my $exe_ext="";
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
my $cross_compile_prefix="";
+my $fipsdir="/usr/local/ssl/fips-2.0/";
+my $fipslibdir="";
+my $baseaddr="0xFB00000";
my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $processor="";
my $default_ranlib;
my $perl;
+my $fips=0;
# All of the following is disabled by default (RC5 was enabled before 0.9.8):
my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
+ "ec-nistp224-64-gcc-128" => "default",
"gmp" => "default",
"jpake" => "experimental",
"md2" => "default",
}
elsif (/^386$/)
{ $processor=386; }
+ elsif (/^fips$/)
+ {
+ $fips=1;
+ }
elsif (/^rsaref$/)
{
# No RSAref support any more since it's not needed.
{
$withargs{"zlib-include"}="-I$1";
}
+ elsif (/^--with-fipsdir=(.*)$/)
+ {
+ $fipsdir="$1/";
+ }
+ elsif (/^--with-fipslibdir=(.*)$/)
+ {
+ $fipslibdir="$1/";
+ }
+ elsif (/^--with-baseaddr=(.*)$/)
+ {
+ $baseaddr="$1";
+ }
elsif (/^--cross-compile-prefix=(.*)$/)
{
$cross_compile_prefix=$1;
$disabled{"ssl2"} = "forced";
}
+if ($fips && $fipslibdir eq "")
+ {
+ $fipslibdir = $fipsdir . "lib/";
+ }
+
# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
if (defined($disabled{"md5"}) || defined($disabled{"sha"})
|| (defined($disabled{"rsa"})
$disabled{"gost"} = "forced";
}
+# SRP requires TLSEXT
+if (defined($disabled{"tlsext"}))
+ {
+ $disabled{"srp"} = "forced";
+ }
+
if ($target eq "TABLE") {
foreach $target (sort keys %table) {
print_table_entry($target);
else
{
my ($ALGO, $algo);
- ($ALGO = $algo = $_) =~ tr/[a-z]/[A-Z]/;
+ ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
{
if (defined($postlflags)) { $lflags=$postlflags; }
else { $lflags=$prelflags; undef $prelflags; }
+if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
+ {
+ $cflags =~ s/\-mno\-cygwin\s*//;
+ $shared_ldflag =~ s/\-mno\-cygwin\s*//;
+ }
+
my $no_shared_warn=0;
my $no_user_cflags=0;
$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
+if ($fips)
+ {
+ $openssl_other_defines.="#define OPENSSL_FIPS\n";
+ $cflags .= " -I\$(FIPSDIR)include";
+ }
+
$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
+
+ s/^FIPSDIR=.*/FIPSDIR=$fipsdir/;
+ s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
+ s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
+ s/^BASEADDR=.*/BASEADDR=$baseaddr/;
+
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
projects / oweals / openssl.git / blobdiff