CXX-621 Backport server r3.0.4..r3.0.5 changes

Server SHAs cherry-picked (with modifications) into this commit:

c0313e0
27d655f

SConstruct

@@ -197,7 +197,6 @@ add_option("runtime-library-search-path",
            1, False)
 
 add_option( "ssl" , "Enable SSL" , 0 , True )
-add_option( "ssl-fips-capability", "Enable the ability to activate FIPS 140-2 mode", 0, True );
 
 # library choices
 add_option( "libc++", "use libc++ (experimental, requires clang)", 0, True )
@@ -930,8 +929,6 @@ if has_option( "ssl" ):
     else:
         env.Append( LIBS=["ssl"] )
         env.Append( LIBS=["crypto"] )
-    if has_option("ssl-fips-capability"):
-        env.Append( CPPDEFINES=["MONGO_SSL_FIPS"] )
 else:
     env["MONGO_SSL"] = False
 
@@ -1806,6 +1803,41 @@ def doConfigure(myenv):
     if conf.CheckDeclaration('strnlen', includes="#include <string.h>", language='C'):
         conf.env['MONGO_HAVE_STRNLEN'] = True
 
+    def CheckLinkSSL(context):
+        test_body = """
+        #include <openssl/err.h>
+        #include <openssl/ssl.h>
+        #include <stdlib.h>
+
+        int main() {
+            SSL_library_init();
+            SSL_load_error_strings();
+            ERR_load_crypto_strings();
+
+            OpenSSL_add_all_algorithms();
+            ERR_free_strings();
+            return EXIT_SUCCESS;
+        }
+        """
+        context.Message("Checking if OpenSSL is available...")
+        ret = context.TryLink(textwrap.dedent(test_body), ".c")
+        context.Result(ret)
+        return ret
+    conf.AddTest("CheckLinkSSL", CheckLinkSSL)
+
+    if has_option("ssl"):
+        if not conf.CheckLinkSSL():
+            print "SSL is enabled, but is unavailable"
+            Exit(1)
+
+        if conf.CheckDeclaration(
+            "FIPS_mode_set",
+            includes="""
+                #include <openssl/crypto.h>
+                #include <openssl/evp.h>
+            """):
+            conf.env.Append(CPPDEFINES=['MONGO_HAVE_FIPS_MODE_SET'])
+
     return conf.Finish()
 
 env = doConfigure( env )

src/mongo/base/parse_number.cpp

@@ -181,7 +181,7 @@ namespace mongo {
     // Definition of the various supported implementations of parseNumberFromStringWithBase.
 
 #define DEFINE_PARSE_NUMBER_FROM_STRING_WITH_BASE(NUMBER_TYPE)          \
-    template MONGO_COMPILER_API_EXPORT Status parseNumberFromStringWithBase<NUMBER_TYPE>(const StringData&, int, NUMBER_TYPE*);
+    template MONGO_CLIENT_API Status MONGO_CLIENT_FUNC parseNumberFromStringWithBase<NUMBER_TYPE>(const StringData&, int, NUMBER_TYPE*);
 
     DEFINE_PARSE_NUMBER_FROM_STRING_WITH_BASE(long)
     DEFINE_PARSE_NUMBER_FROM_STRING_WITH_BASE(long long)

src/mongo/util/net/ssl_manager.cpp

@@ -540,7 +540,7 @@ namespace mongo {
         // Turn on FIPS mode if requested.
         // OPENSSL_FIPS must be defined by the OpenSSL headers, plus MONGO_SSL_FIPS
         // must be defined via a MongoDB build flag.
-#if defined(OPENSSL_FIPS) && defined(MONGO_SSL_FIPS)
+#if defined(MONGO_HAVE_FIPS_MODE_SET)
         int status = FIPS_mode_set(1);
         if (!status) {
             severe() << "can't activate FIPS mode: " <<