Remove some unnecessary OPENSSL_FIPS references
FIPS_mode() exists in all versions of OpenSSL but always returns 0 if OpenSSL is not FIPS capable. Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
@@ -1889,13 +1889,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
if (FIPS_mode() && (meth->version < TLS1_VERSION))
|
||||
{
|
||||
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
|
||||
return NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
|
||||
{
|
||||
|
Reference in New Issue
Block a user