Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
keylime
CVE-2022-1053-02.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2022-1053-02.patch of Package keylime
From b53231cef001c44f089cf811361b1d60f5359ff2 Mon Sep 17 00:00:00 2001 From: Thore Sommer <mail@thson.de> Date: Wed, 6 Apr 2022 16:08:44 +0200 Subject: [PATCH] config: remove unused registrar mTLS options in cloud_verifier section Signed-off-by: Thore Sommer <mail@thson.de> --- keylime.conf | 24 ------------------------ 1 file changed, 24 deletions(-) Index: keylime-v6.3.2/keylime.conf =================================================================== --- keylime-v6.3.2.orig/keylime.conf +++ keylime-v6.3.2/keylime.conf @@ -233,30 +233,6 @@ private_key_pw = default # Whether verifier validates client certificate check_client_cert = True -# Registrar client TLS options. This allows the CV to authenticate the -# registar before asking for AIKs. -# This option sets the directory where the CA certificate for the registrar -# can be found. -# Use "default" to use the value of 'reg_ca' (this points it to the directory -# automatically created by the registrar if it is set to "generate"). -# Use "CV" to use 'cv_ca', the directory automatically created (and shared -# with the registar) by the CV. -registrar_tls_dir = CV - -# The following three options set the filenames where the CA certificate, -# client certificate, and client private key file are, relative to the 'tls_dir'. -# If 'tls_dir = default', then default values will be used for 'ca_cert = cacert.crt', -# 'my_cert = client-cert.crt', and 'private_key = client-private.pem'. -registrar_ca_cert = default -registrar_my_cert = default -registrar_private_key = default - -# Set the password needed to decrypt the registrar private key file. -# This should be set to a strong password. -# If you are using the auto generated keys from the CV, set the same password -# here as you did for 'private_key_pw' above. -registrar_private_key_pw = default - # mTLS configuration for connecting to the agent. # Details on why setting it to "False" is generally considered insecure can be found # on https://github.com/keylime/keylime/security/advisories/GHSA-2m39-75g9-ff5r
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor