diff --git a/Configure b/Configure index beb569412ebb57fc0d8f0a9fd838cd3a7134281e..5c9e34707fa907125a5426916a18c48079237227 100755 --- a/Configure +++ b/Configure @@ -693,6 +693,16 @@ my $default_ranlib; my $perl; my $fips=0; +# If ssl directory missing assume truncated FIPS tarball +if (! -d ssl) + { + print STDERR "Auto Configuring fipsonly\n"; + $fips = 1; + $nofipscanistercheck = 1; + $fipslibdir=""; + $fipscanisterinternal="y"; + $fipscanisteronly = 1; + } # All of the following is disabled by default (RC5 was enabled before 0.9.8): diff --git a/Makefile.fips b/Makefile.fips index cfe7d1bed056bdcd7292e02aac2ebe29992e42ec..8fc9ddc6579275bbbf9363e8b9c9797029f72507 100644 --- a/Makefile.fips +++ b/Makefile.fips @@ -487,7 +487,7 @@ openssl.pc: Makefile echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc -Makefile: Makefile.org Configure config +Makefile: Makefile.fips Configure config @echo "Makefile is older than Makefile.org, Configure or config." @echo "Reconfigure the source tree (via './config' or 'perl Configure'), please." @false diff --git a/util/fipsdist.pl b/util/fipsdist.pl index 20c3999c935beada5a24e010c1882b370811030d..621f90493ea59fa26303f3a152b1b0701560a720 100644 --- a/util/fipsdist.pl +++ b/util/fipsdist.pl @@ -21,11 +21,29 @@ foreach (split / /, $ENV{LINKDIRS} ) { $cdirs{$_} = 1 }; $cdirs{perlasm} = 1; +my %keep = + ( + "Makefile.fips" => 1, + "Makefile.shared" => 1, + "README.FIPS" => 1, + "e_os.h" => 1, + "e_os2.h" => 1, + "Configure" => 1, + "config" => 1, + ); + while () { chomp; - # Skip directories but leave top level files. - next unless (/^(fips\/|crypto|util|test|include|ms)/ || (!/\// && -f $_)); + # Keep top level files in list + if (!/\// && -f $_) + { + next unless exists $keep{$_}; + } + else + { + next unless (/^(fips\/|crypto|util|test|include|ms)/); + } if (/^crypto\/([^\/]+)/) { # Skip unused directories under crypto/ @@ -37,6 +55,10 @@ while () next if !/(\w+\.c)$/ || !exists $tarobjs{$1}; } } + if (/^test\//) + { + next unless /Makefile/ || /dummytest.c/; + } print "$_\n"; } exit 1;