Clear ssl errors after loading everyting
This prevents a FIPS failure message if no FIPS module is loaded. Plus add -v as short form for --verbose in sbverify Signed-off-by: James Bottomley <JBottomley@Parallels.com>
This commit is contained in:
James Bottomley
parent
592ec2188f
commit
35e2e074e3
5 changed files with 26 additions and 2 deletions
|
|
@ -218,6 +218,11 @@ int main(int argc, char **argv)
|
|||
|
||||
ERR_load_crypto_strings();
|
||||
OpenSSL_add_all_digests();
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
* (malloc will cause other failures out lower down */
|
||||
ERR_clear_error();
|
||||
|
||||
image = image_load(image_filename);
|
||||
if (!image) {
|
||||
|
|
|
|||
|
|
@ -932,6 +932,11 @@ int main(int argc, char **argv)
|
|||
ERR_load_crypto_strings();
|
||||
OpenSSL_add_all_digests();
|
||||
OpenSSL_add_all_ciphers();
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
* (malloc will cause other failures out lower down */
|
||||
ERR_clear_error();
|
||||
|
||||
ctx->filesystem_keys = init_keyset(ctx);
|
||||
ctx->firmware_keys = init_keyset(ctx);
|
||||
|
|
|
|||
|
|
@ -183,7 +183,11 @@ int main(int argc, char **argv)
|
|||
ERR_load_crypto_strings();
|
||||
OpenSSL_add_all_digests();
|
||||
OpenSSL_add_all_ciphers();
|
||||
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
* (malloc will cause other failures out lower down */
|
||||
ERR_clear_error();
|
||||
EVP_PKEY *pkey = fileio_read_pkey(keyfilename);
|
||||
if (!pkey)
|
||||
return EXIT_FAILURE;
|
||||
|
|
|
|||
|
|
@ -506,6 +506,11 @@ int main(int argc, char **argv)
|
|||
OpenSSL_add_all_digests();
|
||||
OpenSSL_add_all_ciphers();
|
||||
ERR_load_crypto_strings();
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
* (malloc will cause other failures out lower down */
|
||||
ERR_clear_error();
|
||||
|
||||
/* set up the variable signing context */
|
||||
varname = argv[optind];
|
||||
|
|
|
|||
|
|
@ -233,10 +233,15 @@ int main(int argc, char **argv)
|
|||
|
||||
OpenSSL_add_all_digests();
|
||||
ERR_load_crypto_strings();
|
||||
/* here we may get highly unlikely failures or we'll get a
|
||||
* complaint about FIPS signatures (usually becuase the FIPS
|
||||
* module isn't present). In either case ignore the errors
|
||||
* (malloc will cause other failures out lower down */
|
||||
ERR_clear_error();
|
||||
|
||||
for (;;) {
|
||||
int idx;
|
||||
c = getopt_long(argc, argv, "c:d:nVh", options, &idx);
|
||||
c = getopt_long(argc, argv, "c:d:nvVh", options, &idx);
|
||||
if (c == -1)
|
||||
break;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue