Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-06-18 03:09:05 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-06-18 03:09:05 +0300
commit: af9e8c5f255cc1851308b7335afd768936296ed3 (patch)
tree: b04a7ecfcadc149a1ecdfb616675e1fa22de3c4f /lib/gitlab/fips.rb
parent: 3e20234984524c3ccfb09eace7b9d170cbcc32d7 (diff)
1 files changed, 1 insertions, 22 deletions
diff --git a/lib/gitlab/fips.rb b/lib/gitlab/fips.rb
index a7106dd70e9..b2c22182d4b 100644
--- a/lib/gitlab/fips.rb
+++ b/lib/gitlab/fips.rb
@@ -23,28 +23,7 @@ module Gitlab
       #
       # @return [Boolean]
       def enabled?
-        # Attempt to auto-detect FIPS mode from OpenSSL
-        return true if OpenSSL.fips_mode
-
-        # Otherwise allow it to be set manually via the env vars
-        return true if ENV["FIPS_MODE"] == "true"
-
-        false
-      end
-
-      # Swap Ruby's Digest::SHAx implementations for OpenSSL::Digest::SHAx.
-      def enable_fips_mode!
-        require 'digest'
-
-        use_openssl_digest(:SHA2, :SHA256)
-        OPENSSL_DIGESTS.each { |alg| use_openssl_digest(alg, alg) }
-      end
-
-      private
-
-      def use_openssl_digest(ruby_algorithm, openssl_algorithm)
-        Digest.send(:remove_const, ruby_algorithm) # rubocop:disable GitlabSecurity/PublicSend
-        Digest.const_set(ruby_algorithm, OpenSSL::Digest.const_get(openssl_algorithm, false))
+        ::Labkit::FIPS.enabled?
       end
     end
   end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-06-18 03:09:05 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-06-18 03:09:05 +0300
commit	af9e8c5f255cc1851308b7335afd768936296ed3 (patch)
tree	b04a7ecfcadc149a1ecdfb616675e1fa22de3c4f /lib/gitlab/fips.rb
parent	3e20234984524c3ccfb09eace7b9d170cbcc32d7 (diff)