fgerlits commented on code in PR #1950:
URL: https://github.com/apache/nifi-minifi-cpp/pull/1950#discussion_r2013640764
##########
minifi_main/Fips.cpp:
##########
@@ -63,29 +71,38 @@ bool replaceMinifiHomeVariable(const std::filesystem::path&
file_path, const std
output_file.close();
return true;
}
+
+bool generateFipsModuleConfig(const std::filesystem::path& minifi_home, const
std::shared_ptr<core::logging::Logger>& logger) {
+ std::filesystem::path output_file(minifi_home / "fips" / "fipsmodule.cnf");
+ logger->log_info("fipsmodule.cnf was not found, trying to run fipsinstall
command to generate the file");
+
+#ifdef WIN32
+ std::string command = "\"\"" + (minifi_home / "fips" /
"openssl.exe").string() + "\" fipsinstall -out \"" + output_file.string() + "\"
-module \"" + (minifi_home / "fips" / FIPS_LIB).string() + "\"\"";
+#else
+ std::string command = "\"" + (minifi_home / "fips" / "openssl").string() +
"\" fipsinstall -out \"" + output_file.string() + "\" -module \"" +
(minifi_home / "fips" / FIPS_LIB).string() + "\"";
+#endif
+ auto ret = std::system(command.c_str());
+ if (ret != 0) {
+ logger->log_error("Failed to generate fipsmodule.cnf file");
+ return false;
+ }
+ return true;
Review Comment:
I would put an info log here to say that fipsmodule.cnf has been generated
successfully. Otherwise, we have a log saying "... trying to run ..." and then
nothing.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
