eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-12 03:10:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Do not load own OpenSSL backend context in FIPS mode.

Browse Source 
In the FIPS mode keep configuration up to the system wide config.
This commit is contained in:
Milan Broz
2021-09-13 19:45:05 +02:00
parent 29ea07ef66
commit f8eb7b225a
10 changed files with 37 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/utils_fips.c
View File

@@ -24,9 +24,9 @@
#include "utils_fips.h"
#if !ENABLE_FIPS
int crypt_fips_mode(void) { return 0; }
bool crypt_fips_mode(void) { return false; }
#else
static int kernel_fips_mode(void)
static bool kernel_fips_mode(void)
{
int fd;
char buf[1] = "";
@@ -36,10 +36,10 @@ static int kernel_fips_mode(void)
close(fd);
}
return (buf[0] == '1') ? 1 : 0;
return (buf[0] == '1');
}
int crypt_fips_mode(void)
bool crypt_fips_mode(void)
{
return kernel_fips_mode() && !access("/etc/system-fips", F_OK);
}