aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/vmime/net/tls/openssl/OpenSSLInitializer.cpp14
1 files changed, 11 insertions, 3 deletions
diff --git a/src/vmime/net/tls/openssl/OpenSSLInitializer.cpp b/src/vmime/net/tls/openssl/OpenSSLInitializer.cpp
index 49b34b54..63e1de57 100644
--- a/src/vmime/net/tls/openssl/OpenSSLInitializer.cpp
+++ b/src/vmime/net/tls/openssl/OpenSSLInitializer.cpp
@@ -115,10 +115,18 @@ void OpenSSLInitializer::initialize() {
OPENSSL_config(NULL);
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ static const bool isFIPSenabled = EVP_default_properties_is_fips_enabled(nullptr) == 1;
+#else
+ static const bool isFIPSenabled = FIPS_mode() == 1;
+#endif
+
#if OPENSSL_VERSION_NUMBER >=0x10100000L
- OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS |
- OPENSSL_INIT_LOAD_CONFIG | OPENSSL_INIT_ENGINE_OPENSSL | OPENSSL_INIT_ENGINE_ALL_BUILTIN , NULL);
- OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
+ vmime_uint64 flags = OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CONFIG;
+ if (!isFIPSenabled) {
+ flags |= OPENSSL_INIT_ENGINE_OPENSSL | OPENSSL_INIT_ENGINE_ALL_BUILTIN;
+ }
+ OPENSSL_init_ssl(flags, NULL);
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000L
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-09 02:57:09 +0000