Fix compile issue

sonic-net · Apr 8, 2024 · ca66e61 · ca66e61
1 parent 57212d9
commit ca66e61
Showing 1 changed file with 13 additions and 13 deletions.
diff --git a/debian/patches/001_enable_config_fips.patch b/debian/patches/001_enable_config_fips.patch
@@ -1,5 +1,5 @@
 diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
-index b644b6ca7..363b553fb 100644
+index b644b6ca7..e944d3205 100644
 --- a/src/crypto/crypto_openssl.c
 +++ b/src/crypto/crypto_openssl.c
 @@ -193,12 +193,16 @@ static int openssl_digest_vector(const EVP_MD *type, size_t num_elem,
@@ -39,12 +39,12 @@ index b644b6ca7..363b553fb 100644
 
 
  int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
-@@ -1105,13 +1112,16 @@ done:
+@@ -1105,13 +1112,17 @@ done:
  }
 
 
 -#ifndef CONFIG_FIPS
--
+ 
  int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem,
  		    const u8 *addr[], const size_t *len, u8 *mac)
  {
@@ -58,17 +58,17 @@ index b644b6ca7..363b553fb 100644
  }
 
 
-@@ -1121,8 +1131,6 @@ int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len,
+@@ -1121,7 +1132,7 @@ int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len,
  	return hmac_md5_vector(key, key_len, 1, &data, &data_len, mac);
  }
 
 -#endif /* CONFIG_FIPS */
--
++
+
 
  int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len,
- 		int iterations, u8 *buf, size_t buflen)
 diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
-index ef872c50e..783e50b23 100644
+index ef872c50e..c3d05202c 100644
 --- a/src/crypto/tls_openssl.c
 +++ b/src/crypto/tls_openssl.c
 @@ -21,6 +21,7 @@
@@ -79,16 +79,16 @@ index ef872c50e..783e50b23 100644
  #ifndef OPENSSL_NO_ENGINE
  #include <openssl/engine.h>
  #endif /* OPENSSL_NO_ENGINE */
-@@ -965,7 +966,7 @@ void * tls_init(const struct tls_config *conf)
+@@ -964,8 +965,11 @@ void * tls_init(const struct tls_config *conf)
+ #ifdef OPENSSL_FIPS
  		if (conf && conf->fips_mode) {
  			static int fips_enabled = 0;
-
--			if (!fips_enabled && !FIPS_mode_set(1)) {
+-
 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
 +			if (!fips_enabled && !EVP_default_properties_enable_fips(NULL, 1)) {
-+#else
-+			if (!fips_enabled && !FIPS_mode_set(1)) {
-+#endif /* OpenSSL version >= 3.0 */
++#else	/* OpenSSL version >= 3.0 */
+ 			if (!fips_enabled && !FIPS_mode_set(1)) {
++#endif	/* OpenSSL version >= 3.0 */
  				wpa_printf(MSG_ERROR, "Failed to enable FIPS "
  					   "mode");
  				ERR_load_crypto_strings();