Adding win32 tweak to disable fips mode on openssl.

Perry Werneck
1 parent 6981e873
Showing 3 changed files with 37 additions and 7 deletions Show diff stats
src/core/linkedlist.c
src/network_modules/openssl/context.c
src/testprogram/testprogram.c
@@ -36,6 +36,7 @@
 #include <lib3270/log.h>
 #include <linkedlist.h>
 #include <string.h>
+#include <errno.h>
  
 /*---[ Implement ]------------------------------------------------------------------------------------------------------------*/
  
@@ -154,26 +154,54 @@ SSL_CTX * lib3270_openssl_get_context(H3270 *hSession) {
 	SSL_load_error_strings();
 	SSL_library_init();
  
-#ifdef OPENSSL_FIPS
+#if !defined(OPENSSL_FIPS)
  
 	lib3270_write_log(
 		hSession,
 		"openssl",
-		"Initializing %s %s FIPS.\n",
-		SSLeay_version(SSLEAY_VERSION),
-		(FIPS_mode() ? "with" : "without" )
+		"Initializing %s\n",
+		SSLeay_version(SSLEAY_VERSION)
 	);
  
+#elif defined(_WIN32)
+		{
+			lib3270_auto_cleanup(HKEY) hKey;
+			DWORD disp = 0;
+			LSTATUS	rc = RegCreateKeyEx(
+				HKEY_LOCAL_MACHINE,
+				"Software\\" LIB3270_STRINGIZE_VALUE_OF(PRODUCT_NAME) "\\tweaks",
+				0,
+				NULL,
+				REG_OPTION_NON_VOLATILE,
+				KEY_QUERY_VALUE|KEY_READ,
+				NULL,
+				&hKey,
+				&disp);
+
+			if(rc == ERROR_SUCCESS) {
+				FIPS_mode_set(lib3270_win32_get_dword(hKey, "fips_mode", 1));
+			}
+
+			lib3270_write_log(
+				hSession,
+				"openssl",
+				"Initializing %s %s FIPS.\n",
+				SSLeay_version(SSLEAY_VERSION),
+				(FIPS_mode() ? "with" : "without" )
+			);
+
+		}
 #else
  
 	lib3270_write_log(
 		hSession,
 		"openssl",
-		"Initializing %s without FIPS.\n",
-		SSLeay_version(SSLEAY_VERSION)
+		"Initializing %s %s FIPS.\n",
+		SSLeay_version(SSLEAY_VERSION),
+		(FIPS_mode() ? "with" : "without" )
 	);
  
-#endif // OPENSSL_FIPS
+#endif
  
 	context = SSL_CTX_new(SSLv23_method());
 	if(context == NULL) {
@@ -41,6 +41,7 @@
 #include <lib3270/log.h>
 #include <lib3270/properties.h>
 #include <lib3270/charset.h>
+#include <stdio.h>
  
 #ifdef _WIN32
 #include <lib3270/win32.h>
...	...	@@ -36,6 +36,7 @@
36	36	#include <lib3270/log.h>
37	37	#include <linkedlist.h>
38	38	#include <string.h>
	39	+#include <errno.h>
39	40
40	41	/---[ Implement ]------------------------------------------------------------------------------------------------------------/
41	42
...	...
...	...	@@ -154,26 +154,54 @@ SSL_CTX * lib3270_openssl_get_context(H3270 *hSession) {
154	154	SSL_load_error_strings();
155	155	SSL_library_init();
156	156
157		-#ifdef OPENSSL_FIPS
	157	+#if !defined(OPENSSL_FIPS)
158	158
159	159	lib3270_write_log(
160	160	hSession,
161	161	"openssl",
162		- "Initializing %s %s FIPS.\n",
163		- SSLeay_version(SSLEAY_VERSION),
164		- (FIPS_mode() ? "with" : "without" )
	162	+ "Initializing %s\n",
	163	+ SSLeay_version(SSLEAY_VERSION)
165	164	);
166	165
	166	+#elif defined(_WIN32)
	167	+ {
	168	+ lib3270_auto_cleanup(HKEY) hKey;
	169	+ DWORD disp = 0;
	170	+ LSTATUS rc = RegCreateKeyEx(
	171	+ HKEY_LOCAL_MACHINE,
	172	+ "Software\\" LIB3270_STRINGIZE_VALUE_OF(PRODUCT_NAME) "\\tweaks",
	173	+ 0,
	174	+ NULL,
	175	+ REG_OPTION_NON_VOLATILE,
	176	+ KEY_QUERY_VALUE\|KEY_READ,
	177	+ NULL,
	178	+ &hKey,
	179	+ &disp);
	180	+
	181	+ if(rc == ERROR_SUCCESS) {
	182	+ FIPS_mode_set(lib3270_win32_get_dword(hKey, "fips_mode", 1));
	183	+ }
	184	+
	185	+ lib3270_write_log(
	186	+ hSession,
	187	+ "openssl",
	188	+ "Initializing %s %s FIPS.\n",
	189	+ SSLeay_version(SSLEAY_VERSION),
	190	+ (FIPS_mode() ? "with" : "without" )
	191	+ );
	192	+
	193	+ }
167	194	#else
168	195
169	196	lib3270_write_log(
170	197	hSession,
171	198	"openssl",
172		- "Initializing %s without FIPS.\n",
173		- SSLeay_version(SSLEAY_VERSION)
	199	+ "Initializing %s %s FIPS.\n",
	200	+ SSLeay_version(SSLEAY_VERSION),
	201	+ (FIPS_mode() ? "with" : "without" )
174	202	);
175	203
176		-#endif // OPENSSL_FIPS
	204	+#endif
177	205
178	206	context = SSL_CTX_new(SSLv23_method());
179	207	if(context == NULL) {
...	...
...	...	@@ -41,6 +41,7 @@
41	41	#include <lib3270/log.h>
42	42	#include <lib3270/properties.h>
43	43	#include <lib3270/charset.h>
	44	+#include <stdio.h>
44	45
45	46	#ifdef _WIN32
46	47	#include <lib3270/win32.h>
...	...