diff options
| author | Simon Josefsson <simon@josefsson.org> | 2008-09-21 12:13:23 +0200 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2008-09-21 12:13:23 +0200 |
| commit | ca6959e3ae82545f8ffd0f7a9491dabd77a873be (patch) | |
| tree | 0c01cdc146c5431803a34bb1d055756bafc5151c /src | |
| parent | d66ff7dbe507a2800abd1c5718fe435d9a8f37fb (diff) | |
| download | gnutls-ca6959e3ae82545f8ffd0f7a9491dabd77a873be.tar.gz | |
Use internal md5 if libgcrypt is in FIPS mode.
Diffstat (limited to 'src')
| -rw-r--r-- | src/Makefile.am | 6 | ||||
| -rw-r--r-- | src/certtool.c | 13 | ||||
| -rw-r--r-- | src/serv.c | 17 |
3 files changed, 33 insertions, 3 deletions
diff --git a/src/Makefile.am b/src/Makefile.am index 25783ea53d..1e66abbb6c 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -36,7 +36,7 @@ endif gnutls_serv_SOURCES = serv.gaa serv-gaa.h serv-gaa.c list.h serv.c \ common.h common.c select.c -gnutls_serv_LDADD = ../lib/libgnutls.la \ +gnutls_serv_LDADD = ../lib/libgnutls.la ../libextra/libgnutls-extra.la \ $(LIBGCRYPT_LIBS) $(LIBTASN1_LIBS) ../gl/libgnu.la if ENABLE_SRP @@ -64,8 +64,8 @@ gnutls_cli_debug_LDADD = ../lib/libgnutls.la \ certtool_SOURCES = certtool.gaa certtool-gaa.h certtool-cfg.h \ certtool-gaa.c certtool.c prime.c certtool-cfg.c -certtool_LDADD = ../lib/libgnutls.la $(LIBGCRYPT_LIBS) \ - $(LIBTASN1_LIBS) ../gl/libgnu.la @LTLIBREADLINE@ +certtool_LDADD = ../lib/libgnutls.la ../libextra/libgnutls-extra.la \ + $(LIBGCRYPT_LIBS) $(LIBTASN1_LIBS) ../gl/libgnu.la @LTLIBREADLINE@ if HAVE_LIBCFG certtool_LDADD += -lcfg+ else diff --git a/src/certtool.c b/src/certtool.c index 52fa16d538..698d81e1fd 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -872,12 +872,25 @@ gaa_parser (int argc, char **argv) if (info.quick_random != 0) gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); +#ifdef gcry_fips_mode_active + if (gcry_fips_mode_active()) + { + ret = gnutls_register_md5_handler (); + if (ret) + fprintf (stderr, "gnutls_register_md5_handler: %s\n", + gnutls_strerror (ret)); + } +#endif + gnutls_global_set_log_function (tls_log_func); gnutls_global_set_log_level (info.debug); if ((ret = gnutls_global_init ()) < 0) error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); + if ((ret = gnutls_global_init_extra ()) < 0) + error (EXIT_FAILURE, 0, "global_init_extra: %s", gnutls_strerror (ret)); + switch (info.action) { case 0: diff --git a/src/serv.c b/src/serv.c index 64f19485c6..c138bff751 100644 --- a/src/serv.c +++ b/src/serv.c @@ -815,6 +815,16 @@ main (int argc, char **argv) set_program_name (argv[0]); +#ifdef gcry_fips_mode_active + if (gcry_fips_mode_active()) + { + ret = gnutls_register_md5_handler (); + if (ret) + fprintf (stderr, "gnutls_register_md5_handler: %s\n", + gnutls_strerror (ret)); + } +#endif + #ifndef _WIN32 signal (SIGPIPE, SIG_IGN); signal (SIGHUP, SIG_IGN); @@ -846,6 +856,13 @@ main (int argc, char **argv) fprintf (stderr, "global_init: %s\n", gnutls_strerror (ret)); exit (1); } + + if ((ret = gnutls_global_init_extra ()) < 0) + { + fprintf (stderr, "global_init_extra: %s\n", gnutls_strerror (ret)); + exit (1); + } + gnutls_global_set_log_function (tls_log_func); gnutls_global_set_log_level (debug); |