]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
projects / thirdparty / gnutls.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2e52d30)
CI: FIPS140-2 run make check without enforcing FIPS mode
authorDmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Fri, 10 Jan 2020 11:16:56 +0000 (14:16 +0300)
committerDmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Fri, 10 Jan 2020 11:17:08 +0000 (14:17 +0300)
Some distributions might enable --enable-fips140-mode, without actually
enabling/enforcing FIPS at runtime. Catch issues in such configurations
(reported by Daiki Ueno).

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
.gitlab-ci.yml patch | blob | blame | history

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 29f436596b3a821fa7a38129bf6047f75cf93deb..e72c39527d6f94740093e2fb2d8c12663a28edf9 100644 (file)
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -195,6 +195,7 @@ FIPS140-2.Fedora.x86_64:
   - cd build
   - dash ../configure --disable-gcc-warnings --cache-file ../cache/config.cache --disable-non-suiteb-curves --enable-fips140-mode --disable-doc --disable-full-test-suite --disable-guile
   - make -j$(nproc)
+  - make check -j$(nproc)
   - mkdir -p lib/.libs/fipscheck
   - fipshmac -d lib/.libs/fipscheck/ -s .hmac lib/.libs/libgnutls.so*
   - GNUTLS_FORCE_FIPS_MODE=1 make check -j$(nproc)
Mirror of https://gitlab.com/gnutls/gnutls.git