This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [RFC] FIPS compliance and other crypt(3) improvements
- From: Roland McGrath <roland at hack dot frob dot com>
- To: Alexandre Oliva <aoliva at redhat dot com>
- Cc: libc-alpha at sources dot redhat dot com
- Date: Tue, 15 May 2012 10:19:37 -0700 (PDT)
- Subject: Re: [RFC] FIPS compliance and other crypt(3) improvements
- References: <or8vgtdcmg.fsf@livre.localdomain>
ENOSYS is the error code for a function that is entirely unimplemented.
For this case, ENOTSUP is a better fit.
- if(s[0] == __data->current_salt[0] && s[1] == __data->current_salt[1])
- return;
+ if(s0 != __data->current_salt[0] && s1 == __data->current_salt[1])
+ return 0;
Looks like the first test got inverted.
Is there any standard or precedent for _SC_CRYPTO_FIPS_ENABLED?
We should not take lightly adding this to the public API/ABI.
If the only need for it is an internal one, then the check can be done
using internal functions only.
Thanks,
Roland