forked from pool/libgcrypt
Accepting request 652048 from home:vitezslav_cizek:branches:devel:libraries:c_c++
- Fail selftests when checksum file is missing in FIPS mode only (bsc#1117355) * add libgcrypt-binary_integrity_in_non-FIPS.patch OBS-URL: https://build.opensuse.org/request/show/652048 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=119
This commit is contained in:
parent
5a5bf04851
commit
b13fa86e81
17
libgcrypt-binary_integrity_in_non-FIPS.patch
Normal file
17
libgcrypt-binary_integrity_in_non-FIPS.patch
Normal file
@ -0,0 +1,17 @@
|
||||
Index: libgcrypt-1.8.4/src/fips.c
|
||||
===================================================================
|
||||
--- libgcrypt-1.8.4.orig/src/fips.c 2018-11-26 17:30:28.040692529 +0100
|
||||
+++ libgcrypt-1.8.4/src/fips.c 2018-11-26 17:59:04.130934181 +0100
|
||||
@@ -663,7 +663,11 @@ check_binary_integrity (void)
|
||||
/* Open the file. */
|
||||
fp = fopen (fname, "r");
|
||||
if (!fp)
|
||||
- err = gpg_error_from_syserror ();
|
||||
+ {
|
||||
+ /* Missing checksum is a problem only in FIPS mode */
|
||||
+ if (fips_mode() || errno != ENOENT)
|
||||
+ err = gpg_error_from_syserror ();
|
||||
+ }
|
||||
else
|
||||
{
|
||||
/* A buffer of 64 bytes plus one for a LF and one to
|
@ -1,3 +1,10 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 26 17:09:47 UTC 2018 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
- Fail selftests when checksum file is missing in FIPS mode only
|
||||
(bsc#1117355)
|
||||
* add libgcrypt-binary_integrity_in_non-FIPS.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Oct 28 18:57:53 UTC 2018 - astieger@suse.com
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
@ -57,6 +57,7 @@ Patch32: libgcrypt-fips_run_selftest_at_constructor.patch
|
||||
Patch35: libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch
|
||||
#PATCH-FIX-UPSTREAM bsc#1064455 fipsdrv patch to enable --algo for dsa-verify
|
||||
Patch36: libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch
|
||||
Patch37: libgcrypt-binary_integrity_in_non-FIPS.patch
|
||||
BuildRequires: automake >= 1.14
|
||||
BuildRequires: fipscheck
|
||||
BuildRequires: libgpg-error-devel >= 1.25
|
||||
@ -149,6 +150,7 @@ understanding of applied cryptography is required to use Libgcrypt.
|
||||
%patch14 -p1
|
||||
%patch35 -p1
|
||||
%patch36 -p1
|
||||
%patch37 -p1
|
||||
|
||||
%build
|
||||
echo building with build_hmac256 set to %{build_hmac256}
|
||||
|
Loading…
Reference in New Issue
Block a user