generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove some unnecessary OPENSSL_FIPS references

Browse Source 
FIPS_mode() exists in all versions of OpenSSL but always returns 0 if OpenSSL is not FIPS
capable.
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Dr. Stephen Henson
2014-10-18 20:14:36 +01:00
parent 0c1bd7f03f
commit 00b4ee7664
9 changed files with 0 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ssl/s23_srvr.c
View File

@@ -115,9 +115,6 @@
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
static const SSL_METHOD *ssl23_get_server_method(int ver);
int ssl23_get_client_hello(SSL *s);
@@ -419,14 +416,12 @@ int ssl23_get_client_hello(SSL *s)
goto err;
}
#ifdef OPENSSL_FIPS
if (FIPS_mode() && (s->version < TLS1_VERSION))
{
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
goto err;
}
#endif
if (!ssl_security(s, SSL_SECOP_VERSION, 0, s->version, NULL))
{