diff -up openssl-0.9.8j/README.warning openssl-0.9.8j/README

--- openssl-0.9.8j/README.warning	2009-01-07 11:50:53.000000000 +0100

+++ openssl-0.9.8j/README	2009-01-14 17:43:02.000000000 +0100

@@ -5,6 +5,31 @@

  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

  All rights reserved.

+ WARNING

+ -------

+

+ This version of OpenSSL is built in a way that supports operation in

+ the so called FIPS mode. Note though that the library as we build it

+ is not FIPS validated and the FIPS mode is present for testing purposes

+ only.

+ 

+ This version also contains a few differences from the upstream code

+ some of which are:

+   * The FIPS integrity verification check is implemented differently

+     from the upstream FIPS validated OpenSSL module. It verifies

+     HMAC-SHA256 checksum of the whole libcrypto shared library.

+   * The module respects the kernel FIPS flag /proc/sys/crypto/fips and

+     tries to initialize the FIPS mode if it is set to 1 aborting if the

+     FIPS mode could not be initialized. It is also possible to force the

+     OpenSSL library to FIPS mode especially for debugging purposes by

+     setting the environment variable OPENSSL_FORCE_FIPS_MODE.

+   * If the environment variable OPENSSL_NO_DEFAULT_ZLIB is set the module

+     will not automatically load the built in compression method ZLIB

+     when initialized. Applications can still explicitely ask for ZLIB

+     compression method.

+   * There is added a support for EAP-FAST through TLS extension. This code

+     is backported from OpenSSL upstream development branch.

+

  DESCRIPTION

  -----------