[LTP] [PATCH] sctp_big_chunk: Do not use md5 hmac algo if fips is enabled

[Ashwin Dayanand Kamat]

MD5 is not FIPS compliant. But still md5 is used as the default algorithm for sctp
even when fips is enabled. Due to this, sctp_big_chunk testcase is failing because listen()
system call in setup_server() is failing in fips environment.

Fix is to not use md5 algorithm while setting up server.
Instead use sha1 as algorithm if it's supported or else set it to none.

Signed-Off by: Ashwin Dayanand Kamat <kashwindayan@vmware.com>
---
 testcases/network/sctp/sctp_big_chunk.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/testcases/network/sctp/sctp_big_chunk.c b/testcases/network/sctp/sctp_big_chunk.c
index a6a326ea2..267f1cb45 100644
--- a/testcases/network/sctp/sctp_big_chunk.c
+++ b/testcases/network/sctp/sctp_big_chunk.c
@@ -133,11 +133,15 @@ static void setup_client(void)
 }
 
 static const char mtu_path[] = "/sys/class/net/lo/mtu";
+static const char hmac_algo_path[] = "/proc/sys/net/sctp/cookie_hmac_alg";
 static const unsigned int max_mtu = 65535;
 static unsigned int mtu;
 
 static void setup(void)
 {
+	char hmac_algo[CHAR_MAX];
+	int fips_enabled = tst_fips_enabled();
+
 	if (tst_parse_int(addr_param, &addr_num, 1, INT_MAX))
 		tst_brk(TBROK, "wrong address number '%s'", addr_param);
 
@@ -146,8 +150,18 @@ static void setup(void)
 	if (mtu < max_mtu)
 		tst_brk(TCONF, "Test needs that 'lo' MTU has %d", max_mtu);
 
+	SAFE_FILE_SCANF(hmac_algo_path, "%s", hmac_algo);
+
+	if (fips_enabled) {
+		if (!system("grep hmac\\(sha1\\) /proc/crypto"))
+			SAFE_FILE_PRINTF(hmac_algo_path, "%s", "sha1");
+		else
+			SAFE_FILE_PRINTF(hmac_algo_path, "%s", "none");
+	}
+
 	setup_server();
 	setup_client();
+	SAFE_FILE_PRINTF(hmac_algo_path, "%s", hmac_algo);
 }
 
 static void run(void)
-- 
2.39.0