diff options
Diffstat (limited to 'ipapython/ipautil.py')
| -rw-r--r-- | ipapython/ipautil.py | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index 34e05d366..c7e20c510 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -1428,3 +1428,22 @@ if six.PY2: type(value).__name__)) else: fsdecode = os.fsdecode #pylint: disable=no-member + + +def is_fips_enabled(): + """ + Checks whether this host is FIPS-enabled. + + Returns a boolean indicating if the host is FIPS-enabled, i.e. if the + file /proc/sys/crypto/fips_enabled contains a non-0 value. Otherwise, + or if the file /proc/sys/crypto/fips_enabled does not exist, + the function returns False. + """ + try: + with open(paths.PROC_FIPS_ENABLED, 'r') as f: + if f.read().strip() != '0': + return True + except IOError: + # Consider that the host is not fips-enabled if the file does not exist + pass + return False |