From d03ad5f0f6d3b2d54009ccdc7d1f7670218b263c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A1n=20Osusk=C3=BD?= <Jan.Osusky@iblsoft.com>
Date: Mon, 4 Mar 2024 11:48:48 +0100
Subject: [PATCH] Fix OpenSSL initialization #299 (#300)

---
 src/vmime/net/tls/openssl/OpenSSLInitializer.cpp | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/vmime/net/tls/openssl/OpenSSLInitializer.cpp b/src/vmime/net/tls/openssl/OpenSSLInitializer.cpp
index 49b34b54..63e1de57 100644
--- a/src/vmime/net/tls/openssl/OpenSSLInitializer.cpp
+++ b/src/vmime/net/tls/openssl/OpenSSLInitializer.cpp
@@ -115,10 +115,18 @@ void OpenSSLInitializer::initialize() {
 	OPENSSL_config(NULL);
 #endif
 
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+	static const bool isFIPSenabled = EVP_default_properties_is_fips_enabled(nullptr) == 1;
+#else
+	static const bool isFIPSenabled = FIPS_mode() == 1;
+#endif
+
 #if OPENSSL_VERSION_NUMBER >=0x10100000L
-	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS |
-		OPENSSL_INIT_LOAD_CONFIG | OPENSSL_INIT_ENGINE_OPENSSL | OPENSSL_INIT_ENGINE_ALL_BUILTIN , NULL);
-	OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
+	vmime_uint64 flags = OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CONFIG;
+	if (!isFIPSenabled) {
+		flags |= OPENSSL_INIT_ENGINE_OPENSSL | OPENSSL_INIT_ENGINE_ALL_BUILTIN;
+	}
+	OPENSSL_init_ssl(flags, NULL);
 #endif
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L