[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Dr. Stephen Henson
steve at openssl.org
Sat Sep 12 01:42:59 UTC 2015
The branch OpenSSL_1_0_2-stable has been updated
via 2aa5a2c76656f3873fecd0f0bcc628c1861c27a9 (commit)
from eac2b837d63fbac8acb3a9d1f65a2d8379edfc93 (commit)
- Log -----------------------------------------------------------------
commit 2aa5a2c76656f3873fecd0f0bcc628c1861c27a9
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Sat Sep 12 00:44:07 2015 +0100
Check for FIPS mode after loading config.
PR#3958
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/pkcs12.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 4ff6449..e41b445 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -134,13 +134,6 @@ int MAIN(int argc, char **argv)
apps_startup();
-# ifdef OPENSSL_FIPS
- if (FIPS_mode())
- cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
- else
-# endif
- cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-
enc = EVP_des_ede3_cbc();
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
@@ -148,6 +141,13 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
+# ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+ else
+# endif
+ cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+
args = argv + 1;
while (*args) {
More information about the openssl-commits
mailing list