* src/gcrypt.h.in (GCRY_MD_FLAG_FIPS_NO_REJECTION): Remove.
(GCRY_MD_FLAG_REJECT_NON_FIPS): New.
* cipher/md.c (struct gcry_md_context): Add reject_non_fips.
(md_enable): Remove NO_REJECT argument.
(md_open): Change the FLAGS handling.
(_gcry_md_open): Add checking of FIPS compliance against ALGO.
(_gcry_md_enable): Likewise.
(_gcry_md_hash_buffer): Follow the change of md_open change
which now defaults to no rejection.
(_gcry_md_hash_buffers_extract): Likewise.
* src/visibility.c (gcry_md_open): Add fips_service_indicator_init.
(gcry_md_enable): Likewise.
(gcry_md_setkey): Don't reject but mark non-compliance.
* tests/t-kdf.c (check_fips_gcry_kdf_derive): Add a test with
non-compliant hash function.
* cipher/mac-hmac.c (_gcry_mac_type_spec_hmac_md5): It's not
compliant.
* cipher/md5.c (gcry_md_oid_spec_t oid_spec_md5): It's not compliant.
* tests/t-digest.c (check_hash_buffer, check_hash_buffers): MD5
tests enabled.