Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-pages.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/internal/boring/boring.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/boring/boring.go')
-rw-r--r--internal/boring/boring.go9
1 files changed, 7 insertions, 2 deletions
diff --git a/internal/boring/boring.go b/internal/boring/boring.go
index 0a59ec4a..e6d19aeb 100644
--- a/internal/boring/boring.go
+++ b/internal/boring/boring.go
@@ -9,10 +9,15 @@ import (
"gitlab.com/gitlab-org/labkit/log"
)
+// CheckBoring checks whether FIPS crypto has been enabled. For the FIPS Go
+// compiler in https://github.com/golang-fips/go, this requires that:
+//
+// 1. The kernel has FIPS enabled (e.g. `/proc/sys/crypto/fips_enabled` is 1).
+// 2. A system OpenSSL can be dynamically loaded via ldopen().
func CheckBoring() {
if boring.Enabled() {
- log.Info("FIPS mode is enabled. Using BoringSSL.")
+ log.Info("FIPS mode is enabled. Using an external SSL library.")
return
}
- log.Info("GitLab Pages was compiled with FIPS mode but BoringSSL is not enabled.")
+ log.Info("GitLab Pages was compiled with FIPS mode but an external SSL library was not enabled.")
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-23 00:44:12 +0300