[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Mon Oct 21 07:22:16 EEST 2013
New commits:
commit cfef676489bf395438f2339212d05126d6b19c1f
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Oct 20 23:47:27 2013 -0400
FIPS: use new /etc/system-fips and add check for kernel+product mode
libreswan_fipsmode() now only returns 1 if both kernel mode and product
are detected via libreswan_fipskernel() and libreswan_fipsproduct()
This means that when fips=1 is passed to the kernel without
/etc/system-fips existing, that we will NOT run as FIPS, and no
restrictions are put in place. Note that available ciphers will
still depend on what NSS returns to us under this strange fipx mixture
mode.
commit 64ddbc437a50081329bec657c7ab52728c4e998e
Author: Paul Wouters <pwouters at redhat.com>
Date: Sun Oct 20 23:41:02 2013 -0400
pluto: log_state() now checks return value of system() call
More information about the Swan-commit
mailing list