git.ipfire.org Git - thirdparty/openssl.git/commit

author	Richard Levitte <levitte@openssl.org>
	Wed, 19 May 2021 16:51:07 +0000 (18:51 +0200)
committer	Richard Levitte <levitte@openssl.org>
	Fri, 21 May 2021 10:08:31 +0000 (12:08 +0200)
commit	b938544969577e3b74da6f8c689c87c90ceced22
tree	8c94edc1676414e0e77c7ab64aeaa64ef75c4dc3	tree
parent	d2f82495a25d835e4821c0c1a79e8e39b66eed66	commit \| diff

PROV: Relegate most of the FIPS provider code to libfips.a

provider/fips/fipsprov.c contains a number of symbols that get used by
anything that's included in libfips.a, at least on Unix.
Unfortunately, there are platforms that do not support resolving
symbols to things that are already included in the end product (module
in this case) being built; they only support resolving symbols with
what comes next in the linking process.

The offending symbols in this case are FIPS_security_check_enabled,
c_thread_start and ossl_fips_intern_provider_init.

We resolve this by placing provider/fips/fipsprov.c in libfips.a along
with everything else there. That takes care of the offending symbols.
What remains is to ensure that there is an entry point in an object
file used directly when linking the module, providers/fips/fips_entry.c

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15370)

providers/fips/build.info		diff \| blob \| blame \| history
providers/fips/fips_entry.c	[new file with mode: 0644]	blob
providers/fips/fipsprov.c		diff \| blob \| blame \| history