Blame SOURCES/openssl-1.0.1-beta2-fips-md5-allow.patch

a5ef24
diff -up openssl-1.0.1-beta2/crypto/md5/md5_dgst.c.md5-allow openssl-1.0.1-beta2/crypto/md5/md5_dgst.c
a5ef24
--- openssl-1.0.1-beta2/crypto/md5/md5_dgst.c.md5-allow	2012-02-06 20:09:56.000000000 +0100
a5ef24
+++ openssl-1.0.1-beta2/crypto/md5/md5_dgst.c	2012-02-06 20:14:02.332117603 +0100
a5ef24
@@ -71,7 +71,16 @@ const char MD5_version[]="MD5" OPENSSL_V
a5ef24
 #define INIT_DATA_C (unsigned long)0x98badcfeL
a5ef24
 #define INIT_DATA_D (unsigned long)0x10325476L
a5ef24
 
a5ef24
-nonfips_md_init(MD5)
a5ef24
+int MD5_Init(MD5_CTX *c)
a5ef24
+#ifdef OPENSSL_FIPS
a5ef24
+	{
a5ef24
+	if (FIPS_mode() && getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL)
a5ef24
+		OpenSSLDie(__FILE__, __LINE__, \
a5ef24
+                "Digest MD5 forbidden in FIPS mode!");
a5ef24
+	return private_MD5_Init(c);
a5ef24
+	}
a5ef24
+int private_MD5_Init(MD5_CTX *c)
a5ef24
+#endif
a5ef24
 	{
a5ef24
 	memset (c,0,sizeof(*c));
a5ef24
 	c->A=INIT_DATA_A;