rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0029-ipatests-extend-AES-keyset-to-SHA2-based-ones.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   7a24d9aba300493626cf39f0fa70deba50784466
  2.   SOURCES
  3.   0029-ipatests-extend-AES-keyset-to-SHA2-based-ones.patch
Blob History Raw
1079a7 
From 49d9147e38c5b50c52a1ebc7283753c779c2f81f Mon Sep 17 00:00:00 2001
1079a7 
From: Alexander Bokovoy <abokovoy@redhat.com>
1079a7 
Date: Thu, 3 Mar 2022 14:38:57 +0200
1079a7 
Subject: [PATCH] ipatests: extend AES keyset to SHA2-based ones
1079a7
1079a7 
Fixes: https://pagure.io/freeipa/issue/9119
1079a7
1079a7 
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
1079a7 
Reviewed-By: Julien Rische <jrische@redhat.com>
1079a7 
Reviewed-By: Francisco Trivino <ftrivino@redhat.com>
1079a7 
---
1079a7 
 ipaserver/install/plugins/adtrust.py     | 3 ++-
1079a7 
 ipatests/pytest_ipa/integration/tasks.py | 3 ++-
1079a7 
 2 files changed, 4 insertions(+), 2 deletions(-)
1079a7
1079a7 
diff --git a/ipaserver/install/plugins/adtrust.py b/ipaserver/install/plugins/adtrust.py
1079a7 
index 5b87ac47c6919de287b07c9ceef7ae22e1e79398..67e372bdb40a0b1f6815f107fc567f0ae056dad8 100644
1079a7 
--- a/ipaserver/install/plugins/adtrust.py
1079a7 
+++ b/ipaserver/install/plugins/adtrust.py
1079a7 
@@ -754,7 +754,8 @@ class update_host_cifs_keytabs(Updater):
1079a7 
     """
1079a7
1079a7 
     host_princ_template = "host/{master}@{realm}"
1079a7 
-    valid_etypes = ['aes256-cts-hmac-sha1-96', 'aes128-cts-hmac-sha1-96']
1079a7 
+    valid_etypes = ['aes256-cts-hmac-sha384-192', 'aes128-cts-hmac-sha256-128',
1079a7 
+                    'aes256-cts-hmac-sha1-96', 'aes128-cts-hmac-sha1-96']
1079a7
1079a7 
     def extract_key_refs(self, keytab):
1079a7 
         host_princ = self.host_princ_template.format(
1079a7 
diff --git a/ipatests/pytest_ipa/integration/tasks.py b/ipatests/pytest_ipa/integration/tasks.py
1079a7 
index 13d84e23fa7dc8a5e562e8498c9142e2bcad696a..d06f8eb2cf6c36956ec200a1abb7c488d1dad9aa 100755
1079a7 
--- a/ipatests/pytest_ipa/integration/tasks.py
1079a7 
+++ b/ipatests/pytest_ipa/integration/tasks.py
1079a7 
@@ -2261,7 +2261,8 @@ class KerberosKeyCopier:
1079a7 
        copier.copy_keys('/etc/krb5.keytab', tmpname, replacement=replacement)
1079a7 
     """
1079a7 
     host_princ_template = "host/{master}@{realm}"
1079a7 
-    valid_etypes = ['aes256-cts-hmac-sha1-96', 'aes128-cts-hmac-sha1-96']
1079a7 
+    valid_etypes = ['aes256-cts-hmac-sha384-192', 'aes128-cts-hmac-sha256-128',
1079a7 
+                    'aes256-cts-hmac-sha1-96', 'aes128-cts-hmac-sha1-96']
1079a7
1079a7 
     def __init__(self, host):
1079a7 
         self.host = host
1079a7 
--
1079a7 
2.34.1
1079a7

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation