Run libgcrypt self-tests

The libgcrypt in Fedora's mingw-libgcrypt package is patched to always
run self-tests, even if FIPS mode isn't on.

Ensure self-tests run before we turn on voluble debugging, to avoid even
more log spam.

If we're going to run the self-test, we should report if it fails :)

diff --git a/crypto.cc b/crypto.cc
index c4814b9e26ed424475814dda2f3ae0a83ebc536c..2e4ba218fcda92afd0b23e41e0293e4f35e69b5a 100644 (file)
--- a/crypto.cc
+++ b/crypto.cc
@@ -676,9 +676,15 @@ verify_ini_file_sig (io_stream *ini_file, io_stream *ini_sig_file, HWND owner)
     {
 #if CRYPTODEBUGGING
       gcry_set_log_handler (gcrypt_log_adaptor, NULL);
-      gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
 #endif
       gcry_check_version (NULL);
+
+      if ((rv = gcry_control (GCRYCTL_SELFTEST)) != GPG_ERR_NO_ERROR)
+        ERRKIND (owner, IDS_CRYPTO_ERROR, rv, "libgcrypt selftest failed");
+
+#if CRYPTODEBUGGING
+      gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
+#endif
       gcrypt_init = true;
     }