diff options
| author | Milan Broz <gmazyland@gmail.com> | 2012-07-09 19:30:25 +0200 |
|---|---|---|
| committer | Milan Broz <gmazyland@gmail.com> | 2012-07-09 19:30:25 +0200 |
| commit | 584d5b8d657670cf96f97bfb3c89a807baf2ae24 (patch) | |
| tree | 4f9def2a14a2e653c93745610b8601393bf41ee1 | |
| parent | 8eef5bde4fab134b506cb26bef33f724c495cc26 (diff) | |
| download | cryptsetup-584d5b8d657670cf96f97bfb3c89a807baf2ae24.tar.gz | |
Fix library name for FIPS check.
| -rw-r--r-- | ChangeLog | 1 | ||||
| -rw-r--r-- | TODO | 4 | ||||
| -rw-r--r-- | configure.in | 5 | ||||
| -rw-r--r-- | lib/utils_fips.c | 2 |
4 files changed, 9 insertions, 3 deletions
@@ -2,6 +2,7 @@ * Add --device-size option for reencryption tool. * Switch to use unit suffix for --reduce-device-size option. * Remove open device debugging feature (no longer needed). + * Fix library name for FIPS check. 2012-06-20 Milan Broz <gmazyland@gmail.com> * Version 1.5.0-rc2. @@ -1,7 +1,7 @@ -Version 1.5.0: +Version 1.6.0: - Export wipe device functions - Support K/M suffixes for align payload (new switch?). -- FIPS patches (RNG, volume key restrictions, move changekey to library) +- FIPS: move changekey to library - online reencryption api? - integrate more metadata formats - TRIM for keyslots
\ No newline at end of file diff --git a/configure.in b/configure.in index 6f75ef9..eec0c29 100644 --- a/configure.in +++ b/configure.in @@ -4,6 +4,8 @@ AC_INIT([cryptsetup],[1.5.0-rc2]) dnl library version from <major>.<minor>.<release>[-<suffix>] LIBCRYPTSETUP_VERSION=$(echo $PACKAGE_VERSION | cut -f1 -d-) LIBCRYPTSETUP_VERSION_INFO=7:0:3 +dnl library file name for FIPS selfcheck +LIBCRYPTSETUP_VERSION_FIPS="libcryptsetup.so.4" AC_CONFIG_SRCDIR(src/cryptsetup.c) AC_CONFIG_MACRO_DIR([m4]) @@ -69,6 +71,8 @@ AC_ARG_ENABLE([fips], AS_HELP_STRING([--enable-fips],[enable FIPS mode restricti if test "x$with_fips" = "xyes"; then AC_DEFINE(ENABLE_FIPS, 1, [Enable FIPS mode restrictions]) + AC_DEFINE_UNQUOTED(LIBCRYPTSETUP_VERSION_FIPS, ["$LIBCRYPTSETUP_VERSION_FIPS"], + [library file name for FIPS selfcheck]) if test "x$enable_static" = "xyes" -o "x$enable_static_cryptsetup" = "xyes" ; then AC_MSG_ERROR([Static build is not compatible with FIPS.]) @@ -289,6 +293,7 @@ AC_SUBST([CRYPTO_STATIC_LIBS]) AC_SUBST([LIBCRYPTSETUP_VERSION]) AC_SUBST([LIBCRYPTSETUP_VERSION_INFO]) +AC_SUBST([LIBCRYPTSETUP_VERSION_FIPS]) dnl ========================================================================== AC_ARG_ENABLE([dev-random], AS_HELP_STRING([--enable-dev-random], diff --git a/lib/utils_fips.c b/lib/utils_fips.c index d6d4b1d..150f882 100644 --- a/lib/utils_fips.c +++ b/lib/utils_fips.c @@ -52,7 +52,7 @@ static void crypt_fips_verify(struct crypt_device *cd, void crypt_fips_libcryptsetup_check(struct crypt_device *cd) { - crypt_fips_verify(cd, "libcryptsetup.so", "crypt_init"); + crypt_fips_verify(cd, LIBCRYPTSETUP_VERSION_FIPS, "crypt_init"); } void crypt_fips_self_check(struct crypt_device *cd) |