resolve conflicts

author: djm <djm@openbsd.org> 2005-04-29 05:39:09 +0000
committer: djm <djm@openbsd.org> 2005-04-29 05:39:09 +0000
commit: 40d8aef356a70d0b13395f0805e3044b85d91347 (patch)
tree: 22edbfd34c49ce1b7988794a7a74d65829c13819 /lib/libcrypto/rand/rand_lib.c
parent: import of openssl-0.9.7g; tested on platforms from alpha to zaurus, ok deraadt@ (diff)
download: wireguard-openbsd-40d8aef356a70d0b13395f0805e3044b85d91347.tar.xz
wireguard-openbsd-40d8aef356a70d0b13395f0805e3044b85d91347.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/lib/libcrypto/rand/rand_lib.c b/lib/libcrypto/rand/rand_lib.c
index 513e3389859..88f1b56d91e 100644
--- a/lib/libcrypto/rand/rand_lib.c
+++ b/lib/libcrypto/rand/rand_lib.c
@@ -63,6 +63,8 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#include <openssl/fips.h>
+#include <openssl/fips_rand.h>
 
 #ifndef OPENSSL_NO_ENGINE
 /* non-NULL if default_RAND_meth is ENGINE-provided */
@@ -85,6 +87,16 @@ int RAND_set_rand_method(const RAND_METHOD *meth)
 
 const RAND_METHOD *RAND_get_rand_method(void)
 	{
+#ifdef OPENSSL_FIPS
+	if(FIPS_mode()
+		&& default_RAND_meth != FIPS_rand_check())
+	    {
+	    RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD);
+	    return 0;
+	    }
+#endif
+
+
 	if (!default_RAND_meth)
 		{
 #ifndef OPENSSL_NO_ENGINE
author	djm <djm@openbsd.org>	2005-04-29 05:39:09 +0000
committer	djm <djm@openbsd.org>	2005-04-29 05:39:09 +0000
commit	40d8aef356a70d0b13395f0805e3044b85d91347 (patch)
tree	22edbfd34c49ce1b7988794a7a74d65829c13819 /lib/libcrypto/rand/rand_lib.c
parent	import of openssl-0.9.7g; tested on platforms from alpha to zaurus, ok deraadt@ (diff)
download	wireguard-openbsd-40d8aef356a70d0b13395f0805e3044b85d91347.tar.xz wireguard-openbsd-40d8aef356a70d0b13395f0805e3044b85d91347.zip