Refactor chef-config fips configjdm/fips-58

This refactor allows for better mocking in the tests.
Before, when init_openssl was called, classes would
get monkey patched. While this may not cause problems
now, some day in the future, somebody would have been
like "WTF is going on".

1 files changed, 14 insertions, 7 deletions

diff --git a/chef-config/lib/chef-config/config.rb b/chef-config/lib/chef-config/config.rb
index 68cece43da..e4a12e8949 100644
--- a/chef-config/lib/chef-config/config.rb
+++ b/chef-config/lib/chef-config/config.rb
@@ -496,13 +496,7 @@ module ChefConfig
     # Initialize openssl
     def self.init_openssl
       if fips
-        ChefConfig.logger.warn "The `fips` feature is still a work in progress. This feature is incomplete."
-        OpenSSL.fips_mode = true
-        require "digest"
-        require "digest/sha1"
-        require "digest/md5"
-        Digest.const_set("SHA1", OpenSSL::Digest::SHA1)
-        OpenSSL::Digest.const_set("MD5", Digest::MD5)
+        self.enable_fips_mode
       end
     end
 
@@ -910,5 +904,18 @@ module ChefConfig
     def self._this_file
       File.expand_path(__FILE__)
     end
+
+    # Set fips mode in openssl. Do any patching necessary to make
+    # sure Chef runs do not crash.
+    # @api private
+    def self.enable_fips_mode
+      ChefConfig.logger.warn "The `fips` feature is still a work in progress. This feature is incomplete."
+      OpenSSL.fips_mode = true
+      require "digest"
+      require "digest/sha1"
+      require "digest/md5"
+      Digest.const_set("SHA1", OpenSSL::Digest::SHA1)
+      OpenSSL::Digest.const_set("MD5", Digest::MD5)
+    end
   end
 end