Page MenuHomeFreeBSD
Files F160430949

D44897.diff
No OneTemporary
Actions

D44897.diff
View Options

diff --git a/secure/lib/libcrypto/modules/Makefile b/secure/lib/libcrypto/modules/Makefile
--- a/secure/lib/libcrypto/modules/Makefile
+++ b/secure/lib/libcrypto/modules/Makefile
@@ -1,5 +1,8 @@
+.include <src.opts.mk>
+
+SUBDIR.${MK_OPENSSL_FIPS_PROVIDER}+= fips
+SUBDIR.${MK_OPENSSL_LEGACY_PROVIDER}+= legacy
-SUBDIR= fips legacy
SUBDIR_PARALLEL=
.include <bsd.subdir.mk>
diff --git a/share/man/man5/src.conf.5 b/share/man/man5/src.conf.5
--- a/share/man/man5/src.conf.5
+++ b/share/man/man5/src.conf.5
@@ -1,5 +1,5 @@
.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman.
-.Dd March 15, 2024
+.Dd April 21, 2024
.Dt SRC.CONF 5
.Os
.Sh NAME
@@ -430,8 +430,12 @@
.It
.Va WITHOUT_OPENSSL
.It
+.Va WITHOUT_OPENSSL_FIPS_PROVIDER
+.It
.Va WITHOUT_OPENSSL_KTLS
.It
+.Va WITHOUT_OPENSSL_LEGACY_PROVIDER
+.It
.Va WITHOUT_PKGBOOTSTRAP
.It
.Va WITHOUT_UNBOUND
@@ -1318,14 +1322,6 @@
Do not install the limited cloud init support scripts.
.It Va WITHOUT_NVME
Do not build nvme related tools and kernel modules.
-.Pp
-This is a default setting on
-arm/armv7, powerpc/powerpc and riscv/riscv64.
-.It Va WITH_NVME
-Build nvme related tools and kernel modules.
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
.It Va WITHOUT_OFED
Do not build the
.Dq "OpenFabrics Enterprise Distribution"
@@ -1384,8 +1380,12 @@
.It
.Va WITHOUT_OPENSSH
.It
+.Va WITHOUT_OPENSSL_FIPS_PROVIDER
+.It
.Va WITHOUT_OPENSSL_KTLS
.It
+.Va WITHOUT_OPENSSL_LEGACY_PROVIDER
+.It
.Va WITHOUT_PKGBOOTSTRAP
.It
.Va WITHOUT_UNBOUND
@@ -1401,6 +1401,8 @@
.Va WITH_GSSAPI
is set explicitly)
.El
+.It Va WITHOUT_OPENSSL_FIPS_PROVIDER
+Do not build the fips provider for OpenSSL.
.It Va WITHOUT_OPENSSL_KTLS
Do not include kernel TLS support in OpenSSL.
.Pp
@@ -1411,6 +1413,8 @@
.Pp
This is a default setting on
amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le.
+.It Va WITHOUT_OPENSSL_LEGACY_PROVIDER
+Do not build the legacy provider for OpenSSL.
.It Va WITHOUT_PAM
Do not build PAM library and modules.
.Bf -symbolic
diff --git a/share/mk/src.opts.mk b/share/mk/src.opts.mk
--- a/share/mk/src.opts.mk
+++ b/share/mk/src.opts.mk
@@ -152,6 +152,8 @@
NVME \
OFED \
OPENSSL \
+ OPENSSL_FIPS_PROVIDER \
+ OPENSSL_LEGACY_PROVIDER \
PAM \
PF \
PKGBOOTSTRAP \
@@ -427,7 +429,9 @@
.if ${MK_OPENSSL} == "no"
MK_DMAGENT:= no
MK_OPENSSH:= no
+MK_OPENSSL_FIPS_PROVIDER:= no
MK_OPENSSL_KTLS:= no
+MK_OPENSSL_LEGACY_PROVIDER:= no
MK_KERBEROS:= no
MK_KERBEROS_SUPPORT:= no
MK_LDNS:= no
diff --git a/tools/build/options/WITHOUT_OPENSSL_FIPS_PROVIDER b/tools/build/options/WITHOUT_OPENSSL_FIPS_PROVIDER
new file mode 100644
--- /dev/null
+++ b/tools/build/options/WITHOUT_OPENSSL_FIPS_PROVIDER
@@ -0,0 +1 @@
+Do not build the fips provider for OpenSSL.
diff --git a/tools/build/options/WITHOUT_OPENSSL_LEGACY_PROVIDER b/tools/build/options/WITHOUT_OPENSSL_LEGACY_PROVIDER
new file mode 100644
--- /dev/null
+++ b/tools/build/options/WITHOUT_OPENSSL_LEGACY_PROVIDER
@@ -0,0 +1 @@
+Do not build the legacy provider for OpenSSL.
diff --git a/tools/build/options/WITH_OPENSSL_FIPS_PROVIDER b/tools/build/options/WITH_OPENSSL_FIPS_PROVIDER
new file mode 100644
--- /dev/null
+++ b/tools/build/options/WITH_OPENSSL_FIPS_PROVIDER
@@ -0,0 +1 @@
+Build the fips provider for OpenSSL.
diff --git a/tools/build/options/WITH_OPENSSL_LEGACY_PROVIDER b/tools/build/options/WITH_OPENSSL_LEGACY_PROVIDER
new file mode 100644
--- /dev/null
+++ b/tools/build/options/WITH_OPENSSL_LEGACY_PROVIDER
@@ -0,0 +1 @@
+Build the legacy provider for OpenSSL.

File Metadata

Mime Type
text/plain
Expires
Thu, Jun 25, 8:49 AM (9 h, 52 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
34317556
Default Alt Text
D44897.diff (3 KB)

Event Timeline