a39c3792ba5677f25fea903b9f1a43740a5f2c0c - third_party/github.com/stefanberger/swtpm

commit	a39c3792ba5677f25fea903b9f1a43740a5f2c0c	[log] [tgz]
author	Stefan Berger <stefanb@linux.ibm.com>	Wed Jun 08 09:19:07 2022 -0400
committer	Stefan Berger <stefanb@us.ibm.com>	Thu Jun 16 07:36:12 2022 -0400
tree	e2524dc2d87416992331c476debe6fc6a5c4a932
parent	1b21d052f7ed41cab050b53916825b3a4abf1bb6 [diff]

swtpm: Disable OpenSSL FIPS mode to avoid libtpms failures

While libtpms does not provide any means to disable FIPS-disabled crypto
algorithms from being used, work around the issue by simply disabling the
FIPS mode of OpenSSL if it is enabled. If it cannot be disabled, exit
swtpm with a failure message that it cannot be disabled. If FIPS mode
was successfully disabled, print out a message as well.

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2090219
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

configure.ac[diff]
src/swtpm/Makefile.am[diff]
src/swtpm/cuse_tpm.c[diff]
src/swtpm/fips.c[Added - diff]
src/swtpm/fips.h[Added - diff]
src/swtpm/swtpm.c[diff]
src/swtpm/swtpm_chardev.c[diff]
src/swtpm/utils.h[diff]

8 files changed

tree: e2524dc2d87416992331c476debe6fc6a5c4a932

.github/
debian/
include/
man/
samples/
src/
tests/
.gitignore
.travis.yml
autogen.sh
CHANGES
configure.ac
COPYING
DCO1.1.txt
INSTALL
LICENSE
Makefile.am
README
run_tests
swtpm.spec
swtpm.spec.in
TODO