Set rand method in FIPS_mode_set() not in rand library.

diff --git a/crypto/o_fips.c b/crypto/o_fips.c
index a57a02b07028edd38fcc6da878eadb07952dfd4f..9474a0d9afa4199f113935f91865167c48c20dfc 100644 (file)
--- a/crypto/o_fips.c
+++ b/crypto/o_fips.c
@@ -58,6 +58,8 @@
 #include "cryptlib.h"
 #ifdef OPENSSL_FIPS
 #include <openssl/fips.h>
+#include <openssl/fips_rand.h>
+#include <openssl/rand.h>
 #endif
 
 int FIPS_mode(void)
@@ -71,8 +73,15 @@ int FIPS_mode(void)
 
 int FIPS_mode_set(int r)
        {
+       OPENSSL_init();
 #ifdef OPENSSL_FIPS
-       return FIPS_module_mode_set(r);
+       if (!FIPS_module_mode_set(r))
+               return 0;
+       if (r)
+               RAND_set_rand_method(FIPS_rand_get_method());
+       else
+               RAND_set_rand_method(NULL);
+       return 1;
 #else
        if (r == 0)
                return 1;

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 187fe1ef09346c77c4266e1c9974c27524139810..9f26683b389531ebdbe6f004af4f65f1ee35178f 100644 (file)
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -111,18 +111,6 @@ const RAND_METHOD *RAND_get_rand_method(void)
                if(e)
                        funct_ref = e;
                else
-#endif
-#ifdef OPENSSL_FIPS
-               if (FIPS_mode())
-                       {
-                       default_RAND_meth = FIPS_rand_get_method();
-                       if (default_RAND_meth == NULL)
-                               {
-                               RANDerr(RAND_F_RAND_GET_RAND_METHOD,
-                                       RAND_R_NO_FIPS_RANDOM_METHOD_SET);
-                               }
-                       }
-               else
 #endif
                        default_RAND_meth = RAND_SSLeay();
                }