From 0e03fa86df3c2ba3afb3793c724d3579afd1ecf3 Mon Sep 17 00:00:00 2001
From: Byron Clark <byron@theclarkfamily.name>
Date: Sun, 26 May 2019 10:52:51 -0600
Subject: [PATCH] Remove OPENSSL_FIPS wrappers.

Because we're building with a FIPS enabled OpenSSL instead of the FIPS
canister, the resulting build should be usable on both FIPS and non-FIPS
enabled systems. Since we can't rely on building with a FIPS enabled
OpenSSL, defer the check to runtime.
---
 src/client/ns_turn_msg.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/src/client/ns_turn_msg.c b/src/client/ns_turn_msg.c
index db761d19..4bb466af 100644
--- a/src/client/ns_turn_msg.c
+++ b/src/client/ns_turn_msg.c
@@ -239,11 +239,9 @@ int stun_produce_integrity_key_str(uint8_t *uname, uint8_t *realm, uint8_t *upwd
 		unsigned int keylen = 0;
 		EVP_MD_CTX ctx;
 		EVP_MD_CTX_init(&ctx);
-#ifdef OPENSSL_FIPS
 		if (FIPS_mode()) {
 			EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
 		}
-#endif
 		EVP_DigestInit_ex(&ctx,EVP_md5(), NULL);
 		EVP_DigestUpdate(&ctx,str,strl);
 		EVP_DigestFinal(&ctx,key,&keylen);
@@ -251,11 +249,9 @@ int stun_produce_integrity_key_str(uint8_t *uname, uint8_t *realm, uint8_t *upwd
 #else
 		unsigned int keylen = 0;
 		EVP_MD_CTX *ctx = EVP_MD_CTX_new();
-#ifdef OPENSSL_FIPS
 		if (FIPS_mode()) {
 			EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
 		}
-#endif
 		EVP_DigestInit_ex(ctx,EVP_md5(), NULL);
 		EVP_DigestUpdate(ctx,str,strl);
 		EVP_DigestFinal(ctx,key,&keylen);