summaryrefslogtreecommitdiffstats
path: root/crypto/openssl/ssl/s3_clnt.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssl/ssl/s3_clnt.c')
-rw-r--r--crypto/openssl/ssl/s3_clnt.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/s3_clnt.c b/crypto/openssl/ssl/s3_clnt.c
index 26ce0cb..6b4dc3e 100644
--- a/crypto/openssl/ssl/s3_clnt.c
+++ b/crypto/openssl/ssl/s3_clnt.c
@@ -117,6 +117,7 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
+#include <openssl/fips.h>
static SSL_METHOD *ssl3_get_client_method(int ver);
static int ssl3_client_hello(SSL *s);
@@ -534,7 +535,8 @@ static int ssl3_client_hello(SSL *s)
p=s->s3->client_random;
Time=time(NULL); /* Time */
l2n(Time,p);
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+ if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)) <= 0)
+ goto err;
/* Do the message type and length last */
d=p= &(buf[4]);
@@ -1165,7 +1167,16 @@ static int ssl3_get_key_exchange(SSL *s)
EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx,param,param_len);
+#ifdef OPENSSL_FIPS
+ if(s->version == TLS1_VERSION && num == 2)
+ FIPS_allow_md5(1);
+#endif
+
EVP_DigestFinal_ex(&md_ctx,q,(unsigned int *)&i);
+#ifdef OPENSSL_FIPS
+ if(s->version == TLS1_VERSION && num == 2)
+ FIPS_allow_md5(1);
+#endif
q+=i;
j+=i;
}
OpenPOWER on IntegriCloud