Add fips_mode flag to chef-config

author: Jay Mundrawala <jdmundrawala@gmail.com> 2015-09-22 10:34:49 -0700
committer: Jay Mundrawala <jdmundrawala@gmail.com> 2015-09-22 11:18:28 -0700
commit: 1e0f4a707914abcc7009e7e7eb96dfbf32cb7577 (patch)
tree: 346f2af73ca725ab3c4dfa6aadc390408dcde8a6
parent: 871c858dbcec3dabec64474b68feb16372556377 (diff)
download: chef-1e0f4a707914abcc7009e7e7eb96dfbf32cb7577.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/chef-config/lib/chef-config/config.rb b/chef-config/lib/chef-config/config.rb
index 32058f283a..620dc7f19c 100644
--- a/chef-config/lib/chef-config/config.rb
+++ b/chef-config/lib/chef-config/config.rb
@@ -690,6 +690,11 @@ module ChefConfig
       default :watchdog_timeout, 2 * (60 * 60) # 2 hours
     end
 
+    # Only use fips compliant algorithms
+    default( :fips_mode ) do
+      OpenSSL::OPENSSL_FIPS
+    end
+
     # Chef requires an English-language UTF-8 locale to function properly.  We attempt
     # to use the 'locale -a' command and search through a list of preferences until we
     # find one that we can use.  On Ubuntu systems we should find 'C.UTF-8' and be
author	Jay Mundrawala <jdmundrawala@gmail.com>	2015-09-22 10:34:49 -0700
committer	Jay Mundrawala <jdmundrawala@gmail.com>	2015-09-22 11:18:28 -0700
commit	1e0f4a707914abcc7009e7e7eb96dfbf32cb7577 (patch)
tree	346f2af73ca725ab3c4dfa6aadc390408dcde8a6
parent	871c858dbcec3dabec64474b68feb16372556377 (diff)
download	chef-1e0f4a707914abcc7009e7e7eb96dfbf32cb7577.tar.gz