Register the md5 handler if gcrypt is in fips mode once gnutls_global_init_extra() is called.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-06-09 20:35:20 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-06-09 20:35:20 +0200
commit: f8c6a0c9bf202c338088c36d3463958119b1f50e (patch)
tree: b386714037fe213a56969e04f7281a811c357d3a /libextra
parent: fa06298cbb15139f87d54c372109e03b0b8b17b8 (diff)
download: gnutls-f8c6a0c9bf202c338088c36d3463958119b1f50e.tar.gz
1 files changed, 21 insertions, 0 deletions
diff --git a/libextra/gnutls_extra.c b/libextra/gnutls_extra.c
index 471114ca31..f8866cfc07 100644
--- a/libextra/gnutls_extra.c
+++ b/libextra/gnutls_extra.c
@@ -26,6 +26,11 @@
 #include <gnutls_extensions.h>
 #include <gnutls_algorithms.h>
 #include <ext_inner_application.h>
+
+#ifndef HAVE_LIBNETTLE
+# include <gcrypt.h>
+#endif
+
 #ifdef USE_LZO
 # ifdef USE_MINILZO
 #  include "minilzo/minilzo.h"
@@ -146,6 +151,22 @@ gnutls_global_init_extra (void)
     }
 #endif
 
+
+#ifndef HAVE_LIBNETTLE
+# ifdef gcry_fips_mode_active
+  /* Libgcrypt manual says that gcry_version_check must be called
+     before calling gcry_fips_mode_active. */
+  gcry_check_version (NULL);
+  if (gcry_fips_mode_active ())
+    {
+      ret = gnutls_register_md5_handler ();
+      if (ret)
+       fprintf (stderr, "gnutls_register_md5_handler: %s\n",
+                gnutls_strerror (ret));
+    }
+# endif
+#endif
+
   return 0;
 }
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-06-09 20:35:20 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-06-09 20:35:20 +0200
commit	f8c6a0c9bf202c338088c36d3463958119b1f50e (patch)
tree	b386714037fe213a56969e04f7281a811c357d3a /libextra
parent	fa06298cbb15139f87d54c372109e03b0b8b17b8 (diff)
download	gnutls-f8c6a0c9bf202c338088c36d3463958119b1f50e.tar.gz