As part of its self-test validation, the FIPS module must verify itself
by performing a SHA-256 HMAC computation on itself. The default key is
-the SHA256 value of "the holy handgrenade of antioch" and is sufficient
+the SHA256 value of "holy hand grenade of antioch" and is sufficient
for meeting the FIPS requirements.
To change the key to a different value, use this flag. The value should
Do not use `atexit()` in libcrypto builds.
`atexit()` has varied semantics between platforms and can cause SIGSEGV in some
-circumstances. This options disables the atexit registration of OPENSSL_cleanup.
+circumstances. This option disables the atexit registration of OPENSSL_cleanup.
By default, NonStop configurations use `no-atexit`.
### no-autoalginit
Don't build with support for Position Independent Code.
+### enable-pie
+
+Build with support for Position Independent Execution.
+
### no-pinshared
Don't pin the shared libraries.
### enable-unstable-qlog
-Enables QLOG output support for the QUIC protocol. This functionality is
-unstable and implements a draft version of the QLOG specification. The QLOG
+Enables qlog output support for the QUIC protocol. This functionality is
+unstable and implements a draft version of the qlog specification. The qlog
output from OpenSSL will change in incompatible ways in future, and is not
subject to any format stability or compatibility guarantees at this time. See
the manpage openssl-qlog(7) for details.
OpenSSL will still provide the methods for applications to explicitly select
the individual protocol versions.
+### no-integrity-only-ciphers
+
+Don't build support for integrity only ciphers in tls.
+
### no-{protocol}-method
no-{ssl3|tls1|tls1_1|tls1_2|dtls1|dtls1_2}-method