From 3c7d2178681a2741a8cc8a042cb2ea6ee28528b8 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Tue, 15 Apr 2014 20:06:10 +0000
Subject: remove FIPS mode support. people who require FIPS can buy something
 that meets their needs, but dumping it in here only penalizes the rest of us.
 ok beck deraadt

---
 src/lib/libcrypto/o_fips.c | 22 ----------------------
 1 file changed, 22 deletions(-)

(limited to 'src/lib/libcrypto/o_fips.c')

diff --git a/src/lib/libcrypto/o_fips.c b/src/lib/libcrypto/o_fips.c
index 9c185cfb18..43312ae23f 100644
--- a/src/lib/libcrypto/o_fips.c
+++ b/src/lib/libcrypto/o_fips.c
@@ -56,42 +56,20 @@
  */
 
 #include "cryptlib.h"
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#include <openssl/fips_rand.h>
-#include <openssl/rand.h>
-#endif
 
 int
 FIPS_mode(void)
 {
 	OPENSSL_init();
-#ifdef OPENSSL_FIPS
-	return FIPS_module_mode();
-#else
 	return 0;
-#endif
 }
 
 int
 FIPS_mode_set(int r)
 {
 	OPENSSL_init();
-#ifdef OPENSSL_FIPS
-#ifndef FIPS_AUTH_USER_PASS
-#define FIPS_AUTH_USER_PASS	"Default FIPS Crypto User Password"
-#endif
-	if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS))
-		return 0;
-	if (r)
-		RAND_set_rand_method(FIPS_rand_get_method());
-	else
-		RAND_set_rand_method(NULL);
-	return 1;
-#else
 	if (r == 0)
 		return 1;
 	CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED);
 	return 0;
-#endif
 }
-- 
cgit v1.2.3-55-g6feb