diff options
| author | Richard Levitte <levitte@openssl.org> | 2004-04-20 10:26:13 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2004-04-20 10:26:13 +0000 |
| commit | d2fca2c59ad28832ccdaff1ea6ebe292e628fe59 (patch) | |
| tree | 45aa397007ff017186dcc948c78a99fc731c0599 | |
| parent | 7028b83a35fa09b091e097c94d5066ab6495c691 (diff) | |
| download | openssl-new-d2fca2c59ad28832ccdaff1ea6ebe292e628fe59.tar.gz | |
Small bug fixes.
Move the declaration of FIPS_allow_md5() from fips_locl.h to fips.h.
Consequently, util/mkdef.pl doesn't need to look at fips_locl.h any
more.
| -rw-r--r-- | apps/openssl.c | 14 | ||||
| -rw-r--r-- | fips/fips.c | 2 | ||||
| -rw-r--r-- | fips/fips.h | 1 | ||||
| -rw-r--r-- | fips/fips_locl.h | 1 | ||||
| -rwxr-xr-x | util/mkdef.pl | 2 |
5 files changed, 15 insertions, 5 deletions
diff --git a/apps/openssl.c b/apps/openssl.c index 697748c16c..c31a04bb6b 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -233,11 +233,21 @@ int main(int Argc, char *Argv[]) arg.count=0; #ifdef OPENSSL_FIPS - if(getenv("OPENSSL_FIPS") && !FIPS_mode_set(1,Argv[0])) - { + if(getenv("OPENSSL_FIPS")) { +#if defined(_WIN32) + char filename[MAX_PATH] = ""; + GetModuleFileName( NULL, filename, MAX_PATH) ; + p = filename; +#else + p = Argv[0]; +#endif + if (!FIPS_mode_set(1,p)) { ERR_load_crypto_strings(); ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); exit(1); + } + if (getenv("OPENSSL_FIPS_MD5")) + FIPS_allow_md5(1); } #endif if (bio_err == NULL) diff --git a/fips/fips.c b/fips/fips.c index 30bb5fba48..912bb9d1f7 100644 --- a/fips/fips.c +++ b/fips/fips.c @@ -111,7 +111,7 @@ static int FIPS_check_exe(const char *path) f=fopen(p2,"rb"); if(!f || fread(buf,1,20,f) != 20) { - fclose(f); + if (f) fclose(f); FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE_DIGEST); return 0; } diff --git a/fips/fips.h b/fips/fips.h index c7f9c5c6dc..e169ebf43e 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -64,6 +64,7 @@ extern void *FIPS_rand_check; struct dsa_st; int FIPS_mode_set(int onoff,const char *path); +void FIPS_allow_md5(int onoff); int FIPS_dsa_check(struct dsa_st *dsa); void FIPS_corrupt_sha1(void); int FIPS_selftest_sha1(void); diff --git a/fips/fips_locl.h b/fips/fips_locl.h index 0b3fecb39d..501fc756f3 100644 --- a/fips/fips_locl.h +++ b/fips/fips_locl.h @@ -54,7 +54,6 @@ extern "C" { #endif /* FIPS 140 allows MD5 to be used during certain parts of TLS */ -void FIPS_allow_md5(int onoff); extern int FIPS_md5_allowed; #ifdef __cplusplus diff --git a/util/mkdef.pl b/util/mkdef.pl index c4cdce6c56..443d74d448 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -267,7 +267,7 @@ $crypto.=" crypto/ocsp/ocsp.h"; $crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h"; $crypto.=" crypto/krb5/krb5_asn.h"; $crypto.=" crypto/tmdiff.h"; -$crypto.=" fips/fips.h fips/fips_locl.h fips/rand/fips_rand.h"; +$crypto.=" fips/fips.h fips/rand/fips_rand.h"; my $symhacks="crypto/symhacks.h"; |