Bug 1363811
Summary: | freerdp doesnt work in FIPS mode | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Joe Wright <jwright> |
Component: | freerdp | Assignee: | Ondrej Holy <oholy> |
Status: | CLOSED ERRATA | QA Contact: | Desktop QE <desktop-qa-list> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.2 | CC: | kfiresmith, thudziec, tpelka, vpakolu |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | freerdp-1.0.2-14.el7 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-04-10 11:38:34 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Joe Wright
2016-08-03 15:55:01 UTC
This issue appears to be identical to the one identified in https://bugzilla.redhat.com/show_bug.cgi?id=1347920 for RHEL 6 It seems it is fixable. I added some notes to the upstream bug report, however, I didn't have time to propose fix yet, sorry: https://github.com/FreeRDP/FreeRDP/issues/3412#issuecomment-263958217 I proposed the following pull request: https://github.com/FreeRDP/FreeRDP/pull/3877 which have been superseded by: https://github.com/FreeRDP/FreeRDP/pull/3904 which will be hopefully merged upstream soon... Just a note that FIPS encryption method is automatically used and NLA authentication is automatically disabled with this build if OpenSSL operates in FIPS mode. NLA can't be used, because FreeRDP implements only NTLM, which requires MD5, which isn't FIPS compliant. Have tested on x86_64 system running in FIPS mode with freerdp-1.0.2-13.el7.x86_64 and got mentioned error: md4_dgst.c(75): OpenSSL internal error, assertion failed: Digest MD4 forbidden in FIPS mode! Aborted (core dumped) After update to freerdp-1.0.2-14.el7.x86_64 it works fine. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0724 |