mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-31 06:25:31 +00:00
Use isc_fips_mode() and isc_fips_set_mode() in
bin/named/server.c and lib/dns/openssl_link.c
This commit is contained in:
@@ -27,6 +27,7 @@
|
||||
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#include <isc/fips.h>
|
||||
#include <isc/mem.h>
|
||||
#include <isc/mutex.h>
|
||||
#include <isc/mutexblock.h>
|
||||
@@ -63,19 +64,19 @@ static ENGINE *global_engine = NULL;
|
||||
|
||||
static void
|
||||
enable_fips_mode(void) {
|
||||
#ifdef HAVE_FIPS_MODE
|
||||
if (FIPS_mode() != 0) {
|
||||
#if defined(ENABLE_FIPS_MODE)
|
||||
if (isc_fips_mode()) {
|
||||
/*
|
||||
* FIPS mode is already enabled.
|
||||
*/
|
||||
return;
|
||||
}
|
||||
|
||||
if (FIPS_mode_set(1) == 0) {
|
||||
if (isc_fips_set_mode(1) != ISC_R_SUCCESS) {
|
||||
dst__openssl_toresult2("FIPS_mode_set", DST_R_OPENSSLFAILURE);
|
||||
exit(1);
|
||||
}
|
||||
#endif /* HAVE_FIPS_MODE */
|
||||
#endif
|
||||
}
|
||||
|
||||
isc_result_t
|
||||
|
Reference in New Issue
Block a user