TARGET = $(DIR_INFO)/$(THISAPP)$(KCFG)
+ifneq "$(KCFG)" "-sse2"
CFLAGS += -DPURIFY
+else
+CFLAGS =-O2 -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fPIC
+CFLAGS+= -fstack-protector-all --param=ssp-buffer-size=4
+CFLAGS+= -march=i686 -mmmx -msse -msse2 -mfpmath=sse
+CFLAGS+= -fomit-frame-pointer -DPURIFY
+CXXFLAGS="${CFLAGS}"
+endif
+
export RPM_OPT_FLAGS = $(CFLAGS)
CONFIGURE_OPTIONS = \
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1m-weak-ciphers.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-disable-sslv2-sslv3.patch
+ # Enable Padlock in i586
+ifeq "$(MACHINE)" "i586"
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2a_auto_enable_padlock.patch
+endif
+
# Apply our CFLAGS
cd $(DIR_APP) && sed -i Configure \
-e "s/-O3 -fomit-frame-pointer/$(CFLAGS)/g"
--- /dev/null
+diff -Naur openssl-1.0.2a.org/crypto/engine/eng_all.c openssl-1.0.2a/crypto/engine/eng_all.c
+--- openssl-1.0.2a.org/crypto/engine/eng_all.c 2015-03-19 14:30:36.000000000 +0100
++++ openssl-1.0.2a/crypto/engine/eng_all.c 2015-04-27 12:27:05.063569969 +0200
+@@ -120,6 +120,14 @@
+ ENGINE_load_capi();
+ # endif
+ #endif
++#ifdef OPENSSL_NO_STATIC_ENGINE
++ ENGINE *e;
++ e = ENGINE_by_id("padlock");
++ if (e != NULL) {
++ ENGINE_add(e);
++ ENGINE_free(e);
++ }
++#endif
+ ENGINE_register_all_complete();
+ }
+
+diff -Naur openssl-1.0.2a.org/ssl/ssl_algs.c openssl-1.0.2a/ssl/ssl_algs.c
+--- openssl-1.0.2a.org/ssl/ssl_algs.c 2015-03-19 14:30:36.000000000 +0100
++++ openssl-1.0.2a/ssl/ssl_algs.c 2015-04-27 11:04:27.893399695 +0200
+@@ -151,5 +151,12 @@
+ #endif
+ /* initialize cipher/digest methods table */
+ ssl_load_ciphers();
++
++ /* Init available hardware crypto engines */
++ ENGINE_load_builtin_engines();
++ ENGINE_register_all_complete();
++ ENGINE * padlock = ENGINE_by_id("padlock");
++ if (padlock) ENGINE_set_default_ciphers(padlock);
++
+ return (1);
+ }
projects / ipfire-2.x.git / commitdiff
