tiran
2017-04-26 16:19:49 UTC
URL: https://github.com/freeipa/freeipa/pull/737
Author: tiran
Title: #737: Vault: Explicitly default to 3DES CBC
Action: opened
PR body:
"""
The server-side plugin for IPA Vault relied on the fact that the default
oid for encryption algorithm is 3DES in CBC mode (DES-EDE3-CBC). Dogtag
10.4 has changed the default from 3DES to AES. Pass the correct
algorithm OID to KeyClient.archive_encrypted_data().
Closes: https://pagure.io/freeipa/issue/6899
Signed-off-by: Christian Heimes <***@redhat.com>
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/737/head:pr737
git checkout pr737
Author: tiran
Title: #737: Vault: Explicitly default to 3DES CBC
Action: opened
PR body:
"""
The server-side plugin for IPA Vault relied on the fact that the default
oid for encryption algorithm is 3DES in CBC mode (DES-EDE3-CBC). Dogtag
10.4 has changed the default from 3DES to AES. Pass the correct
algorithm OID to KeyClient.archive_encrypted_data().
Closes: https://pagure.io/freeipa/issue/6899
Signed-off-by: Christian Heimes <***@redhat.com>
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/737/head:pr737
git checkout pr737