Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
compat-openssl098.503
openssl-fips__0000_fipsmode.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-fips__0000_fipsmode.diff of Package compat-openssl098.503
--- openssl-0.9.8j/crypto/o_init.c.orig 2011-08-04 07:54:50.000000000 +0000 +++ openssl-0.9.8j/crypto/o_init.c 2011-08-04 07:56:50.000000000 +0000 @@ -59,6 +59,45 @@ #include <e_os.h> #include <openssl/err.h> +#ifdef OPENSSL_FIPS +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <unistd.h> +#include <errno.h> +#include <stdlib.h> +#include <openssl/fips.h> +#include <openssl/evp.h> +#include <openssl/rand.h> + +#define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled" + +static void init_fips_mode(void) + { + char buf[2] = "0"; + int fd; + + if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) + { + buf[0] = '1'; + } + else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) + { + while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR); + close(fd); + } + /* Failure reading the fips mode switch file means just not + * switching into FIPS mode. We would break too many things + * otherwise. + */ + + if (buf[0] == '1') + { + FIPS_mode_set(1); + } + } +#endif + /* Perform any essential OpenSSL initialization operations. * Currently only sets FIPS callbacks */ @@ -73,11 +112,10 @@ void OPENSSL_init(void) #ifdef CRYPTO_MDEBUG CRYPTO_malloc_debug_init(); #endif -#ifdef OPENSSL_ENGINE + init_fips_mode(); int_EVP_MD_init_engine_callbacks(); int_EVP_CIPHER_init_engine_callbacks(); int_RAND_init_engine_callbacks(); -#endif done = 1; } #endif --- openssl-0.9.8j/ssl/ssl_algs.c.orig 2011-08-04 07:57:15.000000000 +0000 +++ openssl-0.9.8j/ssl/ssl_algs.c 2011-08-04 07:57:38.000000000 +0000 @@ -63,6 +63,7 @@ int SSL_library_init(void) { + OPENSSL_init(); #ifndef OPENSSL_NO_DES EVP_add_cipher(EVP_des_cbc());
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor