File openssl-fips_disallow_ENGINE_loading.patch of Package openssl-1_0_0.21013

Index: openssl-1.0.2g/crypto/engine/eng_all.c
===================================================================
--- openssl-1.0.2g.orig/crypto/engine/eng_all.c	2016-04-13 15:04:40.644190904 +0200
+++ openssl-1.0.2g/crypto/engine/eng_all.c	2016-04-13 15:06:04.092468490 +0200
@@ -70,11 +70,6 @@ void ENGINE_load_builtin_engines(void)
 #ifdef OPENSSL_FIPS
     OPENSSL_init_library();
     if (FIPS_mode()) {
-        /* We allow loading dynamic engine as a third party
-           engine might be FIPS validated.
-           User is disallowed to load non-validated engines
-           by security policy. */
-        ENGINE_load_dynamic();
         return;
     }
 #endif
openSUSE Build Service is sponsored by