sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-30 19:42:05 +03:00
Code Activity

s3:profile: Allow profile subsystem to use SHA1 in FIPS mode

Browse Source 
This is non-cryptographic use.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul  9 13:31:46 UTC 2019 on sn-devel-184
This commit is contained in:
Andreas Schneider
2019-05-15 08:41:12 +02:00
committed by Andreas Schneider
parent 31a943fa08
commit ccf3e76625
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
source3/profile/profile.c
View File

@ -35,6 +35,7 @@
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h>
#include "lib/crypto/gnutls_helpers.h"
struct profile_stats *profile_p;
struct smbprofile_global_state smbprofile_state;
@ -154,6 +155,8 @@ bool profile_setup(struct messaging_context *msg_ctx, bool rdonly)
reqprofile_message);
}
GNUTLS_FIPS140_SET_LAX_MODE();
rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_SHA1);
if (rc < 0) {
goto out;
@ -212,6 +215,8 @@ bool profile_setup(struct messaging_context *msg_ctx, bool rdonly)
gnutls_hash_deinit(hash_hnd, digest);
GNUTLS_FIPS140_SET_STRICT_MODE();
profile_p = &smbprofile_state.stats.global;
profile_p->magic = BVAL(digest, 0);
@ -221,6 +226,8 @@ bool profile_setup(struct messaging_context *msg_ctx, bool rdonly)
ok = true;
out:
GNUTLS_FIPS140_SET_STRICT_MODE();
return ok;
}