my $openssldir="";
my $exe_ext="";
my $install_prefix="";
-my $fipslibdir="/usr/local/ssl/lib";
+my $fipslibdir="/usr/local/ssl/lib/";
+my $nofipscanistercheck=0;
+my $fipscanisterinternal="n";
my $baseaddr="0xFB00000";
my $no_threads=0;
my $no_shared=1;
{
$withargs{"zlib-lib"}=$1;
}
+ elsif (/^--nofipscanistercheck$/)
+ {
+ $nofipscanistercheck = 1;
+ }
+ elsif (/^--fipscanisterbuild$/)
+ {
+ $nofipscanistercheck = 1;
+ $fipslibdir="";
+ $fipscanisterinternal="y";
+ }
elsif (/^--with-fipslibdir=(.*)$/)
{
- $fipslibdir="$1";
+ $fipslibdir="$1/";
}
elsif (/^--with-baseaddr=(.*)$/)
{
$openssldir=$prefix . "/ssl" if $openssldir eq "";
$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
-if ($fips && ! -f "$fipslibdir/fipscanister.o")
+if ($fips && !$nofipscanistercheck && ! -f "${fipslibdir}fipscanister.o")
{
my $fipswinerr = "";
$fipswinerr = <<EOF if $IsWindows;
s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
+ s/^FIPSCANISTERINTERNAL=.*/FIPSCANISTERINTERNAL=$fipscanisterinternal/;
s/^BASEADDR=.*/BASEADDR=$baseaddr/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
# $(INSTALLTOP) for this build make be different so hard
# code the path.
-FIPSLIBDIR=/usr/local/ssl/lib
+FIPSLIBDIR=/usr/local/ssl/lib/
+FIPSCANISTERINTERNAL=n
# Shared library base address. Currently only used on Windows.
#
do \
if [ -d "$$i" ]; then \
(cd $$i && echo "making all in $$i..." && \
- $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \
+ $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \
else \
$(MAKE) $$i; \
fi; \
RM= rm -f
AR= ar r
-FIPSCANLOC= $(FIPSLIBDIR)/fipscanister.o
+FIPSCANLOC= $(FIPSLIBDIR)fipscanister.o
PEX_LIBS=
EX_LIBS=
done;
clean:
- rm -f buildinf.h *.o *.obj fips_premain_dso$(EXE_EXT) lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f buildinf.h *.o fipscanister.o.sha1 *.obj fips_premain_dso$(EXE_EXT) lib tags core .pure .nfs* *.old *.bak fluff
@for i in $(FDIRS) ;\
do \
(cd $$i && echo "making clean in fips/$$i..." && \
THERE="`echo $0 | sed -e 's|[^/]*$||'`"..
-# Location of installed validated FIPS module
-FIPSLIBDIR=${FIPSLIBDIR:-/usr/local/ssl/lib}
-# If this is a build from a validated tarball use this instead
-# FIPSLIBDIR=${THERE}/fips-1.0
+# FIPSLIBDIR is location of installed validated FIPS module
+# if FIPSCANISTERINTERNAL="y" link against internally generated fipscanister.o
+if [ "x$FIPSCANISTERINTERNAL" != "xy" ]; then
+ FIPSLIBDIR=${FIPSLIBDIR:-/usr/local/ssl/lib}
+else
+ FIPSLIBDIR=${THERE}/fips-1.0
+fi
+
+echo libdir = $FIPSLIBDIR
[ -f "${FIPSLIBDIR}/fipscanister.o" ] ||
{ echo "fipscanister.o not found"; exit 1; }
projects / openssl.git / commitdiff