363N/A# The contents of this file are subject to the terms of the
363N/A# Common Development and Distribution License (the "License").
363N/A# You may not use this file except in compliance with the License.
363N/A# See the License for the specific language governing permissions
363N/A# and limitations under the License.
363N/A# When distributing Covered Code, include this CDDL HEADER in each
363N/A# If applicable, add the following below this CDDL HEADER, with the
363N/A# fields enclosed by brackets "[]" replaced with your own identifying
363N/A# information: Portions Copyright [yyyy] [name of copyright owner]
777N/A# Copyright (c) 2009, 2012, Oracle
and/or its affiliates. All rights reserved.
777N/AOpenSSL build is run four times. Once for regular dynamic 1.0.0 non-fips, once
777N/Afor static 1.0.0 bits to link with standalone wanboot binary, once for 0.9.8
363N/Afips-140, and once for 0.9.8 FIPS-140 canister (in the openssl-fips component)
777N/Aneeded to build 0.9.8 FIPS-140 certified libraries. All builds apart from
777N/Astatic libraries for wanboot are done for 32 and 64 bits. So, in total, OpenSSL
363N/ASee also comments in all three Makefiles for more information.
363N/AThe non-fips build is the main build of OpenSSL and includes the regular
363N/Abinaries, libraries, man pages, and header files.
363N/AGive
CA.pl better defaults. See 6193522 for more information.
363N/AMake sure the HMAC_CTX_init(3) man page gets delivered. See 6546806 for
363N/AForce openssl to install man pages into man[1357]openssl instead of man[1357].
363N/APatch which adds the pkcs11 engine. See also the pkcs11-engine/
363N/AAdds four Solaris specific configurations (both 32bit and 64bit for both sparc
363N/Aand x86) to Configure which are then explicitly used by the Makefiles.
363N/ACare should be taken if modifying this patch as changes to compile-time options
363N/Acan change the ABI. One example of this is the use of RC4_INT vs RC4_CHAR.
363N/APrevent build binaries having an unnecessary runpath (/lib).
363N/ABuild with non-executable stacks and non-executable data (x86).
363N/AAdds a new "enginesdir" option to the Configure script which allows a user to
363N/Aspecify the engines directory.
419N/AAdd a built-in engine, aesni, to support X86 AES-NI instructions, along with
419N/AThis patch is for OpenSSL 1.0.0d. For newer OpenSSL versions, a newer patch
426N/AAdd a built-in engine, t4, to support SPARC T4 crypto instructions.
363N/AOpenSSL either builds for 32bit or 64bit - it doesn't allow for combined 32bit
363N/AFIPS-140 certified libraries for Solaris private use. We wait for OpenSSL 1.0.0
363N/Ato be FIPS-140 certified in which time we can ship only 1.0.0 with S11 and make
363N/AAll the patches from 1.0.0 are used in 0.9.8 as well aside from
363N/Apages. Additional patches:
363N/AFixing a bug introduces in 0.9.8q and fixed in 0.9.8r.
363N/AWorkaround so that fingerprinting the canister during runtime and comparing it
363N/Awith the saved fingerprint works correctly.