From ba291ca57cc2f7aada7568e8c9d9e37f590a4cfb Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Tue, 22 Jun 2021 14:31:25 +0200 Subject: [PATCH] squash! build: add fips target and fipsinstall action --- node.gyp | 13 ++----------- tools/enable_fips_include.py | 12 ++++++++---- 2 files changed, 10 insertions(+), 15 deletions(-) diff --git a/node.gyp b/node.gyp index e5f1d833fd27c2..bafe8a8327dc6e 100644 --- a/node.gyp +++ b/node.gyp @@ -616,21 +616,12 @@ ], }, { - 'action_name': 'copy_openssl_cnf', - 'inputs': [ '<(opensslconfig)', ], - 'outputs': [ '<(opensslconfig_internal)', ], - 'action': [ - 'python', 'tools/copyfile.py', - './deps/openssl/openssl/apps/openssl.cnf', - '<(obj_dir)/deps/openssl/openssl.cnf', - ], - }, - { - 'action_name': 'include_fips_cnf', + 'action_name': 'copy_openssl_cnf_and_include_fips_cnf', 'inputs': [ '<(opensslconfig)', ], 'outputs': [ '<(opensslconfig_internal)', ], 'action': [ 'python', 'tools/enable_fips_include.py', + '<(opensslconfig)', '<(opensslconfig_internal)', '<(fipsconfig)', ], diff --git a/tools/enable_fips_include.py b/tools/enable_fips_include.py index 4b2458e2669b05..cb24c7d83b689b 100644 --- a/tools/enable_fips_include.py +++ b/tools/enable_fips_include.py @@ -27,12 +27,16 @@ import sys -fin = open(sys.argv[1], "rt") +# Copy openssl.cnf into output directory +__import__('copyfile') + +# Open the copied openssl.cnf file +fin = open(sys.argv[2], "rt") data = fin.read() -data = data.replace('# .include fipsmodule.cnf', '.include %s' % sys.argv[2]) +data = data.replace('# .include fipsmodule.cnf', '.include %s' % sys.argv[3]) data = data.replace('# fips = fips_sect', 'fips = fips_sect') +data = data.replace('# activate = 1', 'activate = 1') fin.close() -fin = open(sys.argv[1], "wt") +fin = open(sys.argv[2], "wt") fin.write(data) fin.close() -