Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LOG-3933: partial fix to OpenSSL in fips mode #70

Closed
wants to merge 1 commit into from
Closed

LOG-3933: partial fix to OpenSSL in fips mode #70

wants to merge 1 commit into from

Conversation

jcantrill
Copy link
Member

@jcantrill jcantrill commented Apr 14, 2023
edited
Loading

Description

This PR:

  • adds patch to partially fix openssl 3.0 / RHEL9 on FIPS enabled cluster

Links

@openshift-ci-robot
Copy link

openshift-ci-robot commented Apr 14, 2023
edited by openshift-ci bot
Loading

@jcantrill: This pull request references LOG-3933 which is a valid jira issue.

In response to this:

Description

This PR:

  • adds patch to partially fix openssl on FIPS enabled cluster

Links

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot
Copy link

openshift-ci-robot commented Apr 14, 2023
edited by openshift-ci bot
Loading

@jcantrill: This pull request references LOG-3933 which is a valid jira issue.

In response to this:

Description

This PR:

  • adds patch to partially fix openssl 3.0 / RHEL9 on FIPS enabled cluster

Links

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@jcantrill
Copy link
Member Author

/hold

@junaruga
Copy link

junaruga commented Apr 14, 2023
edited
Loading

Hi, just keep in mind, that there are some other issues in the Ruby OpenSSL bindings on the FIPS mode. I am working on it.
ruby/openssl#603 (comment)

alanconway
alanconway approved these changes Apr 21, 2023
View reviewed changes
Copy link
Member

@alanconway alanconway left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Apr 21, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Apr 21, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alanconway, jcantrill

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [alanconway,jcantrill]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jcantrill
Copy link
Member Author

closing as this will be resolved once ubi9.4 lands with availability of latest ruby 3.1

@jcantrill jcantrill closed this Jan 30, 2024
@junaruga
Copy link

junaruga commented Feb 1, 2024

I think you may also be able to resolve your issue just by using openssl gem version 3.2.0 including some fixes for the FIPS instead of the openssl gem version 3.1.0 and fluentd/openssl.source0001.patch used in this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alanconway alanconway alanconway approved these changes

@cahartma cahartma Awaiting requested review from cahartma

Assignees

@alanconway alanconway

Labels
approved do-not-merge/hold jira/valid-reference lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jcantrill @openshift-ci-robot @junaruga @alanconway