Disable FIPS mode on Windows

(cherry picked from commit 6aae193ded53d7ea7b2686aca1d33b264103be5c)

diff --git a/config.h.win32 b/config.h.win32
index 5405d83010a67a8e4c11c69ef9e396f5ccdf2c9c..96682f328ded58748a71229b3498f63fc8e3731a 100644 (file)
--- a/config.h.win32
+++ b/config.h.win32
@@ -321,9 +321,6 @@ typedef __int64 off_t;
 /* Define to 1 if you have the `EVP_sha512' function. */
 @HAVE_EVP_SHA512@
 
-/* Define if OpenSSL provides FIPS_mode() */
-@HAVE_FIPS_MODE@
-
 /* Define if OpenSSL includes DSA support */
 @HAVE_OPENSSL_DSA@
 

diff --git a/win32utils/Configure b/win32utils/Configure
index 1183b541af07a114d7635b42f786a02177ad0e39..820956ac40a2c5b14875b6280d50ebdcecea0823 100644 (file)
--- a/win32utils/Configure
+++ b/win32utils/Configure
@@ -201,7 +201,6 @@ my @substdefh = ("AES_CC",
                  "HAVE_EVP_SHA256",
                  "HAVE_EVP_SHA384",
                  "HAVE_EVP_SHA512",
-                 "HAVE_FIPS_MODE",
                  "HAVE_GEOIP",
                  "HAVE_GEOIP_CITY_V6",
                  "HAVE_GEOIP_V6",
@@ -1614,33 +1613,6 @@ EOF
     }
 }
 
-# check FIPS_mode
-
-if ($use_openssl eq "yes") {
-    if ($verbose) {
-        printf "checking for FIPS_mode\n";
-    }
-    open F, ">testfips.c" || die $!;
-    print F << 'EOF';
-extern int FIPS_mode();
-
-int main() {
-    return FIPS_mode();
-}
-EOF
-    close F;
-    my $library = $configlib{"OPENSSL_LIB"};
-    $compret = `cl /nologo /MD testfips.c "$library"`;
-    if (grep { -f and -x } ".\\testfips.exe") {
-        $configdefh{"HAVE_FIPS_MODE"} = 1;
-    } else {
-        if ($verbose) {
-            print "can't compile FIPS_mode test: $compret\n";
-            print "disabling FIPS_mode\n";
-        }
-    }
-}
-
 # check EVP_sha256 / EVP_sha384 / EVP_sha512
 
 if ($use_openssl eq "yes") {