1 files changed, 27 insertions, 2 deletions

diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 8b98e6f16b..f35c0502ae 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -778,7 +778,12 @@ send_selected_port(_,_,_) ->
 
 rsa_suites(CounterPart) ->
     ECC = is_sane_ecc(CounterPart),
-    lists:filter(fun({rsa, _, _}) ->
+    FIPS = is_fips(CounterPart),
+    lists:filter(fun({rsa, des_cbc, sha}) when FIPS == true ->
+			 false;
+		    ({dhe_rsa, des_cbc, sha}) when FIPS == true ->
+			 false;
+		    ({rsa, _, _}) ->
 			 true;
 		    ({dhe_rsa, _, _}) ->
 			 true;
@@ -949,7 +954,8 @@ der_to_pem(File, Entries) ->
     file:write_file(File, PemBin).
 
 cipher_result(Socket, Result) ->
-    Result = ssl:connection_info(Socket),
+    {ok, Info} = ssl:connection_information(Socket),
+    Result = {ok, {proplists:get_value(protocol, Info), proplists:get_value(cipher_suite, Info)}},
     ct:log("~p:~p~nSuccessfull connect: ~p~n", [?MODULE,?LINE, Result]),
     %% Importante to send two packets here
     %% to properly test "cipher state" handling
@@ -1089,6 +1095,25 @@ is_sane_ecc(crypto) ->
 is_sane_ecc(_) ->
     true.
 
+is_fips(openssl) ->
+    VersionStr = os:cmd("openssl version"),
+    case re:split(VersionStr, "fips") of
+	[_] ->
+	    false;
+	_ ->
+	    true
+    end;
+is_fips(crypto) ->
+    [{_,_, Bin}]  = crypto:info_lib(),
+    case re:split(Bin, <<"fips">>) of
+	[_] ->
+	    false;
+	_ ->
+	    true
+    end;
+is_fips(_) ->
+    false.
+
 cipher_restriction(Config0) ->
     case is_sane_ecc(openssl) of
 	false ->