2209N/A# The contents of this file are subject to the terms of the 2209N/A# Common Development and Distribution License (the "License"). 2209N/A# You may not use this file except in compliance with the License. 2209N/A# See the License for the specific language governing permissions 2209N/A# and limitations under the License. 2209N/A# When distributing Covered Code, include this CDDL HEADER in each 2209N/A# If applicable, add the following below this CDDL HEADER, with the 2209N/A# fields enclosed by brackets "[]" replaced with your own identifying 2209N/A# information: Portions Copyright [yyyy] [name of copyright owner] 5371N/A# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved. 5537N/A# Note: COMPONENT_VERSION is the core OpenSSL version, and IPS_COMPONENT_VERSION 5537N/A# is the FIPS module version. The COMPONENT_VERSION changes with the core 5537N/A# OpenSSL version, but the IPS_COMPONENT_VERSION is purposely only to change if 5537N/A# the FIPS module version changes. 4368N/A# Clone the patch files to the patches-all dir. 4368N/A# COPY_COMMON_FILES is there so that rsync is called as soon as 2209N/A# OpenSSL does not use autoconf but its own configure system. 2209N/A# Used in the configure options below. 2209N/A# What we do here follows the OpenSSL FIPS-140 User Guide instructions. 5123N/A# Ignore default CC_FOR_BUILD, CC, and CXX in CONFIGURE_ENV. 2209N/A# We use OpenSSL install code for installing only manual pages and we do that 4371N/A# Disable SSLv2 and SSLv3 protocols 2209N/A# We define our own compiler and linker option sets for Solaris. See Configure 2209N/A# Some additional options needed for our engines. 2209N/A# OpenSSL has its own configure system which must be run from the fully 2209N/A# populated source code directory. However, the Userland configuration phase is 2209N/A# run from the build directory. The easiest way to workaround it is to copy all 2209N/A# 64 bits. Depending on the configuration option, OpenSSL's Configure script 2209N/A# header file usable on both architectures. The patch was generated against the 4820N/A# We must make sure that openssl-fips component is built before this openssl-fips-140 2209N/A# component since in order to build FIPS-140 certified libraries, the canister 2209N/A# is needed. Note that we must unset BITS that would override the same variable 2209N/A# used in openssl-fips' Makefile, and we would end up up with both canisters 2209N/A# download, clean, and clobber should all propogate to the fips bits 2209N/A# We do not ship our engines as patches since it would be more difficult to 2209N/A# update the files which have been under continuous development. We rather copy 2209N/A# the files to the right directories and let OpenSSL makefiles build it. 2221N/A# We also copy some FIPS specific header files needed to build FIPS version 3062N/A# of OpenSSL from FIPS module. 2209N/A# OpenSSL does not install into <dir>/$(MACH64) for 64-bit install so no such 2209N/A# directory is created and Userland install code would fail when installing lint 2209N/A# see the comment in Makefile in there for more information. 2209N/A# Set modified lint flags for our lint library targets. 4073N/A# There are also separate STC test suites 'openssl' and 'openssl-engine' 4073N/A# for regression testing. These internal tests are unit tests only.