[patch] A fipsModeSet implementation that is more robust than the original patch

50570.native.patch (text/plain), 1.15 KB, created by Christopher Schultz on 2011-06-28 21:37:31 UTC

(hide)

Description: A fipsModeSet implementation that is more robust than the original patch

Filename:

MIME Type:

Creator: Christopher Schultz

Created: 2011-06-28 21:37:31 UTC

Size: 1.15 KB

patch

obsolete

>Index: src/ssl.c >=================================================================== >--- src/ssl.c (revision 1140772) >+++ src/ssl.c (working copy) >@@ -503,6 +503,34 @@ > } > TCN_FREE_CSTRING(file); > } >+ >+TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode) >+{ >+ int r = 0; >+ >+ UNREFERENCED(o); >+ >+#ifdef OPENSSL_FIPS >+ if(!(r = FIPS_mode_set((int)mode))) { >+ /* arrange to get a human-readable error message */ >+ unsigned long err = ERR_get_error(); >+ char msg[255]; >+ >+ /* ERR_load_crypto_strings() already called in initialize() */ >+ >+ ERR_error_string_n(err, msg, 255); >+ >+ tcn_ThrowException(e, msg); >+ >+ r = 0; >+ } >+#else >+ /* FIPS is unavailable */ >+ tcn_ThrowException(e, "FIPS mode not supported by OpenSSL"); >+#endif >+ return r; >+} >+ > /* OpenSSL Java Stream BIO */ > > typedef struct { >@@ -876,6 +904,12 @@ > UNREFERENCED(file); > } > >+TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode) >+{ >+ UNREFERENCED_STDARGS; >+ UNREFERENCED(mode); >+} >+ > TCN_IMPLEMENT_CALL(jlong, SSL, newBIO)(TCN_STDARGS, jlong pool, > jobject callback) > { View Attachment As Diff View Attachment As Raw

This is ASF Bugzilla: the Apache Software Foundation bug system. In case of problems with the functioning of ASF Bugzilla, please contact bugzilla-admin@apache.org. Please Note: this e-mail address is only for reporting problems with ASF Bugzilla. Mail about any other subject will be silently ignored.

• • Home
  • | New
  • | Browse
  • | Search
  • |
    [?]
  • | Reports
  • | Help
  • | New Account
  • | Log In
    Remember [x]
  • | Forgot Password
    Login: [x]