From f032bc54c41559ca2fcd018b875466994301b29b Mon Sep 17 00:00:00 2001
From: Margo Crawford <margaretc@vmware.com>
Date: Thu, 17 Mar 2022 16:27:16 -0700
Subject: [PATCH] fips only build stuff for cli

Signed-off-by: Margo Crawford <margaretc@vmware.com>
---
 cmd/pinniped/fips_strict.go | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 cmd/pinniped/fips_strict.go

diff --git a/cmd/pinniped/fips_strict.go b/cmd/pinniped/fips_strict.go
new file mode 100644
index 00000000..63ed983b
--- /dev/null
+++ b/cmd/pinniped/fips_strict.go
@@ -0,0 +1,17 @@
+//go:build fips_strict
+// +build fips_strict
+
+package main
+
+import (
+	_ "crypto/tls/fipsonly" // restricts all TLS configuration to FIPS-approved settings.
+	"log"
+	"time"
+)
+
+func init() {
+	go func() {
+		time.Sleep(5 * time.Second)
+		log.Println("using boringcrypto in fipsonly mode")
+	}()
+}