aboutsummaryrefslogtreecommitdiff
path: root/crypto/openssl/ssl/ssl_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssl/ssl/ssl_lib.c')
-rw-r--r--crypto/openssl/ssl/ssl_lib.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
index ee9a82d5860d..f5705af0f616 100644
--- a/crypto/openssl/ssl/ssl_lib.c
+++ b/crypto/openssl/ssl/ssl_lib.c
@@ -121,6 +121,7 @@
#include <openssl/objects.h>
#include <openssl/lhash.h>
#include <openssl/x509v3.h>
+#include <openssl/fips.h>
const char *SSL_version_str=OPENSSL_VERSION_TEXT;
@@ -2156,7 +2157,18 @@ int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
const char *CApath)
{
- return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
+ int r;
+
+#ifdef OPENSSL_FIPS
+ if(ctx->method->version == TLS1_VERSION)
+ FIPS_allow_md5(1);
+#endif
+ r=X509_STORE_load_locations(ctx->cert_store,CAfile,CApath);
+#ifdef OPENSSL_FIPS
+ if(ctx->method->version == TLS1_VERSION)
+ FIPS_allow_md5(0);
+#endif
+ return r;
}
#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 06:21:57 +0000