freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-26 16:16:31 -06:00

History

Alexander Bokovoy 6907a0cef7 ipasam: do not use RC4 in FIPS mode When creating Kerberos keys for trusted domain object account, ipasam module requests to generate keys using a series of well-known encryption types. In FIPS mode it is not possible to generate RC4-HMAC key: MIT Kerberos is using openssl crypto backend and openssl does not allow use of RC4 in FIPS mode. Thus, we have to filter out RC4-HMAC encryption type when running in FIPS mode. A side-effect is that a trust to Active Directory running with Windows Server 2003 will not be possible anymore in FIPS mode. Resolves: https://pagure.io/freeipa/issue/7659 Reviewed-By: Robbie Harwood <rharwood@redhat.com>		2018-08-13 14:42:16 +02:00
..
dnssec	Have all the scripts run in python 3 by default	2018-02-15 18:43:12 +01:00
ipa-kdb	Silence GCC warning in ipa-kdb	2018-02-23 14:38:20 +01:00
ipa-otpd	Cleanup shebang and executable bit	2018-07-05 19:46:42 +02:00
ipa-sam	ipasam: do not use RC4 in FIPS mode	2018-08-13 14:42:16 +02:00
ipa-slapi-plugins	Move fips_enabled to a common library to share across different plugins	2018-08-13 14:42:16 +02:00
ipa-version.h.in	Build: move version handling from Makefile to configure	2016-11-09 13:08:32 +01:00
Makefile.am	Build: properly integrate ipa-version.h.in into build system	2016-11-29 15:28:24 +01:00