my @experimental = ();
# If ssl directory missing assume truncated FIPS tarball
-if (! -d ssl)
+if (!-d "ssl")
{
print STDERR "Auto Configuring fipsonly\n";
$fips = 1;
if ($fipscanisteronly == 2)
{
+print STDERR "ADDING FIPSSYM\n";
$exp_cflags .= " -DOPENSSL_FIPSSYMS";
}
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
}
s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
+ if ($fipscanisteronly == 2 && exists $disabled{"ec2m"})
+ {
+ next if (/ec2_/ || /bn_gf2m/);
+ }
print OUT $_."\n";
}
close(IN);
&dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
}
- if ($depflags ne $default_depflags && !$make_depend) {
+ if ($depflags ne $default_depflags && !$make_depend && $fipscanisteronly != 2) {
print <<EOF;
Since you've disabled or enabled at least one algorithm, you need to do
(http://csrc.nist.gov/cryptval/) in any application requiring the use of FIPS
140-2 validated software.
-This is an OpenSSL 1.1.0 test version.
+This is a test OpenSSL 2.0 FIPS module.
See the file README.FIPS for details of how to build a test library.