HMAC_CTX_init(&ctx_a);
HMAC_CTX_init(&ctx_out);
+ HMAC_CTX_set_flags(&ctx_a, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ HMAC_CTX_set_flags(&ctx_out, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
HMAC_Init_ex(&ctx_a, secret, secret_len, evp_md, NULL);
HMAC_Init_ex(&ctx_out, secret, secret_len, evp_md, NULL);
RDEBUG2("--> Starting OCSP Request");
if (X509_STORE_CTX_get1_issuer(&issuer_cert, ctx, client_cert) != 1) {
radlog(L_ERR, "Error: Couldn't get issuer_cert for %s", common_name);
+ } else if (!issuer_cert && !subject[0]) {
+ radlog(L_ERR, "Error: Missing issuer_cert and subject for %s", common_name);
} else {
my_ok = ocsp_check(ocsp_store, issuer_cert, client_cert, conf);
}