Google Git
Sign in
boringssl/boringssl.git/238148a8f64ff2ae506349c4b00ea604c2137325^!/.
commit
238148a8f64ff2ae506349c4b00ea604c2137325
[log]
author
Adam Langley <agl@google.com>
Mon May 08 12:31:20 2017 -0700
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Mon May 08 19:51:14 2017 +0000
tree
349a3f156f992df666dd01e8994ef9cfdce417c1
parent
c0485d67f4ebd3032bf10a9cc639406d83f37def [diff]
Don't indicate FIPS mode when built with ASAN.

ASAN prevents the integrity test from running, so don't indicate FIPS
mode in that case.

Change-Id: I14c79e733e53ef16f164132bc1fded871ce3f133
Reviewed-on: https://boringssl-review.googlesource.com/16024
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/crypto/fipsmodule/is_fips.c b/crypto/fipsmodule/is_fips.c
index c23e621..9af0dd2 100644
--- a/crypto/fipsmodule/is_fips.c
+++ b/crypto/fipsmodule/is_fips.c

@@ -18,8 +18,14 @@
 /* This file exists in order to give the fipsmodule target, in non-FIPS mode,
  * something to compile. */
 
+#if defined(__has_feature)
+#if __has_feature(address_sanitizer)
+#define OPENSSL_ASAN
+#endif
+#endif
+
 int FIPS_mode(void) {
-#if defined(BORINGSSL_FIPS)
+#if defined(BORINGSSL_FIPS) && !defined(OPENSSL_ASAN)
   return 1;
 #else
   return 0;