tkm: Disable RFC 7427 signature authentication
TKM can't verify such signatures so we'd fail in the authorize hook. Skipping the algorithm identifier doesn't help if the peer uses anything other than SHA-1, so config changes would be required.
This commit is contained in:
parent
708dff0700
commit
ab65a3e8fc
|
@ -276,6 +276,10 @@ int main(int argc, char *argv[])
|
|||
goto deinit;
|
||||
}
|
||||
|
||||
/* the authorize hook currently does not support RFC 7427 signature auth */
|
||||
lib->settings->set_bool(lib->settings, "%s.signature_authentication", FALSE,
|
||||
dmn_name);
|
||||
|
||||
/* make sure we log to the DAEMON facility by default */
|
||||
lib->settings->set_int(lib->settings, "%s.syslog.daemon.default",
|
||||
lib->settings->get_int(lib->settings, "%s.syslog.daemon.default", 1,
|
||||
|
|
Loading…
Reference in New Issue