diff options
| -rwxr-xr-x | Configure | 19 | ||||
| -rw-r--r-- | Makefile.org | 5 | ||||
| -rw-r--r-- | fips-1.0/Makefile | 4 | ||||
| -rwxr-xr-x | fips-1.0/fipsld | 13 |
4 files changed, 30 insertions, 11 deletions
@@ -621,7 +621,9 @@ my $prefix=""; my $openssldir=""; my $exe_ext=""; my $install_prefix=""; -my $fipslibdir="/usr/local/ssl/lib"; +my $fipslibdir="/usr/local/ssl/lib/"; +my $nofipscanistercheck=0; +my $fipscanisterinternal="n"; my $baseaddr="0xFB00000"; my $no_threads=0; my $no_shared=1; @@ -871,9 +873,19 @@ PROCESS_ARGS: { $withargs{"zlib-lib"}=$1; } + elsif (/^--nofipscanistercheck$/) + { + $nofipscanistercheck = 1; + } + elsif (/^--fipscanisterbuild$/) + { + $nofipscanistercheck = 1; + $fipslibdir=""; + $fipscanisterinternal="y"; + } elsif (/^--with-fipslibdir=(.*)$/) { - $fipslibdir="$1"; + $fipslibdir="$1/"; } elsif (/^--with-baseaddr=(.*)$/) { @@ -982,7 +994,7 @@ chop $prefix if $prefix =~ /\/$/; $openssldir=$prefix . "/ssl" if $openssldir eq ""; $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/; -if ($fips && ! -f "$fipslibdir/fipscanister.o") +if ($fips && !$nofipscanistercheck && ! -f "${fipslibdir}fipscanister.o") { my $fipswinerr = ""; $fipswinerr = <<EOF if $IsWindows; @@ -1344,6 +1356,7 @@ while (<IN>) s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/; s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/; + s/^FIPSCANISTERINTERNAL=.*/FIPSCANISTERINTERNAL=$fipscanisterinternal/; s/^BASEADDR=.*/BASEADDR=$baseaddr/; s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/; s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; diff --git a/Makefile.org b/Makefile.org index b9db0dd57d..daeab8e3c8 100644 --- a/Makefile.org +++ b/Makefile.org @@ -183,7 +183,8 @@ LIBZLIB= # $(INSTALLTOP) for this build make be different so hard # code the path. -FIPSLIBDIR=/usr/local/ssl/lib +FIPSLIBDIR=/usr/local/ssl/lib/ +FIPSCANISTERINTERNAL=n # Shared library base address. Currently only used on Windows. # @@ -248,7 +249,7 @@ sub_all: do \ if [ -d "$$i" ]; then \ (cd $$i && echo "making all in $$i..." && \ - $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \ + $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \ else \ $(MAKE) $$i; \ fi; \ diff --git a/fips-1.0/Makefile b/fips-1.0/Makefile index d92652b031..69e92eb055 100644 --- a/fips-1.0/Makefile +++ b/fips-1.0/Makefile @@ -18,7 +18,7 @@ PERL= perl RM= rm -f AR= ar r -FIPSCANLOC= $(FIPSLIBDIR)/fipscanister.o +FIPSCANLOC= $(FIPSLIBDIR)fipscanister.o PEX_LIBS= EX_LIBS= @@ -196,7 +196,7 @@ depend: done; clean: - rm -f buildinf.h *.o *.obj fips_premain_dso$(EXE_EXT) lib tags core .pure .nfs* *.old *.bak fluff + rm -f buildinf.h *.o fipscanister.o.sha1 *.obj fips_premain_dso$(EXE_EXT) lib tags core .pure .nfs* *.old *.bak fluff @for i in $(FDIRS) ;\ do \ (cd $$i && echo "making clean in fips/$$i..." && \ diff --git a/fips-1.0/fipsld b/fips-1.0/fipsld index 237910de87..0698ce0886 100755 --- a/fips-1.0/fipsld +++ b/fips-1.0/fipsld @@ -32,10 +32,15 @@ TARGET=`(while [ "x$1" != "x" -a "x$1" != "x-o" ]; do shift; done; echo $2)` THERE="`echo $0 | sed -e 's|[^/]*$||'`".. -# Location of installed validated FIPS module -FIPSLIBDIR=${FIPSLIBDIR:-/usr/local/ssl/lib} -# If this is a build from a validated tarball use this instead -# FIPSLIBDIR=${THERE}/fips-1.0 +# FIPSLIBDIR is location of installed validated FIPS module +# if FIPSCANISTERINTERNAL="y" link against internally generated fipscanister.o +if [ "x$FIPSCANISTERINTERNAL" != "xy" ]; then + FIPSLIBDIR=${FIPSLIBDIR:-/usr/local/ssl/lib} +else + FIPSLIBDIR=${THERE}/fips-1.0 +fi + +echo libdir = $FIPSLIBDIR [ -f "${FIPSLIBDIR}/fipscanister.o" ] || { echo "fipscanister.o not found"; exit 1; } |