diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-01-26 15:53:07 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-01-26 15:53:07 +0000 |
commit | 5ca9cb7cbd6e69408221c80350e5e038cf9bfd04 (patch) | |
tree | 8778baa84010c71e683387c88f305927bf5161ff | |
parent | 83c3410b94ae3c845142fdfb55e245273846ecf0 (diff) | |
download | openssl-5ca9cb7cbd6e69408221c80350e5e038cf9bfd04.tar.gz |
FIPS mode ERR changes. Redirect errors to tiny FIPS callbacks to avoid ERR
library dependencies.
-rw-r--r-- | crypto/err/err.c | 2 | ||||
-rw-r--r-- | crypto/err/err.h | 11 | ||||
-rw-r--r-- | crypto/err/err_all.c | 5 |
3 files changed, 18 insertions, 0 deletions
diff --git a/crypto/err/err.c b/crypto/err/err.c index fcdb244008..b586004166 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -109,6 +109,8 @@ * */ +#define OPENSSL_NO_FIPS_ERR + #include <stdio.h> #include <stdarg.h> #include <string.h> diff --git a/crypto/err/err.h b/crypto/err/err.h index 974cc9cc6f..37aee6f485 100644 --- a/crypto/err/err.h +++ b/crypto/err/err.h @@ -137,6 +137,17 @@ extern "C" { #define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0) #endif +#if defined(OPENSSL_FIPSCANISTER) && !defined(OPENSSL_NO_FIPS_ERR) +#define ERR_put_error FIPS_put_error +#define ERR_add_error_data FIPS_add_error_data +#endif + +#ifdef OPENSSL_FIPS +void FIPS_set_error_callbacks( + void (*put_cb)(int lib, int func,int reason,const char *file,int line), + void (*add_cb)(int num, va_list args) ); +#endif + #include <errno.h> #define ERR_TXT_MALLOCED 0x01 diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index fc049e8e88..3544e8fecd 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +#define OPENSSL_NO_FIPS_ERR + #include <stdio.h> #include <openssl/asn1.h> #include <openssl/bn.h> @@ -106,6 +108,9 @@ void ERR_load_crypto_strings(void) { +#ifdef OPENSSL_FIPS + FIPS_set_error_callbacks(ERR_put_error, ERR_add_error_vdata); +#endif #ifndef OPENSSL_NO_ERR ERR_load_ERR_strings(); /* include error strings for SYSerr */ ERR_load_BN_strings(); |