[Swan-commit] Changes to ref refs/heads/master

Paul Wouters paul at vault.libreswan.fi
Mon Oct 21 07:22:16 EEST 2013


New commits:
commit cfef676489bf395438f2339212d05126d6b19c1f
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Oct 20 23:47:27 2013 -0400

    FIPS: use new /etc/system-fips and add check for kernel+product mode
    
    libreswan_fipsmode() now only returns 1 if both kernel mode and product
    are detected via libreswan_fipskernel() and libreswan_fipsproduct()
    
    This means that when fips=1 is passed to the kernel without
    /etc/system-fips existing, that we will NOT run as FIPS, and no
    restrictions are put in place. Note that available ciphers will
    still depend on what NSS returns to us under this strange fipx mixture
    mode.

commit 64ddbc437a50081329bec657c7ab52728c4e998e
Author: Paul Wouters <pwouters at redhat.com>
Date:   Sun Oct 20 23:41:02 2013 -0400

    pluto: log_state() now checks return value of system() call



More information about the Swan-commit mailing list