forked from pool/keylime
Alberto Planas Dominguez
436587cab6
- Update to version v7.11.0: * "Monthly" Release (7.11.0) * template mapping change for persisted idevids * add config options for the persisted idevid and iak handles and passwords * templates: Restore the default values * templates: Add version 2.3 * convert_config: Use the latest default value for --default * Add new /verify/identity API * PSS padding fix - salt length changed to byte length of digest from length of signature * sign_runtime_policy: Display error message if non-EC key is provided * packit: enable /regression/CVE-2023-3674 (suggested by Karel Srot) * Fix durable attestation in absence of mb_policy * tests: Fix coverage download by supporting new webdrives * templates: verifier: Add require_allow_list_signatures to config file * runtime policy: Raise error on missing key if signature required * runtime policy: Raise error on unsigned policy if signature required * dsse: Remove unused type: ignore comment (mypy) OBS-URL: https://build.opensuse.org/request/show/1180844 OBS-URL: https://build.opensuse.org/package/show/security/keylime?expand=0&rev=95
25 lines
703 B
Diff
25 lines
703 B
Diff
diff --git a/config/verifier.conf b/config/verifier.conf
|
|
index 9f65039..4e6191d 100644
|
|
--- a/config/verifier.conf
|
|
+++ b/config/verifier.conf
|
|
@@ -8,7 +8,8 @@ version = 2.3
|
|
uuid = default
|
|
|
|
# The binding address and port for the verifier server
|
|
-ip = "127.0.0.1"
|
|
+# ip = "127.0.0.1"
|
|
+ip = "0.0.0.0"
|
|
port = 8881
|
|
|
|
# The address and port of registrar server that the verifier communicates with
|
|
@@ -245,7 +246,8 @@ require_allow_list_signatures = False
|
|
enabled_revocation_notifications = ['agent']
|
|
|
|
# The binding address and port of the revocation notifier service via ZeroMQ.
|
|
-zmq_ip = 127.0.0.1
|
|
+# zmq_ip = 127.0.0.1
|
|
+zmq_ip = 0.0.0.0
|
|
zmq_port = 8992
|
|
|
|
# Webhook url for revocation notifications.
|