fix: simplify implementation of FIPS SupportedAlgorithms()
It's a bit of a hassle to manually manage the supported algorithms, which are easy to get wrong. These supported algorithms are used by the client, while the server is more conservative and mostly uses Go's default algorithms. Let's just filter the values we know are problematic until Go ships something for us. This effectively adds back a number of host key algorithms, such as KeyAlgoED25519 (not to be confused with CertAlgoED25519). But since only the client (e.g. fleeting plugin) only uses `fips.SupportedAlgorithms()` at the moment, changing the supported host keys doesn't affect the client. It will become important if gitlab-sshd ever switches to `fips.SupportedAlgorithms()` from `fips.DefaultAlgorithms()`.
Loading
-
mentioned in merge request release-tools!4439 (merged)
-
mentioned in merge request gitlab-elasticsearch-indexer!733 (closed)
-
mentioned in merge request gitlab-zoekt-indexer!666 (merged)
-
mentioned in merge request gitlab-org/duo-workflow/duo-workflow-executor!200
-
mentioned in merge request gitlab-com/gl-infra/platform/runway/example-service!401 (merged)
-
mentioned in merge request gitlab-com/gl-infra/woodhouse!613 (merged)
-
mentioned in merge request gitlab-org/auth/glgo!188
-
mentioned in merge request gitlab-org/cells/topology-service!338 (merged)
-
mentioned in merge request gitlab-com/gl-infra/cmbr!433 (merged)
-
mentioned in merge request gitlab-elasticsearch-indexer!739 (merged)
-
mentioned in merge request gitaly!8139 (merged)
-
mentioned in merge request gitlab-elasticsearch-indexer!743 (closed)
-
mentioned in merge request gitlab-pages!1205 (merged)
-
mentioned in merge request container-registry!2564 (merged)
Please register or sign in to comment