Pedro Monreal Gonzalez
743dc266bd
- FIPS: Enable to set the kernel FIPS mode with fips-mode-setup and fips-finish-install commands, add also the man pages. The required FIPS modules are left to be installed by the user. * Rebase crypto-policies-FIPS.patch - Revert a breaking change that introduces the config option rh-allow-sha1-signatures that is unkown to OpenSSL and fails on startup. We will consider adding this option to openssl. * https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/97fe4494 * Add crypto-policies-revert-rh-allow-sha1-signatures.patch * Skip not needed LibreswanGenerator and SequoiaGenerator: OBS-URL: https://build.opensuse.org/request/show/1089054 OBS-URL: https://build.opensuse.org/package/show/security:tls/crypto-policies?expand=0&rev=16 |
||
|---|---|---|
| _service | ||
| _servicedata | ||
| .gitattributes | ||
| .gitignore | ||
| crypto-policies-FIPS.patch | ||
| crypto-policies-no-build-manpages.patch | ||
| crypto-policies-policygenerators.patch | ||
| crypto-policies-revert-rh-allow-sha1-signatures.patch | ||
| crypto-policies-rpmlintrc | ||
| crypto-policies-supported.patch | ||
| crypto-policies.7.gz | ||
| crypto-policies.changes | ||
| crypto-policies.spec | ||
| fedora-crypto-policies-20230420.3d08ae7.tar.gz | ||
| fips-finish-install.8.gz | ||
| fips-mode-setup.8.gz | ||
| README.SUSE | ||
| update-crypto-policies.8.gz | ||
Currently, the supported back-end policies are: * OpenSSL library * GnuTLS library * OpenJDK (only for java-1_8_0-openjdk and java-11-openjdk) The rest of the modules ignore the policy settings for the time being.