diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-11 18:07:17 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-27 11:41:05 +0100 |
commit | 0f8af4f83efde3c8d448ed4bd8ae0879e2112607 (patch) | |
tree | 29a7d8c8bd69a74775a94d255e8140dfded93f65 /configure.ac | |
parent | 8b03afa66a73aa981cd0098520a464ad3089535a (diff) | |
download | gnutls-0f8af4f83efde3c8d448ed4bd8ae0879e2112607.tar.gz |
Added support for fips states.
This implies that when in FIPS mode and the library is not in operational
state (i.e., all self checks succeeded), crypto functionality of the library will fail.
This includes:
* API functions of gnutls/crypto.h
* API functions of gnutls/abstract.h
* API functions of gnutls/x509.h
* gnutls_init()
* API functions of gnutls/xssl.h
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 8387847ed6..7681b56b79 100644 --- a/configure.ac +++ b/configure.ac @@ -125,6 +125,16 @@ AM_CONDITIONAL(HAVE_GCC, test "$GCC" = "yes") AC_ARG_ENABLE(self-checks, AS_HELP_STRING([--enable-self-checks], [enable self checking functionality]), enable_self_checks=$enableval, enable_self_checks=no) + +AC_ARG_ENABLE(fips140-mode, + AS_HELP_STRING([--enable-fips140-mode], [enable FIPS140-2 mode (implies self checks)]), + enable_fips=$enableval, enable_fips=no) +AM_CONDITIONAL(ENABLE_FIPS140, test "$enable_fips" = "yes") +if [ test "$enable_fips" = "yes" ];then + enable_self_checks=yes + AC_DEFINE([ENABLE_FIPS140], 1, [Enable FIPS140-2 mode]) +fi + AM_CONDITIONAL(ENABLE_SELF_CHECKS, test "$enable_self_checks" = "yes") if [ test "$enable_self_checks" = "yes" ];then AC_DEFINE([ENABLE_SELF_CHECKS], 1, [Self checks are included in the library]) @@ -729,6 +739,7 @@ if features are disabled) RSA-EXPORT compat: $ac_enable_rsa_export Unicode support: $ac_have_unicode Self checks: $enable_self_checks + FIPS140 mode: $enable_fips ]) AC_MSG_NOTICE([Optional applications: |