-
Type:
Bug
-
Resolution: Done
-
Priority:
Major - P3
-
Affects Version/s: 3.2.6, 3.3.6
-
Component/s: Internal Code, Portability
-
Fully Compatible
-
ALL
-
v3.2
-
Platforms 2017-03-27
-
0
-
None
-
0
-
None
-
None
-
None
-
None
-
None
-
None
Currently, the ssl_fips.js test fails on Ubuntu 16.04. This test attempts to activate FIPS mode and then, if FIPS fails to activate, ensures that the printed error message is consistent with the OS not providing a FIPS module.
On Ubuntu 14.04, we get the correct error message:
[js_test:ssl_fips] 2016-06-01T16:46:28.626+0000 d20260| 2016-06-01T16:46:28.626+0000 F NETWORK [main] can't activate FIPS mode: error:0F06D065:common libcrypto routines:FIPS_mode_set:fips mode not supported [js_test:ssl_fips] 2016-06-01T16:46:28.627+0000 d20260| 2016-06-01T16:46:28.626+0000 I - [main] Fatal Assertion 16703
This message clearly indicates that FIPS is unavailable in OpenSSL.
On Ubuntu 16.04, the following error message is printed:
[js_test:ssl_fips] 2016-05-31T20:52:14.797+0000 sh24456| 2016-05-31T20:52:14.796+0000 F NETWORK [main] can't activate FIPS mode: error:00000000:lib(0):func(0):reason(0) [js_test:ssl_fips] 2016-05-31T20:52:14.797+0000 sh24456| 2016-05-31T20:52:14.796+0000 I - [main] Fatal Assertion 16703
The SSL integration appears to be detecting that FIPS is unavailable, but for some reason OpenSSL is not setting an error code.
- related to
-
SERVER-24369 Surpress ssl_fips.js test assertation on Ubuntu 16.04
-
- Closed
-