Author: schultz Date: Sat Jul 9 02:05:06 2011 New Revision: 1144573 URL: http://svn.apache.org/viewvc?rev=1144573&view=rev Log: Added function to enter FIPS mode.
Modified: tomcat/native/trunk/native/src/ssl.c Modified: tomcat/native/trunk/native/src/ssl.c URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/ssl.c?rev=1144573&r1=1144572&r2=1144573&view=diff ============================================================================== --- tomcat/native/trunk/native/src/ssl.c (original) +++ tomcat/native/trunk/native/src/ssl.c Sat Jul 9 02:05:06 2011 @@ -503,6 +503,32 @@ TCN_IMPLEMENT_CALL(void, SSL, randSet)(T } TCN_FREE_CSTRING(file); } + +TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode) +{ + int r = 0; + UNREFERENCED(o); + +#ifdef OPENSSL_FIPS + if(1 != (r = (jint)FIPS_mode_set((int)mode))) { + /* arrange to get a human-readable error message */ + unsigned long err = ERR_get_error(); + char msg[256]; + + /* ERR_load_crypto_strings() already called in initialize() */ + + ERR_error_string_n(err, msg, 256); + + tcn_ThrowException(e, msg); + } +#else + /* FIPS is unavailable */ + tcn_ThrowException(e, "FIPS was not available to tcnative at build time. You will need to re-build tcnative against an OpenSSL with FIPS."); +#endif + + return r; +} + /* OpenSSL Java Stream BIO */ typedef struct { @@ -876,6 +902,14 @@ TCN_IMPLEMENT_CALL(void, SSL, randSet)(T UNREFERENCED(file); } +TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode) +{ + UNREFERENCED_STDARGS; + UNREFERENCED(mode); + + return 0; +} + TCN_IMPLEMENT_CALL(jlong, SSL, newBIO)(TCN_STDARGS, jlong pool, jobject callback) { --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org