Do openssl initialization from applications

Some notes: * Add module overrides for fips We need to use the SHA1 module under OpenSSL because the openssl functions called by Digest::SHA1 cause openssl to crash the process. We use the Digest::MD5 over the OpenSSL::MD5 module because md5 is not allowed when in fips mode and causes the process to crash. While we work through these issues, we're going to allow it to pass by compiling the ruby md5 implementation. * Use OpenSSL::Digest::SHA256 instead of Digest::SHA256 Digest::SHA256 is broken in fips mode because it uses unapproved APIs. They cause the process to terminate.
author: Jay Mundrawala <jdmundrawala@gmail.com> 2016-01-08 11:42:23 -0800
committer: Jay Mundrawala <jdmundrawala@gmail.com> 2016-01-25 09:51:37 -0800
commit: 8dc7e055ed65453081e60b74b461a2f67c3ec009 (patch)
tree: d640d1481822b0f8c1be60b47cd482fdf97d7624 /lib/chef/knife.rb
parent: 0a3affad66cadc1e9a32afc31160cc1304ef331b (diff)
download: chef-8dc7e055ed65453081e60b74b461a2f67c3ec009.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/chef/knife.rb b/lib/chef/knife.rb
index a070c6c858..5cfcc7182a 100644
--- a/lib/chef/knife.rb
+++ b/lib/chef/knife.rb
@@ -398,6 +398,7 @@ class Chef
       merge_configs
       apply_computed_config
       Chef::Config.export_proxies
+      Chef::Config.init_openssl
       # This has to be after apply_computed_config so that Mixlib::Log is configured
       Chef::Log.info("Using configuration from #{config[:config_file]}") if config[:config_file]
     end
author	Jay Mundrawala <jdmundrawala@gmail.com>	2016-01-08 11:42:23 -0800
committer	Jay Mundrawala <jdmundrawala@gmail.com>	2016-01-25 09:51:37 -0800
commit	8dc7e055ed65453081e60b74b461a2f67c3ec009 (patch)
tree	d640d1481822b0f8c1be60b47cd482fdf97d7624 /lib/chef/knife.rb
parent	0a3affad66cadc1e9a32afc31160cc1304ef331b (diff)
download	chef-8dc7e055ed65453081e60b74b461a2f67c3ec009.tar.gz