-
Notifications
You must be signed in to change notification settings - Fork 150
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add feature flag for enabling FIPS. #268
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
So the |
I can try and address that here, as well. Probably also worth adding a note to the documentation that it is only supported on Linux, as well. |
Alright, pushed an update to the README. Let me know what you think about that. Also pushed an update to the CI to try and automatically collect the set of features to test. I did this for all-features-but-FIPS and for the "defaults + ring" features. It's definitely a little more complex, but it seems, perhaps, somewhat better from an automation standpoint so that updates to the default features don't get stale in the CI definitions. Totally understand if it feels too complex, though: I'm happy to switch it to just be hard-coded. If you think it's OK, then I think you just need to approve the workflow to run. |
I suspect that will be our preference here based on how we've handled this in other Rustls org repos. @djc Do you concur? |
I'll just approach it that way then. Also means less faffing about debugging the workflow since it means you having to approve them to run every single time I make a change. 😅 |
Yeah, using |
Alright, this should be all set now. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thank you. The README update is a nice touch 👍
Thanks! (Bypassed the merge queue in order to squash.) |
As described.
Adds a new feature flag,
fips
, to enable FIPS inrustls
.Verified that when enabling the new
fips
feature flag, that FIPS mode is used inaws-lc-rs
(by seeingaws-lc-fips-sys
being used.).Resolves #267