[gnutls-help] FIPS mode: letting the OS know

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Mar 27 10:29:37 CET 2015


On Fri, Mar 27, 2015 at 1:16 AM, jonetsu at teksavvy.com
<jonetsu at teksavvy.com> wrote:
> Hello,
>   What would be the most practical way to add some code to a
> FIPS-mode GnuTLS in order to notify the OS of any FIPS error ?  That
> notification could simply be creating a file at a location that is
> watched over by an application using inotify.  The idea is to be able
> to take any action when such errors happen and, not to modify
> applications that are using GnuTLS since this would require more code
> maintenance.

Check fips.h and _gnutls_switch_lib_state(). This is the function
called when the library enters an error state.

regards,
Nikos



More information about the Gnutls-help mailing list