Skip to content

Commit 4b118eb

Browse files
douzzerdouzzer
authored
Merge pull request #56 from bandi13/fixFIPSclone
Easier to use system's openssl library to clone
2 parents 609f7dc + b99e65d commit 4b118eb

File tree

4 files changed

+17
-14
lines changed

4 files changed

+17
-14
lines changed

scripts/utils-openssl.sh

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -33,12 +33,6 @@ OPENSSL_INSTALL_DIR=${SCRIPT_DIR}/../openssl-install
3333
NUMCPU=${NUMCPU:-8}
3434
WOLFPROV_DEBUG=${WOLFPROV_DEBUG:-0}
3535

36-
if [ -z $LD_LIBRARY_PATH ]; then
37-
export LD_LIBRARY_PATH=$OPENSSL_INSTALL_DIR/lib64
38-
else
39-
export LD_LIBRARY_PATH=$OPENSSL_INSTALL_DIR/lib64:$LD_LIBRARY_PATH
40-
fi
41-
4236
clone_openssl() {
4337
if [ -d ${OPENSSL_SOURCE_DIR} ]; then
4438
OPENSSL_TAG_CUR=$(cd ${OPENSSL_SOURCE_DIR} && (git describe --tags 2>/dev/null || git branch --show-current))
@@ -130,5 +124,11 @@ init_openssl() {
130124
exit 1
131125
;;
132126
esac
127+
128+
if [ -z $LD_LIBRARY_PATH ]; then
129+
export LD_LIBRARY_PATH=$OPENSSL_INSTALL_DIR/lib64
130+
else
131+
export LD_LIBRARY_PATH=$OPENSSL_INSTALL_DIR/lib64:$LD_LIBRARY_PATH
132+
fi
133133
}
134134

scripts/utils-wolfprovider.sh

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,8 @@ install_wolfprov() {
4040

4141
init_openssl
4242
init_wolfssl
43+
unset OPENSSL_MODULES
44+
unset OPENSSL_CONF
4345
printf "LD_LIBRARY_PATH: $LD_LIBRARY_PATH\n"
4446

4547
if [ ! -d ${WOLFPROV_INSTALL_DIR} ] || [ $(check_folder_age "${WOLFPROV_INSTALL_DIR}" "${WOLFSSL_INSTALL_DIR}") -lt 0 ] || [ $(check_folder_age "${WOLFPROV_INSTALL_DIR}" "${OPENSSL_INSTALL_DIR}") -lt 0 ]; then

scripts/utils-wolfssl.sh

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -31,12 +31,6 @@ WOLFSSL_CONFIG_CFLAGS=${WOLFSSL_CONFIG_CFLAGS:-"-I${OPENSSL_INSTALL_DIR}/include
3131

3232
WOLFPROV_DEBUG=${WOLFPROV_DEBUG:-0}
3333

34-
if [ -z $LD_LIBRARY_PATH ]; then
35-
export LD_LIBRARY_PATH="$WOLFSSL_INSTALL_DIR/lib"
36-
else
37-
export LD_LIBRARY_PATH="$WOLFSSL_INSTALL_DIR/lib:$LD_LIBRARY_PATH"
38-
fi
39-
4034
# Depends on OPENSSL_INSTALL_DIR
4135
clone_wolfssl() {
4236
if [ -d ${WOLFSSL_SOURCE_DIR} ]; then
@@ -86,7 +80,8 @@ install_wolfssl() {
8680
printf "with FIPS ... "
8781
CONF_ARGS+=" --enable-fips=ready"
8882
if [ ! -e "XXX-fips-test" ]; then
89-
./fips-check.sh keep nomakecheck fips-ready >>$LOG_FILE 2>&1
83+
# Sometimes the system OpenSSL is different than the one we're using. So for the 'git' commands, we'll just use whatever the system comes with
84+
LD_LIBRARY_PATH="" ./fips-check.sh keep nomakecheck fips-ready >>$LOG_FILE 2>&1
9085
if [ $? != 0 ]; then
9186
printf "ERROR checking out FIPS\n"
9287
rm -rf ${WOLFSSL_INSTALL_DIR}
@@ -143,5 +138,11 @@ install_wolfssl() {
143138
init_wolfssl() {
144139
install_wolfssl
145140
printf "\twolfSSL ${WOLFSSL_TAG} installed in: ${WOLFSSL_INSTALL_DIR}\n"
141+
142+
if [ -z $LD_LIBRARY_PATH ]; then
143+
export LD_LIBRARY_PATH="$WOLFSSL_INSTALL_DIR/lib"
144+
else
145+
export LD_LIBRARY_PATH="$WOLFSSL_INSTALL_DIR/lib:$LD_LIBRARY_PATH"
146+
fi
146147
}
147148

test/test_pbe.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -369,8 +369,8 @@ int test_pbe(void *data)
369369
PRINT_MSG("Not using wolfProvider - PBKDF not available in wolfCrypt");
370370
#endif
371371

372-
PRINT_MSG("PBE DES-EDE3-CBC SHA-1");
373372
#if !defined(NO_DES3) && defined(WP_HAVE_SHA1)
373+
PRINT_MSG("PBE DES-EDE3-CBC SHA-1");
374374
err = test_pbe_sha1_des3_pbkdf1();
375375
#endif
376376
#if defined(WP_HAVE_SHA256) && defined(WP_HAVE_AESCBC)

0 commit comments

Comments
 (0)