diff options
author | Vít Ondruch <vondruch@redhat.com> | 2020-08-25 15:04:54 +0300 |
---|---|---|
committer | Michael Dawson <mdawson@devrus.com> | 2021-02-26 02:12:58 +0300 |
commit | f392ac0bbe3f3757872b9c7cdc785928034b62e9 (patch) | |
tree | 39bf31adb1c4d24b74f717e7e0272bbccc18ac5a /src/node.cc | |
parent | 148bc33347266a0293d52859cbf9580ade9b6cbe (diff) |
crypto: make FIPS related options always awailable
There is no reason to hide FIPS functionality behind build flags.
OpenSSL always provide the information about FIPS availability via
`FIPS_mode()` function.
This makes the user experience more consistent, because the OpenSSL
library is always queried and the `crypto.getFips()` always returns
OpenSSL settings.
Fixes #34903
PR-URL: https://github.com/nodejs/node/pull/36341
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Diffstat (limited to 'src/node.cc')
-rw-r--r-- | src/node.cc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/node.cc b/src/node.cc index 2ed92b8774a..eed3a1dbfa8 100644 --- a/src/node.cc +++ b/src/node.cc @@ -1013,11 +1013,11 @@ InitializationResult InitializeOncePerProcess(int argc, char** argv) { if (credentials::SafeGetenv("NODE_EXTRA_CA_CERTS", &extra_ca_certs)) crypto::UseExtraCaCerts(extra_ca_certs); } -#ifdef NODE_FIPS_MODE // In the case of FIPS builds we should make sure // the random source is properly initialized first. - OPENSSL_init(); -#endif // NODE_FIPS_MODE + if (FIPS_mode()) { + OPENSSL_init(); + } // V8 on Windows doesn't have a good source of entropy. Seed it from // OpenSSL's pool. V8::SetEntropySource(crypto::EntropySource); |