isaacpittman-hitachi / rpms / openssl

Forked from rpms/openssl 2 years ago
Clone
Blob Blame History Raw
diff -up openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build openssl-1.1.1g/crypto/evp/pkey_kdf.c
--- openssl-1.1.1g/crypto/evp/pkey_kdf.c.edk2-build	2020-05-18 12:55:53.299548432 +0200
+++ openssl-1.1.1g/crypto/evp/pkey_kdf.c	2020-05-18 12:55:53.340548788 +0200
@@ -12,6 +12,7 @@
 #include <openssl/evp.h>
 #include <openssl/err.h>
 #include <openssl/kdf.h>
+#include "internal/numbers.h"
 #include "crypto/evp.h"
 
 static int pkey_kdf_init(EVP_PKEY_CTX *ctx)
diff -up openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build openssl-1.1.1g/crypto/kdf/hkdf.c
--- openssl-1.1.1g/crypto/kdf/hkdf.c.edk2-build	2020-05-18 12:55:53.340548788 +0200
+++ openssl-1.1.1g/crypto/kdf/hkdf.c	2020-05-18 12:57:18.648288904 +0200
@@ -13,6 +13,7 @@
 #include <openssl/hmac.h>
 #include <openssl/kdf.h>
 #include <openssl/evp.h>
+#include "internal/numbers.h"
 #include "internal/cryptlib.h"
 #include "crypto/evp.h"
 #include "kdf_local.h"
diff -up openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build openssl-1.1.1g/crypto/rand/rand_unix.c
--- openssl-1.1.1g/crypto/rand/rand_unix.c.edk2-build	2020-05-18 12:56:05.646655554 +0200
+++ openssl-1.1.1g/crypto/rand/rand_unix.c	2020-05-18 12:58:51.088090896 +0200
@@ -20,7 +20,7 @@
 #include "crypto/fips.h"
 #include <stdio.h>
 #include "internal/dso.h"
-#ifdef __linux
+#if defined(__linux) && !defined(OPENSSL_SYS_UEFI)
 # include <sys/syscall.h>
 # include <sys/random.h>
 # ifdef DEVRANDOM_WAIT
diff -up openssl-1.1.1g/include/crypto/fips.h.edk2-build openssl-1.1.1g/include/crypto/fips.h
--- openssl-1.1.1g/include/crypto/fips.h.edk2-build	2020-05-18 12:55:53.296548406 +0200
+++ openssl-1.1.1g/include/crypto/fips.h	2020-05-18 12:55:53.340548788 +0200
@@ -50,10 +50,6 @@
 #include <openssl/opensslconf.h>
 #include <openssl/evp.h>
 
-#ifndef OPENSSL_FIPS
-# error FIPS is disabled.
-#endif
-
 #ifdef OPENSSL_FIPS
 
 int FIPS_module_mode_set(int onoff);
@@ -97,4 +93,8 @@ void fips_set_selftest_fail(void);
 
 void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr);
 
+#else
+
+# define fips_in_post() 0
+
 #endif