diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-11 18:07:17 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-27 11:41:05 +0100 |
commit | 0f8af4f83efde3c8d448ed4bd8ae0879e2112607 (patch) | |
tree | 29a7d8c8bd69a74775a94d255e8140dfded93f65 /lib/gnutls_state.c | |
parent | 8b03afa66a73aa981cd0098520a464ad3089535a (diff) | |
download | gnutls-0f8af4f83efde3c8d448ed4bd8ae0879e2112607.tar.gz |
Added support for fips states.
This implies that when in FIPS mode and the library is not in operational
state (i.e., all self checks succeeded), crypto functionality of the library will fail.
This includes:
* API functions of gnutls/crypto.h
* API functions of gnutls/abstract.h
* API functions of gnutls/x509.h
* gnutls_init()
* API functions of gnutls/xssl.h
Diffstat (limited to 'lib/gnutls_state.c')
-rw-r--r-- | lib/gnutls_state.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 231e6b0b64..21a8f99cee 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -45,6 +45,7 @@ #include <gnutls_extensions.h> #include <system.h> #include <random.h> +#include <fips.h> #include <gnutls/dtls.h> /* These should really be static, but src/tests.c calls them. Make @@ -307,6 +308,8 @@ int gnutls_init(gnutls_session_t * session, unsigned int flags) { int ret; record_parameters_st *epoch; + + FAIL_IF_FIPS_ERROR; *session = gnutls_calloc(1, sizeof(struct gnutls_session_int)); if (*session == NULL) |