remove FIPS mode support. people who require FIPS can buy something that

meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
author: tedu <> 2014-04-15 20:06:10 +0000
committer: tedu <> 2014-04-15 20:06:10 +0000
commit: 3c7d2178681a2741a8cc8a042cb2ea6ee28528b8 (patch)
tree: 11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/dsa/dsa_lib.c
parent: 4c8a9a73429ac4a1d79f4bab6a397df643934861 (diff)
download: openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.gz
openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.bz2
openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.zip
1 files changed, 0 insertions, 11 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
index 96d8d0c4b4..897c085968 100644
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -70,10 +70,6 @@
 #include <openssl/dh.h>
 #endif
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
 const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
 static const DSA_METHOD *default_DSA_method = NULL;
@@ -87,14 +83,7 @@ const DSA_METHOD *DSA_get_default_method(void)
        {
        if(!default_DSA_method)
                {
-#ifdef OPENSSL_FIPS
-                if (FIPS_mode())
-                        return FIPS_dsa_openssl();
-                else
-                        return DSA_OpenSSL();
-#else
                default_DSA_method = DSA_OpenSSL();
-#endif
                }
        return default_DSA_method;
        }
author	tedu <>	2014-04-15 20:06:10 +0000
committer	tedu <>	2014-04-15 20:06:10 +0000
commit	3c7d2178681a2741a8cc8a042cb2ea6ee28528b8 (patch)
tree	11be20c8110348001494179db4f9b0b67ce149ba /src/lib/libcrypto/dsa/dsa_lib.c
parent	4c8a9a73429ac4a1d79f4bab6a397df643934861 (diff)
download	openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.gz openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.tar.bz2 openbsd-3c7d2178681a2741a8cc8a042cb2ea6ee28528b8.zip