-#!/usr/local/bin/perl
+#!/usr/bin/env perl
# A bit of an evil hack but it post processes the file ../MINFO which
# is generated by `make files` in the top directory.
# This script outputs one mega makefile that has no shell stuff or any
-# funny stuff
-#
+# funny stuff (if the target is not "copy").
+# If the target is "copy", then it tries to create a makefile that can be
+# safely used with the -j flag and that is compatible with the top-level
+# Makefile, in the sense that it uses the same options and assembler files etc.
+
+use Cwd;
-$INSTALLTOP="/usr/local/ssl";
+$INSTALLTOP="/usr/local";
$OPENSSLDIR="/usr/local/ssl";
+$ENGINESDIR="/usr/local/lib/engines";
$OPTIONS="";
$ssl_version="";
$banner="\t\@echo Building OpenSSL";
my $no_static_engine = 1;
my $engines = "";
+my @engines_obj = "";
+my $otherlibs = "";
local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
local $zlib_lib = "";
local $perl_asm = 0; # 1 to autobuild asm files from perl scripts
+local $fips_canister_path = "";
+my $fips_premain_dso_exe_path = "";
+my $fips_premain_c_path = "";
+my $fips_sha1_exe_path = "";
+
+local $fipscanisterbuild = 0;
+
+my $fipscanisteronly = 0;
+
+my $fipslibdir = "";
+my $baseaddr = "";
+
+my $ex_l_libs = "";
+
+my $build_targets = "lib exe";
+my $libs_dep = "\$(O_CRYPTO) \$(O_SSL)";
+
# Options to import from top level Makefile
my %mf_import = (
OPTIONS => \$OPTIONS,
INSTALLTOP => \$INSTALLTOP,
OPENSSLDIR => \$OPENSSLDIR,
+ ENGINESDIR => \$ENGINESDIR,
PLATFORM => \$mf_platform,
+ CC => \$mf_cc,
CFLAG => \$mf_cflag,
- DEPFLAG => \$mf_depflag,
+ CFLAG_Q => \$mf_cflag_q,
+ DEPFLAG => \$mf_depflag,
CPUID_OBJ => \$mf_cpuid_asm,
BN_ASM => \$mf_bn_asm,
DES_ENC => \$mf_des_asm,
SHA1_ASM_OBJ => \$mf_sha_asm,
RMD160_ASM_OBJ => \$mf_rmd_asm,
WP_ASM_OBJ => \$mf_wp_asm,
- CMLL_ENC => \$mf_cm_asm
+ CMLL_ENC => \$mf_cm_asm,
+ MODES_ASM_OBJ => \$mf_modes_asm,
+ ENGINES_ASM_OBJ=> \$mf_engines_asm,
+ PERLASM_SCHEME => \$mf_perlasm_scheme,
+ FIPSCANISTERONLY => \$mf_fipscanisteronly,
+ FIPSCANISTERINTERNAL => \$mf_fipscanisterinternal,
+ EC_ASM => \$mf_ec_asm,
);
-
open(IN,"<Makefile") || die "unable to open Makefile!\n";
while(<IN>) {
my ($mf_opt, $mf_ref);
while (($mf_opt, $mf_ref) = each %mf_import) {
- if (/^$mf_opt\s*=\s*(.*)$/) {
+ if (/^$mf_opt\s*=\s*(.*)$/ && !defined($$mfref)) {
$$mf_ref = $1;
}
}
}
close(IN);
-$debug = 1 if $mf_platform =~ /^debug-/;
+if ($mf_fipscanisterinternal eq "y") {
+ $fips = 1;
+ $fipscanisterbuild = 1;
+ $fipscanisteronly = 1;
+}
+
die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq "";
"netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets",
"netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets",
"default","cc under unix",
- "auto", "auto detect from top level Makefile"
+ "auto", "auto detect from top level Makefile",
+ "copy", "copy from top level Makefile"
);
$platform="";
no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher
no-bf no-cast no-aes no-camellia no-seed
no-rsa no-dsa no-dh - Skip this public key cipher
- no-ssl2 no-ssl3 - Skip this version of SSL
+ no-ssl3 - Skip this version of SSL
just-ssl - remove all non-ssl keys/digest
no-asm - No x86 asm
- no-krb5 - No KRB5
+ no-srp - No SRP
no-ec - No EC
- no-ecdsa - No ECDSA
- no-ecdh - No ECDH
no-engine - No engine
+ no-egd - No EGD
no-hw - No hw
+ no-async - No Async (use NULL)
+ no-autoalginit - Don't auto load algorithms in libcrypto
+ no-autoerrinit - Don't auto load error strings for libcrypto or libssl
nasm - Use NASM for x86 asm
nw-nasm - Use NASM x86 asm for NetWare
nw-mwasm - Use Metrowerks x86 asm for NetWare
$no_mdc2=1 if ($no_des);
-$no_ssl3=1 if ($no_md5 || $no_sha);
+$no_ssl3=1 if ($no_md5);
$no_ssl3=1 if ($no_rsa && $no_dh);
-$no_ssl2=1 if ($no_md5);
-$no_ssl2=1 if ($no_rsa);
-
$out_def="out";
$inc_def="outinc";
$tmp_def="tmp";
$perl="perl" unless defined $perl;
$mkdir="-mkdir" unless defined $mkdir;
+$mv="mv" unless defined $mv;
($ssl,$crypto)=("ssl","crypto");
$ranlib="echo ranlib";
$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
-$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
+$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}: $platform eq 'copy' ? getcwd() : '.';
$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
# $bin_dir.=$o causes a core dump on my sparc :-(
push(@INC,"util/pl","pl");
-if ($platform eq "auto") {
+if ($platform eq "auto" || $platform eq 'copy') {
+ $orig_platform = $platform;
$platform = $mf_platform;
print STDERR "Imported platform $mf_platform\n";
}
$cflags.=" -DOPENSSL_NO_MD2" if $no_md2;
$cflags.=" -DOPENSSL_NO_MD4" if $no_md4;
$cflags.=" -DOPENSSL_NO_MD5" if $no_md5;
-$cflags.=" -DOPENSSL_NO_SHA" if $no_sha;
-$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1;
-$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd;
+$cflags.=" -DOPENSSL_NO_RMD160" if $no_ripemd;
$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2;
$cflags.=" -DOPENSSL_NO_BF" if $no_bf;
$cflags.=" -DOPENSSL_NO_CAST" if $no_cast;
$cflags.=" -DOPENSSL_NO_DH" if $no_dh;
$cflags.=" -DOPENSSL_NO_WHIRLPOOL" if $no_whirlpool;
$cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
-$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
-$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
+$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
-$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
$cflags.=" -DOPENSSL_NO_EC" if $no_ec;
-$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
-$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
+$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
+$cflags.=" -DOPENSSL_NO_ASYNC" if $no_async;
+$cflags.=" -DOPENSSL_NO_AUTOALGINIT" if $no_autoalginit;
+$cflags.=" -DOPENSSL_NO_AUTOERRINIT" if $no_autoerrinit;
+$cflags.=" -DOPENSSL_FIPS" if $fips;
$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
+$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
$cflags.= " -DZLIB" if $zlib_opt;
$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
##else
{ $cflags="$c_flags$cflags" if ($c_flags ne ""); }
+if ($orig_platform eq 'copy') {
+ $cflags = $mf_cflag;
+ $cc = $mf_cc;
+}
+
$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
$_=<IN>;
for (;;)
{
- chop;
+ s/\s*$//; # was chop, didn't work in mixture of perls for Windows...
($key,$val)=/^([^=]+)=(.*)/;
if ($key eq "RELATIVE_DIRECTORY")
{
if ($lib ne "")
{
- $uc=$lib;
- $uc =~ s/^lib(.*)\.a/$1/;
- $uc =~ tr/a-z/A-Z/;
- $lib_nam{$uc}=$uc;
- $lib_obj{$uc}.=$libobj." ";
+ if ($fips && $dir =~ /^fips/)
+ {
+ $uc = "FIPS";
+ }
+ else
+ {
+ $uc=$lib;
+ $uc =~ s/^lib(.*)\.a/$1/;
+ $uc =~ tr/a-z/A-Z/;
+ }
+ if (($uc ne "FIPS") || $fipscanisterbuild)
+ {
+ $lib_nam{$uc}=$uc;
+ $lib_obj{$uc}.=$libobj." ";
+ }
}
last if ($val eq "FINISHED");
$lib="";
$dir=$val;
}
- if ($key eq "KRB5_INCLUDES")
- { $cflags .= " $val";}
-
if ($key eq "ZLIB_INCLUDE")
{ $cflags .= " $val" if $val ne "";}
if ($key eq "LIBZLIB")
{ $zlib_lib = "$val" if $val ne "";}
- if ($key eq "LIBKRB5")
+ if ($key eq "EX_LIBS")
{ $ex_libs .= " $val" if $val ne "";}
- if ($key eq "TEST")
- { $test.=&var_add($dir,$val, 0); }
+ # There was a condition here before:
+ # !$fipscanisteronly || $dir =~ /^fips/
+ # It currently fills no function and needs to be rewritten anyway, so
+ # removed for now.
+ if ($dir eq "test" && $key eq "EXE")
+ {
+ foreach my $t (split /\s+/, $val) {
+ $test.=&var_add($dir,$t, 0) if $t; }
+ }
- if (($key eq "PROGS") || ($key eq "E_OBJ"))
+ if ($key eq "EXE_OBJ")
{ $e_exe.=&var_add($dir,$val, 0); }
if ($key eq "LIB")
$lib=$val;
$lib =~ s/^.*\/([^\/]+)$/$1/;
}
-
- if ($key eq "EXHEADER")
- { $exheader.=&var_add($dir,$val, 1); }
+ if ($key eq "LIBNAME" && $no_static_engine)
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ $otherlibs .= " $lib";
+ }
if ($key eq "HEADER")
{ $header.=&var_add($dir,$val, 1); }
- if ($key eq "LIBOBJ" && ($dir ne "engines" || !$no_static_engine))
+ if ($key eq "LIBOBJ")
+ {
+ if ($dir ne "engines" || !$no_static_engine)
{ $libobj=&var_add($dir,$val, 0); }
+ else
+ { push(@engines_obj,split(/\s+/,&var_add($dir,$val,0))); }
+ }
if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine)
{ $engines.=$val }
+ if ($key eq "FIPS_EX_OBJ")
+ {
+ $fips_ex_obj=&var_add("crypto",$val,0);
+ }
+
+ if ($key eq "FIPSLIBDIR")
+ {
+ $fipslibdir=$val;
+ $fipslibdir =~ s/\/$//;
+ $fipslibdir =~ s/\//$o/g;
+ }
+
+ if ($key eq "BASEADDR")
+ { $baseaddr=$val;}
+
if (!($_=<IN>))
{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
}
close(IN);
-if ($shlib)
+if ($orig_platform eq 'copy')
+ {
+ # Remove opensslconf.h so it doesn't get updated if we configure a
+ # different branch.
+ $header =~ s/[^ ]+\/opensslconf.h//;
+ }
+
+if ($fips)
+ {
+
+ foreach (split " ", $fips_ex_obj)
+ {
+ $fips_exclude_obj{$1} = 1 if (/\/([^\/]*)$/);
+ }
+ foreach (split " ",
+ "$mf_cpuid_asm $mf_aes_asm $mf_sha_asm $mf_bn_asm " .
+ "$mf_des_asm $mf_modes_asm")
+ {
+ s/\.o//;
+ $fips_exclude_obj{$_} = 1;
+ }
+ my @ltmp = split " ", $lib_obj{"CRYPTO"};
+
+
+ $lib_obj{"CRYPTO"} = "";
+
+ foreach(@ltmp)
+ {
+ if (/\/([^\/]*)$/ && exists $fips_exclude_obj{$1})
+ {
+ if ($fipscanisterbuild)
+ {
+ $lib_obj{"FIPS"} .= "$_ ";
+ }
+ }
+ elsif (!$fipscanisteronly)
+ {
+ $lib_obj{"CRYPTO"} .= "$_ ";
+ }
+ }
+
+ }
+
+if ($fipscanisterbuild)
+ {
+ $fips_canister_path = "\$(LIB_D)${o}fipscanister.lib" if $fips_canister_path eq "";
+ $fips_premain_c_path = "\$(LIB_D)${o}fips_premain.c";
+ }
+else
+ {
+ if ($fips_canister_path eq "")
+ {
+ $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.lib";
+ }
+
+ if ($fips_premain_c_path eq "")
+ {
+ $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c";
+ }
+ }
+
+if ($fips)
+ {
+ if ($fips_sha1_exe_path eq "")
+ {
+ $fips_sha1_exe_path =
+ "\$(BIN_D)${o}fips_standalone_sha1$exep";
+ }
+ }
+ else
+ {
+ $fips_sha1_exe_path = "";
+ }
+
+if ($fips_premain_dso_exe_path eq "")
+ {
+ $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep";
+ }
+
+# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips);
+
+if ($fips)
+ {
+ if (!$shlib)
+ {
+ $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
+ $ex_l_libs .= " \$(O_FIPSCANISTER)";
+ $ex_libs_dep .= " \$(O_FIPSCANISTER)" if $fipscanisterbuild;
+ }
+ if ($fipscanisterbuild)
+ {
+ $fipslibdir = "\$(LIB_D)";
+ }
+ else
+ {
+ if ($fipslibdir eq "")
+ {
+ open (IN, "util/fipslib_path.txt") || fipslib_error();
+ $fipslibdir = <IN>;
+ close IN;
+ $fipslibdir = "" unless defined($fipslibdir);
+ $fipslibdir =~ s{\R$}{};
+ fipslib_error() if ($fipslibdir eq "");
+ }
+ fips_check_files($fipslibdir,
+ "fipscanister.lib", "fipscanister.lib.sha1",
+ "fips_premain.c", "fips_premain.c.sha1");
+ }
+ }
+
+if ($fipscanisteronly)
+ {
+ $build_targets = "\$(O_FIPSCANISTER) \$(T_EXE)";
+ $libs_dep = "";
+ }
+
+$cp2 = $cp unless defined $cp2;
+
+$extra_install= <<"EOF";
+ \$(CP) \"include${o}openssl${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+ \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
+ \$(MKDIR) \"\$(OPENSSLDIR)\"
+ \$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
+EOF
+
+if ($fipscanisteronly)
{
- $extra_install= <<"EOF";
+ $extra_install = <<"EOF";
+ \$(CP) \"\$(O_FIPSCANISTER)\" \"\$(INSTALLTOP)${o}lib\"
+ \$(CP) \"\$(O_FIPSCANISTER).sha1\" \"\$(INSTALLTOP)${o}lib\"
+ \$(CP2) \"fips${o}fips_premain.c\" \"\$(INSTALLTOP)${o}lib\"
+ \$(CP) \"fips${o}fips_premain.c.sha1\" \"\$(INSTALLTOP)${o}lib\"
+ \$(CP) \"include${o}openssl${o}fips.h\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+ \$(CP) \"include${o}openssl${o}fips_rand.h\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+ \$(CP) "\$(BIN_D)${o}fips_standalone_sha1$exep" \"\$(INSTALLTOP)${o}bin\"
+ \$(CP) \"util${o}fipslink.pl\" \"\$(INSTALLTOP)${o}bin\"
+EOF
+ }
+elsif ($shlib)
+ {
+ $extra_install .= <<"EOF";
\$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\"
\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\"
\$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\"
}
else
{
- $extra_install= <<"EOF";
+ $extra_install .= <<"EOF";
\$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\"
\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
EOF
$ex_libs .= " $zlib_lib" if $zlib_opt == 1;
}
+my $asm_def = $orig_platform eq 'copy' ? "" : "ASM=$bin_dir$asm";
+
+$cflags =~ s/\((ENGINESDIR|OPENSSLDIR)\)/\(${1}_QQ\)/g;
+(my $cflags_q = $cflags) =~ s/([\\"])/\\$1/g;
+(my $INSTALLTOP_Q = $INSTALLTOP) =~ s/([\\"])/\\$1/g;
+(my $INSTALLTOP_QQ = $INSTALLTOP_Q) =~ s/\\/\\\\/g;
+(my $OPENSSLDIR_Q = $OPENSSLDIR) =~ s/([\\"])/\\$1/g;
+(my $OPENSSLDIR_QQ = $OPENSSLDIR_Q) =~ s/\\/\\\\/g;
+(my $ENGINESDIR_Q = $ENGINESDIR) =~ s/([\\"])/\\$1/g;
+(my $ENGINESDIR_QQ = $ENGINESDIR_Q) =~ s/\\/\\\\/g;
+
$defs= <<"EOF";
+# N.B. You MUST use -j on FreeBSD.
# This makefile has been automatically generated from the OpenSSL distribution.
# This single makefile will build the complete OpenSSL distribution and
-# by default leave the 'intertesting' output files in .${o}out and the stuff
+# by default leave the 'interesting' output files in .${o}out and the stuff
# that needs deleting in .${o}tmp.
# The file was generated by running 'make makefile.one', which
# does a 'make files', which writes all the environment variables from all
$defs.= <<"EOF";
INSTALLTOP=$INSTALLTOP
+INSTALLTOP_QQ=$INSTALLTOP_QQ
OPENSSLDIR=$OPENSSLDIR
+OPENSSLDIR_QQ=$OPENSSLDIR_QQ
+ENGINESDIR=$ENGINESDIR
+ENGINESDIR_QQ=$ENGINESDIR_QQ
# Set your compiler options
PLATFORM=$platform
CC=$bin_dir${cc}
CFLAG=$cflags
+CFLAG_Q=$cflags_q
APP_CFLAG=$app_cflag
LIB_CFLAG=$lib_cflag
SHLIB_CFLAG=$shl_cflag
# The OpenSSL directory
SRC_D=$src_dir
-LINK=$link
+LINK_CMD=$link
LFLAGS=$lflags
RSC=$rsc
+FIPSLINK=\$(PERL) util${o}fipslink.pl
-# The output directory for everything intersting
+# The output directory for everything interesting
OUT_D=$out_dir
# The output directory for all the temporary muck
TMP_D=$tmp_dir
-# The output directory for the header files
-INC_D=$inc_dir
-INCO_D=$inc_dir${o}openssl
PERL=$perl
+PERLASM_SCHEME=$mf_perlasm_scheme
CP=$cp
+CP2=$cp2
RM=$rm
+MV=$mv
RANLIB=$ranlib
MKDIR=$mkdir
MKLIB=$bin_dir$mklib
MLFLAGS=$mlflags
-ASM=$bin_dir$asm
+$asm_def
+
+# FIPS validated module and support file locations
+
+E_PREMAIN_DSO=fips_premain_dso
+
+FIPSLIB_D=$fipslibdir
+BASEADDR=$baseaddr
+FIPS_PREMAIN_SRC=$fips_premain_c_path
+O_FIPSCANISTER=$fips_canister_path
+FIPS_SHA1_EXE=$fips_sha1_exe_path
+PREMAIN_DSO_EXE=$fips_premain_dso_exe_path
######################################################
# You should not need to touch anything below this point
L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
-L_LIBS= \$(L_SSL) \$(L_CRYPTO)
+L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
######################################################
# Don't touch anything below this point
######################################################
-INC=-I\$(INC_D) -I\$(INCL_D)
+INC=-I\$(SRC_D)${o}include -I\$(INCL_D) -I\$(SRC_D)${o}crypto${o}include
APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
-LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
+LIBS_DEP=$libs_dep
#############################################
EOF
$rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) headers \$(FIPS_SHA1_EXE) $build_targets
banner:
$banner
\$(LIB_D):
\$(MKDIR) \"\$(LIB_D)\"
-\$(INCO_D): \$(INC_D)
- \$(MKDIR) \"\$(INCO_D)\"
+# This needs to be invoked once, when the makefile is first constructed, or
+# after cleaning.
+init: \$(TMP_D) \$(LIB_D) \$(BIN_D) \$(TEST_D) headers
-\$(INC_D):
- \$(MKDIR) \"\$(INC_D)\"
-
-headers: \$(HEADER) \$(EXHEADER)
- @
+headers: \$(HEADER)
lib: \$(LIBS_DEP) \$(E_SHLIB)
-exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
+exe: apps tools testapps
+apps: \$(BIN_D)$o\$(E_EXE)$exep \$(BIN_D)${o}CA.pl
+testapps: \$(T_EXE)
+tools: \$(BIN_D)${o}c_rehash
install: all
\$(MKDIR) \"\$(INSTALLTOP)\"
\$(MKDIR) \"\$(INSTALLTOP)${o}include\"
\$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\"
\$(MKDIR) \"\$(INSTALLTOP)${o}lib\"
- \$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
- \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
- \$(MKDIR) \"\$(OPENSSLDIR)\"
- \$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
+ \$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\"
$extra_install
-
-test: \$(T_EXE)
- cd \$(BIN_D)
- ..${o}ms${o}test
-
clean:
\$(RM) \$(TMP_D)$o*.*
\$(RM) \$(TMP_D)$o*.*
\$(RM) \$(OUT_D)$o*.*
-EOF
-
-my $platform_cpp_symbol = "MK1MF_PLATFORM_$platform";
-$platform_cpp_symbol =~ s/-/_/g;
-if (open(IN,"crypto/buildinf.h"))
- {
- # Remove entry for this platform in existing file buildinf.h.
+reallyclean:
+ \$(RM) -rf \$(TMP_D)
+ \$(RM) -rf \$(BIN_D)
+ \$(RM) -rf \$(TEST_D)
+ \$(RM) -rf \$(LIB_D)
- my $old_buildinf_h = "";
- while (<IN>)
- {
- if (/^\#ifdef $platform_cpp_symbol$/)
- {
- while (<IN>) { last if (/^\#endif/); }
- }
- else
- {
- $old_buildinf_h .= $_;
- }
- }
- close(IN);
+EOF
- open(OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
- print OUT $old_buildinf_h;
- close(OUT);
- }
+$rules .= &do_rehash_rule("rehash.time", "certs/demo apps tools");
+$rules .= &do_test_rule("test", "rehash.time", "run_tests.pl");
-open (OUT,">>crypto/buildinf.h") || die "Can't open buildinf.h";
-printf OUT <<EOF;
-#ifdef $platform_cpp_symbol
- /* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
- #define CFLAGS "$cc $cflags"
- #define PLATFORM "$platform"
+$rules .= <<"EOF";
+crypto${o}buildinf.h : MINFO
+ \$(PERL) util${o}mkbuildinf.pl "\$(CC) \$(CFLAG_Q)" "\$(PLATFORM)" > crypto${o}buildinf.h
+$(OBJ_D)${o}cversion${obj} : crypto${o}buildinf.h
EOF
-printf OUT " #define DATE \"%s\"\n", scalar gmtime();
-printf OUT "#endif\n";
-close(OUT);
-# Strip of trailing ' '
+# Strip off trailing ' '
foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
$test=&clean_up_ws($test);
$e_exe=&clean_up_ws($e_exe);
-$exheader=&clean_up_ws($exheader);
$header=&clean_up_ws($header);
-# First we strip the exheaders from the headers list
-foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
-foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; }
-chop($h); $header=$h;
-
$defs.=&do_defs("HEADER",$header,"\$(INCL_D)","");
$rules.=&do_copy_rule("\$(INCL_D)",$header,"");
-$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)","");
-$rules.=&do_copy_rule("\$(INCO_D)",$exheader,"");
-
$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+# Special case rules for fips_start and fips_end fips_premain_dso
+
+if ($fips)
+ {
+ if ($fipscanisterbuild)
+ {
+ $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj",
+ "fips${o}fips_canister.c",
+ "-DFIPS_START \$(SHLIB_CFLAGS)");
+ $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj",
+ "fips${o}fips_canister.c", "\$(SHLIB_CFLAGS)");
+ }
+ $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj",
+ "fips${o}sha${o}fips_standalone_sha1.c",
+ "\$(APP_CFLAGS)");
+ $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
+ "fips${o}fips_premain.c",
+ "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(APP_CFLAGS)");
+ }
+
+sub fix_asm
+ {
+ my($asm, $dir) = @_;
+
+ $asm = " $asm";
+ $asm =~ s/\s+/ $dir\//g;
+ $asm =~ s/\.o//g;
+ $asm =~ s/^ //;
+
+ return $asm . ' ';
+ }
+
+if ($orig_platform eq 'copy') {
+ $lib_obj{CRYPTO} .= fix_asm($mf_md5_asm, 'crypto/md5');
+ $lib_obj{CRYPTO} .= fix_asm($mf_bn_asm, 'crypto/bn');
+ # cpuid is included by the crypto dir
+ #$lib_obj{CRYPTO} .= fix_asm($mf_cpuid_asm, 'crypto');
+ # AES asm files end up included by the aes dir itself
+ #$lib_obj{CRYPTO} .= fix_asm($mf_aes_asm, 'crypto/aes');
+ $lib_obj{CRYPTO} .= fix_asm($mf_sha_asm, 'crypto/sha');
+ $lib_obj{CRYPTO} .= fix_asm($mf_engines_asm, 'engines');
+ $lib_obj{CRYPTO} .= fix_asm($mf_rc4_asm, 'crypto/rc4');
+ $lib_obj{CRYPTO} .= fix_asm($mf_modes_asm, 'crypto/modes');
+ $lib_obj{CRYPTO} .= fix_asm($mf_ec_asm, 'crypto/ec');
+}
+
foreach (values %lib_nam)
{
$lib_obj=$lib_obj{$_};
local($slib)=$shlib;
- if (($_ eq "SSL") && $no_ssl2 && $no_ssl3)
- {
- $rules.="\$(O_SSL):\n\n";
- next;
- }
-
$defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
$lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
}
# hack to add version info on MSVC
-if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) {
+if (($platform eq "VC-WIN32") || ($platform eq "VC-WIN64A")
+ || ($platform eq "VC-WIN64I") || ($platform eq "VC-NT")) {
$rules.= <<"EOF";
\$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc
\$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc
$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
foreach (split(/\s+/,$test))
{
+ my $t_libs;
$t=&bname($_);
+ my $ltype;
+ # Check to see if test program is FIPS
+ if ($fips && /fips/)
+ {
+ # If fips perform static link to
+ # $(O_FIPSCANISTER)
+ $t_libs = "\$(O_FIPSCANISTER)";
+ $ltype = 2;
+ }
+ else
+ {
+ $t_libs = "\$(L_LIBS)";
+ $ltype = 0;
+ }
+
$tt="\$(OBJ_D)${o}$t${obj}";
- $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+ $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","$t_libs \$(EX_LIBS)", $ltype);
}
-$defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp);
+$defs.=&do_defs("E_SHLIB",$engines . $otherlibs,"\$(ENG_D)",$shlibp);
foreach (split(/\s+/,$engines))
{
- $rules.=&do_compile_rule("\$(OBJ_D)","engines${o}e_$_",$lib);
- $rules.= &do_lib_rule("\$(OBJ_D)${o}e_${_}.obj","\$(ENG_D)$o$_$shlibp","",$shlib,"");
+ my $engine = $_;
+ my @objs = grep {/e_$engine/} @engines_obj;
+ $rules.=&do_compile_rule("\$(OBJ_D)",join(" ",@objs),$lib);
+ map {$_=~s/.*\/([^\/]+)$/\$(OBJ_D)${o}$1$obj/} @objs;
+ $rules.= &do_lib_rule(join(" ",@objs),"\$(ENG_D)$o$engine$shlibp","",$shlib,"");
}
$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
-$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
+#$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
+
+foreach (split(" ",$otherlibs))
+ {
+ my $uc = $_;
+ $uc =~ tr /a-z/A-Z/;
+ $rules.= &do_lib_rule("\$(${uc}OBJ)","\$(ENG_D)$o$_$shlibp", "", $shlib, "");
+
+ }
+
+if ($fips)
+ {
+ if ($shlib)
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(O_CRYPTO)", "$crypto",
+ $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
+ "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ }
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
+ "\$(SO_CRYPTO)");
+ }
-$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+if ($fips)
+ {
+ if ($fipscanisterbuild)
+ {
+ $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)",
+ "\$(OBJ_D)${o}fips_start$obj",
+ "\$(FIPSOBJ)",
+ "\$(OBJ_D)${o}fips_end$obj",
+ "\$(FIPS_SHA1_EXE)", "");
+ # FIXME
+ $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)",
+ "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj $sha1_asm_obj",
+ "","\$(EX_LIBS)", 1);
+ }
+ else
+ {
+ $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)",
+ "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(O_FIPSCANISTER)",
+ "","", 1);
+
+ }
+ $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
+
+ }
+
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
+
+$rules.=&do_dofile_rule("\$(BIN_D)","c_rehash","tools/c_rehash.in");
+$rules.=&do_dofile_rule("\$(BIN_D)","CA.pl","apps/CA.pl.in");
print $defs;
return("") if $no_ec && $dir =~ /\/ec/;
return("") if $no_cms && $dir =~ /\/cms/;
return("") if $no_jpake && $dir =~ /\/jpake/;
+ return("") if !$fips && $dir =~ /^fips/;
if ($no_des && $dir =~ /\/des/)
{
if ($val =~ /read_pwd/)
@a=grep(!/^e_camellia$/,@a) if $no_camellia;
@a=grep(!/^e_seed$/,@a) if $no_seed;
- #@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
#@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
@a=grep(!/(rmd)|(ripemd)/,@a) if $no_ripemd;
@a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
- @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
- @a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+ @a=grep(!/(^p_open$)/,@a) if $no_rsa;
@a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
@a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
@a=grep(!/_dhp$/,@a) if $no_dh;
- @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
- @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
+ @a=grep(!/(srp)/,@a) if $no_srp;
+
@a=grep(!/^engine$/,@a) if $no_engine;
@a=grep(!/^hw$/,@a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
- @a=grep(!/^gendsa$/,@a) if $no_sha1;
@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
- @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
-
grep($_="$dir/$_",@a);
@a=grep(!/(^|\/)s_/,@a) if $no_sock;
@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
$ret.=$t;
}
# hack to add version info on MSVC
- if ($shlib && (($platform eq "VC-WIN32") || ($platform eq "VC-NT")))
+ if ($shlib && (($platform eq "VC-WIN32") || ($platfrom eq "VC-WIN64I") || ($platform eq "VC-WIN64A") || ($platform eq "VC-NT")))
{
if ($var eq "CRYPTOOBJ")
{ $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; }
elsif ($var eq "SSLOBJ")
{ $ret.="\$(OBJ_D)\\\$(SSL).res "; }
}
- chomp($ret);
+ chomp($ret); # Does this actually do something? /RL
$ret.="\n\n";
return($ret);
}
{
$ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n);
}
+ elsif (defined &special_compile_target and
+ ($s=special_compile_target($_)))
+ {
+ $ret.=$s;
+ }
else { die "no rule for $_"; }
}
return($ret);
sub perlasm_compile_target
{
my($target,$source,$bname)=@_;
- my($ret);
+ return platform_perlasm_compile_target($target, $source, $bname)
+ if defined &platform_perlasm_compile_target;
+
+ my($ret);
$bname =~ s/(.*)\.[^\.]$/$1/;
- $ret ="\$(TMP_D)$o$bname.asm: $source\n";
- $ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n\n";
- $ret.="$target: \$(TMP_D)$o$bname.asm\n";
- $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+ $ret ="\$(TMP_D)$o$bname$asm_suffix: $source\n";
+ $ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n";
+ if ($fipscanisteronly)
+ {
+ $ret .= "\t\$(PERL) util$o.pl . \$@ norunasm \$(CFLAG)\n";
+ }
+ $ret .= "\n";
+ $ret.="$target: \$(TMP_D)$o$bname$asm_suffix\n";
+ $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname$asm_suffix\n\n";
return($ret);
}
$bname =~ s/(.*)\.[^\.]$/$1/;
$ret ="\$(TMP_D)$o$bname.asm: $source\n";
- $ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n\n";
+ $ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n";
+ $ret.="\t\$(PERL) util\\fipsas.pl . \$@ norunasm \$(CFLAG)\n" if $fipscanisteronly;
+ $ret.="\n";
$ret.="$target: \$(TMP_D)$o$bname.asm\n";
$ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
return($ret);
local($target,$source,$ex_flags)=@_;
local($ret);
- $ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
$target =~ s/\//$o/g if $o ne "/";
$source =~ s/\//$o/g if $o ne "/";
$ret ="$target: \$(SRC_D)$o$source\n\t";
- $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ $ret.="\$(CC)";
+ $ret.= " -MMD" if $orig_platform eq "copy";
+ $ret.= " ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ $target =~ s/\.o$/.d/;
+ $ret.=".sinclude \"$target\"\n\n" if $orig_platform eq "copy";
return($ret);
}
local($to,$files,$p)=@_;
local($ret,$_,$n,$pp);
+
$files =~ s/\//$o/g if $o ne '/';
foreach (split(/\s+/,$files))
{
if ($n =~ /bss_file/)
{ $pp=".c"; }
else { $pp=$p; }
- $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
+ $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(PERL) \$(SRC_D)${o}util${o}copy-if-different.pl \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
}
return($ret);
}
+sub do_dofile_rule
+ {
+ (my $to, my $file, my $tmpl) = @_;
+
+ $file =~ s|/|$o|g if $o ne '/';
+ return <<"EOF";
+$to${o}$file: $tmpl
+ \$(PERL) "-I." "-Mconfigdata" util/dofile.pl "$tmpl" > "$to${o}$file.new"
+ \$(MV) "$to${o}$file.new" "$to${o}$file"
+EOF
+ }
+
+# Options picked up from the OPTIONS line in the top level Makefile
+# generated by Configure.
+
sub read_options
{
# Many options are handled in a similar way. In particular
# no-xxx sets zero or more scalars to 1.
- # Process these using a hash containing the option name and
- # reference to the scalars to set.
+ # Process these using the %valid_options hash containing the option
+ # name and reference to the scalars to set. In some cases the option
+ # needs no special handling and can be ignored: this is done by
+ # setting the value to 0.
my %valid_options = (
"no-rc2" => \$no_rc2,
"no-md2" => \$no_md2,
"no-md4" => \$no_md4,
"no-md5" => \$no_md5,
- "no-sha" => \$no_sha,
- "no-sha1" => \$no_sha1,
"no-ripemd" => \$no_ripemd,
"no-mdc2" => \$no_mdc2,
"no-whirlpool" => \$no_whirlpool,
"no-rsa" => \$no_rsa,
"no-dsa" => \$no_dsa,
"no-dh" => \$no_dh,
- "no-hmac" => \$no_hmac,
"no-asm" => \$no_asm,
"nasm" => \$nasm,
"nw-nasm" => \$nw_nasm,
"nw-mwasm" => \$nw_mwasm,
"gaswin" => \$gaswin,
- "no-ssl2" => \$no_ssl2,
"no-ssl3" => \$no_ssl3,
- "no-tlsext" => \$no_tlsext,
+ "no-ssl3-method" => 0,
+ "no-srp" => \$no_srp,
"no-cms" => \$no_cms,
"no-jpake" => \$no_jpake,
+ "no-ec2m" => \$no_ec2m,
+ "no-ec_nistp_64_gcc_128" => 0,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
- "no-krb5" => \$no_krb5,
"no-ec" => \$no_ec,
- "no-ecdsa" => \$no_ecdsa,
- "no-ecdh" => \$no_ecdh,
+ "no-gost" => \$no_gost,
"no-engine" => \$no_engine,
+ "no-egd" => 0,
"no-hw" => \$no_hw,
+ "no-async" => \$no_async,
+ "no-autoalginit" => \$no_autoalginit,
+ "no-autoerrinit" => \$no_autoerrinit,
"just-ssl" =>
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
- \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
- \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
- \$no_aes, \$no_camellia, \$no_seed],
+ \$no_md2, \$no_mdc2, \$no_dsa, \$no_dh,
+ \$no_err, \$no_ripemd, \$no_rc5,
+ \$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,
+ "--debug" => \$debug,
"profile" => \$profile,
"shlib" => \$shlib,
"dll" => \$shlib,
"shared" => 0,
+ "no-sctp" => 0,
+ "no-srtp" => 0,
"no-gmp" => 0,
"no-rfc3779" => 0,
"no-montasm" => 0,
"no-store" => 0,
"no-zlib" => 0,
"no-zlib-dynamic" => 0,
+ "no-ssl-trace" => 0,
+ "no-unit-test" => 0,
+ "no-deprecated" => 0,
+ "no-ocb" => 0,
+ "no-crypto-mdebug" => 0,
+ "fips" => \$fips,
+ "fipscanisterbuild" => [\$fips, \$fipscanisterbuild],
+ "fipscanisteronly" => [\$fips, \$fipscanisterbuild, \$fipscanisteronly],
+ "fipscheck" => [\$fips, \$fipscanisterbuild, \$fipscanisteronly],
);
if (exists $valid_options{$_})
$xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
}
- elsif (/^--with-krb5-flavor=(.*)$/)
- {
- my $krb5_flavor = $1;
- if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
- {
- $xcflags="-DKRB5_HEIMDAL $xcflags";
- }
- elsif ($krb5_flavor =~ /^MIT/i)
- {
- $xcflags="-DKRB5_MIT $xcflags";
- if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
- {
- $xcflags="-DKRB5_MIT_OLD11 $xcflags"
- }
- }
- }
elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
else { return(0); }
return(1);
}
+
+sub fipslib_error
+ {
+ print STDERR "***FIPS module directory sanity check failed***\n";
+ print STDERR "FIPS module build failed, or was deleted\n";
+ print STDERR "Please rebuild FIPS module.\n";
+ exit 1;
+ }
+
+sub fips_check_files
+ {
+ my $dir = shift @_;
+ my $ret = 1;
+ if (!-d $dir)
+ {
+ print STDERR "FIPS module directory $dir does not exist\n";
+ fipslib_error();
+ }
+ foreach (@_)
+ {
+ if (!-f "$dir${o}$_")
+ {
+ print STDERR "FIPS module file $_ does not exist!\n";
+ $ret = 0;
+ }
+ }
+ fipslib_error() if ($ret == 0);
+ }
projects / openssl.git / blobdiff