This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [RFC] FIPS compliance and other crypt(3) improvements

From: Roland McGrath <roland at hack dot frob dot com>
To: Alexandre Oliva <aoliva at redhat dot com>
Cc: libc-alpha at sources dot redhat dot com
Date: Tue, 15 May 2012 10:19:37 -0700 (PDT)
Subject: Re: [RFC] FIPS compliance and other crypt(3) improvements
References: <or8vgtdcmg.fsf@livre.localdomain>

ENOSYS is the error code for a function that is entirely unimplemented.
For this case, ENOTSUP is a better fit.

-  if(s[0] == __data->current_salt[0] && s[1] == __data->current_salt[1])
-    return;
+  if(s0 != __data->current_salt[0] && s1 == __data->current_salt[1])
+    return 0;

Looks like the first test got inverted.

Is there any standard or precedent for _SC_CRYPTO_FIPS_ENABLED?
We should not take lightly adding this to the public API/ABI.

If the only need for it is an internal one, then the check can be done
using internal functions only.


Thanks,
Roland

Follow-Ups:
- Re: [RFC] FIPS compliance and other crypt(3) improvements
  - From: Alexandre Oliva

References:
- [RFC] FIPS compliance and other crypt(3) improvements
  - From: Alexandre Oliva

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]