diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-05-19 18:22:16 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-05-19 18:22:16 +0000 |
commit | 7043fa702fa102a45b102e11990b650360c35503 (patch) | |
tree | 77edd16724ed7b7312764e44b1f509d975470b76 /ssl/s3_clnt.c | |
parent | f98d2e5cc13a42c39b2adb6771878ab8157e1fe4 (diff) |
add FIPS support to ssl: doesn't do anything on this branch yet as there is no FIPS compilation support
Diffstat (limited to 'ssl/s3_clnt.c')
-rw-r--r-- | ssl/s3_clnt.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index e7dea7d72b..fd131a6df8 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -156,6 +156,9 @@ #include <openssl/objects.h> #include <openssl/evp.h> #include <openssl/md5.h> +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#endif #ifndef OPENSSL_NO_DH #include <openssl/dh.h> #endif @@ -1691,6 +1694,8 @@ fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); q=md_buf; for (num=2; num > 0; num--) { + EVP_MD_CTX_set_flags(&md_ctx, + EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); EVP_DigestInit_ex(&md_ctx,(num == 2) ?s->ctx->md5:s->ctx->sha1, NULL); EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); |