From 584d5b8d657670cf96f97bfb3c89a807baf2ae24 Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Mon, 9 Jul 2012 19:30:25 +0200 Subject: [PATCH] Fix library name for FIPS check. --- ChangeLog | 1 + TODO | 4 ++-- configure.in | 5 +++++ lib/utils_fips.c | 2 +- 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index eb85f13..1c1db58 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ * Add --device-size option for reencryption tool. * Switch to use unit suffix for --reduce-device-size option. * Remove open device debugging feature (no longer needed). + * Fix library name for FIPS check. 2012-06-20 Milan Broz * Version 1.5.0-rc2. diff --git a/TODO b/TODO index 2644f28..56c757d 100644 --- a/TODO +++ b/TODO @@ -1,7 +1,7 @@ -Version 1.5.0: +Version 1.6.0: - Export wipe device functions - Support K/M suffixes for align payload (new switch?). -- FIPS patches (RNG, volume key restrictions, move changekey to library) +- FIPS: move changekey to library - online reencryption api? - integrate more metadata formats - TRIM for keyslots \ No newline at end of file diff --git a/configure.in b/configure.in index 6f75ef9..eec0c29 100644 --- a/configure.in +++ b/configure.in @@ -4,6 +4,8 @@ AC_INIT([cryptsetup],[1.5.0-rc2]) dnl library version from ..[-] LIBCRYPTSETUP_VERSION=$(echo $PACKAGE_VERSION | cut -f1 -d-) LIBCRYPTSETUP_VERSION_INFO=7:0:3 +dnl library file name for FIPS selfcheck +LIBCRYPTSETUP_VERSION_FIPS="libcryptsetup.so.4" AC_CONFIG_SRCDIR(src/cryptsetup.c) AC_CONFIG_MACRO_DIR([m4]) @@ -69,6 +71,8 @@ AC_ARG_ENABLE([fips], AS_HELP_STRING([--enable-fips],[enable FIPS mode restricti if test "x$with_fips" = "xyes"; then AC_DEFINE(ENABLE_FIPS, 1, [Enable FIPS mode restrictions]) + AC_DEFINE_UNQUOTED(LIBCRYPTSETUP_VERSION_FIPS, ["$LIBCRYPTSETUP_VERSION_FIPS"], + [library file name for FIPS selfcheck]) if test "x$enable_static" = "xyes" -o "x$enable_static_cryptsetup" = "xyes" ; then AC_MSG_ERROR([Static build is not compatible with FIPS.]) @@ -289,6 +293,7 @@ AC_SUBST([CRYPTO_STATIC_LIBS]) AC_SUBST([LIBCRYPTSETUP_VERSION]) AC_SUBST([LIBCRYPTSETUP_VERSION_INFO]) +AC_SUBST([LIBCRYPTSETUP_VERSION_FIPS]) dnl ========================================================================== AC_ARG_ENABLE([dev-random], AS_HELP_STRING([--enable-dev-random], diff --git a/lib/utils_fips.c b/lib/utils_fips.c index d6d4b1d..150f882 100644 --- a/lib/utils_fips.c +++ b/lib/utils_fips.c @@ -52,7 +52,7 @@ static void crypt_fips_verify(struct crypt_device *cd, void crypt_fips_libcryptsetup_check(struct crypt_device *cd) { - crypt_fips_verify(cd, "libcryptsetup.so", "crypt_init"); + crypt_fips_verify(cd, LIBCRYPTSETUP_VERSION_FIPS, "crypt_init"); } void crypt_fips_self_check(struct crypt_device *cd) -- 2.7.4