summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTomas Mraz <tomas@openssl.org>2021-07-01 17:41:02 +0200
committerPauli <pauli@openssl.org>2021-07-06 10:52:27 +1000
commit3f773c911a03c5be2eff00beaf94e88f1d997b22 (patch)
treedbfe1a171b0a504548c992804cbc71a1661b5b6b
parent1627a41f1db38c0e762cbbcb452a869924370561 (diff)
fips module header inclusion fine-tunning
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15974)
Diffstat
-rw-r--r--crypto/dh/dh_backend.c3
-rw-r--r--crypto/dh/dh_lib.c4
-rw-r--r--crypto/dsa/dsa_backend.c3
-rw-r--r--crypto/dsa/dsa_lib.c4
-rw-r--r--crypto/ec/ec_backend.c5
-rw-r--r--crypto/ec/ec_key.c4
-rw-r--r--crypto/ec/ec_kmeth.c4
-rw-r--r--crypto/ec/ecx_backend.c3
-rw-r--r--crypto/evp/digest.c4
-rw-r--r--crypto/evp/evp_enc.c4
-rw-r--r--crypto/evp/evp_lib.c2
-rw-r--r--crypto/evp/evp_rand.c5
-rw-r--r--crypto/evp/kdf_lib.c3
-rw-r--r--crypto/evp/keymgmt_lib.c1
-rw-r--r--crypto/evp/m_sigver.c1
-rw-r--r--crypto/evp/p_lib.c11
-rw-r--r--crypto/evp/pmeth_check.c4
-rw-r--r--crypto/evp/pmeth_gn.c4
-rw-r--r--crypto/evp/pmeth_lib.c9
-rw-r--r--crypto/rsa/rsa_backend.c5
-rw-r--r--crypto/rsa/rsa_lib.c4
-rw-r--r--crypto/rsa/rsa_sign.c32
-rw-r--r--include/crypto/dh.h1
-rw-r--r--include/crypto/dsa.h1
-rw-r--r--include/crypto/ec.h1
-rw-r--r--include/crypto/ecx.h1
-rw-r--r--include/crypto/rsa.h1
-rw-r--r--providers/common/include/prov/provider_util.h2
-rw-r--r--providers/common/provider_util.c3
-rw-r--r--providers/implementations/keymgmt/mac_legacy_kmgmt.c3
-rw-r--r--providers/implementations/macs/cmac_prov.c3
-rw-r--r--providers/implementations/macs/gmac_prov.c1
-rw-r--r--providers/implementations/macs/hmac_prov.c1
-rw-r--r--providers/implementations/signature/mac_legacy_sig.c3
-rw-r--r--ssl/s3_cbc.c4
35 files changed, 88 insertions, 56 deletions
diff --git a/crypto/dh/dh_backend.c b/crypto/dh/dh_backend.c
index a727d5c87b..7bd5c617de 100644
--- a/crypto/dh/dh_backend.c
+++ b/crypto/dh/dh_backend.c
@@ -15,6 +15,9 @@
#include <openssl/err.h>
#include <openssl/core_names.h>
+#ifndef FIPS_MODULE
+# include <openssl/x509.h>
+#endif
#include "internal/param_build_set.h"
#include "crypto/dh.h"
#include "dh_local.h"
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index 7154f8c2ab..29cda5d7bf 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -15,7 +15,9 @@
#include <stdio.h>
#include <openssl/bn.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include <openssl/obj_mac.h>
#include <openssl/core_names.h>
#include "internal/cryptlib.h"
diff --git a/crypto/dsa/dsa_backend.c b/crypto/dsa/dsa_backend.c
index e4fa070f23..5e3ff85154 100644
--- a/crypto/dsa/dsa_backend.c
+++ b/crypto/dsa/dsa_backend.c
@@ -15,6 +15,9 @@
#include <openssl/core_names.h>
#include <openssl/err.h>
+#ifndef FIPS_MODULE
+# include <openssl/x509.h>
+#endif
#include "crypto/dsa.h"
#include "dsa_local.h"
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index 5512b99ef1..ccc7016592 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -14,7 +14,9 @@
#include "internal/deprecated.h"
#include <openssl/bn.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include "internal/cryptlib.h"
#include "internal/refcount.h"
#include "crypto/dsa.h"
diff --git a/crypto/ec/ec_backend.c b/crypto/ec/ec_backend.c
index 9b4467f2be..381da71f33 100644
--- a/crypto/ec/ec_backend.c
+++ b/crypto/ec/ec_backend.c
@@ -17,7 +17,10 @@
#include <openssl/objects.h>
#include <openssl/params.h>
#include <openssl/err.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+# include <openssl/x509.h>
+#endif
#include "crypto/bn.h"
#include "crypto/ec.h"
#include "ec_local.h"
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index ba6b8df514..eb14f4e409 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -19,7 +19,9 @@
#include "ec_local.h"
#include "internal/refcount.h"
#include <openssl/err.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include <openssl/self_test.h>
#include "prov/providercommon.h"
#include "crypto/bn.h"
diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c
index 91b7a44082..8c011635cb 100644
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -15,7 +15,9 @@
#include <string.h>
#include <openssl/ec.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include <openssl/err.h>
#include "ec_local.h"
diff --git a/crypto/ec/ecx_backend.c b/crypto/ec/ecx_backend.c
index 14278592cd..a0144d5a86 100644
--- a/crypto/ec/ecx_backend.c
+++ b/crypto/ec/ecx_backend.c
@@ -13,6 +13,9 @@
#include <openssl/ec.h>
#include <openssl/rand.h>
#include <openssl/err.h>
+#ifndef FIPS_MODULE
+# include <openssl/x509.h>
+#endif
#include "crypto/ecx.h"
#include "ecx_backend.h"
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 4a5c926103..1f2910bc69 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -14,7 +14,9 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/ec.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include <openssl/params.h>
#include <openssl/core_names.h>
#include "internal/cryptlib.h"
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 3a8e2c643e..e0f411aa06 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -16,7 +16,9 @@
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/rand.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include <openssl/params.h>
#include <openssl/core_names.h>
#include "internal/cryptlib.h"
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 0b08c9adfd..f78df52ab1 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -25,11 +25,11 @@
#include <openssl/dh.h>
#include <openssl/ec.h>
#include "crypto/evp.h"
-#include "crypto/asn1.h"
#include "internal/provider.h"
#include "evp_local.h"
#if !defined(FIPS_MODULE)
+# include "crypto/asn1.h"
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
{
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index 7b1a44241e..0db755e06b 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -7,13 +7,9 @@
* https://www.openssl.org/source/license.html
*/
-#include <openssl/evp.h>
-
#include <stdio.h>
#include <stdlib.h>
-#include <openssl/engine.h>
#include <openssl/evp.h>
-#include <openssl/x509v3.h>
#include <openssl/rand.h>
#include <openssl/core.h>
#include <openssl/core_names.h>
@@ -22,7 +18,6 @@
#include "internal/numbers.h"
#include "internal/provider.h"
#include "internal/core.h"
-#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "evp_local.h"
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
index 5552b26601..8177626ae0 100644
--- a/crypto/evp/kdf_lib.c
+++ b/crypto/evp/kdf_lib.c
@@ -11,13 +11,10 @@
#include <stdio.h>
#include <stdlib.h>
#include "internal/cryptlib.h"
-#include <openssl/engine.h>
#include <openssl/evp.h>
-#include <openssl/x509v3.h>
#include <openssl/kdf.h>
#include <openssl/core.h>
#include <openssl/core_names.h>
-#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "internal/numbers.h"
#include "internal/provider.h"
diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c
index f3dd876cfd..32e4fbcbaa 100644
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -11,7 +11,6 @@
#include "internal/cryptlib.h"
#include "internal/nelem.h"
#include "crypto/evp.h"
-#include "crypto/asn1.h"
#include "internal/core.h"
#include "internal/provider.h"
#include "evp_local.h"
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 0da6498030..5c5ed05876 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -11,7 +11,6 @@
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include <openssl/x509.h>
#include "crypto/evp.h"
#include "internal/provider.h"
#include "internal/numbers.h" /* includes SIZE_MAX */
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 07be8884fe..fa3a0258fa 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -22,13 +22,14 @@
#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include <openssl/x509.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/dh.h>
#include <openssl/ec.h>
#include <openssl/cmac.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include <openssl/params.h>
#include <openssl/param_build.h>
#include <openssl/encoder.h>
@@ -36,14 +37,16 @@
#include "internal/numbers.h" /* includes SIZE_MAX */
#include "internal/ffc.h"
-#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "crypto/dh.h"
#include "crypto/dsa.h"
#include "crypto/ec.h"
#include "crypto/ecx.h"
#include "crypto/rsa.h"
-#include "crypto/x509.h"
+#ifndef FIPS_MODULE
+# include "crypto/asn1.h"
+# include "crypto/x509.h"
+#endif
#include "internal/provider.h"
#include "evp_local.h"
diff --git a/crypto/evp/pmeth_check.c b/crypto/evp/pmeth_check.c
index 112965e794..2ecf2d0251 100644
--- a/crypto/evp/pmeth_check.c
+++ b/crypto/evp/pmeth_check.c
@@ -13,7 +13,9 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include "crypto/bn.h"
-#include "crypto/asn1.h"
+#ifndef FIPS_MODULE
+# include "crypto/asn1.h"
+#endif
#include "crypto/evp.h"
#include "evp_local.h"
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index 2d96e3c227..af3d990869 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -16,7 +16,9 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include "crypto/bn.h"
-#include "crypto/asn1.h"
+#ifndef FIPS_MODULE
+# include "crypto/asn1.h"
+#endif
#include "crypto/evp.h"
#include "evp_local.h"
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 1256e981eb..c214163588 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -15,15 +15,18 @@
#include <stdio.h>
#include <stdlib.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include <openssl/evp.h>
-#include <openssl/x509v3.h>
#include <openssl/core_names.h>
#include <openssl/dh.h>
#include <openssl/rsa.h>
#include <openssl/kdf.h>
#include "internal/cryptlib.h"
-#include "crypto/asn1.h"
+#ifndef FIPS_MODULE
+# include "crypto/asn1.h"
+#endif
#include "crypto/evp.h"
#include "crypto/dh.h"
#include "crypto/ec.h"
diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c
index e824dcaf3c..85ad54e4cf 100644
--- a/crypto/rsa/rsa_backend.c
+++ b/crypto/rsa/rsa_backend.c
@@ -18,9 +18,12 @@
#include <openssl/params.h>
#include <openssl/err.h>
#include <openssl/evp.h>
+#ifndef FIPS_MODULE
+# include <openssl/x509.h>
+# include "crypto/asn1.h"
+#endif
#include "internal/sizes.h"
#include "internal/param_build_set.h"
-#include "crypto/asn1.h"
#include "crypto/rsa.h"
#include "rsa_local.h"
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 70eaa59a8b..6433282597 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -15,7 +15,9 @@
#include <openssl/crypto.h>
#include <openssl/core_names.h>
-#include <openssl/engine.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include <openssl/evp.h>
#include <openssl/param_build.h>
#include "internal/cryptlib.h"
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index 21a2e9d727..c5a664dc0b 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -18,22 +18,22 @@
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include "crypto/x509.h"
-#ifndef OPENSSL_NO_MD2
-# include <openssl/md2.h> /* uses MD2_DIGEST_LENGTH */
-#endif
-#ifndef OPENSSL_NO_MD4
-# include <openssl/md4.h> /* uses MD4_DIGEST_LENGTH */
-#endif
-#ifndef OPENSSL_NO_MD5
-# include <openssl/md5.h> /* uses MD5_DIGEST_LENGTH */
-#endif
-#ifndef OPENSSL_NO_MDC2
-# include <openssl/mdc2.h> /* uses MDC2_DIGEST_LENGTH */
-#endif
-#ifndef OPENSSL_NO_RMD160
-# include <openssl/ripemd.h> /* uses RIPEMD160_DIGEST_LENGTH */
+#ifndef FIPS_MODULE
+# ifndef OPENSSL_NO_MD2
+# include <openssl/md2.h> /* uses MD2_DIGEST_LENGTH */
+# endif
+# ifndef OPENSSL_NO_MD4
+# include <openssl/md4.h> /* uses MD4_DIGEST_LENGTH */
+# endif
+# ifndef OPENSSL_NO_MD5
+# include <openssl/md5.h> /* uses MD5_DIGEST_LENGTH */
+# endif
+# ifndef OPENSSL_NO_MDC2
+# include <openssl/mdc2.h> /* uses MDC2_DIGEST_LENGTH */
+# endif
+# ifndef OPENSSL_NO_RMD160
+# include <openssl/ripemd.h> /* uses RIPEMD160_DIGEST_LENGTH */
+# endif
#endif
#include <openssl/sha.h> /* uses SHA???_DIGEST_LENGTH */
#include "crypto/rsa.h"
diff --git a/include/crypto/dh.h b/include/crypto/dh.h
index 8613f9038e..f6be4ae006 100644
--- a/include/crypto/dh.h
+++ b/include/crypto/dh.h
@@ -14,7 +14,6 @@
# include <openssl/core.h>
# include <openssl/params.h>
# include <openssl/dh.h>
-# include <openssl/x509.h>
# include "internal/ffc.h"
DH *ossl_dh_new_by_nid_ex(OSSL_LIB_CTX *libctx, int nid);
diff --git a/include/crypto/dsa.h b/include/crypto/dsa.h
index dad056bb28..eedbd8c7d1 100644
--- a/include/crypto/dsa.h
+++ b/include/crypto/dsa.h
@@ -13,7 +13,6 @@
# include <openssl/core.h>
# include <openssl/dsa.h>
-# include <openssl/x509.h>
# include "internal/ffc.h"
#define DSA_PARAMGEN_TYPE_FIPS_186_4 0 /* Use FIPS186-4 standard */
diff --git a/include/crypto/ec.h b/include/crypto/ec.h
index 77972c3650..62163b31ac 100644
--- a/include/crypto/ec.h
+++ b/include/crypto/ec.h
@@ -24,7 +24,6 @@ int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc);
# ifndef OPENSSL_NO_EC
# include <openssl/core.h>
# include <openssl/ec.h>
-# include <openssl/x509.h>
# include "crypto/types.h"
/*-
diff --git a/include/crypto/ecx.h b/include/crypto/ecx.h
index 82671a8f4d..48b95fa5ba 100644
--- a/include/crypto/ecx.h
+++ b/include/crypto/ecx.h
@@ -20,7 +20,6 @@
# include <openssl/core.h>
# include <openssl/e_os2.h>
# include <openssl/crypto.h>
-# include <openssl/x509.h>
# include "internal/refcount.h"
# include "crypto/types.h"
diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h
index cc67e1f709..100e7ceb05 100644
--- a/include/crypto/rsa.h
+++ b/include/crypto/rsa.h
@@ -13,7 +13,6 @@
# include <openssl/core.h>
# include <openssl/rsa.h>
-# include <openssl/x509.h>
# include "crypto/types.h"
#define RSA_MIN_MODULUS_BITS 512
diff --git a/providers/common/include/prov/provider_util.h b/providers/common/include/prov/provider_util.h
index 1f6f4687ad..fa73e46506 100644
--- a/providers/common/include/prov/provider_util.h
+++ b/providers/common/include/prov/provider_util.h
@@ -8,7 +8,7 @@
*/
#include <openssl/provider.h>
-#include <openssl/engine.h>
+#include <openssl/types.h>
typedef struct {
/*
diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c
index 30fe7c6b21..662175c2f3 100644
--- a/providers/common/provider_util.c
+++ b/providers/common/provider_util.c
@@ -14,6 +14,9 @@
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/proverr.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include "prov/provider_util.h"
#include "internal/nelem.h"
diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c
index e1e2609dfa..63553996bd 100644
--- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c
+++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c
@@ -18,6 +18,9 @@
#include <openssl/evp.h>
#include <openssl/proverr.h>
#include <openssl/param_build.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include "internal/param_build_set.h"
#include "prov/implementations.h"
#include "prov/providercommon.h"
diff --git a/providers/implementations/macs/cmac_prov.c b/providers/implementations/macs/cmac_prov.c
index 2291276035..b44f13b5fa 100644
--- a/providers/implementations/macs/cmac_prov.c
+++ b/providers/implementations/macs/cmac_prov.c
@@ -16,7 +16,6 @@
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
-#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/cmac.h>
@@ -111,7 +110,7 @@ static int cmac_setkey(struct cmac_data_st *macctx,
ossl_prov_cipher_cipher(&macctx->cipher),
ossl_prov_cipher_engine(&macctx->cipher));
ossl_prov_cipher_reset(&macctx->cipher);
- return rv;
+ return rv;
}
static int cmac_init(void *vmacctx, const unsigned char *key,
diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c
index 29fb9f87df..89904fc89d 100644
--- a/providers/implementations/macs/gmac_prov.c
+++ b/providers/implementations/macs/gmac_prov.c
@@ -11,7 +11,6 @@
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
-#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/proverr.h>
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c
index 3a0679ce8f..78c4924a38 100644
--- a/providers/implementations/macs/hmac_prov.c
+++ b/providers/implementations/macs/hmac_prov.c
@@ -18,7 +18,6 @@
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
-#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
diff --git a/providers/implementations/signature/mac_legacy_sig.c b/providers/implementations/signature/mac_legacy_sig.c
index d9fd105289..06f79505ff 100644
--- a/providers/implementations/signature/mac_legacy_sig.c
+++ b/providers/implementations/signature/mac_legacy_sig.c
@@ -16,6 +16,9 @@
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/err.h>
+#ifndef FIPS_MODULE
+# include <openssl/engine.h>
+#endif
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/macsignature.h"
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index b0e3496ba2..85f296b807 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -27,7 +27,9 @@
#include "internal/cryptlib.h"
#include <openssl/evp.h>
-#include <openssl/md5.h>
+#ifndef FIPS_MODULE
+# include <openssl/md5.h>
+#endif
#include <openssl/sha.h>
char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 08:52:41 +0000