Cypher_Stack/libsecret
2
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libsecret.git synced 2024-12-21 20:28:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
master
libsecret/egg/meson.build
Daiki Ueno ac1367056d session: Tolerate non-approved DH parameter usage in FIPS mode 
The SecretSession protocol uses a weak Diffie-Hellman parameters which
are not approved by FIPS. While this is not ideal, the protocol is not
designed as a general protection mechanism of data in transit, but
just as a safety net against when the dbus-daemon (or dbus-broker)
crashes and dumps a core, and thus bumping the protocol to use a
larger DH group would be overkill.

This patch temporarily disables the FIPS check around the GnuTLS DH
API calls to avoid errors.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2024-07-23 06:00:10 +09:00

87 lines
1.3 KiB
Meson
Raw Permalink Blame History

libegg_sources = [
'egg-hex.c',
'egg-secure-memory.c',
'egg-unix-credentials.c',
'egg-buffer.c',
'egg-testing.c',
]
libegg_deps = [
glib_deps,
]
if with_crypto
libegg_sources += [
'egg-dh.c',
]
if with_gcrypt
libegg_sources += [
'egg-dh-libgcrypt.c',
'egg-fips-libgcrypt.c',
'egg-hkdf-libgcrypt.c',
'egg-keyring1-libgcrypt.c',
'egg-libgcrypt.c',
]
elif with_gnutls
libegg_sources += [
'egg-dh-gnutls.c',
'egg-fips-gnutls.c',
'egg-hkdf-gnutls.c',
'egg-keyring1-gnutls.c',
]
endif
libegg_deps += crypto_deps
endif
if get_option('tpm2')
libegg_sources += [
'egg-tpm2.c',
]
libegg_deps += tss2_deps
endif
libegg = static_library('egg',
libegg_sources,
dependencies: libegg_deps,
c_args: [
'-D_GNU_SOURCE',
],
include_directories: [config_h_dir, build_dir],
)
# Tests
test_names = [
'test-hex',
'test-secmem',
]
if with_crypto
test_names += [
'test-dh',
'test-hkdf',
]
endif
if get_option('tpm2')
test_names += [
'test-tpm2',
]
endif
foreach _test : test_names
test_bin = executable(_test,
'@0@.c'.format(_test),
dependencies: libegg_deps,
link_with: libegg,
include_directories: config_h_dir,
)
test(_test, test_bin,
suite: 'libegg',
)
endforeach
Reference in New Issue View Git Blame Copy Permalink