diff options
author | Christian Heimes <cheimes@redhat.com> | 2015-07-21 15:18:40 +0200 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-07-31 13:33:02 +0200 |
commit | a908be2785d4388e3c97c7cd543c817c527d73c9 (patch) | |
tree | 3f24d8d0d59787ccedf275ed5bebe12f182355cd /freeipa.spec.in | |
parent | 4e18a62dd5adeb4bcb63aafc4bbe50d7a5c71b9c (diff) | |
download | freeipa-a908be2785d4388e3c97c7cd543c817c527d73c9.tar.gz freeipa-a908be2785d4388e3c97c7cd543c817c527d73c9.tar.xz freeipa-a908be2785d4388e3c97c7cd543c817c527d73c9.zip |
Replace M2Crypto RC4 with python-cryptography ARC4
This patch removes the dependency on M2Crypto in favor for cryptography.
Cryptography is more strict about the key size and doesn't support
non-standard key sizes:
>>> from M2Crypto import RC4
>>> from ipaserver.dcerpc import arcfour_encrypt
>>> RC4.RC4(b'key').update(b'data')
'o\r@\x8c'
>>> arcfour_encrypt(b'key', b'data')
Traceback (most recent call last):
...
ValueError: Invalid key size (24) for RC4.
Standard key sizes 40, 56, 64, 80, 128, 192 and 256 are supported:
>>> arcfour_encrypt(b'key12', b'data')
'\xcd\xf80d'
>>> RC4.RC4(b'key12').update(b'data')
'\xcd\xf80d'
http://cryptography.readthedocs.org/en/latest/hazmat/primitives/symmetric-encryption/#cryptography.hazmat.primitives.ciphers.algorithms.ARC4
https://fedorahosted.org/freeipa/ticket/5148
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'freeipa.spec.in')
-rw-r--r-- | freeipa.spec.in | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/freeipa.spec.in b/freeipa.spec.in index 328894c55..0351952c6 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -84,7 +84,6 @@ BuildRequires: python-lxml BuildRequires: python-pyasn1 >= 0.0.9a BuildRequires: python-qrcode-core >= 5.0.0 BuildRequires: python-dns >= 1.11.1 -BuildRequires: m2crypto BuildRequires: check BuildRequires: libsss_idmap-devel BuildRequires: libsss_nss_idmap-devel >= 1.12.2 @@ -218,7 +217,6 @@ Integrated DNS server is BIND 9. OpenDNSSEC provides key management. Summary: Virtual package to install packages required for Active Directory trusts Group: System Environment/Base Requires: %{name}-server = %version-%release -Requires: m2crypto Requires: samba-python Requires: samba >= %{samba_version} Requires: samba-winbind |