git.proxmox.com Git - swtpm.git/commit

]> git.proxmox.com Git - swtpm.git/commit - configure.ac

author	Stefan Berger <stefanb@linux.ibm.com>
	Wed, 8 Jun 2022 13:19:07 +0000 (09:19 -0400)
committer	Stefan Berger <stefanb@us.ibm.com>
	Thu, 16 Jun 2022 11:36:12 +0000 (07:36 -0400)
commit	a39c3792ba5677f25fea903b9f1a43740a5f2c0c
tree	e2524dc2d87416992331c476debe6fc6a5c4a932	tree
parent	1b21d052f7ed41cab050b53916825b3a4abf1bb6	commit \| diff

swtpm: Disable OpenSSL FIPS mode to avoid libtpms failures

While libtpms does not provide any means to disable FIPS-disabled crypto
algorithms from being used, work around the issue by simply disabling the
FIPS mode of OpenSSL if it is enabled. If it cannot be disabled, exit
swtpm with a failure message that it cannot be disabled. If FIPS mode
was successfully disabled, print out a message as well.

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2090219
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

configure.ac		diff \| blob \| blame \| history
src/swtpm/Makefile.am		diff \| blob \| blame \| history
src/swtpm/cuse_tpm.c		diff \| blob \| blame \| history
src/swtpm/fips.c	[new file with mode: 0644]	blob
src/swtpm/fips.h	[new file with mode: 0644]	blob
src/swtpm/swtpm.c		diff \| blob \| blame \| history
src/swtpm/swtpm_chardev.c		diff \| blob \| blame \| history
src/swtpm/utils.h		diff \| blob \| blame \| history

Software TPM used for PVE's Virtual Machines

RSS Atom