You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by wo...@apache.org on 2020/09/01 17:37:21 UTC

[couchdb] branch 3.x updated: Report if FIPS mode is enabled (#3121)

This is an automated email from the ASF dual-hosted git repository.

wohali pushed a commit to branch 3.x
in repository https://gitbox.apache.org/repos/asf/couchdb.git


The following commit(s) were added to refs/heads/3.x by this push:
     new a5d1fa4  Report if FIPS mode is enabled (#3121)
a5d1fa4 is described below

commit a5d1fa40a1fb89205fb925e99a6bf4235c65b646
Author: Joan Touzet <wo...@users.noreply.github.com>
AuthorDate: Tue Sep 1 13:37:13 2020 -0400

    Report if FIPS mode is enabled (#3121)
    
    This will only report "fips" in the welcome message if FIPS mode
    was enabled at boot (i.e, in vm.args).
    
    Co-authored-by: Robert Newson <rn...@apache.org>
---
 src/couch/src/couch_server.erl | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/couch/src/couch_server.erl b/src/couch/src/couch_server.erl
index b2f8fde..6db3f74 100644
--- a/src/couch/src/couch_server.erl
+++ b/src/couch/src/couch_server.erl
@@ -246,6 +246,16 @@ init([]) ->
     % Mark being able to receive documents with an _access property as a supported feature
     config:enable_feature('access-ready'),
 
+    % Mark if fips is enabled
+    case
+        erlang:function_exported(crypto, info_fips, 0) andalso
+          crypto:info_fips() == enabled of
+        true ->
+            config:enable_feature('fips');
+        false ->
+            ok
+    end,
+
     % read config and register for configuration changes
 
     % just stop if one of the config settings change. couch_server_sup