# A bit of an evil hack but it post processes the file ../MINFO which
# is generated by `make files` in the top directory.
# This script outputs one mega makefile that has no shell stuff or any
-# funny stuff
-#
+# funny stuff (if the target is not "copy").
+# If the target is "copy", then it tries to create a makefile that can be
+# safely used with the -j flag and that is compatible with the top-level
+# Makefile, in the sense that it uses the same options and assembler files etc.
+
+use Cwd;
$INSTALLTOP="/usr/local/ssl";
$OPENSSLDIR="/usr/local/ssl";
local $zlib_lib = "";
local $perl_asm = 0; # 1 to autobuild asm files from perl scripts
+my $ex_l_libs = "";
+
# Options to import from top level Makefile
my %mf_import = (
INSTALLTOP => \$INSTALLTOP,
OPENSSLDIR => \$OPENSSLDIR,
PLATFORM => \$mf_platform,
+ CC => \$mf_cc,
CFLAG => \$mf_cflag,
DEPFLAG => \$mf_depflag,
CPUID_OBJ => \$mf_cpuid_asm,
SHA1_ASM_OBJ => \$mf_sha_asm,
RMD160_ASM_OBJ => \$mf_rmd_asm,
WP_ASM_OBJ => \$mf_wp_asm,
- CMLL_ENC => \$mf_cm_asm
+ CMLL_ENC => \$mf_cm_asm,
+ MODES_ASM_OBJ => \$mf_modes_asm,
+ ENGINES_ASM_OBJ=> \$mf_engines_asm,
+ BASEADDR => \$baseaddr,
+ FIPSDIR => \$fipsdir,
);
-
open(IN,"<Makefile") || die "unable to open Makefile!\n";
while(<IN>) {
my ($mf_opt, $mf_ref);
while (($mf_opt, $mf_ref) = each %mf_import) {
- if (/^$mf_opt\s*=\s*(.*)$/) {
+ if (/^$mf_opt\s*=\s*(.*)$/ && !defined($$mfref)) {
$$mf_ref = $1;
}
}
"netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets",
"netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets",
"default","cc under unix",
- "auto", "auto detect from top level Makefile"
+ "auto", "auto detect from top level Makefile",
+ "copy", "copy from top level Makefile"
);
$platform="";
$ranlib="echo ranlib";
$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
-$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
+$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:getcwd();
$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
# $bin_dir.=$o causes a core dump on my sparc :-(
push(@INC,"util/pl","pl");
-if ($platform eq "auto") {
+if ($platform eq "auto" || $platform eq 'copy') {
+ $orig_platform = $platform;
$platform = $mf_platform;
print STDERR "Imported platform $mf_platform\n";
}
$cflags.=' -DTERMIO';
}
+$fipsdir =~ s/\//${o}/g;
+
$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
+$cflags.=" -DOPENSSL_FIPS" if $fips;
$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
$cflags.= " -DZLIB" if $zlib_opt;
##else
{ $cflags="$c_flags$cflags" if ($c_flags ne ""); }
+if ($orig_platform eq 'copy') {
+ $cflags = $mf_cflag;
+ $cc = $mf_cc;
+}
+
$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
EOF
$ex_libs .= " $zlib_lib" if $zlib_opt == 1;
+ if ($fips)
+ {
+ $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
+ $ex_l_libs .= " \$(O_FIPSCANISTER)";
+ }
}
$defs= <<"EOF";
+# N.B. You MUST use -j on FreeBSD.
# This makefile has been automatically generated from the OpenSSL distribution.
# This single makefile will build the complete OpenSSL distribution and
# by default leave the 'intertesting' output files in .${o}out and the stuff
LFLAGS=$lflags
RSC=$rsc
-# The output directory for everything intersting
+# The output directory for everything interesting
OUT_D=$out_dir
# The output directory for all the temporary muck
TMP_D=$tmp_dir
MLFLAGS=$mlflags
ASM=$bin_dir$asm
+# FIPS validated module and support file locations
+
+E_PREMAIN_DSO=fips_premain_dso
+
+FIPSDIR=$fipsdir
+BASEADDR=$baseaddr
+FIPSLIB_D=\$(FIPSDIR)${o}lib
+FIPS_PREMAIN_SRC=\$(FIPSLIB_D)${o}fips_premain.c
+O_FIPSCANISTER=\$(FIPSLIB_D)${o}fipscanister.lib
+FIPS_SHA1_EXE=\$(FIPSDIR)${o}bin${o}fips_standalone_sha1${exep}
+PREMAIN_DSO_EXE=\$(BIN_D)${o}fips_premain_dso$exep
+FIPSLINK=\$(PERL) \$(FIPSDIR)${o}bin${o}fipslink.pl
+
######################################################
# You should not need to touch anything below this point
######################################################
L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
-L_LIBS= \$(L_SSL) \$(L_CRYPTO)
+L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
######################################################
# Don't touch anything below this point
EOF
$rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe $build_targets
banner:
$banner
\$(INC_D):
\$(MKDIR) \"\$(INC_D)\"
+# This needs to be invoked once, when the makefile is first constructed, or
+# after cleaning.
+init: \$(TMP_D) \$(LIB_D) \$(INC_D) \$(INCO_D) \$(BIN_D) \$(TEST_D) headers
+
headers: \$(HEADER) \$(EXHEADER)
- @
lib: \$(LIBS_DEP) \$(E_SHLIB)
\$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
$extra_install
-
-test: \$(T_EXE)
- cd \$(BIN_D)
- ..${o}ms${o}test
-
clean:
\$(RM) \$(TMP_D)$o*.*
\$(RM) \$(TMP_D)$o*.*
\$(RM) \$(OUT_D)$o*.*
+reallyclean:
+ \$(RM) -rf \$(TMP_D)
+ \$(RM) -rf \$(BIN_D)
+ \$(RM) -rf \$(TEST_D)
+ \$(RM) -rf \$(LIB_D)
+ \$(RM) -rf \$(INC_D)
+
+EOF
+
+if ($orig_platform ne 'copy')
+ {
+ $rules .= <<"EOF";
+test: \$(T_EXE)
+ cd \$(BIN_D)
+ ..${o}ms${o}test
+
EOF
-
+ }
+
my $platform_cpp_symbol = "MK1MF_PLATFORM_$platform";
$platform_cpp_symbol =~ s/-/_/g;
if (open(IN,"crypto/buildinf.h"))
printf OUT "#endif\n";
close(OUT);
-# Strip of trailing ' '
+# Strip off trailing ' '
foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
$test=&clean_up_ws($test);
$e_exe=&clean_up_ws($e_exe);
$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+# Special case rule for fips_premain_dso
+
+if ($fips)
+ {
+ $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
+ "\$(FIPS_PREMAIN_SRC)",
+ "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(APP_CFLAGS)", "");
+ $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
+ }
+
+sub fix_asm
+ {
+ my($asm, $dir) = @_;
+
+ return '' if $asm eq '';
+
+ $asm = " $asm";
+ $asm =~ s/\s+/ $dir\//g;
+ $asm =~ s/\.o//g;
+ $asm =~ s/^ //;
+
+ return $asm . ' ';
+ }
+
+if ($orig_platform eq 'copy') {
+ $lib_obj{CRYPTO} .= fix_asm($mf_md5_asm, 'crypto/md5');
+ $lib_obj{CRYPTO} .= fix_asm($mf_bn_asm, 'crypto/bn');
+ # cpuid is included by the crypto dir
+ #$lib_obj{CRYPTO} .= fix_asm($mf_cpuid_asm, 'crypto');
+ # AES asm files DON'T end up included by the aes dir itself
+ $lib_obj{CRYPTO} .= fix_asm($mf_aes_asm, 'crypto/aes');
+ $lib_obj{CRYPTO} .= fix_asm($mf_sha_asm, 'crypto/sha');
+ $lib_obj{CRYPTO} .= fix_asm($mf_engines_asm, 'engines');
+ $lib_obj{CRYPTO} .= fix_asm($mf_rc4_asm, 'crypto/rc4');
+ $lib_obj{CRYPTO} .= fix_asm($mf_modes_asm, 'crypto/modes');
+}
+
foreach (values %lib_nam)
{
$lib_obj=$lib_obj{$_};
$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
-$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
+
+if ($fips)
+ {
+ if ($shlib)
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(O_CRYPTO)", "$crypto",
+ $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)",
+ "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+ "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+ }
+ }
+ else
+ {
+ $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
+ "\$(SO_CRYPTO)");
+ }
foreach (split(" ",$otherlibs))
{
}
-$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
+
+$rules .= get_tests('test/Makefile') if $orig_platform eq 'copy';
print $defs;
{
$ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n);
}
+ elsif (defined &special_compile_target and
+ ($s=special_compile_target($_)))
+ {
+ $ret.=$s;
+ }
else { die "no rule for $_"; }
}
return($ret);
sub perlasm_compile_target
{
my($target,$source,$bname)=@_;
+
+ return platform_perlasm_compile_target($target, $source, $bname)
+ if defined &platform_perlasm_compile_target;
+
my($ret);
$bname =~ s/(.*)\.[^\.]$/$1/;
sub cc_compile_target
{
- local($target,$source,$ex_flags)=@_;
+ local($target,$source,$ex_flags, $srcd)=@_;
local($ret);
$ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
$target =~ s/\//$o/g if $o ne "/";
$source =~ s/\//$o/g if $o ne "/";
- $ret ="$target: \$(SRC_D)$o$source\n\t";
- $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ $srcd = "\$(SRC_D)$o" unless defined $srcd && $platform ne 'copy';
+ $ret ="$target: $srcd$source\n\t";
+ $ret.="\$(CC)";
+ $ret.= " -MMD" if $orig_platform eq "copy";
+ $ret.= " ${ofile}$target $ex_flags -c $srcd$source\n\n";
+ $target =~ s/\.o$/.d/;
+ $ret.=".sinclude \"$target\"\n\n" if $orig_platform eq "copy";
return($ret);
}
if ($n =~ /bss_file/)
{ $pp=".c"; }
else { $pp=$p; }
- $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
+ $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(PERL) \$(SRC_D)${o}util${o}copy-if-different.pl \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
}
return($ret);
}
"no-tlsext" => \$no_tlsext,
"no-srp" => \$no_srp,
"no-cms" => \$no_cms,
- "no-ec2m" => \$no_ec2m,
"no-jpake" => \$no_jpake,
- "no-ec-nistp224-64-gcc-128" => 0,
+ "no-ec2m" => \$no_ec2m,
+ "no-ec_nistp_64_gcc_128" => 0,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
"no-krb5" => \$no_krb5,
"no-gost" => \$no_gost,
"no-engine" => \$no_engine,
"no-hw" => \$no_hw,
+ "no-rsax" => 0,
"just-ssl" =>
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
"shlib" => \$shlib,
"dll" => \$shlib,
"shared" => 0,
+ "no-sctp" => 0,
"no-gmp" => 0,
"no-rfc3779" => 0,
"no-montasm" => 0,
"no-store" => 0,
"no-zlib" => 0,
"no-zlib-dynamic" => 0,
+ "no-ssl-trace" => 0,
+ "no-dane" => 0,
+ "no-libunbound" => 0,
+ "no-multiblock" => 0,
+ "fips" => \$fips
);
if (exists $valid_options{$_})