Makefile revision 7161
278N/A# The contents of this file are subject to the terms of the 278N/A# Common Development and Distribution License (the "License"). 278N/A# You may not use this file except in compliance with the License. 278N/A# See the License for the specific language governing permissions 278N/A# and limitations under the License. 278N/A# When distributing Covered Code, include this CDDL HEADER in each 278N/A# If applicable, add the following below this CDDL HEADER, with the 278N/A# fields enclosed by brackets "[]" replaced with your own identifying 278N/A# information: Portions Copyright [yyyy] [name of copyright owner] 278N/A# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved. 278N/A# Note: COMPONENT_VERSION is the core OpenSSL version, and IPS_COMPONENT_VERSION 278N/A# is the FIPS module version. The COMPONENT_VERSION changes with the core 278N/A# OpenSSL version, but the IPS_COMPONENT_VERSION is purposely only to change if 278N/A# the FIPS module version changes. 278N/A# Clone the patch files to the patches-all dir. # COPY_COMMON_FILES is there so that rsync is called as soon as # the Makefile is parsed. # OpenSSL does not use autoconf but its own configure system. # Used in the configure options below. # What we do here follows the OpenSSL FIPS-140 User Guide instructions. # Ignore default CC_FOR_BUILD, CC, and CXX in CONFIGURE_ENV. # We use OpenSSL install code for installing only manual pages and we do that # for 32-bit version only. # MD2 is not enabled by default in OpensSSL but some software we have in # Userland needs it. One example is nmap. # We define our own compiler and linker option sets for Solaris. See Configure # Some additional options needed for our engines. # OpenSSL has its own configure system which must be run from the fully # populated source code directory. However, the Userland configuration phase is # run from the build directory. The easiest way to workaround it is to copy all # the source files there. # We deliver only one opensslconf.h file which must be suitable for both 32 and # 64 bits. Depending on the configuration option, OpenSSL's Configure script # creates opensslconf.h for either 32 or 64 bits. A patch makes the resulting # header file usable on both architectures. The patch was generated against the # We must make sure that openssl-fips component is built before this openssl-fips-140 # component since in order to build FIPS-140 certified libraries, the canister # is needed. Note that we must unset BITS that would override the same variable # used in openssl-fips' Makefile, and we would end up up with both canisters # built in 64 (or 32) bits. # download, clean, and clobber should all propogate to the fips bits # We do not ship our engines as patches since it would be more difficult to # update the files which have been under continuous development. We rather copy # the files to the right directories and let OpenSSL makefiles build it. # We also copy some FIPS specific header files needed to build FIPS version # of OpenSSL from FIPS module. # OpenSSL does not install into <dir>/$(MACH64) for 64-bit install so no such # directory is created and Userland install code would fail when installing lint # see the comment in Makefile in there for more information. # We need to modify the default lint flags to include patched opensslconf.h from # the build directory. If we do not do that, lint will complain about md2.h # which is not enabled by default but it is in our opensslconf.h. # Set modified lint flags for our lint library targets. # There are also separate STC test suites 'openssl' and 'openssl-engine' # for regression testing. These internal tests are unit tests only.