util: add -fips option to wrap.pl to make using the FIPS provider easier

Without this option, I find I need to figure out which environment variables
point where which wastes effort.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15966)

diff --git a/util/wrap.pl.in b/util/wrap.pl.in
index 2ac068ce9690446a64f454c95640404a5cfcf1a7..b13c34d8512b3ed4627dc0b8d182135df2084965 100644 (file)
--- a/util/wrap.pl.in
+++ b/util/wrap.pl.in
@@ -24,6 +24,20 @@ my $std_providers = catdir($there, 'providers');
 my $std_openssl_conf = catdir($there, 'apps/openssl.cnf');
 my $unix_shlib_wrap = catfile($there, 'util/shlib_wrap.sh');
 
+if ($ARGV[0] eq '-fips') {
+    $std_openssl_conf = {-
+         use Cwd qw(abs_path);
+
+         "'" . abs_path(catfile($config{sourcedir}, 'test/fips-and-base.cnf')) . "'";
+         -};
+    shift;
+
+    my $std_openssl_conf_include = catdir($there, 'providers');
+    $ENV{OPENSSL_CONF_INCLUDE} = $std_openssl_conf_include
+        if ($ENV{OPENSSL_CONF_INCLUDE} // '') eq ''
+            && -d $std_openssl_conf_include;
+}
+
 $ENV{OPENSSL_ENGINES} = $std_engines
     if ($ENV{OPENSSL_ENGINES} // '') eq '' && -d $std_engines;
 $ENV{OPENSSL_MODULES} = $std_providers