Changeset View
Changeset View
Standalone View
Standalone View
security/openssl/Makefile
Show All 33 Lines | |||||
OPTIONS_GROUP= CIPHERS HASHES OPTIMIZE PROTOCOLS | OPTIONS_GROUP= CIPHERS HASHES OPTIMIZE PROTOCOLS | ||||
OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 WEAK-SSL-CIPHERS | OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 WEAK-SSL-CIPHERS | ||||
OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 | OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 | ||||
OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS | OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS | ||||
OPTIONS_DEFINE_i386= I386 | OPTIONS_DEFINE_i386= I386 | ||||
OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2 | OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2 | ||||
OPTIONS_DEFINE= ASYNC CT MAN3 RFC3779 SHARED ZLIB | OPTIONS_DEFINE= ASYNC CT KTLS MAN3 RFC3779 SHARED ZLIB | ||||
OPTIONS_DEFAULT=ASM ASYNC CT GOST DES EC MAN3 MD4 NEXTPROTONEG RC2 RC4 \ | OPTIONS_DEFAULT=ASM ASYNC CT GOST DES EC MAN3 MD4 NEXTPROTONEG RC2 RC4 \ | ||||
RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1 TLS1_2 | RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1 TLS1_2 | ||||
OPTIONS_EXCLUDE=${${OSVERSION} < 1300042:?KTLS:} | |||||
OPTIONS_GROUP_OPTIMIZE_amd64= EC | OPTIONS_GROUP_OPTIMIZE_amd64= EC | ||||
.if ${MACHINE_ARCH} == "amd64" | .if ${MACHINE_ARCH} == "amd64" | ||||
OPTIONS_GROUP_OPTIMIZE+= EC | OPTIONS_GROUP_OPTIMIZE+= EC | ||||
.elif ${MACHINE_ARCH} == "mips64el" | .elif ${MACHINE_ARCH} == "mips64el" | ||||
OPTIONS_GROUP_OPTIMIZE+= EC | OPTIONS_GROUP_OPTIMIZE+= EC | ||||
.endif | .endif | ||||
OPTIONS_SUB= yes | OPTIONS_SUB= yes | ||||
ARIA_DESC= ARIA (South Korean standard) | ARIA_DESC= ARIA (South Korean standard) | ||||
ASM_DESC= Assembler code | ASM_DESC= Assembler code | ||||
ASYNC_DESC= Asynchronous mode | ASYNC_DESC= Asynchronous mode | ||||
CIPHERS_DESC= Block Cipher Support | CIPHERS_DESC= Block Cipher Support | ||||
CT_DESC= Certificate Transparency Support | CT_DESC= Certificate Transparency Support | ||||
DES_DESC= (Triple) Data Encryption Standard | DES_DESC= (Triple) Data Encryption Standard | ||||
EC_DESC= Optimize NIST elliptic curves | EC_DESC= Optimize NIST elliptic curves | ||||
GOST_DESC= GOST (Russian standard) | GOST_DESC= GOST (Russian standard) | ||||
HASHES_DESC= Hash Function Support | HASHES_DESC= Hash Function Support | ||||
I386_DESC= i386 (instead of i486+) | I386_DESC= i386 (instead of i486+) | ||||
IDEA_DESC= International Data Encryption Algorithm | IDEA_DESC= International Data Encryption Algorithm | ||||
KTLS_DESC= Kernel TLS offload | |||||
MAN3_DESC= Install API manpages (section 3, 7) | MAN3_DESC= Install API manpages (section 3, 7) | ||||
MD2_DESC= MD2 (obsolete) | MD2_DESC= MD2 (obsolete) | ||||
MD4_DESC= MD4 (unsafe) | MD4_DESC= MD4 (unsafe) | ||||
MDC2_DESC= MDC-2 (patented, requires DES) | MDC2_DESC= MDC-2 (patented, requires DES) | ||||
NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY) | NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY) | ||||
OPTIMIZE_DESC= Optimizations | OPTIMIZE_DESC= Optimizations | ||||
PROTOCOLS_DESC= Protocol Support | PROTOCOLS_DESC= Protocol Support | ||||
RC2_DESC= RC2 (unsafe) | RC2_DESC= RC2 (unsafe) | ||||
RC4_DESC= RC4 (unsafe) | RC4_DESC= RC4 (unsafe) | ||||
RC5_DESC= RC5 (patented) | RC5_DESC= RC5 (patented) | ||||
RMD160_DESC= RIPEMD-160 | RMD160_DESC= RIPEMD-160 | ||||
RFC3779_DESC= RFC3779 support (BGP) | RFC3779_DESC= RFC3779 support (BGP) | ||||
SCTP_DESC= SCTP (Stream Control Transmission) | SCTP_DESC= SCTP (Stream Control Transmission) | ||||
SHARED_DESC= Build shared libraries | SHARED_DESC= Build shared libraries | ||||
SM2_DESC= SM2 Elliptic Curve DH (Chinese standard) | SM2_DESC= SM2 Elliptic Curve DH (Chinese standard) | ||||
SM3_DESC= SM3 256bit (Chinese standard) | SM3_DESC= SM3 256bit (Chinese standard) | ||||
SM4_DESC= SM4 128bit (Chinese standard) | SM4_DESC= SM4 128bit (Chinese standard) | ||||
SSE2_DESC= Runtime SSE2 detection | SSE2_DESC= Runtime SSE2 detection | ||||
SSL3_DESC= SSLv3 (unsafe) | SSL3_DESC= SSLv3 (unsafe) | ||||
TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) | TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) | ||||
TLS1_1_DESC= TLSv1.1 (requires TLS1_2) | TLS1_1_DESC= TLSv1.1 (requires TLS1_2) | ||||
TLS1_2_DESC= TLSv1.2 | TLS1_2_DESC= TLSv1.2 | ||||
WEAK-SSL-CIPHERS_DESC= Weak cipher support (unsafe) | |||||
jhb: Oops, forgot I had this here. This is unrelated, but is stale as there is no longer a `WEAK… | |||||
emasteUnsubmitted Not Done Inline Actionsshould take care of this one first tho IMO emaste: should take care of this one first tho IMO | |||||
brnrdUnsubmitted Not Done Inline ActionsStill exists in 1.1.1g https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/Configure#L424 brnrd: Still exists in 1.1.1g https://github.com/openssl/openssl/blob/OpenSSL_1_1_1… | |||||
ZLIB_DESC= zlib compression support | ZLIB_DESC= zlib compression support | ||||
# Upstream default disabled options | # Upstream default disabled options | ||||
.for _option in md2 rc5 sctp ssl3 zlib weak-ssl-ciphers | .for _option in md2 rc5 sctp ssl3 zlib weak-ssl-ciphers | ||||
${_option:tu}_CONFIGURE_ON= enable-${_option} | ${_option:tu}_CONFIGURE_ON= enable-${_option} | ||||
.endfor | .endfor | ||||
# Upstream default enabled options | # Upstream default enabled options | ||||
.for _option in aria asm async ct des gost idea md4 mdc2 nextprotoneg rc2 rc4 \ | .for _option in aria asm async ct des gost idea md4 mdc2 nextprotoneg rc2 rc4 \ | ||||
rfc3779 rmd160 shared sm2 sm3 sm4 sse2 threads tls1 tls1_1 tls1_2 | rfc3779 rmd160 shared sm2 sm3 sm4 sse2 threads tls1 tls1_1 tls1_2 | ||||
${_option:tu}_CONFIGURE_OFF= no-${_option} | ${_option:tu}_CONFIGURE_OFF= no-${_option} | ||||
.endfor | .endfor | ||||
MDC2_IMPLIES= DES | MDC2_IMPLIES= DES | ||||
TLS1_IMPLIES= TLS1_1 | TLS1_IMPLIES= TLS1_1 | ||||
TLS1_1_IMPLIES= TLS1_2 | TLS1_1_IMPLIES= TLS1_2 | ||||
EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 | EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 | ||||
I386_CONFIGURE_ON= 386 | I386_CONFIGURE_ON= 386 | ||||
KTLS_CONFIGURE_ON= enable-ktls | |||||
KTLS_EXTRA_PATCHES= ${FILESDIR}/extra-patch-ktls | |||||
MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_process__docs.pl | MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_process__docs.pl | ||||
SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} | SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} | ||||
SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} | SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} | ||||
SHARED_USE= ldconfig=yes | SHARED_USE= ldconfig=yes | ||||
SSL3_CONFIGURE_ON+= enable-ssl3-method | SSL3_CONFIGURE_ON+= enable-ssl3-method | ||||
ZLIB_CONFIGURE_ON= zlib-dynamic | ZLIB_CONFIGURE_ON= zlib-dynamic | ||||
.include <bsd.port.pre.mk> | .include <bsd.port.pre.mk> | ||||
▲ Show 20 Lines • Show All 43 Lines • Show Last 20 Lines |
Oops, forgot I had this here. This is unrelated, but is stale as there is no longer a WEAK-SSL-CIPHERS option.