Add some accommodations for FreeRDP Change-Id: Iad962fd50ede78eb94e10ba2438163509c4587e0 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/42924 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>

commit: 5eeaf3029dab6b7264522c57a7a2acb461c0a434 [log] [tgz]
author: Adam Langley <alangley@gmail.com> Fri Sep 18 10:28:46 2020 -0700
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Fri Sep 18 17:42:45 2020 +0000
tree: d04ab814ea5f98491db3b0f1864f14d8f1ff9a6d
parent: ca3f243cf0cf1dd50b79f3385154ffb6c7261073 [diff] [blame]
diff --git a/include/openssl/digest.h b/include/openssl/digest.h
index 7b0ed06..8e398e8 100644
--- a/include/openssl/digest.h
+++ b/include/openssl/digest.h

@@ -283,6 +283,15 @@
 // EVP_MD_meth_get_flags calls |EVP_MD_flags|.
 OPENSSL_EXPORT uint32_t EVP_MD_meth_get_flags(const EVP_MD *md);
 
+// EVP_MD_CTX_set_flags does nothing.
+OPENSSL_EXPORT void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+
+// EVP_MD_CTX_FLAG_NON_FIPS_ALLOW is meaningless. In OpenSSL it permits non-FIPS
+// algorithms in FIPS mode. But BoringSSL FIPS mode doesn't prohibit algorithms
+// (it's up the the caller to use the FIPS module in a fashion compliant with
+// their needs). Thus this exists only to allow code to compile.
+#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0
+
 
 struct evp_md_pctx_ops;
commit	5eeaf3029dab6b7264522c57a7a2acb461c0a434	[log] [tgz]
author	Adam Langley <alangley@gmail.com>	Fri Sep 18 10:28:46 2020 -0700
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Fri Sep 18 17:42:45 2020 +0000
tree	d04ab814ea5f98491db3b0f1864f14d8f1ff9a6d
parent	ca3f243cf0cf1dd50b79f3385154ffb6c7261073 [diff] [blame]