Remove some unnecessary OPENSSL_FIPS references

FIPS_mode() exists in all versions of OpenSSL but always returns 0 if OpenSSL is not FIPS
capable.
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Dr. Stephen Henson
2014-10-18 20:14:36 +01:00
parent 0c1bd7f03f
commit 00b4ee7664
9 changed files with 0 additions and 33 deletions

View File

@@ -1889,13 +1889,11 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
return(NULL);
}
#ifdef OPENSSL_FIPS
if (FIPS_mode() && (meth->version < TLS1_VERSION))
{
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
return NULL;
}
#endif
if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0)
{