17 lines
576 B
Diff
17 lines
576 B
Diff
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
|
|
index 52db8fc..c5c10f7 100644
|
|
--- a/src/crypto/tls_openssl.c
|
|
+++ b/src/crypto/tls_openssl.c
|
|
@@ -770,6 +770,11 @@ void * tls_init(const struct tls_config *conf)
|
|
#endif /* OPENSSL_FIPS */
|
|
#endif /* CONFIG_FIPS */
|
|
SSL_load_error_strings();
|
|
+ /* Only add potentially weak hashes and encryption algorithms
|
|
+ * when FIPS mode is not enabled.
|
|
+ */
|
|
+ if (!conf || !conf->fips_mode)
|
|
+ OpenSSL_add_all_algorithms();
|
|
SSL_library_init();
|
|
#ifndef OPENSSL_NO_SHA256
|
|
EVP_add_digest(EVP_sha256());
|