]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bd5a219)
Cygwin specific FIPS fix-ups.
authorAndy Polyakov <appro@openssl.org>
Thu, 9 Dec 2004 18:13:46 +0000 (18:13 +0000)
committerAndy Polyakov <appro@openssl.org>
Thu, 9 Dec 2004 18:13:46 +0000 (18:13 +0000)
fips/fingerprint.sha1 patch | blob | history
fips/fips.c patch | blob | history
fips/openssl_fips_fingerprint patch | blob | history

diff --git a/fips/fingerprint.sha1 b/fips/fingerprint.sha1
index aa90410dbbb01dea4498c161ee51343725179813..8c5b070d2ef17baa756f14e85ea8decbf215fb4e 100644 (file)
--- a/fips/fingerprint.sha1
+++ b/fips/fingerprint.sha1
@@ -1,4 +1,4 @@
-HMAC-SHA1(fips.c)= cee3a7da1f236b11dd8b08b7fc96e505f7695460
+HMAC-SHA1(fips.c)= f764539b7d09141738d86c9e0442de990ab8ae3f
 HMAC-SHA1(fips_err_wrapper.c)= d3e2be316062510312269e98f964cb87e7577898
 HMAC-SHA1(fips.h)= fbedad5dbd8986ddd521ea576bf2a20e6881540a
 HMAC-SHA1(fips_err.h)= 4a73f2a88e206f1f88edfd9b26609a0eed818491
diff --git a/fips/fips.c b/fips/fips.c
index 3c3d91dce5631d59d81eeefc3d66eadeca5f753e..816277e49fb5583eae1e313a510dced6a538cff1 100644 (file)
--- a/fips/fips.c
+++ b/fips/fips.c
@@ -126,8 +126,20 @@ static int FIPS_check_exe(const char *path)
     FILE *f;
     static char key[]="etaonrishdlcupfm";
     HMAC_CTX hmac;
+    const char *sha1_fmt="%s.sha1";
 
     f=fopen(path,"rb");
+#ifdef __CYGWIN32__
+    /* cygwin scrupulously strips .exe extentions:-( as of now it's
+       actually no point to attempt above fopen, but we keep the call
+       just in case the behavior changes in the future... */
+    if (!f)
+       {
+       sha1_fmt="%s.exe.sha1";
+       BIO_snprintf(p2,sizeof p2,"%s.exe",path);
+       f=fopen(p2,"rb");
+       }
+#endif
     if(!f)
        {
        FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE);
@@ -148,7 +160,7 @@ static int FIPS_check_exe(const char *path)
        }
     fclose(f);
     HMAC_Final(&hmac,mdbuf,&n);
-    BIO_snprintf(p2,sizeof p2,"%s.sha1",path);
+    BIO_snprintf(p2,sizeof p2,sha1_fmt,path);
     f=fopen(p2,"rb");
     if(!f || fread(buf,1,20,f) != 20)
        {
diff --git a/fips/openssl_fips_fingerprint b/fips/openssl_fips_fingerprint
index c9fca91fc3f96d753fb943828b4127d298b3654b..de0e91a360f042e136d24b7e4dbbd4717deb4b09 100755 (executable)
--- a/fips/openssl_fips_fingerprint
+++ b/fips/openssl_fips_fingerprint
@@ -11,7 +11,7 @@ exe=$2
 # case shared libraries are built.
 if [ "X$TOP" != "X" ]
 then
-    PATH=$TOP/apps:$PATH
+    PATH="$TOP/apps:$TOP:$PATH"
     LD_LIBRARY_PATH=$TOP; export LD_LIBRARY_PATH
 else
     LD_LIBRARY_PATH=.; export LD_LIBRARY_PATH
@@ -20,5 +20,7 @@ fi
 echo "Checking library fingerprint for $lib"
 openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff $lib.sha1 - || { echo "$libs fingerprint mismatch"; exit 1; }
 
+[ -x $exe.exe ] && exe=$exe.exe
+
 echo "Making fingerprint for $exe"
-openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.sha1
+openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.sha1 || rm $exe.sha1
Unnamed repository; edit this file 'description' to name the repository.