mirror of
https://github.com/nodejs/node.git
synced 2024-12-01 16:10:02 +01:00
0f68377f69
Support building and running with FIPS-compliant OpenSSL. The process is following: 1. Download and verify `openssl-fips-x.x.x.tar.gz` from https://www.openssl.org/source/ 2. Extract source to `openssl-fips` folder 3. ``cd openssl-fips && ./config fipscanisterbuild --prefix=`pwd`/out`` (NOTE: On OS X, you may want to run ``./Configure darwin64-x86_64-cc --prefix=`pwd`/out`` if you are going to build x64-mode io.js) 4. `make -j && make install` 5. Get into io.js checkout folder 6. `./configure --openssl-fips=/path/to/openssl-fips/out` 7. Build io.js with `make -j` 8. Verify with `node -p "process.versions.openssl"` (`1.0.2a-fips`) Fix: https://github.com/joyent/node/issues/25463 PR-URL: https://github.com/nodejs/io.js/pull/1890 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
162 lines
4.9 KiB
Python
162 lines
4.9 KiB
Python
# Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
{
|
|
'variables': {
|
|
'is_clang': 0,
|
|
'gcc_version': 0,
|
|
'openssl_no_asm%': 0,
|
|
'llvm_version%': 0,
|
|
'gas_version%': 0,
|
|
'openssl_fips%': 'false',
|
|
},
|
|
'targets': [
|
|
{
|
|
'target_name': 'openssl',
|
|
'type': '<(library)',
|
|
'includes': ['openssl.gypi'],
|
|
'sources': ['<@(openssl_sources)'],
|
|
'sources/': [
|
|
['exclude', 'md2/.*$'],
|
|
['exclude', 'store/.*$']
|
|
],
|
|
'conditions': [
|
|
# FIPS
|
|
['openssl_fips != ""', {
|
|
'defines': [
|
|
'OPENSSL_FIPS',
|
|
],
|
|
'include_dirs': [
|
|
'<(openssl_fips)/include',
|
|
],
|
|
|
|
# Trick fipsld, it expects to see libcrypto.a
|
|
'product_name': 'crypto',
|
|
|
|
'direct_dependent_settings': {
|
|
'defines': [
|
|
'OPENSSL_FIPS',
|
|
],
|
|
'include_dirs': [
|
|
'<(openssl_fips)/include',
|
|
],
|
|
},
|
|
}],
|
|
|
|
['openssl_no_asm!=0', {
|
|
# Disable asm
|
|
'defines': [
|
|
'OPENSSL_NO_ASM',
|
|
],
|
|
'sources': ['<@(openssl_sources_no_asm)'],
|
|
}, {
|
|
# "else if" was supported in https://codereview.chromium.org/601353002
|
|
'conditions': [
|
|
['target_arch=="arm"', {
|
|
'defines': ['<@(openssl_defines_asm)'],
|
|
'sources': ['<@(openssl_sources_arm_void_gas)'],
|
|
}, 'target_arch=="ia32" and OS=="mac"', {
|
|
'defines': [
|
|
'<@(openssl_defines_asm)',
|
|
'<@(openssl_defines_ia32_mac)',
|
|
],
|
|
'sources': ['<@(openssl_sources_ia32_mac_gas)'],
|
|
}, 'target_arch=="ia32" and OS=="win"', {
|
|
'defines': [
|
|
'<@(openssl_defines_asm)',
|
|
'<@(openssl_defines_ia32_win)',
|
|
],
|
|
'sources': ['<@(openssl_sources_ia32_win_masm)'],
|
|
}, 'target_arch=="ia32"', {
|
|
# Linux or others
|
|
'defines': [
|
|
'<@(openssl_defines_asm)',
|
|
'<@(openssl_defines_ia32_elf)',
|
|
],
|
|
'sources': ['<@(openssl_sources_ia32_elf_gas)'],
|
|
}, 'target_arch=="x64" and OS=="mac"', {
|
|
'defines': [
|
|
'<@(openssl_defines_asm)',
|
|
'<@(openssl_defines_x64_mac)',
|
|
],
|
|
'sources': ['<@(openssl_sources_x64_mac_gas)'],
|
|
}, 'target_arch=="x64" and OS=="win"', {
|
|
'defines': [
|
|
'<@(openssl_defines_asm)',
|
|
'<@(openssl_defines_x64_win)',
|
|
],
|
|
'sources': ['<@(openssl_sources_x64_win_masm)'],
|
|
}, 'target_arch=="x64"', {
|
|
# Linux or others
|
|
'defines': [
|
|
'<@(openssl_defines_asm)',
|
|
'<@(openssl_defines_x64_elf)',
|
|
],
|
|
'sources': ['<@(openssl_sources_x64_elf_gas)'],
|
|
}, 'target_arch=="arm64"', {
|
|
'defines': ['<@(openssl_defines_arm64)',],
|
|
'sources': ['<@(openssl_sources_arm64_linux64_gas)'],
|
|
}, {
|
|
# Other architectures don't use assembly.
|
|
'defines': ['OPENSSL_NO_ASM'],
|
|
'sources': ['<@(openssl_sources_no_asm)'],
|
|
}],
|
|
],
|
|
}], # end of conditions of openssl_no_asm
|
|
['OS=="win"', {
|
|
'defines' : ['<@(openssl_defines_all_win)'],
|
|
'includes': ['masm_compile.gypi',],
|
|
}, {
|
|
'defines' : ['<@(openssl_defines_all_non_win)']
|
|
}]
|
|
],
|
|
'include_dirs': ['<@(openssl_include_dirs)'],
|
|
'direct_dependent_settings': {
|
|
'include_dirs': [
|
|
'openssl/include'
|
|
],
|
|
},
|
|
},
|
|
{
|
|
# openssl-cli target
|
|
'includes': ['openssl-cli.gypi',],
|
|
}
|
|
],
|
|
'target_defaults': {
|
|
'includes': ['openssl.gypi'],
|
|
'include_dirs': ['<@(openssl_default_include_dirs)'],
|
|
'defines': ['<@(openssl_default_defines_all)'],
|
|
'conditions': [
|
|
['OS=="win"', {
|
|
'defines': ['<@(openssl_default_defines_win)'],
|
|
'link_settings': {
|
|
'libraries': ['<@(openssl_default_libraries_win)'],
|
|
},
|
|
}, {
|
|
'defines': ['<@(openssl_default_defines_not_win)'],
|
|
'cflags': ['-Wno-missing-field-initializers'],
|
|
'conditions': [
|
|
['OS=="mac"', {
|
|
'defines': ['<@(openssl_default_defines_mac)'],
|
|
}, {
|
|
'defines': ['<@(openssl_default_defines_linux_others)'],
|
|
}],
|
|
]
|
|
}],
|
|
['is_clang==1 or gcc_version>=43', {
|
|
'cflags': ['-Wno-old-style-declaration'],
|
|
}],
|
|
['OS=="solaris"', {
|
|
'defines': ['__EXTENSIONS__'],
|
|
}],
|
|
],
|
|
},
|
|
}
|
|
|
|
# Local Variables:
|
|
# tab-width:2
|
|
# indent-tabs-mode:nil
|
|
# End:
|
|
# vim: set expandtab tabstop=2 shiftwidth=2:
|