summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl.c
diff options
context:
space:
mode:
authoremboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2012-12-20 07:00:11 +0000
committeremboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2012-12-20 07:00:11 +0000
commit4fce754f9b603664501ac4ee982988fb264d20f2 (patch)
tree99b04029517f551e2713e6593cbde62f53609b24 /ext/openssl/ossl.c
parenta6ed298df738b21b21ed2073bd89bb65565848f7 (diff)
* ext/openssl/ossl.c: do not use FIPS_mode_set if not available.
* test/openssl/utils.rb: revise comment about setting FIPS mode to false. * test/openssl/test_fips.rb: remove tests that cause errors on ruby-ci. [Feature #6946] [ruby-core:47345] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38491 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl.c')
-rw-r--r--ext/openssl/ossl.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index 9d14ca6..1fae594 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -440,6 +440,8 @@ ossl_debug_set(VALUE self, VALUE val)
static VALUE
ossl_fips_mode_set(VALUE self, VALUE enabled)
{
+
+#ifdef HAVE_OPENSSL_FIPS
if RTEST(enabled) {
int mode = FIPS_mode();
if(!mode && !FIPS_mode_set(1)) /* turning on twice leads to an error */
@@ -449,6 +451,11 @@ ossl_fips_mode_set(VALUE self, VALUE enabled)
ossl_raise(eOSSLError, "Turning off FIPS mode failed");
}
return enabled;
+#else
+ if RTEST(enabled)
+ ossl_raise(eOSSLError, "This version of OpenSSL does not support FIPS mode");
+ return enabled;
+#endif
}
/*