diff options
author | Ingela Anderton Andin <[email protected]> | 2015-06-15 14:17:35 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2015-06-15 14:17:35 +0200 |
commit | 0dbe45a5ef3df42905efbcd36114570f1a7df87c (patch) | |
tree | c3c5681b754ad5d96f326ebc420a01d230c974ba /lib/ssl/test | |
parent | 56e3ade9d8396cba5508b0de557a1bd574c37b69 (diff) | |
parent | 331ade0e56df08d9f2eb1b71cf22f30038015e93 (diff) | |
download | otp-0dbe45a5ef3df42905efbcd36114570f1a7df87c.tar.gz otp-0dbe45a5ef3df42905efbcd36114570f1a7df87c.tar.bz2 otp-0dbe45a5ef3df42905efbcd36114570f1a7df87c.zip |
Merge branch 'ia/ssl/test-fips'
* ia/ssl/test-fips:
ssl: Filter suites for openssl FIPS if necessary
Diffstat (limited to 'lib/ssl/test')
-rw-r--r-- | lib/ssl/test/ssl_test_lib.erl | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl index a3bfdf8893..f35c0502ae 100644 --- a/lib/ssl/test/ssl_test_lib.erl +++ b/lib/ssl/test/ssl_test_lib.erl @@ -778,7 +778,12 @@ send_selected_port(_,_,_) -> rsa_suites(CounterPart) -> ECC = is_sane_ecc(CounterPart), - lists:filter(fun({rsa, _, _}) -> + FIPS = is_fips(CounterPart), + lists:filter(fun({rsa, des_cbc, sha}) when FIPS == true -> + false; + ({dhe_rsa, des_cbc, sha}) when FIPS == true -> + false; + ({rsa, _, _}) -> true; ({dhe_rsa, _, _}) -> true; @@ -1090,6 +1095,25 @@ is_sane_ecc(crypto) -> is_sane_ecc(_) -> true. +is_fips(openssl) -> + VersionStr = os:cmd("openssl version"), + case re:split(VersionStr, "fips") of + [_] -> + false; + _ -> + true + end; +is_fips(crypto) -> + [{_,_, Bin}] = crypto:info_lib(), + case re:split(Bin, <<"fips">>) of + [_] -> + false; + _ -> + true + end; +is_fips(_) -> + false. + cipher_restriction(Config0) -> case is_sane_ecc(openssl) of false -> |