diff options
author | Jakub Jelen <jjelen@redhat.com> | 2021-09-17 17:11:30 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2021-09-20 08:32:29 +0200 |
commit | c74fde0c3f6114c594332fb28a09c7b817969231 (patch) | |
tree | d99d2ef502cf4027a7a23ef05b51060b664d84c6 /src | |
parent | 3f4dd47ba74e0a9f18feba1809eeddff8790707e (diff) | |
download | libgcrypt-c74fde0c3f6114c594332fb28a09c7b817969231.tar.gz |
Allow passing FIPS module version
* README: Document new --with-fips-module-version=version switch
* configure.ac: Implementation of the --with-fips-module-version
* src/global.c (print_config): Print FIPS module version from above
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Moved the module version to a 3rd field to keep the semantics of that
line.
Signed-off-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 1600
Diffstat (limited to 'src')
-rw-r--r-- | src/global.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/global.c b/src/global.c index 0e5acd5f..80ce2454 100644 --- a/src/global.c +++ b/src/global.c @@ -369,9 +369,19 @@ print_config (const char *what, gpgrt_stream_t fp) { /* We use y/n instead of 1/0 for the stupid reason that * Emacsen's compile error parser would accidentally flag that - * line when printed during "make check" as an error. */ - gpgrt_fprintf (fp, "fips-mode:%c:\n", - fips_mode ()? 'y':'n' ); + * line when printed during "make check" as an error. The + * second field is obsolete and thus empty (used to be used for + * a so-called enforced-fips-mode). The third field has an + * option static string describing the module versions; this is + * an optional configure option. */ + gpgrt_fprintf (fp, "fips-mode:%c::%s:\n", + fips_mode ()? 'y':'n', +#ifdef FIPS_MODULE_VERSION + fips_mode () ? FIPS_MODULE_VERSION : "" +#else + "" +#endif /* FIPS_MODULE_VERSION */ + ); } if (!what || !strcmp (what, "rng-type")) |