Browse Source

Build file templates: rework FIPS module installation

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15436)
master
Richard Levitte 1 year ago
parent
commit
f5657ce8e6
3 changed files with 40 additions and 28 deletions
  1. +18
    -8
      Configurations/descrip.mms.tmpl
  2. +11
    -10
      Configurations/unix-Makefile.tmpl
  3. +11
    -10
      Configurations/windows-makefile.tmpl

+ 18
- 8
Configurations/descrip.mms.tmpl View File

@ -62,7 +62,12 @@
@{$unified_info{modules}};
our @install_modules =
grep { !$unified_info{attributes}->{modules}->{$_}->{noinst}
&& !$unified_info{attributes}->{modules}->{$_}->{engine} }
&& !$unified_info{attributes}->{modules}->{$_}->{engine}
&& !$unified_info{attributes}->{modules}->{$_}->{fips} }
@{$unified_info{modules}};
our @install_fipsmodules =
grep { !$unified_info{attributes}->{modules}->{$_}->{noinst}
&& $unified_info{attributes}->{modules}->{$_}->{fips} }
@{$unified_info{modules}};
our @install_programs =
grep { !$unified_info{attributes}->{programs}->{$_}->{noinst} }
@ -315,6 +320,8 @@ INSTALL_LIBS={- join(", ", map { "-\n\t".$_.".OLB" } @install_libs) -}
INSTALL_SHLIBS={- join(", ", map { "-\n\t".$_.".EXE" } @install_shlibs) -}
INSTALL_ENGINES={- join(", ", map { "-\n\t".$_.".EXE" } @install_engines) -}
INSTALL_MODULES={- join(", ", map { "-\n\t".$_.".EXE" } @install_modules) -}
INSTALL_FIPSMODULE={- join(", ", map { "-\n\t".$_.".EXE" } @install_fipsmodules) -}
INSTALL_FIPSMODULECONF=[.providers]fipsmodule.cnf
INSTALL_PROGRAMS={- join(", ", map { "-\n\t".$_.".EXE" } @install_programs) -}
BIN_SCRIPTS={- join(", ", @install_bin_scripts) -}
MISC_SCRIPTS={- join(", ", @install_misc_scripts) -}
@ -557,17 +564,20 @@ install_docs : install_html_docs
uninstall_docs : uninstall_html_docs
install_fips : install_sw
{- output_off() if $disabled{fips}; "" -}
install_fips : install_sw $(INSTALL_FIPSMODULECONF)
@ WRITE SYS$OUTPUT "*** Installing FIPS module"
COPY/PROT=W:RE $(INSTALL_FIPSMODULES) -
ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME)
@ WRITE SYS$OUTPUT "*** Installing FIPS module configuration"
@ WRITE SYS$OUTPUT "fipsinstall $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf"
openssl fipsinstall -
-module ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME) -
-out ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME).cnf -
-macopt "hexkey:$(FIPSKEY)"
COPY/PROT=W:RE $(INSTALL_FIPSMODULESCONF) OSSL_DATAROOT:[000000]
uninstall_fips : uninstall_sw
@ WRITE SYS$OUTPUT "*** Uninstalling FIPS module configuration"
DELETE ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME).cnf;*
DELETE OSSL_DATAROOT:[000000]fipsmodule.cnf;*
@ WRITE SYS$OUTPUT "*** Uninstalling FIPS module"
DELETE ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME);*
{- output_on() if $disabled{fips}; "" -}
install_ssldirs : check_INSTALLTOP
- CREATE/DIR/PROT=(S:RWED,O:RWE,G:RE,W:RE) OSSL_DATAROOT:[000000]


+ 11
- 10
Configurations/unix-Makefile.tmpl View File

@ -173,23 +173,24 @@ INSTALL_ENGINES={-
&& $unified_info{attributes}->{modules}->{$_}->{engine} }
@{$unified_info{modules}}))
-}
INSTALL_FIPS={-
INSTALL_MODULES={-
join(" \\\n" . ' ' x 16,
fill_lines(" ", $COLUMNS - 16,
map { platform->dso($_) }
grep { !$unified_info{attributes}->{modules}->{$_}->{noinst}
&& $unified_info{attributes}->{modules}->{$_}->{fips} }
&& !$unified_info{attributes}->{modules}->{$_}->{engine}
&& !$unified_info{attributes}->{modules}->{$_}->{fips} }
@{$unified_info{modules}}))
-}
INSTALL_MODULES={-
INSTALL_FIPSMODULE={-
join(" \\\n" . ' ' x 16,
fill_lines(" ", $COLUMNS - 16,
map { platform->dso($_) }
grep { !$unified_info{attributes}->{modules}->{$_}->{noinst}
&& !$unified_info{attributes}->{modules}->{$_}->{engine}
&& !$unified_info{attributes}->{modules}->{$_}->{fips} }
&& $unified_info{attributes}->{modules}->{$_}->{fips} }
@{$unified_info{modules}}))
-}
INSTALL_FIPSMODULECONF=providers/fipsmodule.cnf
INSTALL_PROGRAMS={-
join(" \\\n" . ' ' x 16,
fill_lines(" ", $COLUMNS - 16, map { platform->bin($_) }
@ -621,18 +622,18 @@ uninstall_docs: uninstall_man_docs uninstall_html_docs
$(RM) -r $(DESTDIR)$(DOCDIR)
{- output_off() if $disabled{fips}; "" -}
install_fips: build_sw providers/fipsmodule.cnf
install_fips: build_sw $(INSTALL_FIPSMODULECONF)
@[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
@$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(MODULESDIR)
@$(ECHO) "*** Installing FIPS module"
@$(ECHO) "install $(INSTALL_FIPS) -> $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME)"
@cp "$(INSTALL_FIPS)" $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).new
@$(ECHO) "install $(INSTALL_FIPSMODULE) -> $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME)"
@cp "$(INSTALL_FIPSMODULE)" $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).new
@chmod 755 $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).new
@mv -f $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).new \
$(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME)
@$(ECHO) "*** Installing FIPS module configuration"
@$(ECHO) "install providers/fipsmodule.cnf -> $(DESTDIR)$(OPENSSLDIR)/fipsmodule.cnf"
@cp providers/fipsmodule.cnf $(DESTDIR)$(OPENSSLDIR)/fipsmodule.cnf
@$(ECHO) "install $(INSTALL_FIPSMODULECONF) -> $(DESTDIR)$(OPENSSLDIR)/fipsmodule.cnf"
@cp $(INSTALL_FIPSMODULECONF) $(DESTDIR)$(OPENSSLDIR)/fipsmodule.cnf
uninstall_fips:
@$(ECHO) "*** Uninstalling FIPS module configuration"


+ 11
- 10
Configurations/windows-makefile.tmpl View File

@ -112,12 +112,6 @@ INSTALL_ENGINEPDBS={-
&& $unified_info{attributes}->{modules}->{$_}->{engine} }
@{$unified_info{modules}})
-}
INSTALL_FIPS={-
join(" ", map { quotify1(platform->dso($_)) }
grep { !$unified_info{attributes}->{modules}->{$_}->{noinst}
&& $unified_info{attributes}->{modules}->{$_}->{fips} }
@{$unified_info{modules}})
-}
INSTALL_MODULES={-
join(" ", map { quotify1(platform->dso($_)) }
grep { !$unified_info{attributes}->{modules}->{$_}->{noinst}
@ -131,6 +125,13 @@ INSTALL_MODULEPDBS={-
&& !$unified_info{attributes}->{modules}->{$_}->{engine} }
@{$unified_info{modules}})
-}
INSTALL_FIPSMODULE={-
join(" ", map { quotify1(platform->dso($_)) }
grep { !$unified_info{attributes}->{modules}->{$_}->{noinst}
&& $unified_info{attributes}->{modules}->{$_}->{fips} }
@{$unified_info{modules}})
-}
INSTALL_FIPSMODULECONF=providers\fipsmodule.cnf
INSTALL_PROGRAMS={-
join(" ", map { quotify1(platform->bin($_)) }
grep { !$unified_info{attributes}->{programs}->{$_}->{noinst} }
@ -499,13 +500,13 @@ install_fips: build_sw providers\fipsmodule.cnf
# @[ -n "$(INSTALLTOP)" ] || (echo INSTALLTOP should not be empty; exit 1)
@$(PERL) $(SRCDIR)\util\mkdir-p.pl $(MODULESDIR)
@$(ECHO) "*** Installing FIPS module"
@$(ECHO) "install $(INSTALL_FIPS) -> $(MODULESDIR)\$(FIPSMODULENAME)"
@copy "$(INSTALL_FIPS)" $(MODULESDIR)\$(FIPSMODULENAME).new
@$(ECHO) "install $(INSTALL_FIPSMODULE) -> $(MODULESDIR)\$(FIPSMODULENAME)"
@copy "$(INSTALL_FIPSMODULE)" $(MODULESDIR)\$(FIPSMODULENAME).new
@move /Y $(MODULESDIR)\$(FIPSMODULENAME).new \
$(MODULESDIR)\$(FIPSMODULENAME)
@$(ECHO) "*** Installing FIPS module configuration"
@$(ECHO) "install providers\fipsmodule.cnf -> $(OPENSSLDIR)\fipsmodule.cnf"
@copy providers\fipsmodule.cnf "$(OPENSSLDIR)\fipsmodule.cnf"
@$(ECHO) "install $(INSTALL_FIPSMODULECONF) -> $(OPENSSLDIR)\fipsmodule.cnf"
@copy $(INSTALL_FIPSMODULECONF) "$(OPENSSLDIR)\fipsmodule.cnf"
uninstall_fips:
@$(ECHO) "*** Uninstalling FIPS module configuration"


Loading…
Cancel
Save