diff options
Diffstat (limited to 'src/lib/libssl/s3_clnt.c')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 0969476b25..36f4a8b4c3 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -117,7 +117,6 @@ | |||
| 117 | #include <openssl/objects.h> | 117 | #include <openssl/objects.h> |
| 118 | #include <openssl/evp.h> | 118 | #include <openssl/evp.h> |
| 119 | #include <openssl/md5.h> | 119 | #include <openssl/md5.h> |
| 120 | #include <openssl/fips.h> | ||
| 121 | 120 | ||
| 122 | static SSL_METHOD *ssl3_get_client_method(int ver); | 121 | static SSL_METHOD *ssl3_get_client_method(int ver); |
| 123 | static int ssl3_client_hello(SSL *s); | 122 | static int ssl3_client_hello(SSL *s); |
| @@ -169,7 +168,7 @@ int ssl3_connect(SSL *s) | |||
| 169 | long num1; | 168 | long num1; |
| 170 | void (*cb)(const SSL *ssl,int type,int val)=NULL; | 169 | void (*cb)(const SSL *ssl,int type,int val)=NULL; |
| 171 | int ret= -1; | 170 | int ret= -1; |
| 172 | int new_state,state,skip=0;; | 171 | int new_state,state,skip=0; |
| 173 | 172 | ||
| 174 | RAND_add(&Time,sizeof(Time),0); | 173 | RAND_add(&Time,sizeof(Time),0); |
| 175 | ERR_clear_error(); | 174 | ERR_clear_error(); |
| @@ -535,8 +534,7 @@ static int ssl3_client_hello(SSL *s) | |||
| 535 | p=s->s3->client_random; | 534 | p=s->s3->client_random; |
| 536 | Time=time(NULL); /* Time */ | 535 | Time=time(NULL); /* Time */ |
| 537 | l2n(Time,p); | 536 | l2n(Time,p); |
| 538 | if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) | 537 | RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); |
| 539 | goto err; | ||
| 540 | 538 | ||
| 541 | /* Do the message type and length last */ | 539 | /* Do the message type and length last */ |
| 542 | d=p= &(buf[4]); | 540 | d=p= &(buf[4]); |
| @@ -1162,14 +1160,11 @@ static int ssl3_get_key_exchange(SSL *s) | |||
| 1162 | q=md_buf; | 1160 | q=md_buf; |
| 1163 | for (num=2; num > 0; num--) | 1161 | for (num=2; num > 0; num--) |
| 1164 | { | 1162 | { |
| 1165 | EVP_MD_CTX_set_flags(&md_ctx, | ||
| 1166 | EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 1167 | EVP_DigestInit_ex(&md_ctx,(num == 2) | 1163 | EVP_DigestInit_ex(&md_ctx,(num == 2) |
| 1168 | ?s->ctx->md5:s->ctx->sha1, NULL); | 1164 | ?s->ctx->md5:s->ctx->sha1, NULL); |
| 1169 | EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); | 1165 | EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); |
| 1170 | EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); | 1166 | EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); |
| 1171 | EVP_DigestUpdate(&md_ctx,param,param_len); | 1167 | EVP_DigestUpdate(&md_ctx,param,param_len); |
| 1172 | |||
| 1173 | EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i); | 1168 | EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i); |
| 1174 | q+=i; | 1169 | q+=i; |
| 1175 | j+=i; | 1170 | j+=i; |