Curl should actually use SSL in FIPS mode
What does this MR do?
We discovered a bug in how curl is built when working to get gitaly and rugged ready for FIPS.
The upstream curl library changed behaviors such that OpenSSL was no longer the default encryption engine.
The problem for us - our settings for ./configure
just disabled encryption unless a specific flag was set. Our current configuration uses a now deprecated flag that does enable OpenSSL - but when compiling FIPs mode this option was being left out. This caused our build to simply think we asked it to build with no OpenSSL support at all.
For more context and probably a few laughs, see the thread at !5592 (comment 731288535)
Related issues
Closes #6512 (closed)
Checklist
See Definition of done.
For anything in this list which will not be completed, please provide a reason in the MR discussion
Required
-
Merge Request Title, and Description are up to date, accurate, and descriptive -
MR targeting the appropriate branch -
MR has a green pipeline on GitLab.com -
Pipeline is green on dev.gitlab.org if the change is touching anything besides documentation or internal cookbooks -
trigger-package
has a green pipeline running against latest commit
Expected (please provide an explanation if not completing)
-
Test plan indicating conditions for success has been posted and passes -
Documentation created/updated -
Tests added -
Integration tests added to GitLab QA -
Equivalent MR/issue for the GitLab Chart opened