Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/openssl-fips/Makefile
changeset 678 ecd6b850f3d3
parent 648 cb2565225a42
child 758 8d61ac17827e
equal deleted inserted replaced
677:07b064828047 678:ecd6b850f3d3 
    36 COMPONENT_ARCHIVE_URL =	http://www.openssl.org/source/$(COMPONENT_ARCHIVE)
 
    36 COMPONENT_ARCHIVE_URL =	http://www.openssl.org/source/$(COMPONENT_ARCHIVE)
 
    37 
    37 
    38 include $(WS_TOP)/make-rules/prep.mk
 
    38 include $(WS_TOP)/make-rules/prep.mk
 
    39 include $(WS_TOP)/make-rules/configure.mk
 
    39 include $(WS_TOP)/make-rules/configure.mk
 
    40 
    40 
    41 # To build x86 FIPS canister, gcc needs to be used so it must be
 
    41 PATH=$(SPRO_VROOT)/bin:/usr/bin:/usr/gnu/bin:/usr/perl5/bin
 
    42 # in the PATH. This is because according to the "OpenSSL FIPS 140-2
 
       
    43 # Security Policy" document, no file in the source distribution may
 
       
    44 # be changed in any way and as a result, gcc is chosen because
 
       
    45 # otherwise "-fast" is erroneously passed to the Studio cc compiler.
 
       
    46 PATH=$(SPRO_VROOT)/bin:/usr/bin:/usr/gnu/bin:/usr/perl5/bin:$(SFWBIN)
 
       
    47 
    42 
    48 # In order to build a 32bit version on a 64bit system the isalist(1) command
 
    43 # In order to build a 32bit version on a 64bit system the isalist(1) command
 
    49 # must be substituted for the 32bit build so that amd64|sparcv9 is not part of
 
    44 # must be substituted for the 32bit build so that amd64|sparcv9 is not part of
 
    50 # its output. isalist is used internally when configuring the canister before
 
    45 # its output. isalist is used internally when configuring the canister before
 
    51 # building it. In order to allow make install to be run as a no-op we have to
 
    46 # building it. In order to allow make install to be run as a no-op we have to
 
    52 # fake "make install" since we do not want to install the files anywhere. The
 
    47 # fake "make install" since we do not want to install the files anywhere. The
 
    53 # command sets U1 and U2 are defined in the FIPS 1.2 security policy and must be
 
    48 # command sets U1 and U2 are defined in the FIPS 1.2 security policy and must be
 
    54 # run as shown there. Nothing from the tarball can be modified. We use the U2
 
    49 # run as shown there. Nothing from the tarball can be modified. We use the U2
 
    55 # command set, see below.
 
    50 # command set, see below.
 
    56 FAKE_ISALIST = 32/isalist
 
    51 FAKE_ISALIST = 32/isalist
 
    57 FAKE_MAKE = gmake
 
    52 FAKE_MAKE = fips-gmake
 
    58 FAKE_CC = cc
 
    53 FAKE_CC = cc
 
    59 FAKE_APPS = $(FAKE_ISALIST) $(FAKE_MAKE) $(FAKE_CC)
 
    54 FAKE_APPS = $(FAKE_ISALIST) $(FAKE_MAKE) $(FAKE_CC)
 
    60 
    55 
    61 # Do not use $(PWD), it would not work if run from a different directory with
 
    56 # Do not use $(PWD), it would not work if run from a different directory with
 
    62 # "gmake -C" as we do from openssl-0.9.8-fips-140.
 
    57 # "gmake -C" as we do from openssl-0.9.8-fips-140.
 
    81 COMPONENT_BUILD_ARGS =
 
    76 COMPONENT_BUILD_ARGS =
 
    82 COMPONENT_BUILD_TARGETS =
 
    77 COMPONENT_BUILD_TARGETS =
 
    83 COMPONENT_INSTALL_ARGS =
 
    78 COMPONENT_INSTALL_ARGS =
 
    84 COMPONENT_INSTALL_TARGETS = install
 
    79 COMPONENT_INSTALL_TARGETS = install
 
    85 CONFIGURE_ENV += FIPS_SITE_LD=$(LD) PATH=$(FIPS_PATH_$(BITS))
 
    80 CONFIGURE_ENV += FIPS_SITE_LD=$(LD) PATH=$(FIPS_PATH_$(BITS))
 
    86 COMPONENT_BUILD_ENV += FIPS_SITE_LD=$(LD) REALCC=$(CC) MYMAKE=$(MAKE)
 
    81 # Add COMPONENT_DIR to PATH so cc wrapper can be found.
 
       
    82 COMPONENT_BUILD_ENV += FIPS_SITE_LD=$(LD) REALCC=$(CC) MYMAKE=$(MAKE) PATH=$(COMPONENT_DIR):$(PATH)
 
    87 
    83 
    88 $(BUILD_32_and_64): $(FAKE_APPS)
 
    84 $(BUILD_32_and_64): $(FAKE_APPS)
 
    89 
    85 
    90 # You should not use this target with this component unless testing or
 
    86 # You should not use this target with this component unless testing or
 
    91 # debugging. The OpenSSL FIPS-140 policy is strict and full U2 command set
 
    87 # debugging. The OpenSSL FIPS-140 policy is strict and full U2 command set
 
    92 # should be run. See above for more information.
 
    88 # should be run. See above for more information.
 
    93 build:		$(BUILD_32_and_64)
 
    89 build:		$(BUILD_32_and_64)
 
    94 
    90 
    95 # We must make the "install" target a no-op (but must run it to be compliant).
 
    91 # We must make the "install" target a no-op (but must run it to be compliant).
 
    96 # See above for more information.
 
    92 # See above for more information.
 
    97 install:	GMAKE = $(COMPONENT_DIR)/gmake
 
    93 install:	GMAKE = $(COMPONENT_DIR)/fips-gmake
 
    98 install:	$(BUILD_DIR_32)/.verified $(BUILD_DIR_64)/.verified
 
    94 install:	$(BUILD_DIR_32)/.verified $(BUILD_DIR_64)/.verified
 
    99 
    95 
   100 # This is a recommended set of commands to verify that the FIPS-140 mode can be
 
    96 # This is a recommended set of commands to verify that the FIPS-140 mode can be
 
   101 # used and that we used the correct tarball.
 
    97 # used and that we used the correct tarball.
 
   102 $(BUILD_DIR)/%/.verified:	$(BUILD_DIR)/%/.installed
 
    98 $(BUILD_DIR)/%/.verified:	$(BUILD_DIR)/%/.installed
upstream/oracle/userland-gate