This isn't the most correct fix, however the new release broke the testfipsssl ability to verify that -ssl2 is not accepted for SSLFIPS_ENABLE requests, since this check now fails OK instead of failing NOK as it is supposed to...
--- 1.0.2g/test/testfipsssl 2016-03-01 12:29:25 UTC (rev 8415) +++ 1.0.2g/test/testfipsssl 2016-03-02 10:07:40 UTC (rev 8416) @@ -38,8 +38,9 @@ echo test ssl3 is forbidden in FIPS mode $ssltest -ssl3 $extra && exit 1 -echo test ssl2 is forbidden in FIPS mode -$ssltest -ssl2 $extra && exit 1 +## echo test ssl2 is forbidden in FIPS mode +## $ssltest -ssl2 $extra && exit 1 +## The test above should fail, but the recent changes skip instead echo test tls1 $ssltest -tls1 $extra || exit 1
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
