From: Pauli <pauli@openssl.org>
Date: Thu, 1 Jul 2021 02:48:30 +0000 (+1000)
Subject: util: add -fips option to wrap.pl to make using the FIPS provider easier
X-Git-Tag: openssl-3.0.0-beta2~108
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4e20d04ee0e7be2061c1e5d2c2c8d714b7923c89;p=thirdparty%2Fopenssl.git

util: add -fips option to wrap.pl to make using the FIPS provider easier

Without this option, I find I need to figure out which environment variables
point where which wastes effort.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15966)
---

diff --git a/util/wrap.pl.in b/util/wrap.pl.in
index 2ac068ce969..b13c34d8512 100644
--- a/util/wrap.pl.in
+++ b/util/wrap.pl.in
@@ -24,6 +24,20 @@ my $std_providers = catdir($there, 'providers');
 my $std_openssl_conf = catdir($there, 'apps/openssl.cnf');
 my $unix_shlib_wrap = catfile($there, 'util/shlib_wrap.sh');
 
+if ($ARGV[0] eq '-fips') {
+    $std_openssl_conf = {-
+         use Cwd qw(abs_path);
+
+         "'" . abs_path(catfile($config{sourcedir}, 'test/fips-and-base.cnf')) . "'";
+         -};
+    shift;
+
+    my $std_openssl_conf_include = catdir($there, 'providers');
+    $ENV{OPENSSL_CONF_INCLUDE} = $std_openssl_conf_include
+        if ($ENV{OPENSSL_CONF_INCLUDE} // '') eq ''
+            && -d $std_openssl_conf_include;
+}
+
 $ENV{OPENSSL_ENGINES} = $std_engines
     if ($ENV{OPENSSL_ENGINES} // '') eq '' && -d $std_engines;
 $ENV{OPENSSL_MODULES} = $std_providers