ASF Bugzilla – Attachment 27225 Details for
Bug 50570
Allow explicit use of FIPS mode in APR lifecycle listener
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
A fipsModeSet implementation that is more robust than the original patch
50570.native.patch (text/plain), 1.15 KB, created by
Christopher Schultz
on 2011-06-28 21:37:31 UTC
(
hide
)
Description:
A fipsModeSet implementation that is more robust than the original patch
Filename:
MIME Type:
Creator:
Christopher Schultz
Created:
2011-06-28 21:37:31 UTC
Size:
1.15 KB
patch
obsolete
>Index: src/ssl.c >=================================================================== >--- src/ssl.c (revision 1140772) >+++ src/ssl.c (working copy) >@@ -503,6 +503,34 @@ > } > TCN_FREE_CSTRING(file); > } >+ >+TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode) >+{ >+ int r = 0; >+ >+ UNREFERENCED(o); >+ >+#ifdef OPENSSL_FIPS >+ if(!(r = FIPS_mode_set((int)mode))) { >+ /* arrange to get a human-readable error message */ >+ unsigned long err = ERR_get_error(); >+ char msg[255]; >+ >+ /* ERR_load_crypto_strings() already called in initialize() */ >+ >+ ERR_error_string_n(err, msg, 255); >+ >+ tcn_ThrowException(e, msg); >+ >+ r = 0; >+ } >+#else >+ /* FIPS is unavailable */ >+ tcn_ThrowException(e, "FIPS mode not supported by OpenSSL"); >+#endif >+ return r; >+} >+ > /* OpenSSL Java Stream BIO */ > > typedef struct { >@@ -876,6 +904,12 @@ > UNREFERENCED(file); > } > >+TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode) >+{ >+ UNREFERENCED_STDARGS; >+ UNREFERENCED(mode); >+} >+ > TCN_IMPLEMENT_CALL(jlong, SSL, newBIO)(TCN_STDARGS, jlong pool, > jobject callback) > {
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 50570
:
26582
|
26775
|
26776
|
27224
| 27225