Tree - rpms/vim - CentOS Git server

rpms / vim

Files

Commit: 0fbf1cf2b90f63ca954773964ab7e0fc6eac502b

Blob Blame History Raw

 diff -up vim82/src/config.h.in.fips-warning vim82/src/config.h.in
--- vim82/src/config.h.in.fips-warning	2022-02-24 08:13:59.017280243 +0100
+++ vim82/src/config.h.in	2022-02-24 08:14:33.085580298 +0100
@@ -508,5 +508,14 @@
 /* Define if _SC_SIGSTKSZ is available via sysconf() */
 #undef HAVE_SYSCONF_SIGSTKSZ
 
+/* Do we need FIPS warning? */
+#undef HAVE_FIPS_WARNING
+
+/* Link to system-fips file */
+#undef SYSTEM_FIPS_FILE_LINK
+
+/* Link to fips_enabled file */
+#undef FIPS_ENABLED_FILE_LINK
+
 /* Define if you want to load libgpm dynamically */
 #undef DYNAMIC_GPM
diff -up vim82/src/configure.ac.fips-warning vim82/src/configure.ac
--- vim82/src/configure.ac.fips-warning	2022-02-24 08:13:59.014280304 +0100
+++ vim82/src/configure.ac	2022-02-24 08:13:59.018280222 +0100
@@ -583,6 +583,38 @@ else
   AC_SUBST(XDIFF_OBJS_USED)
 fi
 
+dnl Checking if we want FIPS warning
+
+AC_MSG_CHECKING(--enable-fips-warning)
+AC_ARG_ENABLE([fips-warning],
+              AS_HELP_STRING([--enable-fips-warning], [Enable FIPS warning]),
+              ,[enable_fips_warning="no"])
+
+if test "$enable_fips_warning" = "yes"; then
+  AC_MSG_RESULT(yes)
+  AC_DEFINE([HAVE_FIPS_WARNING])
+
+  dnl Setting path for system-fips file
+
+  AC_MSG_CHECKING(--with-system-fips-file argument)
+  AC_ARG_WITH([system-fips-file], [  --with-system-fips-file=PATH       Link to system-fips file (default: /etc/system-fips)],
+	with_system_fips_file=$withval,
+       with_system_fips_file="/etc/system-fips")
+  AC_MSG_RESULT([$with_system_fips_file])
+  AC_DEFINE_UNQUOTED([SYSTEM_FIPS_FILE_LINK], ["$with_system_fips_file"])
+
+  dnl Setting link to fips_enabled file
+
+  AC_MSG_CHECKING(--with-fips-enabled-file argument)
+  AC_ARG_WITH([fips-enabled-file], [  --with-fips-enabled-file=PATH       Link to fibs_enabled file (default: /proc/sys/crypto/fips_enabled)],
+	with_fips_enabled_file=$withval,
+       with_fips_enabled_file="/proc/sys/crypto/fips_enabled")
+  AC_MSG_RESULT([$with_fips_enabled_file])
+  AC_DEFINE_UNQUOTED([FIPS_ENABLED_FILE_LINK], ["$with_fips_enabled_file"])
+else
+  AC_MSG_RESULT(no)
+fi
+
 dnl Check for Lua feature.
 AC_MSG_CHECKING(--enable-luainterp argument)
 AC_ARG_ENABLE(luainterp,
diff -up vim82/src/crypt.c.fips-warning vim82/src/crypt.c
--- vim82/src/crypt.c.fips-warning	2022-02-24 08:09:29.000000000 +0100
+++ vim82/src/crypt.c	2022-02-24 08:13:59.018280222 +0100
@@ -740,6 +740,21 @@ crypt_check_method(int method)
 	msg_scroll = TRUE;
 	msg(_("Warning: Using a weak encryption method; see :help 'cm'"));
     }
+#ifdef HAVE_FIPS_WARNING
+    FILE *fips_enable_fd = fopen(FIPS_ENABLED_FILE_LINK, "r");
+    if (fips_enable_fd == NULL)
+      return;
+
+    int enabled = fgetc(fips_enable_fd);
+
+    if ( access(SYSTEM_FIPS_FILE_LINK, F_OK) != -1 && enabled == '1')
+    {
+	msg_scroll = TRUE;
+	msg(_("Warning: This cryptography is not FIPS 140-2 compliant."));
+    }
+
+    fclose(fips_enable_fd);
+#endif
 }
 
 #ifdef FEAT_SODIUM

	diff -up vim82/src/config.h.in.fips-warning vim82/src/config.h.in
	--- vim82/src/config.h.in.fips-warning 2022-02-24 08:13:59.017280243 +0100
	+++ vim82/src/config.h.in 2022-02-24 08:14:33.085580298 +0100
	@@ -508,5 +508,14 @@
	/* Define if _SC_SIGSTKSZ is available via sysconf() */
	#undef HAVE_SYSCONF_SIGSTKSZ

	+/* Do we need FIPS warning? */
	+#undef HAVE_FIPS_WARNING
	+
	+/* Link to system-fips file */
	+#undef SYSTEM_FIPS_FILE_LINK
	+
	+/* Link to fips_enabled file */
	+#undef FIPS_ENABLED_FILE_LINK
	+
	/* Define if you want to load libgpm dynamically */
	#undef DYNAMIC_GPM
	diff -up vim82/src/configure.ac.fips-warning vim82/src/configure.ac
	--- vim82/src/configure.ac.fips-warning 2022-02-24 08:13:59.014280304 +0100
	+++ vim82/src/configure.ac 2022-02-24 08:13:59.018280222 +0100
	@@ -583,6 +583,38 @@ else
	AC_SUBST(XDIFF_OBJS_USED)
	fi

	+dnl Checking if we want FIPS warning
	+
	+AC_MSG_CHECKING(--enable-fips-warning)
	+AC_ARG_ENABLE([fips-warning],
	+ AS_HELP_STRING([--enable-fips-warning], [Enable FIPS warning]),
	+ ,[enable_fips_warning="no"])
	+
	+if test "$enable_fips_warning" = "yes"; then
	+ AC_MSG_RESULT(yes)
	+ AC_DEFINE([HAVE_FIPS_WARNING])
	+
	+ dnl Setting path for system-fips file
	+
	+ AC_MSG_CHECKING(--with-system-fips-file argument)
	+ AC_ARG_WITH([system-fips-file], [ --with-system-fips-file=PATH Link to system-fips file (default: /etc/system-fips)],
	+ with_system_fips_file=$withval,
	+ with_system_fips_file="/etc/system-fips")
	+ AC_MSG_RESULT([$with_system_fips_file])
	+ AC_DEFINE_UNQUOTED([SYSTEM_FIPS_FILE_LINK], ["$with_system_fips_file"])
	+
	+ dnl Setting link to fips_enabled file
	+
	+ AC_MSG_CHECKING(--with-fips-enabled-file argument)
	+ AC_ARG_WITH([fips-enabled-file], [ --with-fips-enabled-file=PATH Link to fibs_enabled file (default: /proc/sys/crypto/fips_enabled)],
	+ with_fips_enabled_file=$withval,
	+ with_fips_enabled_file="/proc/sys/crypto/fips_enabled")
	+ AC_MSG_RESULT([$with_fips_enabled_file])
	+ AC_DEFINE_UNQUOTED([FIPS_ENABLED_FILE_LINK], ["$with_fips_enabled_file"])
	+else
	+ AC_MSG_RESULT(no)
	+fi
	+
	dnl Check for Lua feature.
	AC_MSG_CHECKING(--enable-luainterp argument)
	AC_ARG_ENABLE(luainterp,
	diff -up vim82/src/crypt.c.fips-warning vim82/src/crypt.c
	--- vim82/src/crypt.c.fips-warning 2022-02-24 08:09:29.000000000 +0100
	+++ vim82/src/crypt.c 2022-02-24 08:13:59.018280222 +0100
	@@ -740,6 +740,21 @@ crypt_check_method(int method)
	msg_scroll = TRUE;
	msg(_("Warning: Using a weak encryption method; see :help 'cm'"));
	}
	+#ifdef HAVE_FIPS_WARNING
	+ FILE *fips_enable_fd = fopen(FIPS_ENABLED_FILE_LINK, "r");
	+ if (fips_enable_fd == NULL)
	+ return;
	+
	+ int enabled = fgetc(fips_enable_fd);
	+
	+ if ( access(SYSTEM_FIPS_FILE_LINK, F_OK) != -1 && enabled == '1')
	+ {
	+ msg_scroll = TRUE;
	+ msg(_("Warning: This cryptography is not FIPS 140-2 compliant."));
	+ }
	+
	+ fclose(fips_enable_fd);
	+#endif
	}

	#ifdef FEAT_SODIUM

rpms / vim

Source Code

Files