generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Pull FIPS back into stable.

Browse Source
This commit is contained in:
Ben Laurie
2004-05-11 12:46:24 +00:00
parent aaa16d0001
commit 3642f632d3
195 changed files with 20153 additions and 612 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
ssl/ssl_lib.c
View File

@@ -121,6 +121,7 @@
#include <openssl/objects.h>
#include <openssl/lhash.h>
#include <openssl/x509v3.h>
#include <openssl/fips.h>
const char *SSL_version_str=OPENSSL_VERSION_TEXT;
@@ -2156,7 +2157,18 @@ int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
const char *CApath)
{
return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
int r;
#ifdef OPENSSL_FIPS
if(ctx->method->version == TLS1_VERSION)
FIPS_allow_md5(1);
#endif
r=X509_STORE_load_locations(ctx->cert_store,CAfile,CApath);
#ifdef OPENSSL_FIPS
if(ctx->method->version == TLS1_VERSION)
FIPS_allow_md5(0);
#endif
return r;
}
#endif