aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKazuki Yamaguchi <k@rhe.jp>2016-05-04 23:09:43 +0900
committerKazuki Yamaguchi <k@rhe.jp>2016-05-05 16:01:14 +0900
commita81684eb55bec7b255697e97f1ac9bf42bbc326b (patch)
treedc0d3712121d5a0c3ec547c7aa10c9948053b8cb
parent346f5f52206c478e9f5d444c8f1697fef7be58b2 (diff)
downloadruby-a81684eb55bec7b255697e97f1ac9bf42bbc326b.tar.gz
ext/openssl: no need to check OPENSSL_FIPS in extconf.rb
Since openssl/opensslconf.h is always included, we can check OPENSSL_FIPS macro directly.
-rw-r--r--ext/openssl/extconf.rb1
-rw-r--r--ext/openssl/ossl.c4
2 files changed, 2 insertions, 3 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index a910fa286c..6e549aeef7 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -151,7 +151,6 @@ have_struct_member("CRYPTO_THREADID", "ptr", "openssl/crypto.h")
have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h")
have_struct_member("EVP_CIPHER_CTX", "engine", "openssl/evp.h")
have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h")
-have_macro("OPENSSL_FIPS", ['openssl/opensslconf.h']) && $defs.push("-DHAVE_OPENSSL_FIPS")
have_macro("EVP_CTRL_GCM_GET_TAG", ['openssl/evp.h']) && $defs.push("-DHAVE_AUTHENTICATED_ENCRYPTION")
Logging::message "=== Checking done. ===\n"
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index 91e741367f..0dacb2701e 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -447,7 +447,7 @@ static VALUE
ossl_fips_mode_set(VALUE self, VALUE enabled)
{
-#ifdef HAVE_OPENSSL_FIPS
+#ifdef OPENSSL_FIPS
if (RTEST(enabled)) {
int mode = FIPS_mode();
if(!mode && !FIPS_mode_set(1)) /* turning on twice leads to an error */
@@ -1114,7 +1114,7 @@ Init_openssl(void)
/*
* Boolean indicating whether OpenSSL is FIPS-enabled or not
*/
-#ifdef HAVE_OPENSSL_FIPS
+#ifdef OPENSSL_FIPS
rb_define_const(mOSSL, "OPENSSL_FIPS", Qtrue);
#else
rb_define_const(mOSSL, "OPENSSL_FIPS", Qfalse);