Commit 580b6004 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Add options to allow fipscanister to be built and linked against internally.

parent e1a5486f

Configure

+16 −3
Original line number Diff line number Diff line
@@ -621,7 +621,9 @@ my $prefix=""; 
my $openssldir="";

my $exe_ext="";

my $install_prefix="";

my $fipslibdir="/usr/local/ssl/lib";

my $fipslibdir="/usr/local/ssl/lib/";

my $nofipscanistercheck=0;

my $fipscanisterinternal="n";

my $baseaddr="0xFB00000";

my $no_threads=0;

my $no_shared=1;
@@ -871,9 +873,19 @@ PROCESS_ARGS: 
				{

				$withargs{"zlib-lib"}=$1;

				}

			elsif (/^--nofipscanistercheck$/)

				{

				$nofipscanistercheck = 1;

				}

			elsif (/^--fipscanisterbuild$/)

				{

				$nofipscanistercheck = 1;

				$fipslibdir="";

				$fipscanisterinternal="y";

				}

			elsif (/^--with-fipslibdir=(.*)$/)

				{

				$fipslibdir="$1";

				$fipslibdir="$1/";

				}

			elsif (/^--with-baseaddr=(.*)$/)

				{
@@ -982,7 +994,7 @@ chop $prefix if $prefix =~ /\/$/; 
$openssldir=$prefix . "/ssl" if $openssldir eq "";

$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;



if ($fips && ! -f "$fipslibdir/fipscanister.o")

if ($fips && !$nofipscanistercheck && ! -f "${fipslibdir}fipscanister.o")

	{

	my $fipswinerr = "";

	$fipswinerr = <<EOF if $IsWindows;
@@ -1344,6 +1356,7 @@ while (<IN>) 
	s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;

	s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;

	s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;

	s/^FIPSCANISTERINTERNAL=.*/FIPSCANISTERINTERNAL=$fipscanisterinternal/;

	s/^BASEADDR=.*/BASEADDR=$baseaddr/;

	s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;

	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;

Makefile.org

+3 −2
Original line number Diff line number Diff line
@@ -183,7 +183,8 @@ LIBZLIB= 
# $(INSTALLTOP) for this build make be different so hard

# code the path.



FIPSLIBDIR=/usr/local/ssl/lib

FIPSLIBDIR=/usr/local/ssl/lib/

FIPSCANISTERINTERNAL=n



# Shared library base address. Currently only used on Windows.

#
@@ -248,7 +249,7 @@ sub_all: 
	do \

	if [ -d "$$i" ]; then \

		(cd $$i && echo "making all in $$i..." && \

		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \

		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' AS='${AS}' ASFLAG='${ASFLAG}' SDIRS='$(SDIRS)' FDIRS='$(FDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' FIPS_AES_ENC='${FIPS_AES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}' FIPSLIBDIR='${FIPSLIBDIR}' all ) || exit 1; \

	else \

		$(MAKE) $$i; \

	fi; \

fips-1.0/Makefile

+2 −2
Original line number Diff line number Diff line
@@ -18,7 +18,7 @@ PERL= perl 
RM=             rm -f

AR=		ar r



FIPSCANLOC=	$(FIPSLIBDIR)/fipscanister.o

FIPSCANLOC=	$(FIPSLIBDIR)fipscanister.o



PEX_LIBS=

EX_LIBS=
@@ -196,7 +196,7 @@ depend: 
	done;



clean:

	rm -f buildinf.h *.o *.obj fips_premain_dso$(EXE_EXT) lib tags core .pure .nfs* *.old *.bak fluff

	rm -f buildinf.h *.o fipscanister.o.sha1 *.obj fips_premain_dso$(EXE_EXT) lib tags core .pure .nfs* *.old *.bak fluff

	@for i in $(FDIRS) ;\

	do \

	(cd $$i && echo "making clean in fips/$$i..." && \

fips-1.0/fipsld

+9 −4
Original line number Diff line number Diff line
@@ -32,10 +32,15 @@ TARGET=`(while [ "x$1" != "x" -a "x$1" != "x-o" ]; do shift; done; echo $2)` 


THERE="`echo $0 | sed -e 's|[^/]*$||'`"..



# Location of installed validated FIPS module

# FIPSLIBDIR is location of installed validated FIPS module

# if FIPSCANISTERINTERNAL="y" link against internally generated fipscanister.o

if [ "x$FIPSCANISTERINTERNAL" != "xy" ]; then

	FIPSLIBDIR=${FIPSLIBDIR:-/usr/local/ssl/lib}

# If this is a build from a validated tarball use this instead

# FIPSLIBDIR=${THERE}/fips-1.0

else

	FIPSLIBDIR=${THERE}/fips-1.0

fi



echo libdir = $FIPSLIBDIR



[ -f "${FIPSLIBDIR}/fipscanister.o" ] ||

	{ echo "fipscanister.o not found"; exit 1; }