ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

nsupdate: use FIPS compatible algorithms

Browse Source 
HMACMD5 is not permitted in FIPS mode, use HMACSHA256 instead.
This commit is contained in:
Mark Andrews
2021-12-20 19:28:36 +11:00
parent bcb3846603
commit ff7e73db6a
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bin/tests/system/nsupdate/setup.sh
View File

@@ -76,7 +76,7 @@ $TSIGKEYGEN ddns-key.example.nil > ns1/ddns.key
if $FEATURETEST --md5; then
$TSIGKEYGEN -a hmac-md5 md5-key > ns1/md5.key
else
echo -n > ns1/md5.key
echo "/* MD5 NOT SUPPORTED */" > ns1/md5.key
fi
$TSIGKEYGEN -a hmac-sha1 sha1-key > ns1/sha1.key
$TSIGKEYGEN -a hmac-sha224 sha224-key > ns1/sha224.key