Web lists-archives.com

Re: [Samba] Is samba FIPS compliant ? Can it be build with openssl ?

On Tue, 2018-10-02 at 12:07 -0700, Jeremy Allison via samba wrote:
> On Tue, Oct 02, 2018 at 06:47:40PM +0000, Tompkins, Michael via samba wrote:
> > Thanks for the quick reply Jeremy. 
> > 
> > We have other FIPS compliant libraries, which check for, and ensure the proper FIPS compliant algorithms are used. Is  there a link option to specify this kind of library ? 
> Nope, sorry. Patches welcome though :-).

Specifically, we are trying to move to using GnuTLS for all our crypto,
but are hampered by lack of some of the algorithms we use and the need
for CPU acceleration.  This is being worked on from time to time, and
what we use is tracked in lib/crypto/REQUIREMENTS.

This will be a long road, but patches to have us use GnuTLS for more
things will be seriously considered. 

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba