X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=openssl%2Fopenssl-0.9.8j-kernel-fipsmode.patch;fp=openssl%2Fopenssl-0.9.8j-kernel-fipsmode.patch;h=0000000000000000000000000000000000000000;hb=7012f6a5705c6d5ac1a7bf8dad6ebb2ed2261019;hp=fed04c3d6d01c349e006b2272817c0b23ec4224b;hpb=3718db2a3dbcbf17861914146ad480bee4c3b170;p=fedora-mingw.git diff --git a/openssl/openssl-0.9.8j-kernel-fipsmode.patch b/openssl/openssl-0.9.8j-kernel-fipsmode.patch deleted file mode 100644 index fed04c3..0000000 --- a/openssl/openssl-0.9.8j-kernel-fipsmode.patch +++ /dev/null @@ -1,62 +0,0 @@ -diff -up openssl-0.9.8j/crypto/o_init.c.fipsmode openssl-0.9.8j/crypto/o_init.c ---- openssl-0.9.8j/crypto/o_init.c.fipsmode 2008-11-05 19:36:36.000000000 +0100 -+++ openssl-0.9.8j/crypto/o_init.c 2009-01-14 17:57:39.000000000 +0100 -@@ -59,6 +59,45 @@ - #include - #include - -+#ifdef OPENSSL_FIPS -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" -+ -+static void init_fips_mode(void) -+ { -+ char buf[2] = "0"; -+ int fd; -+ -+ if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) -+ { -+ buf[0] = '1'; -+ } -+ else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) -+ { -+ while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR); -+ close(fd); -+ } -+ /* Failure reading the fips mode switch file means just not -+ * switching into FIPS mode. We would break too many things -+ * otherwise. -+ */ -+ -+ if (buf[0] == '1') -+ { -+ FIPS_mode_set(1); -+ } -+ } -+#endif -+ - /* Perform any essential OpenSSL initialization operations. - * Currently only sets FIPS callbacks - */ -@@ -73,11 +112,10 @@ void OPENSSL_init(void) - #ifdef CRYPTO_MDEBUG - CRYPTO_malloc_debug_init(); - #endif --#ifdef OPENSSL_ENGINE -+ init_fips_mode(); - int_EVP_MD_init_engine_callbacks(); - int_EVP_CIPHER_init_engine_callbacks(); - int_RAND_init_engine_callbacks(); --#endif - done = 1; - } - #endif