rpms
/
krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity
The Kerberos network authentication system
35 Commits 9 Branches 43 Tags 7.3 MiB
Diff 100%
Go to file
Julien Rische d78e3940d1 Allow krad UDP/TCP localhost connection with FIPS 
libkrad allows to establish connections only to UNIX socket in FIPS
mode, because MD5 digest is not considered safe enough to be used for
network communication. However, FreeRadius requires connection on TCP or
UDP ports.

This commit allows TCP or UDP connections in FIPS mode if destination is
localhost.

Resolves: rhbz#2068458

Signed-off-by: Julien Rische <jrische@redhat.com>
 		2022-05-25 10:13:47 +02:00
tests RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
.gitignore Merged update from upstream sources 2021-02-18 22:21:10 +00:00
Add-APIs-for-marshalling-credentials.patch Port to OpenSSL 3 (alpha 15) 2021-05-19 19:58:33 -04:00
Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Add-configure-variable-for-default-PKCS-11-module.patch Use p11-kit as default PKCS11 module 2022-05-03 17:07:12 +02:00
Add-hostname-canonicalization-helper-to-k5test.py.patch Port to OpenSSL 3 (alpha 15) 2021-05-19 19:58:33 -04:00
Allow-kinit-with-keytab-to-defer-canonicalization.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Fix-KCM-flag-transmission-for-remove_cred.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Fix-KCM-retrieval-support-for-sssd.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch Fix KDC null deref on TGS inner body null server (CVE-2021-37750) 2021-10-20 17:08:04 +02:00
Fix-KDC-null-deref-on-bad-encrypted-challenge.patch Fix KDC null deref on bad encrypted challenge (CVE-2021-36222) 2021-07-20 14:51:15 -04:00
Fix-k5tls-module-for-OpenSSL-3.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Fix-kadmin-k-with-fallback-or-referral-realm.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Fix-softpkcs11-build-issues-with-openssl-3.0.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Fix-some-principal-realm-canonicalization-cases.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Handle-OpenSSL-3-s-providers.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Make-KCM-iteration-fallback-work-with-sssd-kcm.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Move-some-dejagnu-kadmin-tests-to-Python-tests.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Support-host-based-GSS-initiator-names.patch Port to OpenSSL 3 (alpha 15) 2021-05-19 19:58:33 -04:00
Try-harder-to-avoid-password-change-replay-errors.patch Try harder to avoid password change replay errors 2022-04-26 15:32:34 +02:00
Use-KCM_OP_RETRIEVE-in-KCM-client.patch Update OpenSSL 3 provider handling to clean up properly 2021-07-14 16:32:30 -04:00
Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch Do not block KRB5KDF and MD4/5 in FIPS mode 2022-02-28 14:19:37 +01:00
Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch Sync openssl3 patches with upstream 2021-06-21 13:24:29 -04:00
Use-SHA256-instead-of-SHA1-for-PKINIT-CMS-digest.patch Use SHA-256 instead of SHA-1 for PKINIT CMS digest 2022-03-16 17:49:06 +01:00
downstream-Allow-krad-TCP-connection-to-localhost-with-FIPS.patch Allow krad UDP/TCP localhost connection with FIPS 2022-05-25 10:13:47 +02:00
downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch Do not block KRB5KDF and MD4/5 in FIPS mode 2022-02-28 14:19:37 +01:00
downstream-Remove-3des-support.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-SELinux-integration.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-Use-newly-enforced-dejagnu-path-naming-convention.patch Fix global dejagnu test suite 2022-04-11 12:03:13 +02:00
downstream-fix-debuginfo-with-y.tab.c.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-ksu-pam-integration.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
downstream-netlib-and-dns.patch Merged update from upstream sources 2021-02-18 22:21:10 +00:00
gating.yaml Add gating definition for RHEL 9 2021-06-11 13:08:52 +00:00
kadm5.acl RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kadmin.service RHEL 9.0.0 Alpha bootstrap 2020-11-18 09:51:25 -08:00
kadmin.sysconfig RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kadmind.logrotate RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kdc.conf RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kprop.service RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
kprop.sysconfig RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
krb5-krb5kdc.conf RHEL 9.0.0 Alpha bootstrap 2020-11-18 09:51:25 -08:00
krb5.conf RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
krb5.rpmlintrc RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
krb5.spec Allow krad UDP/TCP localhost connection with FIPS 2022-05-25 10:13:47 +02:00
krb5kdc.logrotate RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
krb5kdc.service RHEL 9.0.0 Alpha bootstrap 2020-11-18 09:51:25 -08:00
krb5kdc.sysconfig RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
ksu.pamd RHEL 9.0.0 Alpha bootstrap 2020-10-15 15:05:18 +02:00
rpminspect.yaml Add rpminspect and clean up mass rebuild mess 2021-06-17 18:55:14 -04:00
sources Merged update from upstream sources 2021-02-18 22:21:10 +00:00