cfec1a
diff -up openssl-1.0.2a/README.warning openssl-1.0.2a/README
cfec1a
--- openssl-1.0.2a/README.warning	2015-03-20 16:00:47.000000000 +0100
cfec1a
+++ openssl-1.0.2a/README	2015-03-21 09:06:11.000000000 +0100
cfec1a
@@ -5,6 +5,46 @@
cfec1a
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
cfec1a
  All rights reserved.
cfec1a
 
cfec1a
+ WARNING
cfec1a
+ -------
cfec1a
+
cfec1a
+ This version of OpenSSL is built in a way that supports operation in
cfec1a
+ the so called FIPS mode. Note though that the library as we build it
cfec1a
+ is not FIPS 140-2 validated and the FIPS mode is present for testing
cfec1a
+ purposes only.
cfec1a
+
cfec1a
+ This version also contains a few differences from the upstream code
cfec1a
+ some of which are:
cfec1a
+   * The FIPS validation support is significantly different from the
cfec1a
+     upstream FIPS support. For example the FIPS integrity verification
cfec1a
+     check is implemented differently as the FIPS module is built inside
cfec1a
+     the shared library. The HMAC-SHA256 checksums of the whole shared
cfec1a
+     libraries are verified. Also note that the FIPS integrity
cfec1a
+     verification check requires that the libcrypto and libssl shared
cfec1a
+     library files are unmodified which means that it will fail if these
cfec1a
+     files are changed for example by prelink.
cfec1a
+   * If the file /etc/system-fips is present the integrity verification
cfec1a
+     and selftests of the crypto algorithms are run inside the library
cfec1a
+     constructor code.
cfec1a
+   * With the /etc/system-fips present the module respects the kernel
cfec1a
+     FIPS flag /proc/sys/crypto/fips and tries to initialize the FIPS mode
cfec1a
+     if it is set to 1 aborting if the FIPS mode could not be initialized.
cfec1a
+     With the /etc/system-fips present it is also possible to force the
cfec1a
+     OpenSSL library to FIPS mode especially for debugging purposes by
cfec1a
+     setting the environment variable OPENSSL_FORCE_FIPS_MODE.
cfec1a
+   * If the environment variable OPENSSL_NO_DEFAULT_ZLIB is set the module
cfec1a
+     will not automatically load the built in compression method ZLIB
cfec1a
+     when initialized. Applications can still explicitely ask for ZLIB
cfec1a
+     compression method.
cfec1a
+   * The library was patched so the certificates, CRLs and other objects
cfec1a
+     signed with use of MD5 fail verification as the MD5 is too insecure
cfec1a
+     to be used for signatures. If the environment variable
cfec1a
+     OPENSSL_ENABLE_MD5_VERIFY is set, the verification can proceed
cfec1a
+     normally.
cfec1a
+   * If the OPENSSL_ENFORCE_MODULUS_BITS environment variable is set,
cfec1a
+     the library will not allow generation of DSA and RSA keys with
cfec1a
+     other lengths than specified in the FIPS 186-4 standard.
cfec1a
+
cfec1a
  DESCRIPTION
cfec1a
  -----------
cfec1a