src: warn about FIPS options used with shared OpenSSL

Related: #48950

node.gypi

@@ -350,7 +350,10 @@
       'defines': [ 'HAVE_OPENSSL=1' ],
       'conditions': [
         [ 'node_shared_openssl=="false"', {
-          'defines': [ 'OPENSSL_API_COMPAT=0x10100000L', ],
+          'defines': [
+            'OPENSSL_API_COMPAT=0x10100000L',
+            'NODE_OPENSSL_IS_SHARED=0',
+          ],
           'dependencies': [
             './deps/openssl/openssl.gyp:openssl',
 
@@ -392,6 +395,8 @@
               ],
             }],
           ]
+        }, {
+          'defines': [ 'NODE_OPENSSL_IS_SHARED=1', ]
         }],
         [ 'openssl_quic=="true" and node_shared_ngtcp2=="false"', {
           'dependencies': [ './deps/ngtcp2/ngtcp2.gyp:ngtcp2' ]

src/node.cc

@@ -1054,6 +1054,14 @@ InitializeOncePerProcessInternal(const std::vector<std::string>& args,
       OPENSSL_init();
     }
 #endif
+#if NODE_OPENSSL_IS_SHARED
+    if (per_process::cli_options->enable_fips_crypto ||
+        per_process::cli_options->force_fips_crypto) {
+      result->errors_.emplace_back(
+          "Warning: FIPS options are not supported with shared OpenSSL library!"
+      );
+    }
+#endif  // NODE_OPENSSL_IS_SHARED
     if (!crypto::ProcessFipsOptions()) {
       // XXX: ERR_GET_REASON does not return something that is
       // useful as an exit code at all.