diff options
| author | Kartik Null Cating-Subramanian <ksubramanian@chef.io> | 2016-02-26 13:07:32 -0500 |
|---|---|---|
| committer | Kartik Null Cating-Subramanian <ksubramanian@chef.io> | 2016-02-26 13:07:32 -0500 |
| commit | bf2eb79da8ad8b9f9d0c97617d4e637ad3fa9a27 (patch) | |
| tree | cb88051b8beafabfe419f490b58bcfc53eebfb06 | |
| parent | 04c71c82eb8fdfd7a272ad61a8820a7246b5db61 (diff) | |
| parent | 433ccf630cc2d4b78d44dcc6d0a46dc3c576cbfd (diff) | |
| download | chef-bf2eb79da8ad8b9f9d0c97617d4e637ad3fa9a27.tar.gz | |
Merge pull request #4630 from chef/ksubrama/fips_guard
Have client.rb verify that FIPS mode can be enforced
| -rw-r--r-- | lib/chef/knife/core/bootstrap_context.rb | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/chef/knife/core/bootstrap_context.rb b/lib/chef/knife/core/bootstrap_context.rb index 6f1c234796..7ad70bc627 100644 --- a/lib/chef/knife/core/bootstrap_context.rb +++ b/lib/chef/knife/core/bootstrap_context.rb @@ -127,7 +127,13 @@ validation_client_name "#{@chef_config[:validation_client_name]}" end if Chef::Config[:fips] - client_rb << %Q{fips true\n} + client_rb << <<-CONFIG +fips true +chef_version = ::Chef::VERSION.split(".") +unless chef_version[0].to_i > 12 || (chef_version[0].to_i == 12 && chef_version[1].to_i >= 8) + raise "FIPS Mode requested but not supported by this client" +end +CONFIG end client_rb |