Fix from HEAD.

[oweals/openssl.git] / crypto / rand / md_rand.c

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 9783d0c23e932d49662572a71bb4eca187280969..0f8dd3e00faf3d8afcfc11944577ea579af08d67 100644 (file)
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -126,6 +126,10 @@
 
 #include <openssl/crypto.h>
 #include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
 
 #ifdef BN_DEBUG
 # define PREDICT
@@ -332,6 +336,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 #endif
        int do_stir_pool = 0;
 
+#ifdef OPENSSL_FIPS
+       if(FIPS_mode())
+           {
+           FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD);
+           return 0;
+           }
+#endif
+
 #ifdef PREDICT
        if (rand_predictable)
                {