c29de1fbdc
Add million FIPS and s390 patches - Temporarily ignore broken OPENSSL_INIT_NO_ATEXIT due to our layered FIPS initialization * openssl-fips-ignore_broken_atexit_test.patch - Import FIPS patches from SLE-15 * openssl-fips-dont_run_FIPS_module_installed.patch * openssl-fips_mode.patch * openssl-ship_fips_standalone_hmac.patch * openssl-fips-clearerror.patch * openssl-fips-selftests_in_nonfips_mode.patch - Don't run FIPS power-up self-tests when the checksum files aren't installed (bsc#1042392) * add openssl-fips-run_selftests_only_when_module_is_complete.patch - Import FIPS patches from Fedora (bsc#1157702, jsc#SLE-9553) * openssl-1.1.1-fips-crng-test.patch * openssl-1.1.1-fips-post-rand.patch * openssl-1.1.1-fips.patch * openssl-1.1.0-issuer-hash.patch * openssl-1.1.1-evp-kdf.patch * openssl-1.1.1-ssh-kdf.patch replaces openssl-jsc-SLE-8789-backport_KDF.patch - Support for CPACF enhancements - part 1 (crypto) [bsc#1152695, jsc#SLE-7861] - Add patches: * openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch * openssl-s390x-assembly-pack-add-support-for-pcc-and-kma-inst.patch * openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch * openssl-s390x-assembly-pack-update-OPENSSL_s390xcap-3.patch * openssl-s390xcpuid.pl-fix-comment.patch OBS-URL: https://build.opensuse.org/request/show/766865 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=51
13 lines
545 B
Diff
13 lines
545 B
Diff
Index: openssl-1.1.1d/crypto/o_init.c
|
|
===================================================================
|
|
--- openssl-1.1.1d.orig/crypto/o_init.c 2020-01-23 13:45:11.556634952 +0100
|
|
+++ openssl-1.1.1d/crypto/o_init.c 2020-01-23 13:45:11.572635047 +0100
|
|
@@ -49,6 +49,7 @@ static void init_fips_mode(void)
|
|
NONFIPS_selftest_check();
|
|
/* drop down to non-FIPS mode if it is not requested */
|
|
FIPS_mode_set(0);
|
|
+ ERR_clear_error();
|
|
} else {
|
|
/* abort if selftest failed */
|
|
FIPS_selftest_check();
|