Make the Makefile more robust

[jbdelcuv]

Update Makefile to execute recipes only when OpenSSL tarball and/or required directories are present so it doesn't give an error when executing the target "sgxssl_no_mitigation" of Linux/Makefile.

[Copilot]

Pull Request Overview

This PR makes the Makefile more robust by adding conditional checks to prevent errors when OpenSSL tarball files or required directories are missing. The changes ensure that FIPS-related operations only execute when the necessary OpenSSL 3.1 tarball is present and improves the version detection logic.

• Enhanced OpenSSL version detection with error handling and improved sorting
• Added conditional guards around FIPS operations to prevent execution without required files
• Removed outdated OpenSSL 3.1.6 download from CI workflow

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
openssl_source/Makefile	Added conditional checks and improved OpenSSL version detection to prevent errors when tarballs or directories are missing
.github/workflows/codeql.yml	Removed download of OpenSSL 3.1.6 tarball that is no longer needed

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The conditional check uses OSSL_FIPS_SOURCE_DIR_SET which is never defined in the code. This variable is not set anywhere in the Makefile, so the condition will always be false. The check should likely use OSSL_FIPS_BUILD_DIR_SET or OSSL_FIPS_INSTALL_DIR_SET instead, or a new variable OSSL_FIPS_SOURCE_DIR_SET should be defined similar to lines 48-49.

[jbdelcuv]

You're right. Initially, I was planning to use one of the defined variables OSSL_FIPS_BUILD_DIR_SET or OSSL_FIPS_INSTALL_DIR_SET. However, since I'm using OSSL_FIPS_SOURCE_DIR_SET, I pushed a commit that defines it.

[fchinchilla]

LGTM