diff options
| author | Rich Salz <rsalz@akamai.com> | 2020-02-25 22:27:24 +0100 |
|---|---|---|
| committer | Tomas Mraz <tmraz@fedoraproject.org> | 2020-04-24 13:19:16 +0200 |
| commit | 1cd2c1f857e114f176eee01c96e27a8d7a14a356 (patch) | |
| tree | eff97fdec7a4999e888a80d6f06071be8bcf6122 /apps/fipsinstall.c | |
| parent | Prepare for 3.0 alpha 2 (diff) | |
| download | openssl-1cd2c1f857e114f176eee01c96e27a8d7a14a356.tar.xz openssl-1cd2c1f857e114f176eee01c96e27a8d7a14a356.zip | |
Update some nits around the FIPS module
- Changed the generated FIPS signature file to be "fipsmodule.conf"
since it contains information about the FIPS module/file.
- Add -q option to fipsinstall command, to stop chatty verbose status
messages.
- Document env var OPENSSL_CONF_INCLUDE
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11177)
Diffstat (limited to 'apps/fipsinstall.c')
| -rw-r--r-- | apps/fipsinstall.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c index 1342cc9949..157f08b11f 100644 --- a/apps/fipsinstall.c +++ b/apps/fipsinstall.c @@ -31,12 +31,13 @@ static OSSL_CALLBACK self_test_events; static char *self_test_corrupt_desc = NULL; static char *self_test_corrupt_type = NULL; static int self_test_log = 1; +static int quiet = 0; typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_IN, OPT_OUT, OPT_MODULE, OPT_PROV_NAME, OPT_SECTION_NAME, OPT_MAC_NAME, OPT_MACOPT, OPT_VERIFY, - OPT_NO_LOG, OPT_CORRUPT_DESC, OPT_CORRUPT_TYPE + OPT_NO_LOG, OPT_CORRUPT_DESC, OPT_CORRUPT_TYPE, OPT_QUIET } OPTION_CHOICE; const OPTIONS fipsinstall_options[] = { @@ -60,6 +61,7 @@ const OPTIONS fipsinstall_options[] = { {"noout", OPT_NO_LOG, '-', "Disable logging of self test events"}, {"corrupt_desc", OPT_CORRUPT_DESC, 's', "Corrupt a self test by description"}, {"corrupt_type", OPT_CORRUPT_TYPE, 's', "Corrupt a self test by type"}, + {"quiet", OPT_QUIET, '-', "No messages, just exit status"}, {NULL} }; @@ -287,7 +289,7 @@ int fipsinstall_main(int argc, char **argv) case OPT_ERR: opthelp: BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); - goto end; + goto cleanup; case OPT_HELP: opt_help(fipsinstall_options); ret = 0; @@ -298,6 +300,9 @@ opthelp: case OPT_OUT: out_fname = opt_arg(); break; + case OPT_QUIET: + quiet = 1; + /* FALLTHROUGH */ case OPT_NO_LOG: self_test_log = 0; break; @@ -405,7 +410,8 @@ opthelp: if (!verify_config(in_fname, section_name, module_mac, module_mac_len, install_mac, install_mac_len)) goto end; - BIO_printf(bio_out, "VERIFY PASSED\n"); + if (!quiet) + BIO_printf(bio_out, "VERIFY PASSED\n"); } else { conf = generate_config_and_load(prov_name, section_name, module_mac, @@ -424,16 +430,19 @@ opthelp: module_mac_len, install_mac, install_mac_len)) goto end; - BIO_printf(bio_out, "INSTALL PASSED\n"); + if (!quiet) + BIO_printf(bio_out, "INSTALL PASSED\n"); } ret = 0; end: if (ret == 1) { - BIO_printf(bio_err, "%s FAILED\n", verify ? "VERIFY" : "INSTALL"); + if (!quiet) + BIO_printf(bio_err, "%s FAILED\n", verify ? "VERIFY" : "INSTALL"); ERR_print_errors(bio_err); } +cleanup: BIO_free(fout); BIO_free(mem_bio); BIO_free(module_bio); |