removed zombie mode, and no longer use fips140.h

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2013-12-04 15:48:49 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2013-12-04 15:48:49 +0100
commit: 4123494385f4c0916923a870c8a69cf664e99df4 (patch)
tree: c9d226e3fe255a61f3bf99a832979e66c82987c8 /lib/crypto-api.c
parent: d0b75ec928a2eb1a9d5b10ec2d0127111544c7a1 (diff)
download: gnutls-4123494385f4c0916923a870c8a69cf664e99df4.tar.gz
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index 8618e1a139..850e206898 100644
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -317,8 +317,9 @@ gnutls_hmac_init(gnutls_hmac_hd_t * dig,
 {
 #ifdef ENABLE_FIPS140
 	/* MD5 is only allowed internally for TLS */
-	if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST && 
-		_gnutls_get_lib_state() != LIB_STATE_ZOMBIE) {
+	if (gnutls_fips140_mode_enabled() != 0 &&
+		_gnutls_get_lib_state() != LIB_STATE_SELFTEST) {
+
 		if (algorithm == GNUTLS_MAC_MD5)
 			return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
 	}
@@ -463,8 +464,9 @@ gnutls_hash_init(gnutls_hash_hd_t * dig,
 {
 #ifdef ENABLE_FIPS140
 	/* MD5 is only allowed internally for TLS */
-	if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST && 
-		_gnutls_get_lib_state() != LIB_STATE_ZOMBIE) {
+	if (gnutls_fips140_mode_enabled() != 0 &&
+		_gnutls_get_lib_state() != LIB_STATE_SELFTEST) {
+
 		if (algorithm == GNUTLS_DIG_MD5)
 			return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
 	}
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2013-12-04 15:48:49 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2013-12-04 15:48:49 +0100
commit	4123494385f4c0916923a870c8a69cf664e99df4 (patch)
tree	c9d226e3fe255a61f3bf99a832979e66c82987c8 /lib/crypto-api.c
parent	d0b75ec928a2eb1a9d5b10ec2d0127111544c7a1 (diff)
download	gnutls-4123494385f4c0916923a870c8a69cf664e99df4.tar.gz