From b0b3d09063275680d9ad78568660d6c4357d61d6 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 13 Jun 2011 21:18:00 +0000 Subject: [PATCH] Set rand method in FIPS_mode_set() not in rand library. --- crypto/o_fips.c | 11 ++++++++++- crypto/rand/rand_lib.c | 12 ------------ 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/crypto/o_fips.c b/crypto/o_fips.c index a57a02b070..9474a0d9af 100644 --- a/crypto/o_fips.c +++ b/crypto/o_fips.c @@ -58,6 +58,8 @@ #include "cryptlib.h" #ifdef OPENSSL_FIPS #include +#include +#include #endif int FIPS_mode(void) @@ -71,8 +73,15 @@ int FIPS_mode(void) int FIPS_mode_set(int r) { + OPENSSL_init(); #ifdef OPENSSL_FIPS - return FIPS_module_mode_set(r); + if (!FIPS_module_mode_set(r)) + return 0; + if (r) + RAND_set_rand_method(FIPS_rand_get_method()); + else + RAND_set_rand_method(NULL); + return 1; #else if (r == 0) return 1; diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 187fe1ef09..9f26683b38 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -111,18 +111,6 @@ const RAND_METHOD *RAND_get_rand_method(void) if(e) funct_ref = e; else -#endif -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - { - default_RAND_meth = FIPS_rand_get_method(); - if (default_RAND_meth == NULL) - { - RANDerr(RAND_F_RAND_GET_RAND_METHOD, - RAND_R_NO_FIPS_RANDOM_METHOD_SET); - } - } - else #endif default_RAND_meth = RAND_SSLeay(); } -- 2.25.1