Issue #6946 has been updated by MartinBosslet (Martin Bosslet). OK, finally got it working. I added OpenSSL.fips_mode= to enable/disable FIPS mode manually. The test suite now automatically disables FIPS mode when running the tests. This worked for my FIPS-enabled version of OpenSSL. I have also added a few tests that specifically assert some things that would be expected to fail in FIPS mode (test_fips.rb). @Vit: Could you please confirm that this works for you, too? @mame: Sorry that I committed this to 2.0.0 even if you already assigned it for next minor. But I felt the approach to adding FIPS support so far was flawed (my mistake) and I wouldn't want a half-assed implementation see to make its way into 2.0.0 - I hope this is OK? ---------------------------------------- Feature #6946: FIPS support? https://bugs.ruby-lang.org/issues/6946#change-34880 Author: vo.x (Vit Ondruch) Status: Closed Priority: Normal Assignee: MartinBosslet (Martin Bosslet) Category: ext Target version: next minor =begin Hi, running the test suite on FIPS enabled system using $ find test/ -type f -name test_*.rb -exec make test-all TESTS="-v '{}'" \; command with patch from #6938 applied, it gives me a plenty of errors (see attached output.txt file). There are two kind of errors as far as I understand, some are more or less test suite errors (e.g. #6938), which should be easy to fix, while some others (e.g. #6943) would need bigger changes. Is there any chance that Ruby will provide better support for FIPS and there errors get fixed? =end -- http://bugs.ruby-lang.org/