Remove some unnecessary OPENSSL_FIPS references

FIPS_mode() exists in all versions of OpenSSL but always returns 0 if OpenSSL is not FIPS capable. Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2014-10-18 20:14:36 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2014-12-08 13:18:43 +0000
commit: 00b4ee7664051a0dc589b1d81ba56582576a6ca4 (patch)
tree: e5892e49b7d50a00c580a749eb3b9985d4e5ee3d /ssl/s23_clnt.c
parent: 0c1bd7f03fcd1cc8256f89f4962d91b78432c74a (diff)
download: openssl-00b4ee7664051a0dc589b1d81ba56582576a6ca4.tar.gz
1 files changed, 0 insertions, 4 deletions
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 37b3e23784..80dd2cab7d 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -356,14 +356,12 @@ static int ssl23_client_hello(SSL *s)
 			version_major = TLS1_VERSION_MAJOR;
 			version_minor = TLS1_VERSION_MINOR;
 			}
-#ifdef OPENSSL_FIPS
 		else if(FIPS_mode())
 			{
 			SSLerr(SSL_F_SSL23_CLIENT_HELLO,
 					SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
 			return -1;
 			}
-#endif
 		else if (version == SSL3_VERSION)
 			{
 			version_major = SSL3_VERSION_MAJOR;
@@ -519,14 +517,12 @@ static int ssl23_get_server_hello(SSL *s)
 		if ((p[2] == SSL3_VERSION_MINOR) &&
 			!(s->options & SSL_OP_NO_SSLv3))
 			{
-#ifdef OPENSSL_FIPS
 			if(FIPS_mode())
 				{
 				SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
 					SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
 				goto err;
 				}
-#endif
 			s->version=SSL3_VERSION;
 			s->method=SSLv3_client_method();
 			}
author	Dr. Stephen Henson <steve@openssl.org>	2014-10-18 20:14:36 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2014-12-08 13:18:43 +0000
commit	00b4ee7664051a0dc589b1d81ba56582576a6ca4 (patch)
tree	e5892e49b7d50a00c580a749eb3b9985d4e5ee3d /ssl/s23_clnt.c
parent	0c1bd7f03fcd1cc8256f89f4962d91b78432c74a (diff)
download	openssl-00b4ee7664051a0dc589b1d81ba56582576a6ca4.tar.gz