* Add --device-size option for reencryption tool.
* Switch to use unit suffix for --reduce-device-size option.
* Remove open device debugging feature (no longer needed).
+ * Fix library name for FIPS check.
2012-06-20 Milan Broz <gmazyland@gmail.com>
* Version 1.5.0-rc2.
-Version 1.5.0:
+Version 1.6.0:
- Export wipe device functions
- Support K/M suffixes for align payload (new switch?).
-- FIPS patches (RNG, volume key restrictions, move changekey to library)
+- FIPS: move changekey to library
- online reencryption api?
- integrate more metadata formats
- TRIM for keyslots
\ No newline at end of file
dnl library version from <major>.<minor>.<release>[-<suffix>]
LIBCRYPTSETUP_VERSION=$(echo $PACKAGE_VERSION | cut -f1 -d-)
LIBCRYPTSETUP_VERSION_INFO=7:0:3
+dnl library file name for FIPS selfcheck
+LIBCRYPTSETUP_VERSION_FIPS="libcryptsetup.so.4"
AC_CONFIG_SRCDIR(src/cryptsetup.c)
AC_CONFIG_MACRO_DIR([m4])
if test "x$with_fips" = "xyes"; then
AC_DEFINE(ENABLE_FIPS, 1, [Enable FIPS mode restrictions])
+ AC_DEFINE_UNQUOTED(LIBCRYPTSETUP_VERSION_FIPS, ["$LIBCRYPTSETUP_VERSION_FIPS"],
+ [library file name for FIPS selfcheck])
if test "x$enable_static" = "xyes" -o "x$enable_static_cryptsetup" = "xyes" ; then
AC_MSG_ERROR([Static build is not compatible with FIPS.])
AC_SUBST([LIBCRYPTSETUP_VERSION])
AC_SUBST([LIBCRYPTSETUP_VERSION_INFO])
+AC_SUBST([LIBCRYPTSETUP_VERSION_FIPS])
dnl ==========================================================================
AC_ARG_ENABLE([dev-random], AS_HELP_STRING([--enable-dev-random],
void crypt_fips_libcryptsetup_check(struct crypt_device *cd)
{
- crypt_fips_verify(cd, "libcryptsetup.so", "crypt_init");
+ crypt_fips_verify(cd, LIBCRYPTSETUP_VERSION_FIPS, "crypt_init");
}
void crypt_fips_self_check(struct crypt_device *cd)