#include "apps.h"
#include <openssl/bio.h>
#include <openssl/crypto.h>
+#include <openssl/rand.h>
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
#include "progs.h"
#include "s_apps.h"
#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
* base prototypes (we cast each variable inside the function to the required
long errline;
#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
- /* 2011-03-22 SMS.
+ /*-
+ * 2011-03-22 SMS.
* If we have 32-bit pointers everywhere, then we're safe, and
* we bypass this mess, as on non-VMS systems. (See ARGV,
* above.)
CRYPTO_set_locking_callback(lock_dbg_cb);
}
+ if(getenv("OPENSSL_FIPS")) {
+#ifdef OPENSSL_FIPS
+ if (!FIPS_mode_set(1)) {
+ ERR_load_crypto_strings();
+ ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
+ EXIT(1);
+ }
+#else
+ fprintf(stderr, "FIPS mode not supported.\n");
+ EXIT(1);
+#endif
+ }
+
apps_startup();
/* Lets load up our environment a little */
if (prog != NULL) lh_FUNCTION_free(prog);
if (arg.data != NULL) OPENSSL_free(arg.data);
- apps_shutdown();
- CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
OPENSSL_free(Argv);
}
#endif
+ apps_shutdown();
+ CRYPTO_mem_leaks(bio_err);
+
OPENSSL_EXIT(ret);
}
EVP_MD_do_all_sorted(list_md_fn, out);
}
-static int MS_CALLBACK function_cmp(const FUNCTION *a, const FUNCTION *b)
+static int function_cmp(const FUNCTION *a, const FUNCTION *b)
{
return strncmp(a->name,b->name,8);
}
static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)
-static unsigned long MS_CALLBACK function_hash(const FUNCTION *a)
+static unsigned long function_hash(const FUNCTION *a)
{
return lh_strhash(a->name);
}