jonathan/openssl
1
0
Fork 0
forked from rpms/openssl
Code Pull Requests Activity
2ca16b9a24
openssl/openssl-1.0.1c-issuer-hash.patch
Tomas Mraz c67ea975b9 add script for renewal of a self-signed cert by Philip Prindeville (#871566) 
- allow X509_issuer_and_serial_hash() produce correct result in
  the FIPS mode (#881336)
2012-12-21 17:21:50 +01:00

12 lines
542 B
Diff
Raw Blame History

diff -up openssl-1.0.1c/crypto/x509/x509_cmp.c.issuer-hash openssl-1.0.1c/crypto/x509/x509_cmp.c
--- openssl-1.0.1c/crypto/x509/x509_cmp.c.issuer-hash 2011-06-22 04:18:06.000000000 +0200
+++ openssl-1.0.1c/crypto/x509/x509_cmp.c 2012-12-21 17:18:38.101308997 +0100
@@ -85,6 +85,7 @@ unsigned long X509_issuer_and_serial_has
char *f;
EVP_MD_CTX_init(&ctx);
+ EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
ret=strlen(f);
if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
View Git Blame Copy Permalink