* Perl 5 with core modules (please read [NOTES-PERL.md](NOTES-PERL.md))
* The Perl module `Text::Template` (please read [NOTES-PERL.md](NOTES-PERL.md))
* an ANSI C compiler
+ * POSIX C library (at least POSIX.1-2008), or compatible types and
+ functionality.
* a development environment in the form of development libraries and C
header files
* a supported operating system
* [Notes for the DOS platform with DJGPP](NOTES-DJGPP.md)
* [Notes for the OpenVMS platform](NOTES-VMS.md)
* [Notes for the HPE NonStop platform](NOTES-NONSTOP.md)
+ * [Notes on POSIX](NOTES-POSIX.md)
* [Notes on Perl](NOTES-PERL.md)
* [Notes on Valgrind](NOTES-VALGRIND.md)
Use the `RDSEED` or `RDRAND` command on x86 or `RNDRRS` command on aarch64
if provided by the CPU.
-### librandom
-
-Use librandom (not implemented yet).
-This source is ignored by the FIPS provider.
-
### none
Disable automatic seeding. This is the default on some operating systems where
As part of its self-test validation, the FIPS module must verify itself
by performing a SHA-256 HMAC computation on itself. The default key is
-the SHA256 value of "the holy handgrenade of antioch" and is sufficient
+the SHA256 value of "holy hand grenade of antioch" and is sufficient
for meeting the FIPS requirements.
To change the key to a different value, use this flag. The value should
Do not use `atexit()` in libcrypto builds.
`atexit()` has varied semantics between platforms and can cause SIGSEGV in some
-circumstances. This options disables the atexit registration of OPENSSL_cleanup.
+circumstances. This option disables the atexit registration of OPENSSL_cleanup.
By default, NonStop configurations use `no-atexit`.
### no-autoalginit
Don't build with support for Position Independent Code.
+### enable-pie
+
+Build with support for Position Independent Execution.
+
### no-pinshared
Don't pin the shared libraries.
OpenSSL will still provide the methods for applications to explicitly select
the individual protocol versions.
+### no-integrity-only-ciphers
+
+Don't build support for integrity only ciphers in tls.
+
### no-{protocol}-method
no-{ssl3|tls1|tls1_1|tls1_2|dtls1|dtls1_2}-method