 APIs. Python 3.6 lacks the setters to override the system policy. The effective minimum version is always TLS 1.2, because FreeIPA reconfigures Apache HTTPd on Fedora. Fixes: https://pagure.io/freeipa/issue/8125 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Thomas Woerner <twoerner@redhat.com> |
||
---|---|---|
.. | ||
__init__.py | ||
authconfig.py | ||
constants.py | ||
paths.py | ||
services.py | ||
tasks.py |