src - FreeBSD source tree

diff options


context:
space:
mode:

author	Enji Cooper <ngie@FreeBSD.org>	2025-09-08 03:20:42 +0000
committer	Enji Cooper <ngie@FreeBSD.org>	2025-09-18 19:17:44 +0000
commit	d5984d5f29a7c717b88ccd17a85a747792403cdf (patch)
tree	d36a6be5ce6821702096e8b8d191a3e2d60a3f73
parent	c99bb5747f5e88527e7414fd543c903f367001c4 (diff)

OpenSSL: update Makefiles to reflect 3.5.1 release

This is a targeted effort to update the INCS and SRCS entries for libcrypto, the legacy provider, and libssl to match what upstream (OpenSSL) builds in their respective libraries. The number of stylistic changes were kept at a minimum. Another incoming change will reformat this file to make future maintenance easier. MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D52554

Diffstat

-rw-r--r--

secure/lib/libcrypto/Makefile

-rw-r--r--

secure/lib/libcrypto/modules/Makefile.inc

-rw-r--r--

secure/lib/libcrypto/modules/legacy/Makefile

-rw-r--r--

secure/lib/libssl/Makefile

-rw-r--r--

share/mk/src.libnames.mk

5 files changed, 68 insertions, 33 deletions

diff --git a/secure/lib/libcrypto/Makefile b/secure/lib/libcrypto/Makefile
index 75ebb6e65327..5cb3f5a7c3fe 100644
--- a/secure/lib/libcrypto/Makefile
+++ b/secure/lib/libcrypto/Makefile

@@ -91,7 +91,7 @@ SRCS+= x_bignum.c x_info.c x_int64.c x_long.c x_pkey.c x_sig.c x_spki.c

SRCS+= x_val.c

# async

-SRCS+= async.c async_err.c async_posix.c async_wait.c

+SRCS+= async.c async_err.c async_null.c async_posix.c async_wait.c async_win.c

# bf

SRCS+= bf_cfb64.c bf_ecb.c bf_ofb64.c bf_prefix.c bf_readbuff.c bf_skey.c

@@ -224,7 +224,11 @@ SRCS+= dsa_gen.c dsa_key.c dsa_lib.c dsa_meth.c dsa_ossl.c dsa_pmeth.c

SRCS+= dsa_prn.c dsa_sign.c dsa_vrf.c

# dso

+SRCS+= dso_dl.c

SRCS+= dso_dlfcn.c dso_err.c dso_lib.c

+SRCS+= dso_openssl.c

+SRCS+= dso_vms.c

+SRCS+= dso_win32.c

# ec

SRCS+= curve25519.c curve448.c curve448_tables.c ec2_oct.c ec2_smpl.c

@@ -291,7 +295,7 @@ SRCS+= ffc_params.c ffc_params_generate.c ffc_params_validate.c

SRCS+= hashtable.c hashfunc.c

# hmac

-SRCS+= hmac.c hmac_s390x.c

+SRCS+= hmac.c

# hpke

SRCS+= hpke_util.c hpke.c

@@ -424,17 +428,10 @@ SRCS+= cipher_aes_xts_fips.c

SRCS+= cipher_aes_gcm_siv.c cipher_aes_gcm_siv_hw.c \

cipher_aes_gcm_siv_polyval.c

SRCS+= cipher_aes_siv.c cipher_aes_siv_hw.c

-SRCS+= cipher_blowfish.c cipher_blowfish_hw.c

SRCS+= cipher_camellia.c cipher_camellia_hw.c

-SRCS+= cipher_cast5.c cipher_cast5_hw.c

SRCS+= cipher_chacha20.c cipher_chacha20_hw.c

SRCS+= cipher_chacha20_poly1305.c cipher_chacha20_poly1305_hw.c

-SRCS+= cipher_des.c cipher_des_hw.c

-SRCS+= cipher_desx.c cipher_desx_hw.c

SRCS+= cipher_null.c

-SRCS+= cipher_rc4.c cipher_rc4_hw.c

-SRCS+= cipher_rc4_hmac_md5.c cipher_rc4_hmac_md5_hw.c

-SRCS+= cipher_seed.c cipher_seed_hw.c

SRCS+= cipher_tdes.c cipher_tdes_common.c cipher_tdes_hw.c

SRCS+= cipher_tdes_default.c cipher_tdes_default_hw.c \

cipher_tdes_wrap.c cipher_tdes_wrap_hw.c

@@ -442,12 +439,10 @@ SRCS+= cipher_tdes_default.c cipher_tdes_default_hw.c \

# providers/implementations/digests

SRCS+= digestcommon.c

SRCS+= blake2_prov.c blake2b_prov.c blake2s_prov.c

-SRCS+= md4_prov.c

SRCS+= md5_prov.c md5_sha1_prov.c

SRCS+= null_prov.c

SRCS+= ripemd_prov.c

SRCS+= sha2_prov.c sha3_prov.c

-SRCS+= wp_prov.c

# providers/implementations/encode_decode

SRCS+= decode_der2key.c decode_epki2pki.c decode_msblob2key.c decode_pvk2key.c

@@ -463,8 +458,8 @@ SRCS+= kdf_exch.c

# providers/implementations/kdfs

SRCS+= argon2.c hkdf.c hmacdrbg_kdf.c kbkdf.c krb5kdf.c

-SRCS+= pbkdf1.c pbkdf2.c pbkdf2_fips.c

-SRCS+= pkcs12kdf.c pvkkdf.c scrypt.c sskdf.c sshkdf.c tls1_prf.c x942kdf.c

+SRCS+= pbkdf2.c pbkdf2_fips.c

+SRCS+= pkcs12kdf.c scrypt.c sskdf.c sshkdf.c tls1_prf.c x942kdf.c

# providers/implementations/kem

SRCS+= ec_kem.c ecx_kem.c kem_util.c ml_kem_kem.c mlx_kem.c rsa_kem.c

@@ -484,6 +479,7 @@ SRCS+= siphash_prov.c

# providers/implementations/rands

SRCS+= drbg.c drbg_ctr.c drbg_hash.c drbg_hmac.c test_rng.c

SRCS+= seed_src.c

+SRCS+= seed_src_jitter.c

# providers/implementations/rands/seeding

SRCS+= rand_cpu_x86.c rand_tsc.c rand_unix.c rand_win.c

@@ -499,7 +495,7 @@ SRCS+= aes_skmgmt.c generic.c

SRCS+= file_store.c file_store_any2obj.c

# rand

-SRCS+= prov_seed.c rand_deprecated.c rand_egd.c rand_err.c rand_lib.c

+SRCS+= prov_seed.c rand_deprecated.c rand_err.c rand_lib.c

SRCS+= rand_meth.c rand_pool.c rand_uniform.c randfile.c

# rc2

@@ -573,7 +569,10 @@ SRCS+= store_err.c store_init.c store_lib.c store_meth.c store_register.c

SRCS+= store_result.c store_strings.c

# thread

-SRCS+= api.c arch.c arch/thread_win.c arch/thread_posix.c arch/thread_none.c internal.c

+SRCS+= api.c arch.c internal.c

+SRCS+= thread_none.c

+SRCS+= thread_posix.c

+SRCS+= thread_win.c

# ts

SRCS+= ts_asn1.c ts_conf.c ts_err.c ts_lib.c ts_req_print.c ts_req_utils.c

@@ -620,11 +619,21 @@ SRCS+= x509type.c

INCS= aes.h asn1.h asn1err.h asn1t.h async.h asyncerr.h bio.h

INCS+= bioerr.h blowfish.h bn.h bnerr.h buffer.h buffererr.h byteorder.h camellia.h

-INCS+= cast.h cmac.h cmp.h cmp_util.h cmperr.h cms.h cmserr.h comp.h comperr.h conf.h conf_api.h

+INCS+= cast.h cmac.h cmp.h cmp_util.h cmperr.h cms.h cmserr.h comp.h comperr.h conf.h

INCS+= conferr.h configuration.h conftypes.h core.h core_dispatch.h core_names.h core_object.h

INCS+= crmf.h crmferr.h crypto.h cryptoerr.h cryptoerr_legacy.h ct.h cterr.h

-INCS+= decoder.h decodererr.h des.h dh.h dherr.h dsa.h

-INCS+= dsaerr.h dtls1.h e_os2.h e_ostime.h ebcdic.h ec.h ecdh.h ecdsa.h ecerr.h encoder.h encodererr.h

+INCS+= decoder.h decodererr.h

+INCS+= der_digests.h

+INCS+= der_dsa.h

+INCS+= der_ec.h

+INCS+= der_ecx.h

+INCS+= der_ml_dsa.h

+INCS+= der_rsa.h

+INCS+= der_slh_dsa.h

+INCS+= der_wrap.h

+INCS+= des.h dh.h dherr.h dsa.h

+INCS+= dsaerr.h

+INCS+= dtls1.h e_os2.h e_ostime.h ebcdic.h ec.h ecdh.h ecdsa.h ecerr.h encoder.h encodererr.h

INCS+= engine.h engineerr.h err.h ess.h esserr.h evp.h evperr.h fips_names.h fipskey.h hmac.h hpke.h http.h httperr.h idea.h indicator.h

INCS+= kdf.h kdferr.h lhash.h macros.h md2.h md4.h md5.h mdc2.h modes.h obj_mac.h

INCS+= objects.h objectserr.h ocsp.h ocsperr.h opensslconf.h opensslv.h

@@ -762,6 +771,7 @@ PICFLAG+= -DOPENSSL_PIC

${LCRYPTO_SRC}/crypto/stack \

${LCRYPTO_SRC}/crypto/store \

${LCRYPTO_SRC}/crypto/thread \

+ ${LCRYPTO_SRC}/crypto/thread/arch \

${LCRYPTO_SRC}/crypto/ts \

${LCRYPTO_SRC}/crypto/txt_db \

${LCRYPTO_SRC}/crypto/ui \

@@ -771,6 +781,7 @@ PICFLAG+= -DOPENSSL_PIC

${LCRYPTO_SRC}/providers \

${LCRYPTO_SRC}/providers/common \

${LCRYPTO_SRC}/providers/common/der \

+ ${LCRYPTO_SRC}/providers/common/include/prov \

${LCRYPTO_SRC}/providers/implementations/asymciphers \

${LCRYPTO_SRC}/providers/implementations/ciphers \

${LCRYPTO_SRC}/providers/implementations/digests \

@@ -787,4 +798,4 @@ PICFLAG+= -DOPENSSL_PIC

${LCRYPTO_SRC}/providers/implementations/storemgmt \

${LCRYPTO_SRC}/ssl \

${LCRYPTO_SRC}/ssl/record \

- ${LCRYPTO_SRC}/ssl/record/methods

+ ${LCRYPTO_SRC}/ssl/record/methods \

diff --git a/secure/lib/libcrypto/modules/Makefile.inc b/secure/lib/libcrypto/modules/Makefile.inc
index 4b3d9fc512ce..64fb57ee74c5 100644
--- a/secure/lib/libcrypto/modules/Makefile.inc
+++ b/secure/lib/libcrypto/modules/Makefile.inc

@@ -10,11 +10,4 @@ CFLAGS+= -I${LCRYPTO_SRC}/providers/common/include

CFLAGS+= -I${LCRYPTO_SRC}/providers/fips/include

CFLAGS+= -I${LCRYPTO_SRC}/providers/implementations/include

-# common

-SRCS+= provider_err.c provider_ctx.c

-SRCS+= provider_util.c

-.PATH: ${LCRYPTO_SRC}/providers \

- ${LCRYPTO_SRC}/providers/common

WARNS?= 0

diff --git a/secure/lib/libcrypto/modules/legacy/Makefile b/secure/lib/libcrypto/modules/legacy/Makefile
index db05f212f62a..8f91d9504504 100644
--- a/secure/lib/libcrypto/modules/legacy/Makefile
+++ b/secure/lib/libcrypto/modules/legacy/Makefile

@@ -1,7 +1,7 @@

SHLIB_NAME?= legacy.so

LIBADD= crypto

-SRCS+= legacyprov.c prov_running.c params_idx.c

+SRCS+= legacyprov.c prov_running.c

# ciphers

SRCS+= ciphercommon.c ciphercommon_hw.c ciphercommon_block.c \

@@ -16,17 +16,48 @@ SRCS+= cipher_rc4.c cipher_rc4_hw.c

SRCS+= cipher_rc4_hmac_md5.c cipher_rc4_hmac_md5_hw.c

SRCS+= cipher_seed.c cipher_seed_hw.c

-# digests

+# crypto

+SRCS+= cpuid.c

+SRCS+= ctype.c

+# crypto/des

+SRCS+= des_enc.c

+SRCS+= fcrypt_b.c

+# crypto/md5

+SRCS+= md5_dgst.c

+SRCS+= md5_one.c

+SRCS+= md5_sha1.c

+# providers/implementations/digests

SRCS+= digestcommon.c

SRCS+= md4_prov.c wp_prov.c ripemd_prov.c

-# kdfs

-SRCS+= pbkdf1.c pvkkdf.c

+# providers/implementations/kdfs

+SRCS+= pbkdf1.c

+SRCS+= pvkkdf.c

+# common

+SRCS+= provider_err.c provider_ctx.c

+SRCS+= provider_util.c

+SRCS+= tls_pad.c

+# This is needed so the provider can be loaded for us.

+# There's a discrepancy between how this provider gets built in OpenSSL proper

+# and FreeBSD.

+SRCS+= params_idx.c

.include <bsd.lib.mk>

.PATH: ${LCRYPTO_SRC}/crypto \

+ ${LCRYPTO_SRC}/crypto/des \

+ ${LCRYPTO_SRC}/crypto/md5 \

+ ${LCRYPTO_SRC}/providers \

+ ${LCRYPTO_SRC}/providers/common \

${LCRYPTO_SRC}/providers/implementations/ciphers \

${LCRYPTO_SRC}/providers/implementations/digests \

${LCRYPTO_SRC}/providers/implementations/kdfs \

- ${LCRYPTO_SRC}/ssl

+ ${LCRYPTO_SRC}/ssl \

+ ${LCRYPTO_SRC}/ssl/record/methods \

diff --git a/secure/lib/libssl/Makefile b/secure/lib/libssl/Makefile
index b0ca31644279..fe2e2492045f 100644
--- a/secure/lib/libssl/Makefile
+++ b/secure/lib/libssl/Makefile

@@ -76,7 +76,7 @@ CFLAGS+=-DOPENSSL_NO_KTLS

SRCS+= ktls_meth.c

.endif

-LIBADD= crypto

+LIBADD= pthread crypto

CFLAGS+= -I${LCRYPTO_SRC}/ssl

CFLAGS+= -I${.OBJDIR:H}/libcrypto

diff --git a/share/mk/src.libnames.mk b/share/mk/src.libnames.mk
index d6597caf7e2a..95cd3b02d8e4 100644
--- a/share/mk/src.libnames.mk
+++ b/share/mk/src.libnames.mk

@@ -329,7 +329,7 @@ _DP_archive+= md

.endif

_DP_sqlite3= pthread

-_DP_ssl= crypto

+_DP_ssl= pthread crypto

_DP_ssh= crypto crypt z

.if ${MK_LDNS} != "no"

_DP_ssh+= ldns