Commits on Jan 16, 2019

1. build: introduce --openssl-is-fips flag …

   This commit introduces a new configuration flag named
   --openssl-is-fips which is intended to be used when linking against
   an OpenSSL library that is FIPS compatible.
   
   The motivation for this is that Red Hat Enterprise Linux 8 (RHEL8)
   comes with OpenSSL 1.1.1 and includes FIPS support, and we would
   like to be able to dynamically link against this version and also have
   FIPS features enabled in node, like would be done when statically
   linking and using the --openssl-fips flag.
   
   The suggestion here is to introduce a new flag:
   $ ./configure --help
   ...
   --openssl-is-fips specifies that the shared OpenSSL version is FIPS
                     compatible
   
   This flag could be used in combination with the shared-openssl flag:
   $ ./configure --shared-openssl ---openssl-is-fips
   
   This will enable FIPS support in node and the runtime flags will be
   availalbe to enable FIPS (--enable-fips, --force-fips).

   

   danbev committed Jan 16, 2019
   Configuration menu

   • View commit details
   • Copy full SHA for 3397f29
   • Browse repository at this point

   Copy the full SHA

   3397f29 View commit details

   Browse the repository at this point in the history

2. src: fix FIPS section in Sign::SignFinal …

   Currently, while FIPS is not supported yet for this release there might
   be an option to dynamically link against a FIPS compatible OpenSSL
   version.
   
   This commit fixes the compiler errors.

   

   danbev committed Jan 16, 2019
   Configuration menu

   • View commit details
   • Copy full SHA for 8856979
   • Browse repository at this point

   Copy the full SHA

   8856979 View commit details

   Browse the repository at this point in the history