From 1c510b9686070d08a990110d8898d9c5811570c7 Mon Sep 17 00:00:00 2001
From: Robert Newson <rnewson@apache.org>
Date: Fri, 5 Jun 2020 12:40:08 +0100
Subject: Report if FIPS mode is enabled

This will only report "fips" in the welcome message if FIPS mode
was enabled at boot (i.e, in vm.args).
---
 src/couch/src/couch_server.erl | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/couch/src/couch_server.erl b/src/couch/src/couch_server.erl
index b2f8fdead..6db3f7448 100644
--- a/src/couch/src/couch_server.erl
+++ b/src/couch/src/couch_server.erl
@@ -246,6 +246,16 @@ init([]) ->
     % Mark being able to receive documents with an _access property as a supported feature
     config:enable_feature('access-ready'),
 
+    % Mark if fips is enabled
+    case
+        erlang:function_exported(crypto, info_fips, 0) andalso
+          crypto:info_fips() == enabled of
+        true ->
+            config:enable_feature('fips');
+        false ->
+            ok
+    end,
+
     % read config and register for configuration changes
 
     % just stop if one of the config settings change. couch_server_sup
-- 
cgit v1.2.1