Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

core: Check for real FIPS when adding username to a VNC ticket #474

Merged
merged 1 commit into from Jun 17, 2022

Conversation

mz-pdm
Copy link
Member

@mz-pdm mz-pdm commented Jun 17, 2022

FIPS can be enabled on a host without the corresponding parameter in
the kernel command line. In such a case, the host expects username in
the VNC display ticket. But Engine inserts username only when the
FIPS parameter is in the kernel command line and VNC connection
doesn’t work is such a case.

To fix this, let’s check in Engine for what the host says about FIPS
rather than for the kernel command line parameter.

FIPS can be enabled on a host without the corresponding parameter in
the kernel command line.  In such a case, the host expects username in
the VNC display ticket.  But Engine inserts username only when the
FIPS parameter is in the kernel command line and VNC connection
doesn’t work is such a case.

To fix this, let’s check in Engine for what the host says about FIPS
rather than for the kernel command line parameter.
Copy link
Member

@mwperina mwperina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@michalskrivanek
Copy link
Member

/ost

@michalskrivanek
Copy link
Member

meh, "qemu-kvm: Unable to generate DH parameters: Error in public key generation.". I've seen it before...maybe no enough entropy or something? eh...

@michalskrivanek michalskrivanek merged commit 513d016 into oVirt:master Jun 17, 2022
@mz-pdm mz-pdm deleted the fips-vnc-username# branch June 20, 2022 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants