Make ssl code consistent with FIPS branch. The new code has no effect

at present because it asserts either noop flags or is inside OPENSSL_FIPS #ifdef's.
2008-06-16 16:56:43 +00:00
parent ff2ab9e6bb
commit 14748adb09
17 changed files with 122 additions and 32 deletions
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1540,6 +1540,8 @@ int ssl3_send_server_key_exchange(SSL *s)
 				j=0;
 				for (num=2; num > 0; num--)
 					{
+					EVP_MD_CTX_set_flags(&md_ctx,
+						EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
 					EVP_DigestInit_ex(&md_ctx,(num == 2)
 						?s->ctx->md5:s->ctx->sha1, NULL);
 					EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);