From e46468124c15483043141da70d60f8e896e7132a Mon Sep 17 00:00:00 2001
From: Xenofon Karamanos <22965395+xkaraman@users.noreply.github.com>
Date: Tue, 10 Sep 2024 09:09:07 +0000
Subject: [PATCH] MT#55283 Output SSL compile and run time versions on startup

closes #1859

Change-Id: I8e965ee353a52803a261c395b096c19cc999d6c8
---
 lib/ssllib.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/ssllib.c b/lib/ssllib.c
index a867f0f3b..7ff9960d7 100644
--- a/lib/ssllib.c
+++ b/lib/ssllib.c
@@ -2,6 +2,7 @@
 #include <openssl/ssl.h>
 #include <time.h>
 #include "auxlib.h"
+#include "log.h"
 
 
 
@@ -45,6 +46,9 @@ static void make_OpenSSL_thread_safe(void) {
 
 
 void rtpe_ssl_init(void) {
+	ilog(LOG_INFO,"compile-time OpenSSL library: %s\n", OPENSSL_VERSION_TEXT);
+	ilog(LOG_INFO,"run-time OpenSSL library: %s\n", OpenSSL_version(OPENSSL_VERSION));
+
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 	SSL_library_init();
 	SSL_load_error_strings();
@@ -52,6 +56,12 @@ void rtpe_ssl_init(void) {
 #endif
 
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
+	if(EVP_default_properties_is_fips_enabled(NULL) == 1) {
+		ilog(LOG_INFO,"FIPS mode enabled in OpenSSL library\n");
+	} else  {
+		ilog(LOG_DEBUG,"FIPS mode not enabled in OpenSSL library\n");
+	}
+
 	EVP_MAC *rtpe_evp_hmac = EVP_MAC_fetch(NULL, "hmac", NULL);
 	assert(rtpe_evp_hmac != NULL);