2135933 – Unbound cannot enable validation of SHA-1 signatures runtime [rhel-9.2.0]

Bug 2135933 - Unbound cannot enable validation of SHA-1 signatures runtime [rhel-9.2.0]

Summary: Unbound cannot enable validation of SHA-1 signatures runtime [rhel-9.2.0]

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	unbound
Sub Component:
Version:	9.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Petr Menšík
QA Contact:	rhel-cs-infra-services-qe
Docs Contact:	Šárka Jana
URL:
Whiteboard:
Depends On:	2070495 2071543 2087120
Blocks:	2077909
TreeView+	depends on / blocked

Reported:	2022-10-18 20:52 UTC by Petr Menšík
Modified:	2023-07-22 08:27 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:	2071543
Environment:
Last Closed:
Type:	---
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-136944	0	None	None	None	2022-10-18 20:58:14 UTC

Comment 2 Petr Menšík 2022-10-18 20:54:47 UTC

There still remains non-working switching to validation of SHA-1 based signatures when the crypto-policy is switched to LEGACY or DEFAULT:SHA1. My proposal to upstream has been accepted, but I failed to notice unittests are reliably failing with SHA-1 enabled during the build on RHEL 9 and Fedora ELN.

It requires compared to 9.1.0 version just removal of --disable-sha1 parameter during build. But then it needs working fix for unittest. I don't want to disable them to build the package, I expect they report some valuable failures, which needs to be addressed first.

Note You need to log in before you can comment on or make changes to this bug.