From 660e3548da09145c15adef29208f4d7f6496cf6d Mon Sep 17 00:00:00 2001
From: poorndm <poorndm@progress.com>
Date: Mon, 22 Apr 2024 22:23:45 +0530
Subject: [PATCH 1/2] modified steps to install the FIPS provider for OpenSSL

Signed-off-by: poorndm <poorndm@progress.com>
---
 config/software/openssl.rb | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/config/software/openssl.rb b/config/software/openssl.rb
index 2a6800f9b..18b2ed620 100644
--- a/config/software/openssl.rb
+++ b/config/software/openssl.rb
@@ -110,7 +110,7 @@
   if version.satisfies?("< 3.0.0")
     configure_args += ["--with-fipsdir=#{install_dir}/embedded", "fips"] if fips_mode?
   else
-    configure_args += ["-enable-fips"] if fips_mode?
+    configure_args += ["enable-fips"] if fips_mode?
   end
 
   configure_cmd =
@@ -205,4 +205,21 @@
     command "sudo /usr/sbin/slibclean", env: env
   end
   make "install", env: env
+
+  if fips_mode?
+    # running the make install_fips step to install the FIPS provider
+    # make "install_fips", env: env
+
+    fips_cnf_file = "#{install_dir}/embedded/ssl/fipsmodule.cnf"
+    fips_module_file = "#{install_dir}/embedded/lib/ossl-modules/fips.#{windows? ? "dll" : "so"}"
+
+    # Running the `openssl fipsinstall -out fipsmodule.cnf -module fips.so` command
+    command "#{install_dir}/embedded/bin/openssl fipsinstall -out #{fips_cnf_file} -module #{fips_module_file}"
+
+    # Updating the openssl.cnf file to enable the fips provider
+    command "sed -i -e 's|# .include fipsmodule.cnf|.include #{fips_cnf_file}|g' #{install_dir}/embedded/ssl/openssl.cnf"
+    command "sed -i -e 's|# fips = fips_sect|fips = fips_sect|g' #{install_dir}/embedded/ssl/openssl.cnf"
+  end
+
+  command "#{install_dir}/embedded/bin/openssl list -providers"
 end

From 7cacae70ea55d215a83a9ed88b056dd11d30d28f Mon Sep 17 00:00:00 2001
From: poorndm <poorndm@progress.com>
Date: Mon, 22 Apr 2024 22:41:16 +0530
Subject: [PATCH 2/2] fix syntax

Signed-off-by: poorndm <poorndm@progress.com>
---
 config/software/openssl.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/software/openssl.rb b/config/software/openssl.rb
index 18b2ed620..533a91cae 100644
--- a/config/software/openssl.rb
+++ b/config/software/openssl.rb
@@ -221,5 +221,5 @@
     command "sed -i -e 's|# fips = fips_sect|fips = fips_sect|g' #{install_dir}/embedded/ssl/openssl.cnf"
   end
 
-  command "#{install_dir}/embedded/bin/openssl list -providers"
+  # command "#{install_dir}/embedded/bin/openssl list -providers"
 end