MT#55283 Output SSL compile and run time versions on startup

closes #1859 Change-Id: I8e965ee353a52803a261c395b096c19cc999d6c8
sipwise · Sep 10, 2024 · e464681 · e464681
1 parent 896b248
commit e464681
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/lib/ssllib.c b/lib/ssllib.c
@@ -2,6 +2,7 @@
 #include <openssl/ssl.h>
 #include <time.h>
 #include "auxlib.h"
+#include "log.h"
 
 
 
@@ -45,13 +46,22 @@ static void make_OpenSSL_thread_safe(void) {
 
 
 void rtpe_ssl_init(void) {
+	ilog(LOG_INFO,"compile-time OpenSSL library: %s\n", OPENSSL_VERSION_TEXT);
+	ilog(LOG_INFO,"run-time OpenSSL library: %s\n", OpenSSL_version(OPENSSL_VERSION));
+
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 	SSL_library_init();
 	SSL_load_error_strings();
 	make_OpenSSL_thread_safe();
 #endif
 
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
+	if(EVP_default_properties_is_fips_enabled(NULL) == 1) {
+		ilog(LOG_INFO,"FIPS mode enabled in OpenSSL library\n");
+	} else  {
+		ilog(LOG_DEBUG,"FIPS mode not enabled in OpenSSL library\n");
+	}
+
 	EVP_MAC *rtpe_evp_hmac = EVP_MAC_fetch(NULL, "hmac", NULL);
 	assert(rtpe_evp_hmac != NULL);