diff options
author | Vishal Tak <vtak@gitlab.com> | 2022-04-27 07:45:22 +0300 |
---|---|---|
committer | Vishal Tak <vtak@gitlab.com> | 2022-04-27 09:14:52 +0300 |
commit | 21cfe26446f7862e2a65c9129ef573a1881f296d (patch) | |
tree | 172ae1116e1e076c133dc433b73b35bcc8f3e997 /internal | |
parent | f114a581206c07813031f20ca4dc47a9d8a2e045 (diff) |
Use labkit for fips check
Changelog: changed
Diffstat (limited to 'internal')
-rw-r--r-- | internal/boring/boring.go | 23 | ||||
-rw-r--r-- | internal/boring/notboring.go | 9 |
2 files changed, 0 insertions, 32 deletions
diff --git a/internal/boring/boring.go b/internal/boring/boring.go deleted file mode 100644 index e6d19aeb..00000000 --- a/internal/boring/boring.go +++ /dev/null @@ -1,23 +0,0 @@ -//go:build boringcrypto -// +build boringcrypto - -package boring - -import ( - "crypto/boring" - - "gitlab.com/gitlab-org/labkit/log" -) - -// CheckBoring checks whether FIPS crypto has been enabled. For the FIPS Go -// compiler in https://github.com/golang-fips/go, this requires that: -// -// 1. The kernel has FIPS enabled (e.g. `/proc/sys/crypto/fips_enabled` is 1). -// 2. A system OpenSSL can be dynamically loaded via ldopen(). -func CheckBoring() { - if boring.Enabled() { - log.Info("FIPS mode is enabled. Using an external SSL library.") - return - } - log.Info("GitLab Pages was compiled with FIPS mode but an external SSL library was not enabled.") -} diff --git a/internal/boring/notboring.go b/internal/boring/notboring.go deleted file mode 100644 index 1a7eb52f..00000000 --- a/internal/boring/notboring.go +++ /dev/null @@ -1,9 +0,0 @@ -//go:build !boringcrypto -// +build !boringcrypto - -package boring - -// CheckBoring does nothing when the boringcrypto tag is not in the -// build. -func CheckBoring() { -} |