diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-10-18 20:14:36 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-12-08 13:18:43 +0000 |
commit | 00b4ee7664051a0dc589b1d81ba56582576a6ca4 (patch) | |
tree | e5892e49b7d50a00c580a749eb3b9985d4e5ee3d /ssl/ssl_ciph.c | |
parent | 0c1bd7f03fcd1cc8256f89f4962d91b78432c74a (diff) | |
download | openssl-00b4ee7664051a0dc589b1d81ba56582576a6ca4.tar.gz |
Remove some unnecessary OPENSSL_FIPS references
FIPS_mode() exists in all versions of OpenSSL but always returns 0 if OpenSSL is not FIPS
capable.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'ssl/ssl_ciph.c')
-rw-r--r-- | ssl/ssl_ciph.c | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index a846c75eba..1599d7971c 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -643,10 +643,8 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, s->ssl_version < TLS1_VERSION) return 1; -#ifdef OPENSSL_FIPS if (FIPS_mode()) return 1; -#endif if (c->algorithm_enc == SSL_RC4 && c->algorithm_mac == SSL_MD5 && @@ -826,9 +824,7 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, c = ssl_method->get_cipher(i); /* drop those that use any of that is not available */ if ((c != NULL) && c->valid && -#ifdef OPENSSL_FIPS (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) && -#endif !(c->algorithm_mkey & disabled_mkey) && !(c->algorithm_auth & disabled_auth) && !(c->algorithm_enc & disabled_enc) && @@ -1615,11 +1611,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, */ for (curr = head; curr != NULL; curr = curr->next) { -#ifdef OPENSSL_FIPS if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) -#else - if (curr->active) -#endif { if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) { |