683368 – [RFE] Support SHA2 based certificates

Bug 683368 - [RFE] Support SHA2 based certificates

Summary: [RFE] Support SHA2 based certificates

Keywords:
Status:	CLOSED DUPLICATE of bug 676384
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	curl
Sub Component:
Version:	5.6
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Kamil Dudka
QA Contact:	BaseOS QE Security Team
Docs Contact:
URL:
Whiteboard:
Depends On:	676384
Blocks:	554476
TreeView+	depends on / blocked

Reported:	2011-03-09 09:40 UTC by J.H.M. Dassen (Ray)
Modified:	2013-07-03 04:10 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-06-02 05:46:30 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	655069	0	low	CLOSED	[RFE] OpenLDAP should support SHA2 algorithms	2021-02-22 00:41:40 UTC
Red Hat Bugzilla	676384	0	medium	CLOSED	OpenSSL / PAM & NSS_LDAP / SUDO fail TLS_CHECKPEER with Cipher AES256-SHA	2021-02-22 00:41:40 UTC

Internal Links: 655069 676384

Description J.H.M. Dassen (Ray) 2011-03-09 09:40:25 UTC

What is the nature and description of the request?
Curl does not support sha2 certificates

Why does the customer need this?
"Our business justification is that we are securing our environments by adding
SSL to all of our web servers.  We do this using SHA2 based certificates.  And
now curl doesn't work.  So this is preventing us from securing our web servers
as we have to have curl work."

How would the customer like to achieve this?
A single line patch that would enable sha2 certificate support.
(http://sourceforge.net/tracker/?func=detail&atid=100976&aid=2825989&group_id=976)

Specify how Red Hat and the customer can test to confirm the requirement is
successfully implemented.

backport the patch.

Is there already an existing RFE upstream or in Red Hat bugzilla?
Yes, it's fixed in upstream.

How quickly does this need resolved?
RHEL5.8

Does this request meet the RHEL Inclusion criteria
Yes

List the affected packages
Curl

Would the customer be able to assist in testing this functionality if implemented?
Customer already tested the upstream version and it's working fine.

Comment 2 Kamil Dudka 2011-03-09 11:55:30 UTC

upstream commits:

https://github.com/bagder/curl/commit/b347a7a
https://github.com/bagder/curl/commit/9b5c00a

Note You need to log in before you can comment on or make changes to this bug.