For now disable RSAX ENGINE for FIPS builds: it sets a non-FIPS RSA

method which stops FIPS mode working.
2011-10-13 11:43:44 +00:00 · 2011-10-13 11:43:44 +00:00 · 2461396f69
commit 2461396f69
parent 81a071df2f
1 changed files with 6 additions and 0 deletions
--- a/6
+++ b/6
@ -961,6 +961,12 @@ if ($fips && $fipslibdir eq "")
 	$fipslibdir = $fipsdir . "/lib/";
 	}

+# RSAX ENGINE sets default non-FIPS RSA method.
+if ($fips)
+	{
+	$disabled{"rsax"} = "forced";
+	}
+
 # SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
 if (defined($disabled{"md5"}) || defined($disabled{"sha"})
    || (defined($disabled{"rsa"})