diff options
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | bootstrap.conf | 4 | ||||
-rw-r--r-- | configure.ac | 43 | ||||
-rw-r--r-- | lib/fips.c | 10 |
4 files changed, 53 insertions, 6 deletions
diff --git a/.gitignore b/.gitignore index a8b748435c..766595b5e2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +/.#configure.ac *~ /ABOUT-NLS AUTHORS @@ -207,6 +208,7 @@ guile/src/Makefile.in guile/tests/Makefile guile/tests/Makefile.in INSTALL +ldd.sh lib/accelerated/aarch64/libaarch64.la lib/accelerated/libaccelerated.la lib/accelerated/x86/libx86.la diff --git a/bootstrap.conf b/bootstrap.conf index 9a5b3639b0..04e670ddeb 100644 --- a/bootstrap.conf +++ b/bootstrap.conf @@ -25,10 +25,10 @@ checkout_only_file= local_gl_dir=gl/override/ required_submodules="tests/suite/tls-fuzzer/python-ecdsa tests/suite/tls-fuzzer/tlsfuzzer tests/suite/tls-fuzzer/tlslite-ng devel/nettle" -# Reproduce by: gnulib-tool --import --local-dir=gl/override --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=gl/tests --aux-dir=build-aux --with-tests --avoid=alignof-tests --avoid=lock-tests --avoid=lseek-tests --lgpl=2 --no-conditional-dependencies --libtool --macro-prefix=gl --no-vc-files alloca byteswap c-ctype extensions func gendocs getline gettext-h gettimeofday hash-pjw-bare havelib intprops lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv snprintf stdint strcase strndup strtok_r strverscmp sys_socket sys_stat time_r unistd vasprintf vsnprintf warnings +# Reproduce by: gnulib-tool --import --local-dir=gl/override --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=gl/tests --aux-dir=build-aux --with-tests --avoid=alignof-tests --avoid=lock-tests --avoid=lseek-tests --lgpl=2 --no-conditional-dependencies --libtool --macro-prefix=gl --no-vc-files alloca byteswap c-ctype extensions func gendocs getline gettext-h gettimeofday hash-pjw-bare havelib intprops ldd lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv snprintf stdint strcase strndup strtok_r strverscmp sys_socket sys_stat time_r unistd vasprintf verify vsnprintf warnings gnulib_modules=" -alloca byteswap c-ctype c-strcase extensions func gendocs getline gettext-h gettimeofday hash hash-pjw-bare havelib arpa_inet inet_ntop inet_pton intprops lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv setsockopt snprintf stdint strcase strdup-posix strndup strtok_r strverscmp sys_socket sys_stat sys_types time_r unistd valgrind-tests vasprintf verify vsnprintf warnings +alloca byteswap c-ctype c-strcase extensions func gendocs getline gettext-h gettimeofday hash hash-pjw-bare havelib arpa_inet inet_ntop inet_pton intprops ldd lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv setsockopt snprintf stdint strcase strdup-posix strndup strtok_r strverscmp sys_socket sys_stat sys_types time_r unistd valgrind-tests vasprintf verify vsnprintf warnings " unistring_modules=" diff --git a/configure.ac b/configure.ac index 7d70d205c7..2d0a42665e 100644 --- a/configure.ac +++ b/configure.ac @@ -669,6 +669,49 @@ LIBS="$LIBS $NETTLE_LIBS $HOGWEED_LIBS" AC_CHECK_FUNCS(nettle_gostdsa_vko) LIBS=$save_LIBS +# Check sonames of the linked libraries needed for FIPS selftests. +save_LIBS=$LIBS +LIBS="$LIBS $GMP_LIBS" +AC_MSG_CHECKING([gmp soname]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], + [gmp_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libgmp\.so'`], + [gmp_so=none]) +if test -z "$gmp_so"; then + gmp_so=none +fi +AC_MSG_RESULT($gmp_so) +AC_DEFINE_UNQUOTED([GMP_LIBRARY_SONAME], ["$gmp_so"], [The soname of gmp library]) +LIBS=$save_LIBS + +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_MSG_CHECKING([nettle soname]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], + [nettle_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libnettle\.so'`], + [nettle_so=none]) +if test -z "$nettle_so"; then + nettle_so=none +fi +AC_MSG_RESULT($nettle_so) +AC_DEFINE_UNQUOTED([NETTLE_LIBRARY_SONAME], ["$nettle_so"], [The soname of nettle library]) +LIBS=$save_LIBS + +save_LIBS=$LIBS +LIBS="$LIBS $HOGWEED_LIBS" +AC_MSG_CHECKING([hogweed soname]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], + [hogweed_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libhogweed\.so'`], + [hogweed_so=none]) +if test -z "$hogweed_so"; then + hogweed_so=none +fi +AC_MSG_RESULT($hogweed_so) +AC_DEFINE_UNQUOTED([HOGWEED_LIBRARY_SONAME], ["$hogweed_so"], [The soname of hogweed library]) +LIBS=$save_LIBS + +gnutls_so=libgnutls.so.`expr "$LT_CURRENT" - "$LT_AGE"` +AC_DEFINE_UNQUOTED([GNUTLS_LIBRARY_SONAME], ["$gnutls_so"], [The soname of gnutls library]) + AC_MSG_CHECKING([whether to build libdane]) AC_ARG_ENABLE(libdane, AS_HELP_STRING([--disable-libdane], diff --git a/lib/fips.c b/lib/fips.c index 902af56749..3c43250aaf 100644 --- a/lib/fips.c +++ b/lib/fips.c @@ -135,10 +135,12 @@ void _gnutls_fips_mode_reset_zombie(void) } } -#define GNUTLS_LIBRARY_NAME "libgnutls.so.30" -#define NETTLE_LIBRARY_NAME "libnettle.so.6" -#define HOGWEED_LIBRARY_NAME "libhogweed.so.4" -#define GMP_LIBRARY_NAME "libgmp.so.10" +/* These only works with the platform where SONAME is part of the ABI. + * For example, *_SONAME will be set to "none" on Windows platforms. */ +#define GNUTLS_LIBRARY_NAME GNUTLS_LIBRARY_SONAME +#define NETTLE_LIBRARY_NAME NETTLE_LIBRARY_SONAME +#define HOGWEED_LIBRARY_NAME HOGWEED_LIBRARY_SONAME +#define GMP_LIBRARY_NAME GMP_LIBRARY_SONAME #define HMAC_SUFFIX ".hmac" #define HMAC_SIZE 32 |