mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 22:57:08 +00:00
- disable RSAMD5 if in FIPS mode (for openssl and for libnss).
git-svn-id: file:///svn/unbound/trunk@2702 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
parent
98b6f90637
commit
87ded67cb6
@ -1,5 +1,5 @@
|
||||
25 June 2012: Wouter
|
||||
- disable RSAMD5 if in FIPS mode (when compiled with openssl).
|
||||
- disable RSAMD5 if in FIPS mode (for openssl and for libnss).
|
||||
|
||||
22 June 2012: Wouter
|
||||
- implement DS records, NSEC3 and ECDSA for compile with libnss.
|
||||
|
@ -615,11 +615,13 @@ dnskey_algo_id_is_supported(int id)
|
||||
{
|
||||
/* uses libNSS */
|
||||
switch(id) {
|
||||
case LDNS_RSAMD5:
|
||||
/* disable MD5 support if FIPS mode is enabled in libnss */
|
||||
return !PK11_IsFIPS();
|
||||
case LDNS_DSA:
|
||||
case LDNS_DSA_NSEC3:
|
||||
case LDNS_RSASHA1:
|
||||
case LDNS_RSASHA1_NSEC3:
|
||||
case LDNS_RSAMD5:
|
||||
#ifdef USE_SHA2
|
||||
case LDNS_RSASHA256:
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user