[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 135/219: OpenSSL: Report -fips in version if OpenSS
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 135/219: OpenSSL: Report -fips in version if OpenSSL is built with FIPS |
Date: |
Wed, 22 May 2019 19:17:54 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 3a03e59048d6b3e62f56baf4b4bd0cba5f26fe17
Author: Ricky Leverence <address@hidden>
AuthorDate: Fri Apr 12 11:53:12 2019 -0700
OpenSSL: Report -fips in version if OpenSSL is built with FIPS
Older versions of OpenSSL report FIPS availabilty via an OPENSSL_FIPS
define. It uses this define to determine whether to publish -fips at
the end of the version displayed. Applications that utilize the version
reported by OpenSSL will see a mismatch if they compare it to what curl
reports, as curl is not modifying the version in the same way. This
change simply adds a check to see if OPENSSL_FIPS is defined, and will
alter the reported version to match what OpenSSL itself provides. This
only appears to be applicable in versions of OpenSSL <1.1.1
Closes #3771
---
lib/vtls/openssl.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index e50f929ef..9b1b5d3be 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3826,7 +3826,11 @@ static size_t Curl_ossl_version(char *buffer, size_t
size)
sub[0]='\0';
}
- return msnprintf(buffer, size, "%s/%lx.%lx.%lx%s",
+ return msnprintf(buffer, size, "%s/%lx.%lx.%lx%s"
+#ifdef OPENSSL_FIPS
+ "-fips"
+#endif
+ ,
OSSL_PACKAGE,
(ssleay_value>>28)&0xf,
(ssleay_value>>20)&0xff,
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnurl] 135/219: OpenSSL: Report -fips in version if OpenSSL is built with FIPS,
gnunet <=