-
Build and Install
=================
- [Prerequisites](#prerequisites)
- [Notational Conventions](#notational-conventions)
- [Quick Installation Guide](#quick-installation-guide)
- - [Building OpenSSL](#building-openssl)
- - [Installing OpenSSL](#installing-openssl)
+ - [Building OpenSSL](#building-openssl)
+ - [Installing OpenSSL](#installing-openssl)
- [Configuration Options](#configuration-options)
- - [API Level](#api-level)
- - [Cross Compile Prefix](#cross-compile-prefix)
- - [Build Type](#build-type)
- - [Directories](#directories)
- - [Compiler Warnings](#compiler-warnings)
- - [ZLib Flags](#zlib-flags)
- - [Seeding the Random Generator](#seeding-the-random-generator)
- - [Enable and Disable Features](#enable-and-disable-features)
- - [Displaying configuration data](#displaying-configuration-data)
+ - [API Level](#api-level)
+ - [Cross Compile Prefix](#cross-compile-prefix)
+ - [Build Type](#build-type)
+ - [Directories](#directories)
+ - [Compiler Warnings](#compiler-warnings)
+ - [ZLib Flags](#zlib-flags)
+ - [Seeding the Random Generator](#seeding-the-random-generator)
+ - [Enable and Disable Features](#enable-and-disable-features)
+ - [Displaying configuration data](#displaying-configuration-data)
- [Installation Steps in Detail](#installation-steps-in-detail)
- - [Configure](#configure-openssl)
- - [Build](#build-openssl)
- - [Test](#test-openssl)
- - [Install](#install-openssl)
+ - [Configure](#configure-openssl)
+ - [Build](#build-openssl)
+ - [Test](#test-openssl)
+ - [Install](#install-openssl)
- [Advanced Build Options](#advanced-build-options)
- - [Environment Variables](#environment-variables)
- - [Makefile Targets](#makefile-targets)
- - [Running Selected Tests](#running-selected-tests)
+ - [Environment Variables](#environment-variables)
+ - [Makefile Targets](#makefile-targets)
+ - [Running Selected Tests](#running-selected-tests)
- [Troubleshooting](#troubleshooting)
- - [Configuration Problems](#configuration-problems)
- - [Build Failures](#build-failures)
- - [Test Failures](#test-failures)
+ - [Configuration Problems](#configuration-problems)
+ - [Build Failures](#build-failures)
+ - [Test Failures](#test-failures)
- [Notes](#notes)
- - [Notes on multi-threading](#notes-on-multi-threading)
- - [Notes on shared libraries](#notes-on-shared-libraries)
- - [Notes on random number generation](#notes-on-random-number-generation)
-
+ - [Notes on multi-threading](#notes-on-multi-threading)
+ - [Notes on shared libraries](#notes-on-shared-libraries)
+ - [Notes on random number generation](#notes-on-random-number-generation)
Prerequisites
=============
* [NOTES.VALGRIND](NOTES.VALGRIND) - testing with Valgrind
* [NOTES.PERL](NOTES.PERL) - some notes on Perl
-
Notational conventions
======================
which is to be understood to use the command `type` on some file name
determined by the user.
-
**Optional Arguments** are enclosed in double square brackets.
[[ options ]]
[[, ]]. This is to differentiate from OpenVMS directory
specifications, which also use [ and ], but without spaces.
-
Quick Installation Guide
========================
The testing is optional, but recommended if you intend to install
OpenSSL for production use.
-### Unix / Linux / macOS ###
+### Unix / Linux / macOS
$ ./config
$ make
$ make test
-### OpenVMS ###
+### OpenVMS
Use the following commands to build OpenSSL:
$ mms
$ mms test
-### Windows ###
+### Windows
If you are using Visual Studio, open a Developer Command Prompt and
and issue the following commands to build OpenSSL.
[different location](#installing-to-a-different-location) which is not in
the global search path for system libraries.
-### Unix / Linux / macOS ###
+Finally, if you plan on using the FIPS module, you need to read the
+[Post-installation Notes](#post-installation-notes) further down.
+
+### Unix / Linux / macOS
Depending on your distribution, you need to run the following command as
root user or prepend `sudo` to the command:
depending on the file type, as it is custom on Unix-like operating systems.
-### OpenVMS ###
+### OpenVMS
Use the following command to install OpenSSL.
where 'version' is the OpenSSL version number with underscores instead
of periods.
-### Windows ###
+### Windows
If you are using Visual Studio, open the Developer Command Prompt _elevated_
and issue the following command.
for 32bit binaries on 64bit Windows (WOW64).
-
-#### Installing to a different location ####
+#### Installing to a different location
To install OpenSSL to a different location (for example into your home
-directory for testing purposes) run config like this:
+directory for testing purposes) run config as shown in the following
+examples.
-**On Unix**
+On Unix:
$ ./config --prefix=/opt/openssl --openssldir=/usr/local/ssl
-**On OpenVMS**
+On OpenVMS:
$ @config --prefix=PROGRAM:[INSTALLS] --openssldir=SYS$MANAGER:[OPENSSL]
Note: if you do add options to the configuration command, please make sure
-you've read more than just this Quick Start, such as relevant NOTES.* files,
+you've read more than just this Quick Start, such as relevant `NOTES.*` files,
the options outline below, as configuration options may change the outcome
in otherwise unexpected ways.
-
Configuration Options
=====================
entirely, just specify [no-deprecated](#no-deprecated).
If `--api` isn't given, it defaults to the current (minor) OpenSSL version.
-
Cross Compile Prefix
--------------------
name explicitly. Also, note that `--openssldir` refers to target's file system,
not one you are building on.
-
Build Type
----------
Build OpenSSL without debugging symbols. This is the default.
-
Directories
-----------
-### libdir ###
+### libdir
--libdir=DIR
be stored in this location. Shared libraries (`*.dll`) will always be
installed to the "bin" directory.
-### openssldir ###
+### openssldir
--openssldir=DIR
For 32bit Windows applications on Windows 64bit (WOW64), always replace
`C:\Program Files` by `C:\Program Files (x86)`.
-### prefix ###
+### prefix
--prefix=DIR
Windows: C:\Program Files\OpenSSL
OpenVMS: SYS$COMMON:[OPENSSL-'version']
-
Compiler Warnings
-----------------
ZLib Flags
----------
-### with-zlib-include ###
+### with-zlib-include
--with-zlib-include=DIR
necessary if [enable-zlib](#enable-zlib) is used and the include file is not
already on the system include path.
-### with-zlib-lib ###
+### with-zlib-lib
--with-zlib-lib=LIB
This flag is optional and if not provided then "GNV$LIBZSHR", "GNV$LIBZSHR32"
or "GNV$LIBZSHR64" is used by default depending on the pointer size chosen.
-
Seeding the Random Generator
----------------------------
cryptographically secure random number generator (CSPRNG).
The current seeding methods are:
-### os ###
+### os
Use a trusted operating system entropy source.
This is the default method if such an entropy source exists.
-### getrandom ###
+### getrandom
Use the [getrandom(2)][man-getrandom] or equivalent system call.
[man-getrandom]: http://man7.org/linux/man-pages/man2/getrandom.2.html
-### devrandom ###
+### devrandom
Use the first device from the DEVRANDOM list which can be opened to read
random bytes. The DEVRANDOM preprocessor constant expands to
on most unix-ish operating systems.
-### egd ###
+### egd
Check for an entropy generating daemon.
-### rdcpu ###
+### rdcpu
Use the RDSEED or RDRAND command if provided by the CPU.
-### librandom ###
+### librandom
Use librandom (not implemented yet).
-### none ###
+### none
Disable automatic seeding. This is the default on some operating systems where
no suitable entropy source exists, or no support for it is implemented yet.
[rng]: #notes-on-random-number-generation
-
Enable and Disable Features
---------------------------
feature xxxx is disabled by default then enable-xxxx is documented and
if feature xxxx is enabled by default then no-xxxx is documented.
-
-### no-afalgeng ###
+### no-afalgeng
Don't build the AFALG engine.
This option will be forced on a platform that does not support AFALG.
-### enable-ktls ###
+### enable-ktls
Build with Kernel TLS support.
system. This option will be forced off on systems that do not support the
Kernel TLS data-path.
-### enable-asan ###
+### enable-asan
Build with the Address sanitiser.
gcc or clang and should be used in conjunction with the [no-shared](#no-shared)
option.
-### no-asm ###
+### no-acvp_tests
+
+Do not build support for Automated Cryptographic Validation Protocol (ACVP)
+tests.
+
+This is required for FIPS validation purposes. Certain ACVP tests require
+access to algorithm internals that are not normally accessible.
+Additional information related to ACVP can be found at
+<https://github.com/usnistgov/ACVP>.
+
+### no-asm
Do not use assembler code.
production use. On some platforms a small amount of assembler code may still
be used even with this option.
-### no-async ###
+### no-async
Do not build support for async operations.
-### no-autoalginit ###
+### no-autoalginit
Don't automatically load all supported ciphers and digests.
have to be loaded manually using EVP_add_cipher() and EVP_add_digest() if this
option is used. This option will force a non-shared build.
-### no-autoerrinit ###
+### no-autoerrinit
Don't automatically load all libcrypto/libssl error strings.
statically linked application this may be undesirable if small executable size
is an objective.
-### no-autoload-config ###
+### no-autoload-config
Don't automatically load the default openssl.cnf file.
Typically OpenSSL will automatically load a system config file which configures
default SSL options.
-### enable-buildtest-c++ ###
+### enable-buildtest-c++
While testing, generate C++ buildtest files that simply check that the public
OpenSSL header files are usable standalone with C++.
the C++ compiler. If not, the C++ build test will most likely break. As an
alternative, you can use the language specific variables, CFLAGS and CXXFLAGS.
-### no-capieng ###
+### no-capieng
Don't build the CAPI engine.
This option will be forced if on a platform that does not support CAPI.
-### no-cmp ###
+### no-cmp
Don't build support for Certificate Management Protocol (CMP).
-### no-cms ###
+### no-cms
Don't build support for Cryptographic Message Syntax (CMS).
-### no-comp ###
+### no-comp
Don't build support for SSL/TLS compression.
If this option is enabled (the default), then compression will only work if
the zlib or zlib-dynamic options are also chosen.
-### enable-crypto-mdebug ###
+### enable-crypto-mdebug
This now only enables the failed-malloc feature.
-### enable-crypto-mdebug-backtrace ###
+### enable-crypto-mdebug-backtrace
This is a no-op; the project uses the compiler's address/leak sanitizer instead.
-### no-ct ###
+### no-ct
Don't build support for Certificate Transparency (CT).
-### no-deprecated ###
+### no-deprecated
Don't build with support for deprecated APIs up until and including the version
given with `--api` (or the current version, if `--api` wasn't specified).
-### no-dgram ###
+### no-dgram
Don't build support for datagram based BIOs.
Selecting this option will also force the disabling of DTLS.
-### no-dso ###
+### no-dso
Don't build support for loading Dynamic Shared Objects (DSO)
-### enable-devcryptoeng ###
+### enable-devcryptoeng
Build the `/dev/crypto` engine.
This option is automatically selected on the BSD platform, in which case it can
be disabled with no-devcryptoeng.
-### no-dynamic-engine ###
+### no-dynamic-engine
Don't build the dynamically loaded engines.
This only has an effect in a shared build.
-### no-ec ###
+### no-ec
Don't build support for Elliptic Curves.
-### no-ec2m ###
+### no-ec2m
Don't build support for binary Elliptic Curves
-### enable-ec_nistp_64_gcc_128 ###
+### enable-ec_nistp_64_gcc_128
Enable support for optimised implementations of some commonly used NIST
elliptic curves.
- supports the non-standard type `__uint128_t`
- defines the built-in macro `__SIZEOF_INT128__`
-### enable-egd ###
+### enable-egd
Build support for gathering entropy from the Entropy Gathering Daemon (EGD).
-### no-engine ###
+### no-engine
Don't build support for loading engines.
-### no-err ###
+### no-err
Don't compile in any error strings.
-### enable-external-tests ###
+### enable-external-tests
Enable building of integration with external test suites.
See the file [test/README.external]/(test/README.external) for further details.
-### no-filenames ###
+### no-filenames
Don't compile in filename and line number information (e.g. for errors and
memory allocation).
-### no-fips ###
+### no-fips
Don't compile the FIPS provider
-### enable-fuzz-libfuzzer, enable-fuzz-afl ###
+### enable-fuzz-libfuzzer, enable-fuzz-afl
Build with support for fuzzing using either libfuzzer or AFL.
See the file [fuzz/README.md](fuzz/README.md) for further details.
-### no-gost ###
+### no-gost
Don't build support for GOST based ciphersuites.
if the GOST algorithms are also available through loading an externally supplied
engine.
-### no-legacy ###
+### no-legacy
Don't build the legacy provider.
Disabling this also disables the legacy algorithms: MD2 (already disabled by default).
-
-### no-makedepend ###
+### no-makedepend
Don't generate dependencies.
-### no-module ###
+### no-module
Don't build any dynamically loadable engines.
This also implies 'no-dynamic-engine'.
-### no-multiblock ###
+### no-multiblock
Don't build support for writing multiple records in one go in libssl
Note: this is a different capability to the pipelining functionality.
-### no-nextprotoneg ###
+### no-nextprotoneg
Don't build support for the Next Protocol Negotiation (NPN) TLS extension.
-### no-ocsp ###
+### no-ocsp
Don't build support for Online Certificate Status Protocol (OCSP).
-
-### no-padlockeng ###
+### no-padlockeng
Don't build the padlock engine.
-### no-hw-padlock ###
+### no-hw-padlock
As synonyme for no-padlockeng. Deprecated and should not be used.
-### no-pic ###
+### no-pic
Don't build with support for Position Independent Code.
-### no-pinshared ###
+### no-pinshared
Don't pin the shared libraries.
running of the atexit() handler at run time by using the OPENSSL_INIT_NO_ATEXIT
option to OPENSSL_init_crypto(). See the man page for it for further details.
-### no-posix-io ###
+### no-posix-io
Don't use POSIX IO capabilities.
-### no-psk ###
+### no-psk
Don't build support for Pre-Shared Key based ciphersuites.
-### no-rdrand ###
+### no-rdrand
Don't use hardware RDRAND capabilities.
-### no-rfc3779 ###
+### no-rfc3779
Don't build support for RFC3779, "X.509 Extensions for IP Addresses and
AS Identifiers".
-### sctp ###
+### sctp
Build support for Stream Control Transmission Protocol (SCTP).
-### no-shared ###
+### no-shared
Do not create shared libraries, only static ones.
-
See [Notes on shared libraries](#notes-on-shared-libraries) below.
-### no-sock ###
+### no-sock
Don't build support for socket BIOs.
-### no-srp ###
+### no-srp
Don't build support for Secure Remote Password (SRP) protocol or
SRP based ciphersuites.
-### no-srtp ###
+### no-srtp
Don't build Secure Real-Time Transport Protocol (SRTP) support.
-### no-sse2 ###
+### no-sse2
Exclude SSE2 code paths from 32-bit x86 assembly modules.
"audience" running such kernel, consider no-sse2. Both the 386 and no-asm
options imply no-sse2.
-### enable-ssl-trace ###
+### enable-ssl-trace
Build with the SSL Trace capabilities.
This adds the "-trace" option to s_client and s_server.
-### no-static-engine ###
+### no-static-engine
Don't build the statically linked engines.
This only has an impact when not built "shared".
-### no-stdio ###
+### no-stdio
Don't use anything from the C header file "stdio.h" that makes use of the "FILE"
type. Only libcrypto and libssl can be built in this way. Using this option will
suppress building the command line applications. Additionally, since the OpenSSL
tests also use the command line applications, the tests will also be skipped.
-### no-tests ###
+### no-tests
Don't build test programs or run any tests.
-### no-threads ###
+### no-threads
Don't build with support for multi-threaded applications.
-### threads ###
+### threads
Build with support for multi-threaded applications. Most platforms will enable
this by default. However if on a platform where this is not the case then this
See [Notes on multi-threading](#notes-on-multi-threading) below.
-### enable-trace ###
+### enable-trace
Build with support for the integrated tracing api.
See manual pages OSSL_trace_set_channel(3) and OSSL_trace_enabled(3) for details.
-### no-ts ###
+### no-ts
Don't build Time Stamping (TS) Authority support.
-### enable-ubsan ###
+### enable-ubsan
Build with the Undefined Behaviour sanitiser (UBSAN).
or clang and should be used in conjunction with the `-DPEDANTIC` option
(or the `--strict-warnings` option).
-### no-ui ###
+### no-ui-console
-Don't build with the User Interface (UI) capability
+Don't build with the User Interface (UI) console method
-The User Interface is the set of features enabling text based prompts.
+The User Interface console method enables text based console prompts.
-### enable-unit-test ###
+### enable-unit-test
Enable additional unit test APIs.
This should not typically be used in production deployments.
-### no-uplink ###
+### no-uplink
Don't build support for UPLINK interface.
-### enable-weak-ssl-ciphers ###
+### enable-weak-ssl-ciphers
Build support for SSL/TLS ciphers that are considered "weak"
Enabling this includes for example the RC4 based ciphersuites.
-### zlib ###
+### zlib
Build with support for zlib compression/decompression.
-### zlib-dynamic ###
+### zlib-dynamic
Like the zlib option, but has OpenSSL load the zlib library dynamically
when needed.
This is only supported on systems where loading of shared libraries is supported.
-### 386 ###
+### 386
In 32-bit x86 builds, use the 80386 instruction set only in assembly modules
Note: This doesn't affect compiler generated code, so this option needs to be
accompanied by a corresponding compiler-specific option.
-### no-{protocol} ###
+### no-{protocol}
no-{ssl|ssl3|tls|tls1|tls1_1|tls1_2|tls1_3|dtls|dtls1|dtls1_2}
OpenSSL will still provide the methods for applications to explicitly select
the individual protocol versions.
-### no-{protocol}-method ###
+### no-{protocol}-method
no-{ssl|ssl3|tls|tls1|tls1_1|tls1_2|tls1_3|dtls|dtls1|dtls1_2}-method
Using individual protocol methods directly is deprecated. Applications should
use TLS_method() instead.
-### enable-{algorithm} ###
+### enable-{algorithm}
enable-{md2|rc5}
Build with support for the specified algorithm.
-### no-{algorithm} ###
+### no-{algorithm}
no-{aria|bf|blake2|camellia|cast|chacha|cmac|
des|dh|dsa|ecdh|ecdsa|idea|md4|mdc2|ocb|
The "ripemd" algorithm is deprecated and if used is synonymous with rmd160.
-### Compiler-specific options ###
+### Compiler-specific options
-Dxxx, -Ixxx, -Wp, -lxxx, -Lxxx, -Wl, -rpath, -R, -framework, -static
Take note of the [Environment Variables](#environment-variables) documentation
below and how these flags interact with those variables.
-### Environment Variables ###
+### Environment Variables
VAR=value
compiler are in the same "family". This becomes relevant with
'enable-external-tests' and 'enable-buildtest-c++'.
-### Reconfigure ###
+### Reconfigure
reconf
reconfigure
Configure OpenSSL
-----------------
-### Automatic Configuration ###
+### Automatic Configuration
On some platform a `config` script is available which attempts to guess
your operating system (and compiler, if necessary) and calls the `Configure`
be supplied to the `config` script, which will be passed on to the `Configure`
script.
-#### Unix / Linux / macOS ####
+#### Unix / Linux / macOS
$ ./config [[ options ]]
-#### OpenVMS ####
+#### OpenVMS
$ @config [[ options ]]
-#### Windows ####
+#### Windows
Automatic configuration is not available on Windows.
$ ./config -d [[ options ]]
-### Manual Configuration ###
+### Manual Configuration
OpenSSL knows about a range of different operating system, hardware and
compiler combinations. To see the ones it knows about, run
$ ./Configure linux-elf [[ options ]]
-
-### Creating your own Configuration ###
+### Creating your own Configuration
If your system isn't listed, you will have to create a configuration
file named Configurations/{{ something }}.conf and add the correct
and defines various macros in include/openssl/configuration.h (generated
from include/openssl/configuration.h.in).
-### Out of Tree Builds ###
+### Out of Tree Builds
OpenSSL can be configured to build in a build directory separate from the
source code directory. It's done by placing yourself in some other
directory and invoking the configuration commands from there.
-#### Unix example ####
+#### Unix example
$ mkdir /var/tmp/openssl-build
$ cd /var/tmp/openssl-build
$ /PATH/TO/OPENSSL/SOURCE/Configure {{ target }} [[ options ]]
-#### OpenVMS example ####
+#### OpenVMS example
$ set default sys$login:
$ create/dir [.tmp.openssl-build]
$ @[PATH.TO.OPENSSL.SOURCE]Configure {{ target }} [[ options ]]
-#### Windows example ####
+#### Windows example
$ C:
$ mkdir \temp-openssl
Paths can be relative just as well as absolute. Configure will do its best
to translate them to relative paths whenever possible.
-
Build OpenSSL
-------------
If some tests fail, take a look at the [Test Failures](#test-failures)
subsection of the [Troubleshooting](#troubleshooting) section.
-
Install OpenSSL
---------------
directory tree under PREFIX (the directory given with `--prefix` or
its default):
-#### Unix / Linux / macOS ####
+### Unix / Linux / macOS
bin/ Contains the openssl binary and a few other
utility scripts.
share/doc/openssl/html/man7
Contains the HTML rendition of the man-pages.
-#### OpenVMS ####
+### OpenVMS
'arch' is replaced with the architecture name, "Alpha" or "ia64",
'sover' is replaced with the shared library version (0101 for 1.1), and
[.SYSTEST] Contains the installation verification procedure.
[.HTML] Contains the HTML rendition of the manual pages.
-
-#### Additional Directories ####
+### Additional Directories
Additionally, install will add the following directories under
OPENSSLDIR (the directory given with `--openssldir` or its default)
The specified destination directory will be prepended to all installation
target paths.
-### Compatibility issues with previous OpenSSL versions ###
+Compatibility issues with previous OpenSSL versions
+---------------------------------------------------
-#### COMPILING existing applications ####
+### COMPILING existing applications
Starting with version 1.1.0, OpenSSL hides a number of structures that were
previously open. This includes all internal libssl structures and a number
Some APIs have changed as well. However, older APIs have been preserved when
possible.
+Post-installation Notes
+-----------------------
+
+With the default OpenSSL installation comes a FIPS provider module, which
+needs some post-installation attention, without which it will not be usable.
+This involves using the following command:
+
+ openssl fipsinstall
+
+See the openssl-fipsinstall(1) manual for details and examples.
Advanced Build Options
======================
-
Environment Variables
---------------------
WINDRES
See RC.
-
Makefile Targets
----------------
(on Unix and Windows, BSD style wildcards are supported, while on VMS,
it's VMS style wildcards)
-### Examples ###
+### Examples
Run all tests except for the fuzz tests:
To stochastically verify that the algorithm that produces uniformly distributed
random numbers is operating correctly (with a false positive rate of 0.01%):
- $ ./util/shlib_wrap.sh test/bntest -stochastic
+ $ ./util/wrap.sh test/bntest -stochastic
Troubleshooting
===============
Configuration Problems
----------------------
-### Selecting the correct target ###
+### Selecting the correct target
The `./config` script tries hard to guess your operating system, but in some
cases it does not succeed. You will see a message like the following:
- $ ./config
+ ./config
Operating system: x86-whatever-minix
This system (minix) is not supported. See file INSTALL for details.
More about our support resources can be found in the [SUPPORT][] file.
-### Configuration Errors ###
+### Configuration Errors
If the `./config` or `./Configure` command fails with an error message,
read the error message carefully and try to figure out whether you made
` ``` ` on a separate line) before and after your output:
```
- $ ./Configure [your arguments...]
+ ./Configure [your arguments...]
[output...]
```
-
Build Failures
--------------
change, it might be helpful to clean the build tree before attempting another
build. Use this command:
- $ make clean # Unix
- $ mms clean ! (or mmk) OpenVMS
- $ nmake clean # Windows
+ make clean # Unix
+ mms clean ! (or mmk) OpenVMS
+ nmake clean # Windows
Assembler error messages can sometimes be sidestepped by using the
"no-asm" configuration option.
Please take the time to review the existing issues first; maybe the bug was
already reported or has already been fixed.
-
Test Failures
-------------
If some tests fail, look at the output. There may be reasons for the failure
-that isn't a problem in OpenSSL itself (like a malfunction with Perl).
+that isn't a problem in OpenSSL itself (like an OS malfunction or a Perl issue).
You may want increased verbosity, that can be accomplished like this:
-Verbosity on failure only (make macro VERBOSE_FAILURE or VF):
+Full verbosity (`make` macro `VERBOSE` or `V`):
+
+ make V=1 test # Unix
+ mms /macro=(V=1) test ! OpenVMS
+ nmake V=1 test # Windows
+
+Verbosity on test failure (`VERBOSE_FAILURE` or `VF´, Unix example shown):
- $ make VF=1 test # Unix
- $ mms /macro=(VF=1) test ! OpenVMS
- $ nmake VF=1 test # Windows
+ make test VF=1
-Full verbosity (make macro VERBOSE or V):
+Verbosity on failed (sub-)tests only (`VERBOSE_FAILURES_ONLY` or `VFO`):
- $ make V=1 test # Unix
- $ mms /macro=(V=1) test ! OpenVMS
- $ nmake V=1 test # Windows
+ make test VFO=1
+
+Verbosity on failed (sub-)tests, in addition progress on succeeded (sub-)tests
+(`VERBOSE_FAILURES_PROGRESS` or `VFP`):
+
+ make test VFP=1
If you want to run just one or a few specific tests, you can use
the make variable TESTS to specify them, like this:
- $ make TESTS='test_rsa test_dsa' test # Unix
- $ mms/macro="TESTS=test_rsa test_dsa" test ! OpenVMS
- $ nmake TESTS='test_rsa test_dsa' test # Windows
+ make TESTS='test_rsa test_dsa' test # Unix
+ mms/macro="TESTS=test_rsa test_dsa" test ! OpenVMS
+ nmake TESTS='test_rsa test_dsa' test # Windows
-And of course, you can combine (Unix example shown):
+And of course, you can combine (Unix examples shown):
- $ make VF=1 TESTS='test_rsa test_dsa' test
+ make test TESTS='test_rsa test_dsa' VF=1
+ make test TESTS="test_cmp_*" VFO=1
You can find the list of available tests like this:
- $ make list-tests # Unix
- $ mms list-tests ! OpenVMS
- $ nmake list-tests # Windows
+ make list-tests # Unix
+ mms list-tests ! OpenVMS
+ nmake list-tests # Windows
Have a look at the manual for the perl module Test::Harness to
see what other HARNESS_* variables there are.
run "make clean; make" or corresponding.
To report a bug please open an issue on GitHub, at
-https://github.com/openssl/openssl/issues.
+<https://github.com/openssl/openssl/issues>.
For more details on how the make variables TESTS can be used,
see section [Running Selected Tests](#running-selected-tests) below.
-
Notes
=====
the CSPRNG manually. Please check out the manual pages for RAND_add(),
RAND_bytes(), RAND_egd(), and the FAQ for more information.
-
<!-- Links -->
[openssl-users]:
- https://mta.openssl.org/mailman/listinfo/openssl-users
+ <https://mta.openssl.org/mailman/listinfo/openssl-users>
[SUPPORT]:
./SUPPORT.md
[GitHub Issues]:
- https://github.com/openssl/openssl/issues
+ <https://github.com/openssl/openssl/issues>
[raise an issue]:
- https://github.com/openssl/openssl/issues/new/choose
+ <https://github.com/openssl/openssl/issues/new/choose>
[10-main.conf]:
Configurations/10-main.conf
projects / openssl.git / blobdiff