Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

core: Check for real FIPS when adding username to a VNC ticket #474

Merged
merged 1 commit into from Jun 17, 2022
Merged

core: Check for real FIPS when adding username to a VNC ticket #474

merged 1 commit into from Jun 17, 2022

Conversation

mz-pdm
Copy link
Member

@mz-pdm mz-pdm commented Jun 17, 2022

FIPS can be enabled on a host without the corresponding parameter in
the kernel command line. In such a case, the host expects username in
the VNC display ticket. But Engine inserts username only when the
FIPS parameter is in the kernel command line and VNC connection
doesn’t work is such a case.

To fix this, let’s check in Engine for what the host says about FIPS
rather than for the kernel command line parameter.

@mz-pdm
core: Check for real FIPS when adding username to a VNC ticket
a1f3d81 
FIPS can be enabled on a host without the corresponding parameter in
the kernel command line.  In such a case, the host expects username in
the VNC display ticket.  But Engine inserts username only when the
FIPS parameter is in the kernel command line and VNC connection
doesn’t work is such a case.

To fix this, let’s check in Engine for what the host says about FIPS
rather than for the kernel command line parameter.
@mz-pdm mz-pdm requested a review from nyoxi June 17, 2022 08:17
@mz-pdm mz-pdm self-assigned this Jun 17, 2022
mwperina
mwperina approved these changes Jun 17, 2022
View reviewed changes
Copy link
Member

@mwperina mwperina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@michalskrivanek
Copy link
Member

/ost

@michalskrivanek
Copy link
Member

meh, "qemu-kvm: Unable to generate DH parameters: Error in public key generation.". I've seen it before...maybe no enough entropy or something? eh...

@michalskrivanek michalskrivanek merged commit 513d016 into oVirt:master Jun 17, 2022
@mz-pdm mz-pdm deleted the fips-vnc-username# branch June 20, 2022 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nyoxi nyoxi nyoxi approved these changes

@mwperina mwperina mwperina approved these changes

@ahadas ahadas Awaiting requested review from ahadas ahadas is a code owner

@bennyz bennyz Awaiting requested review from bennyz bennyz is a code owner

@emesika emesika Awaiting requested review from emesika emesika is a code owner

@michalskrivanek michalskrivanek Awaiting requested review from michalskrivanek michalskrivanek is a code owner

@oliel oliel Awaiting requested review from oliel oliel is a code owner

@sgratch sgratch Awaiting requested review from sgratch sgratch is a code owner

@didib didib Awaiting requested review from didib didib is a code owner

Assignees

@mz-pdm mz-pdm

Labels
verified virt
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@mz-pdm @michalskrivanek @nyoxi @mwperina