Bug 479077
Summary: | Server to Server SASL/DIGEST-MD5 not Supported over SSL/TLS | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Directory Server | Reporter: | Jenny Severance <jgalipea> | ||||||
Component: | Security - SASL | Assignee: | Rich Megginson <rmeggins> | ||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||||
Severity: | high | Docs Contact: | |||||||
Priority: | high | ||||||||
Version: | 8.1 | CC: | benl, nkinder | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | 8.1 | Doc Type: | Bug Fix | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2009-04-29 23:09:06 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 249650, 493682 | ||||||||
Attachments: |
|
Description
Jenny Severance
2009-01-06 21:54:38 UTC
Created attachment 328326 [details]
diffs
With the change in comment #1, will DIGEST-MD5 work? I think it will still fail since it DIGEST-MD5 won't meet the maxssf criteria (it has a ssf of 1 I believe). DIGEST-MD5 forces a minssf of 1? I just know that it will have a ssf of 1 by default from my tests. If you specify a maxssf of 0 with DIGEST-MD5 and it works, then your change should be fine. Created attachment 328338 [details]
cvs commit log
Reviewed by: nkinder (Thanks!)
Fix Description: If using TLS/SSL, we don't need to use a sasl security layer, so just set the maxssf to 0.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
fixed and being tested by server to server sasl automated acceptance tests. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-0455.html |