[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Fri Sep 13 21:11:23 EEST 2013
New commits:
commit 9d0b2a0e72ad9a905b23e9a493b2d8d7dd82eafa
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 13 14:11:10 2013 -0400
updated changes
commit 87aeb22e922f277bde1bafbfbca382d556ffa94f
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 13 13:54:38 2013 -0400
FIPS: Support for updated FIPS requirements
- Add libreswan-prelink.conf to blacklist libreswan files for prelink
- Use versioned .hmac files via FIPSHMACSUFFIX in Makefile.inc
When USE_FIPSCHECK is enabled:
- 'make install' will generate hmac files
- Package hmac files in libreswan-fips sub-package
- If hmac files (or libreswan-fips sub-package) is installed, run FIPS test
even when kernel is not in FIPS mode
- If hmac files (or libreswan-fips sub-package) is not installed, skip
tests when kernel is not in FIPS mode
- Detection of "installed hmac files" is based on the pluto hmac file
(see: man FIPSCHECK_verify_files_ex)
- Log FIPS test (failed,passed,skipped). Failure still terminates pluto
commit 9711ae9cdb34589766729df68ae44fd641e6c293
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 13 13:52:44 2013 -0400
build: Support for: make release FORCE=1 (for dirty temp releases)
More information about the Swan-commit
mailing list