no-ssl3 - Skip this version of SSL
just-ssl - remove all non-ssl keys/digest
no-asm - No x86 asm
- no-krb5 - No KRB5
no-srp - No SRP
no-ec - No EC
- no-ecdsa - No ECDSA
- no-ecdh - No ECDH
no-engine - No engine
no-hw - No hw
nasm - Use NASM for x86 asm
$no_mdc2=1 if ($no_des);
-$no_ssl3=1 if ($no_md5 || $no_sha);
+$no_ssl3=1 if ($no_md5);
$no_ssl3=1 if ($no_rsa && $no_dh);
$out_def="out";
$cflags.=" -DOPENSSL_NO_MD2" if $no_md2;
$cflags.=" -DOPENSSL_NO_MD4" if $no_md4;
$cflags.=" -DOPENSSL_NO_MD5" if $no_md5;
-$cflags.=" -DOPENSSL_NO_SHA" if $no_sha;
-$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1;
$cflags.=" -DOPENSSL_NO_RMD160" if $no_ripemd;
$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2;
$cflags.=" -DOPENSSL_NO_BF" if $no_bf;
$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
-$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
$cflags.=" -DOPENSSL_NO_EC" if $no_ec;
-$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
-$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
$dir=$val;
}
- if ($key eq "KRB5_INCLUDES")
- { $cflags .= " $val";}
-
if ($key eq "ZLIB_INCLUDE")
{ $cflags .= " $val" if $val ne "";}
if ($key eq "LIBZLIB")
{ $zlib_lib = "$val" if $val ne "";}
- if ($key eq "LIBKRB5")
+ if ($key eq "EX_LIBS")
{ $ex_libs .= " $val" if $val ne "";}
- if ($key eq "TEST" && (!$fipscanisteronly || $dir =~ /^fips/ ))
- { $test.=&var_add($dir,$val, 0); }
+ # There was a condition here before:
+ # !$fipscanisteronly || $dir =~ /^fips/
+ # It currently fills no function and needs to be rewritten anyway, so
+ # removed for now.
+ if ($dir eq "test" && $key eq "EXE")
+ {
+ foreach my $t (split /\s+/, $val) {
+ $test.=&var_add($dir,$t, 0) if $t; }
+ }
- if (($key eq "PROGS") || ($key eq "E_OBJ"))
+ if ($key eq "EXE_OBJ")
{ $e_exe.=&var_add($dir,$val, 0); }
if ($key eq "LIB")
$otherlibs .= " $lib";
}
- if ($key eq "EXHEADER")
- { $exheader.=&var_add($dir,$val, 1); }
-
if ($key eq "HEADER")
{ $header.=&var_add($dir,$val, 1); }
{
# Remove opensslconf.h so it doesn't get updated if we configure a
# different branch.
- $exheader =~ s/[^ ]+\/opensslconf.h//;
$header =~ s/[^ ]+\/opensslconf.h//;
}
$cp2 = $cp unless defined $cp2;
$extra_install= <<"EOF";
- \$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+ \$(CP) \"include${o}openssl${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
\$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
\$(MKDIR) \"\$(OPENSSLDIR)\"
\$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
\$(CP) \"\$(O_FIPSCANISTER).sha1\" \"\$(INSTALLTOP)${o}lib\"
\$(CP2) \"fips${o}fips_premain.c\" \"\$(INSTALLTOP)${o}lib\"
\$(CP) \"fips${o}fips_premain.c.sha1\" \"\$(INSTALLTOP)${o}lib\"
- \$(CP) \"\$(INCO_D)${o}fips.h\" \"\$(INSTALLTOP)${o}include${o}openssl\"
- \$(CP) \"\$(INCO_D)${o}fips_rand.h\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+ \$(CP) \"include${o}openssl${o}fips.h\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+ \$(CP) \"include${o}openssl${o}fips_rand.h\" \"\$(INSTALLTOP)${o}include${o}openssl\"
\$(CP) "\$(BIN_D)${o}fips_standalone_sha1$exep" \"\$(INSTALLTOP)${o}bin\"
\$(CP) \"util${o}fipslink.pl\" \"\$(INSTALLTOP)${o}bin\"
EOF
OUT_D=$out_dir
# The output directory for all the temporary muck
TMP_D=$tmp_dir
-# The output directory for the header files
-INC_D=$inc_dir
-INCO_D=$inc_dir${o}openssl
PERL=$perl
PERLASM_SCHEME=$mf_perlasm_scheme
# Don't touch anything below this point
######################################################
-INC=-I\$(INC_D) -I\$(INCL_D) -I\$(SRC_D)${o}crypto${o}include
+INC=-I\$(SRC_D)${o}include -I\$(INCL_D) -I\$(SRC_D)${o}crypto${o}include
APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
EOF
$rules=<<"EOF";
-all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) $build_targets
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) headers \$(FIPS_SHA1_EXE) $build_targets
banner:
$banner
\$(LIB_D):
\$(MKDIR) \"\$(LIB_D)\"
-\$(INCO_D): \$(INC_D)
- \$(MKDIR) \"\$(INCO_D)\"
-
-\$(INC_D):
- \$(MKDIR) \"\$(INC_D)\"
-
# This needs to be invoked once, when the makefile is first constructed, or
# after cleaning.
-init: \$(TMP_D) \$(LIB_D) \$(INC_D) \$(INCO_D) \$(BIN_D) \$(TEST_D) headers
- \$(PERL) \$(SRC_D)/util/copy-if-different.pl "\$(SRC_D)/crypto/opensslconf.h" "\$(INCO_D)/opensslconf.h"
+init: \$(TMP_D) \$(LIB_D) \$(BIN_D) \$(TEST_D) headers
-headers: \$(HEADER) \$(EXHEADER)
+headers: \$(HEADER)
lib: \$(LIBS_DEP) \$(E_SHLIB)
\$(RM) -rf \$(BIN_D)
\$(RM) -rf \$(TEST_D)
\$(RM) -rf \$(LIB_D)
- \$(RM) -rf \$(INC_D)
EOF
foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
$test=&clean_up_ws($test);
$e_exe=&clean_up_ws($e_exe);
-$exheader=&clean_up_ws($exheader);
$header=&clean_up_ws($header);
-# First we strip the exheaders from the headers list
-foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
-foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; }
-chop($h); $header=$h;
-
$defs.=&do_defs("HEADER",$header,"\$(INCL_D)","");
$rules.=&do_copy_rule("\$(INCL_D)",$header,"");
-$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)","");
-$rules.=&do_copy_rule("\$(INCO_D)",$exheader,"");
-
$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
@a=grep(!/_dhp$/,@a) if $no_dh;
- @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
- @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
@a=grep(!/(srp)/,@a) if $no_srp;
@a=grep(!/^hw$/,@a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
- @a=grep(!/^gendsa$/,@a) if $no_sha1;
@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
- @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
-
grep($_="$dir/$_",@a);
@a=grep(!/(^|\/)s_/,@a) if $no_sock;
@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
"no-md2" => \$no_md2,
"no-md4" => \$no_md4,
"no-md5" => \$no_md5,
- "no-sha" => \$no_sha,
- "no-sha1" => \$no_sha1,
"no-ripemd" => \$no_ripemd,
"no-mdc2" => \$no_mdc2,
"no-whirlpool" => \$no_whirlpool,
"no-rsa" => \$no_rsa,
"no-dsa" => \$no_dsa,
"no-dh" => \$no_dh,
- "no-hmac" => \$no_hmac,
"no-asm" => \$no_asm,
"nasm" => \$nasm,
"nw-nasm" => \$nw_nasm,
"no-ec_nistp_64_gcc_128" => 0,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
- "no-krb5" => \$no_krb5,
"no-ec" => \$no_ec,
- "no-ecdsa" => \$no_ecdsa,
- "no-ecdh" => \$no_ecdh,
"no-gost" => \$no_gost,
"no-engine" => \$no_engine,
"no-hw" => \$no_hw,
"just-ssl" =>
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
- \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
+ \$no_md2, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_err, \$no_ripemd, \$no_rc5,
\$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
"no-ssl-trace" => 0,
"no-unit-test" => 0,
"no-deprecated" => 0,
+ "no-ocb" => 0,
"fips" => \$fips,
"fipscanisterbuild" => [\$fips, \$fipscanisterbuild],
"fipscanisteronly" => [\$fips, \$fipscanisterbuild, \$fipscanisteronly],
$xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
}
- elsif (/^--with-krb5-flavor=(.*)$/)
- {
- my $krb5_flavor = $1;
- if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
- {
- $xcflags="-DKRB5_HEIMDAL $xcflags";
- }
- elsif ($krb5_flavor =~ /^MIT/i)
- {
- $xcflags="-DKRB5_MIT $xcflags";
- if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
- {
- $xcflags="-DKRB5_MIT_OLD11 $xcflags"
- }
- }
- }
elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)