mirror of
https://github.com/openssl/openssl.git
synced 2025-03-19 19:50:42 +08:00
Fix fipsinstall module path
If a path is specified with the -module option it will use this path to load the library when the provider is activated, instead of also having to set the environment variable OPENSSL_MODULES. Added a platform specific opt_path_end() function that uses existing functionality used by opt_progname(). Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12761)
This commit is contained in:
Shane Lontis
parent
9f604ca13d
commit
9a62ccbe8a
@ -277,7 +277,8 @@ int fipsinstall_main(int argc, char **argv)
|
||||
const char *prov_name = "fips";
|
||||
BIO *module_bio = NULL, *mem_bio = NULL, *fout = NULL;
|
||||
char *in_fname = NULL, *out_fname = NULL, *prog;
|
||||
char *module_fname = NULL, *parent_config = NULL;
|
||||
char *module_fname = NULL, *parent_config = NULL, *module_path = NULL;
|
||||
const char *tail;
|
||||
EVP_MAC_CTX *ctx = NULL, *ctx2 = NULL;
|
||||
STACK_OF(OPENSSL_STRING) *opts = NULL;
|
||||
OPTION_CHOICE o;
|
||||
@ -368,6 +369,16 @@ opthelp:
|
||||
|| argc != 0)
|
||||
goto opthelp;
|
||||
|
||||
tail = opt_path_end(module_fname);
|
||||
if (tail != NULL) {
|
||||
module_path = OPENSSL_strdup(module_fname);
|
||||
if (module_path == NULL)
|
||||
goto end;
|
||||
module_path[tail - module_fname] = '\0';
|
||||
if (!OSSL_PROVIDER_set_default_search_path(NULL, module_path))
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (self_test_log
|
||||
|| self_test_corrupt_desc != NULL
|
||||
|| self_test_corrupt_type != NULL)
|
||||
@ -474,6 +485,7 @@ end:
|
||||
}
|
||||
|
||||
cleanup:
|
||||
OPENSSL_free(module_path);
|
||||
BIO_free(fout);
|
||||
BIO_free(mem_bio);
|
||||
BIO_free(module_bio);
|
||||
|
||||
@ -339,6 +339,7 @@ typedef struct string_int_pair_st {
|
||||
#define OPT_SECTION(sec) { OPT_SECTION_STR, 1, '-', sec " options:\n" }
|
||||
#define OPT_PARAMETERS() { OPT_PARAM_STR, 1, '-', "Parameters:\n" }
|
||||
|
||||
const char *opt_path_end(const char *filename);
|
||||
char *opt_progname(const char *argv0);
|
||||
char *opt_getprog(void);
|
||||
char *opt_init(int ac, char **av, const OPTIONS * o);
|
||||
|
||||
@ -46,18 +46,27 @@ static char prog[40];
|
||||
* Return the simple name of the program; removing various platform gunk.
|
||||
*/
|
||||
#if defined(OPENSSL_SYS_WIN32)
|
||||
|
||||
const char *opt_path_end(const char *filename)
|
||||
{
|
||||
const char *p;
|
||||
|
||||
/* find the last '/', '\' or ':' */
|
||||
for (p = filename + strlen(filename); --p > filename; )
|
||||
if (*p == '/' || *p == '\\' || *p == ':') {
|
||||
p++;
|
||||
break;
|
||||
}
|
||||
return p;
|
||||
}
|
||||
|
||||
char *opt_progname(const char *argv0)
|
||||
{
|
||||
size_t i, n;
|
||||
const char *p;
|
||||
char *q;
|
||||
|
||||
/* find the last '/', '\' or ':' */
|
||||
for (p = argv0 + strlen(argv0); --p > argv0;)
|
||||
if (*p == '/' || *p == '\\' || *p == ':') {
|
||||
p++;
|
||||
break;
|
||||
}
|
||||
p = opt_path_end(argv0);
|
||||
|
||||
/* Strip off trailing nonsense. */
|
||||
n = strlen(p);
|
||||
@ -76,17 +85,25 @@ char *opt_progname(const char *argv0)
|
||||
|
||||
#elif defined(OPENSSL_SYS_VMS)
|
||||
|
||||
const char *opt_path_end(const char *filename)
|
||||
{
|
||||
const char *p;
|
||||
|
||||
/* Find last special character sys:[foo.bar]openssl */
|
||||
for (p = filename + strlen(filename); --p > filename;)
|
||||
if (*p == ':' || *p == ']' || *p == '>') {
|
||||
p++;
|
||||
break;
|
||||
}
|
||||
return p;
|
||||
}
|
||||
|
||||
char *opt_progname(const char *argv0)
|
||||
{
|
||||
const char *p, *q;
|
||||
|
||||
/* Find last special character sys:[foo.bar]openssl */
|
||||
for (p = argv0 + strlen(argv0); --p > argv0;)
|
||||
if (*p == ':' || *p == ']' || *p == '>') {
|
||||
p++;
|
||||
break;
|
||||
}
|
||||
|
||||
p = opt_path_end(argv0);
|
||||
q = strrchr(p, '.');
|
||||
strncpy(prog, p, sizeof(prog) - 1);
|
||||
prog[sizeof(prog) - 1] = '\0';
|
||||
@ -97,16 +114,24 @@ char *opt_progname(const char *argv0)
|
||||
|
||||
#else
|
||||
|
||||
char *opt_progname(const char *argv0)
|
||||
const char *opt_path_end(const char *filename)
|
||||
{
|
||||
const char *p;
|
||||
|
||||
/* Could use strchr, but this is like the ones above. */
|
||||
for (p = argv0 + strlen(argv0); --p > argv0;)
|
||||
for (p = filename + strlen(filename); --p > filename;)
|
||||
if (*p == '/') {
|
||||
p++;
|
||||
break;
|
||||
}
|
||||
return p;
|
||||
}
|
||||
|
||||
char *opt_progname(const char *argv0)
|
||||
{
|
||||
const char *p;
|
||||
|
||||
p = opt_path_end(argv0);
|
||||
strncpy(prog, p, sizeof(prog) - 1);
|
||||
prog[sizeof(prog) - 1] = '\0';
|
||||
return prog;
|
||||
|
||||
@ -58,6 +58,8 @@ Print a usage message.
|
||||
=item B<-module> I<filename>
|
||||
|
||||
Filename of the FIPS module to perform an integrity check on.
|
||||
The path provided in the filename is used to load the module when it is
|
||||
activated, and this overrides the environment variable B<OPENSSL_MODULES>.
|
||||
|
||||
=item B<-out> I<configfilename>
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user