Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1741229

Summary: FIPS Compatibility for OSP
Product: Red Hat OpenStack Reporter: Ash Westbrook <awestbro>
Component: SecurityAssignee: Ade Lee <alee>
Status: CLOSED EOL QA Contact: Jeremy Agee <jagee>
Severity: high Docs Contact:
Priority: high    
Version: 17.0 (Wallaby)CC: alee, awestbro, dcaspin, dmendiza, ealcaniz, hkario, hrybacki, jbeaudoi, jjoyce, jmelvin, jpadman, lhh, mariel, mburns, michjohn, msava, nlevinki, scohen, spower, ssigwald, ssorce, vcojot
Target Milestone: betaKeywords: FutureFeature, TechPreview, Tracking, Triaged
Target Release: 17.0   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: OSP_FIPS_TRACKER 2125346 (view as bug list) Environment:
Last Closed: 2023-10-10 12:21:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1741261, 1974406, 2125346    

Description Ash Westbrook 2019-08-14 14:22:37 UTC 
NAPS feature tracker.
Comment 6 Harry Rybacki 2019-08-28 17:51:13 UTC 
*** Bug 1670164 has been marked as a duplicate of this bug. ***
Comment 7 Harry Rybacki 2019-09-18 13:43:58 UTC 
*** Bug 1742933 has been marked as a duplicate of this bug. ***
Comment 9 Simo Sorce 2019-10-03 18:51:04 UTC 
Lon,
it is very unlikely we'll certify any of those python libraries, I suggest working upstream to transition all uses to python-cryptography or other decent wrapper around one of our supported security libraries.
For golang you should talk to the toolset people, the official golang crypto package has been patched on Red Hat builds to link to openssl, if there are other crypto libraries pulled in I strongly suggest you work upstream to eliminate or reduce their usage so that it can be disabled in FIPS mode.
Comment 14 spower 2021-11-30 10:02:08 UTC 
This has been given an exception + and has an extension until Jan 31st to get to POST/MODIFIED.
Comment 20 Red Hat Bugzilla 2024-04-14 04:25:15 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days