svn commit: r536340 - head/security/openssl-devel
Bernard Spil
brnrd at FreeBSD.org
Sat May 23 19:38:11 UTC 2020
Author: brnrd
Date: Sat May 23 19:38:10 2020
New Revision: 536340
URL: https://svnweb.freebsd.org/changeset/ports/536340
Log:
security/openssl-devel: Add modules options
Submitted by: gordon at freebsd.org
Differential Revision: https://reviews.freebsd.org/D24965
Modified:
head/security/openssl-devel/Makefile
head/security/openssl-devel/pkg-plist
Modified: head/security/openssl-devel/Makefile
==============================================================================
--- head/security/openssl-devel/Makefile Sat May 23 19:35:43 2020 (r536339)
+++ head/security/openssl-devel/Makefile Sat May 23 19:38:10 2020 (r536340)
@@ -33,18 +33,21 @@ LDFLAGS_i386= -Wl,-znotext
MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDFLAGS="${LDFLAGS}"
MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS=
-OPTIONS_GROUP= CIPHERS HASHES OPTIMIZE PROTOCOLS
+OPTIONS_GROUP= CIPHERS HASHES MODULES OPTIMIZE PROTOCOLS
OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 WEAK-SSL-CIPHERS
OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3
OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS
+OPTIONS_GROUP_MODULES= FIPS LEGACY
OPTIONS_DEFINE_i386= I386
OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2
-OPTIONS_DEFINE= ASYNC CT MAN3 RFC3779 SHARED ZLIB
+OPTIONS_DEFINE= ASYNC CT KTLS MAN3 RFC3779 SHARED ZLIB
-OPTIONS_DEFAULT=ASM ASYNC CT GOST DES EC MAN3 MD4 NEXTPROTONEG RC2 RC4 \
+OPTIONS_DEFAULT=ASM ASYNC CT FIPS GOST DES EC MAN3 MD4 NEXTPROTONEG RC2 RC4 \
RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1 TLS1_2
+OPTIONS_EXCLUDE=${${OSVERSION} < 1300042:?KTLS:}
+
OPTIONS_GROUP_OPTIMIZE_amd64= EC
.if ${MACHINE_ARCH} == "amd64"
@@ -62,14 +65,18 @@ CIPHERS_DESC= Block Cipher Support
CT_DESC= Certificate Transparency Support
DES_DESC= (Triple) Data Encryption Standard
EC_DESC= Optimize NIST elliptic curves
+FIPS_DESC= Build FIPS provider (Note: NOT yet FIPS validated)
GOST_DESC= GOST (Russian standard)
HASHES_DESC= Hash Function Support
I386_DESC= i386 (instead of i486+)
IDEA_DESC= International Data Encryption Algorithm
+KTLS_DESC= Use in-kernel TLS (FreeBSD >13)
+LEGACY_DESC= Older algorithms
MAN3_DESC= Install API manpages (section 3, 7)
-MD2_DESC= MD2 (obsolete)
+MD2_DESC= MD2 (obsolete) (requires LEGACY)
MD4_DESC= MD4 (unsafe)
MDC2_DESC= MDC-2 (patented, requires DES)
+MODULES_DESC= Provider modules
NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY)
OPTIMIZE_DESC= Optimizations
PROTOCOLS_DESC= Protocol Support
@@ -92,16 +99,18 @@ WEAK-SSL-CIPHERS_DESC= Weak cipher support (unsafe)
ZLIB_DESC= zlib compression support
# Upstream default disabled options
-.for _option in md2 rc5 sctp ssl3 weak-ssl-ciphers zlib
+.for _option in md2 ktls rc5 sctp ssl3 weak-ssl-ciphers zlib
${_option:tu}_CONFIGURE_ON= enable-${_option}
.endfor
# Upstream default enabled options
-.for _option in aria asm async ct des gost idea md4 mdc2 nextprotoneg rc2 rc4 \
- rfc3779 rmd160 shared sm2 sm3 sm4 sse2 threads tls1 tls1_1 tls1_2
+.for _option in aria asm async ct des fips gost idea md4 mdc2 legacy \
+ nextprotoneg rc2 rc4 rfc3779 rmd160 shared sm2 sm3 sm4 sse2 \
+ threads tls1 tls1_1 tls1_2
${_option:tu}_CONFIGURE_OFF= no-${_option}
.endfor
+MD2_IMPLIES= LEGACY
MDC2_IMPLIES= DES
TLS1_IMPLIES= TLS1_1
TLS1_1_IMPLIES= TLS1_2
Modified: head/security/openssl-devel/pkg-plist
==============================================================================
--- head/security/openssl-devel/pkg-plist Sat May 23 19:35:43 2020 (r536339)
+++ head/security/openssl-devel/pkg-plist Sat May 23 19:38:10 2020 (r536340)
@@ -136,8 +136,8 @@ lib/libcrypto.a
lib/libssl.a
%%SHARED%%lib/libssl.so
%%SHARED%%lib/libssl.so.%%SHLIBVER%%
-%%SHARED%%lib/ossl-modules/fips.so
-%%SHARED%%lib/ossl-modules/legacy.so
+%%FIPS%%%%SHARED%%lib/ossl-modules/fips.so
+%%LEGACY%%%%SHARED%%lib/ossl-modules/legacy.so
libdata/pkgconfig/libcrypto.pc
libdata/pkgconfig/libssl.pc
libdata/pkgconfig/openssl.pc
More information about the svn-ports-all
mailing list