MINOR: ssl: add "FIPS" details in haproxy -vv

Add the FIPS mode in haproxy -vv, it need to be activated on the system
with openssl.cnf or by compiling the SSL library with the right options.

Can't work with OpenSSL >= 3.0 because fips a "provider" to load, works
with AWS-LC, WolfSSL and OpenSSL 1.1.1.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 7ec5bf15ddb6e073b07c3a00c0afdb59b8628c9c..cb03367df6f8184a361df9eee90420a590734c70 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7071,7 +7071,9 @@ static void ssl_register_build_options()
 #endif
 #endif
               "", ptr);
-
+#if defined(USE_OPENSSL) && (HA_OPENSSL_VERSION_NUMBER < 0x3000000fL)
+       memprintf(&ptr, "%s\nOpenSSL library FIPS mode : %s", ptr, FIPS_mode() ? "yes" : "no");
+#endif
        memprintf(&ptr, "%s\nOpenSSL library supports :", ptr);
        for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
                if (methodVersions[i].option)