X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=Configure;h=cfd8be0e6401d83daa226fa2c60f11e5d4bb8950;hp=c1a3f8a26ef536fe5d04d22a5e0de30ea799725d;hb=2acd8ec7a953fe0c14fa2338b375955691372e89;hpb=9c62a279fecc4ccb95ea55e1ba36470f3eab8775 diff --git a/Configure b/Configure index c1a3f8a26e..cfd8be0e64 100755 --- a/Configure +++ b/Configure @@ -57,6 +57,9 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lx # library and will be loaded in run-time by the OpenSSL library. # sctp include SCTP support # 386 generate 80386 code +# enable-weak-ssl-ciphers +# Enable weak ciphers that are disabled by default. This currently +# only includes RC4 based ciphers. # no-sse2 disables IA-32 SSE2 code, above option implies no-sse2 # no- build without specified algorithm (rsa, idea, rc5, ...) # - + compiler options are passed through @@ -277,6 +280,7 @@ my @disablables = ( "md5", "mdc2", "md[-_]ghost94", + "multiblock", "nextprotoneg", "ocb", "ocsp", @@ -313,6 +317,7 @@ my @disablables = ( "ui", "unit-test", "whirlpool", + "weak-ssl-ciphers", "zlib", "zlib-dynamic", ); @@ -330,17 +335,21 @@ my @deprecated_disablables = ( our %disabled = ( # "what" => "comment" "ec_nistp_64_gcc_128" => "default", - "egd" => "default", - "md2" => "default", - "rc5" => "default", - "sctp" => "default", - "shared" => "default", - "ssl-trace" => "default", - "static-engine" => "default", - "unit-test" => "default", - "zlib" => "default", - "crypto-mdebug" => "default", - "heartbeats" => "default", + "egd" => "default", + "md2" => "default", + "rc5" => "default", + "sctp" => "default", + "shared" => "default", + "ssl-trace" => "default", + "ssl3" => "default", + "ssl3-method" => "default", + "static-engine" => "default", + "unit-test" => "default", + "weak-ssl-ciphers" => "default", + "zlib" => "default", + "zlib-dynamic" => "default", + "crypto-mdebug" => "default", + "heartbeats" => "default", ); # Note: => pair form used for aesthetics, not to truly make a hash table @@ -429,7 +438,6 @@ my $no_sse2=0; my $user_cflags=""; my @user_defines=(); -my $unified = 0; $config{openssl_api_defines}=[]; $config{openssl_algorithm_defines}=[]; $config{openssl_thread_defines}=[]; @@ -440,6 +448,8 @@ my $target=""; $config{options}=""; $config{build_type} = "release"; +my $classic = 0; + my @argvcopy=@ARGV; if (grep /^reconf(igure)?$/, @argvcopy) { @@ -582,6 +592,10 @@ foreach (@argvcopy) { delete $disabled{"dynamic-engine"}; } + elsif ($1 eq "zlib-dynamic") + { + delete $disabled{"zlib"}; + } my $algo = $1; delete $disabled{$algo}; @@ -619,9 +633,9 @@ foreach (@argvcopy) } elsif (/^[-+]/) { - if (/^--unified$/) + if (/^--classic$/) { - $unified=1; + $classic=1; } elsif (/^--prefix=(.*)$/) { @@ -869,22 +883,29 @@ $target{nm} = $ENV{'NM'} || $target{nm} || "nm"; # For cflags, lflags, plib_lflags, ex_libs and defines, add the debug_ # or release_ attributes. # Do it in such a way that no spurious space is appended (hence the grep). -$config{defines} = $target{defines} || []; -$config{cflags} = $target{cflags} || ""; -$config{ex_libs} = $target{ex_libs} || ""; +$config{defines} = []; +$config{cflags} = ""; +$config{ex_libs} = ""; +$config{shared_ldflag} = ""; # Make sure build_scheme is consistent. $target{build_scheme} = [ $target{build_scheme} ] if ref($target{build_scheme}) ne "ARRAY"; -###### TO BE REMOVED BEFORE FINAL RELEASE +###### TO BE REMOVED WHEN CLASSIC BUILD IS REMOVED ###### -###### If the user has chosen --unified, we give it to them. -###### The same happens if we detect that they try to build out-of-source. -if ($target{build_file} eq "Makefile" - && $target{build_scheme}->[0] eq "unixmake" - && ($unified || $srcdir ne $blddir)) { - $target{build_scheme} = [ "unified", "unix" ]; +###### If the user has chosen --classic, we give it to them. +###### If they try that with an out-of-source config, we complain. +if ($target{build_scheme}->[0] eq "unified" && $classic) { + die "Can't perform a classic build out of source tree\n" + if $srcdir ne $blddir; + + $target{build_scheme} = { unix => [ "unixmake" ], + windows => [ "mk1mf", $target{build_scheme}->[2] ], + VMS => undef } -> {$target{build_scheme}->[1]}; + + die "Classic mode unavailable on this platform\n" + unless defined($target{build_scheme}); } my ($builder, $builder_platform, @builder_opts) = @@ -893,7 +914,7 @@ my ($builder, $builder_platform, @builder_opts) = if ($target =~ /^mingw/ && `$target{cc} --target-help 2>&1` =~ m/-mno-cygwin/m) { $config{cflags} .= " -mno-cygwin"; - $target{shared_ldflag} .= " -mno-cygwin"; + $config{shared_ldflag} .= " -mno-cygwin"; } if ($target =~ /linux.*-mips/ && !$disabled{asm} && $user_cflags !~ /-m(ips|arch=)/) { @@ -917,17 +938,15 @@ if (!$disabled{dso} && $target{dso_scheme} ne "") $target{dso_scheme} =~ tr/[a-z]/[A-Z]/; if ($target{dso_scheme} eq "DLFCN") { - $config{defines} = [ "DSO_DLFCN", "HAVE_DLFCN_H", - @{$config{defines}} ] + unshift @{$config{defines}}, "DSO_DLFCN", "HAVE_DLFCN_H"; } elsif ($target{dso_scheme} eq "DLFCN_NO_H") { - $config{defines} = [ "DSO_DLFCN", @{$config{defines}} ] + unshift @{$config{defines}}, "DSO_DLFCN"; } else { - $config{defines} = [ "DSO_$target{dso_scheme}", - @{$config{defines}} ] + unshift @{$config{defines}}, "DSO_$target{dso_scheme}"; } } @@ -935,8 +954,11 @@ $config{ex_libs}="$libs$config{ex_libs}" if ($libs ne ""); if ($disabled{asm}) { - @{$config{defines}} = grep !/^[BL]_ENDIAN$/, @{$config{defines}} - if ($config{fips}); + if ($config{fips}) + { + @{$config{defines}} = grep !/^[BL]_ENDIAN$/, @{$config{defines}}; + @{$target{defines}} = grep !/^[BL]_ENDIAN$/, @{$target{defines}}; + } } # If threads aren't disabled, check how possible they are @@ -1057,7 +1079,7 @@ unless ($disabled{asm}) { if ($config{processor} eq "386") { $target{wp_asm_src}=$table{DEFAULTS}->{wp_asm_src}; } elsif (!$disabled{"whirlpool"}) { - $config{cflags}.=" -DWHIRLPOOL_ASM"; + push @{$config{defines}}, "WHIRLPOOL_ASM"; } } if ($target{modes_asm_src} =~ /ghash-/) { @@ -1161,6 +1183,26 @@ else { $no_user_defines=1; } # ALL MODIFICATIONS TO %config and %target MUST BE DONE FROM HERE ON +$config{afalg}=""; +if ($target =~ m/^linux/) { + my $minver = 4*10000 + 1*100 + 0; + if ($config{cross_compile_prefix} eq "") { + my $verstr = `uname -r`; + my ($ma, $mi1, $mi2) = split("\\.", $verstr); + ($mi2) = $mi2 =~ /(\d+)/; + my $ver = $ma*10000 + $mi1*100 + $mi2; + if ($ver < $minver) { + $disabled{afalg} = "too-old-kernel"; + } else { + push @{$config{engdirs}}, "afalg"; + } + } +} else { + $disabled{afalg} = "not-linux"; +} + +push @{$config{openssl_other_defines}}, "OPENSSL_NO_AFALGENG" if ($disabled{afalg}); + # If we use the unified build, collect information from build.info files my %unified_info = (); @@ -1240,6 +1282,7 @@ if ($builder eq "unified") { my @engines = (); my @scripts = (); my @extra = (); + my @overrides = (); my @intermediates = (); my @rawlines = (); @@ -1249,6 +1292,7 @@ if ($builder eq "unified") { my %depends = (); my %renames = (); my %sharednames = (); + my %generate = (); push @{$config{build_infos}}, catfile(abs2rel($sourced, $blddir), $f); my $template = Text::Template->new(TYPE => 'FILE', @@ -1307,6 +1351,9 @@ if ($builder eq "unified") { qr/^\s*EXTRA\s*=\s*(.*)\s*$/ => sub { push @extra, split(/\s+/, $1) if !@skip || $skip[$#skip] > 0 }, + qr/^\s*OVERRIDES\s*=\s*(.*)\s*$/ + => sub { push @overrides, split(/\s+/, $1) + if !@skip || $skip[$#skip] > 0 }, qr/^\s*ORDINALS\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/, => sub { push @{$ordinals{$1}}, split(/\s+/, $2) @@ -1320,6 +1367,9 @@ if ($builder eq "unified") { qr/^\s*DEPEND\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ => sub { push @{$depends{$1}}, split(/\s+/, $2) if !@skip || $skip[$#skip] > 0 }, + qr/^\s*GENERATE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ + => sub { push @{$generate{$1}}, $2 + if !@skip || $skip[$#skip] > 0 }, qr/^\s*RENAME\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ => sub { push @{$renames{$1}}, split(/\s+/, $2) if !@skip || $skip[$#skip] > 0 }, @@ -1402,6 +1452,11 @@ EOF $unified_info{extra}->{$extra} = 1; } + foreach (@overrides) { + my $override = cleanfile($buildd, $_, $blddir); + $unified_info{overrides}->{$override} = 1; + } + push @{$unified_info{rawlines}}, @rawlines; unless ($disabled{shared}) { @@ -1443,9 +1498,9 @@ EOF my %known_ordinals = ( crypto => - cleanfile($sourced, catfile("util", "libeay.num"), $blddir), + cleanfile($sourced, catfile("util", "libcrypto.num"), $blddir), ssl => - cleanfile($sourced, catfile("util", "ssleay.num"), $blddir) + cleanfile($sourced, catfile("util", "libssl.num"), $blddir) ); my $o = $known_ordinals{$_}; die "Ordinals for $ddest defined more than once\n" @@ -1480,6 +1535,20 @@ EOF } } + foreach (keys %generate) { + my $dest = $_; + my $ddest = cleanfile($buildd, $_, $blddir); + if ($unified_info{rename}->{$ddest}) { + $ddest = $unified_info{rename}->{$ddest}; + } + die "more than one generator for $dest: " + ,join(" ", @{$generate{$_}}),"\n" + if scalar @{$generate{$_}} > 1; + my @generator = split /\s+/, $generate{$dest}->[0]; + $generator[0] = cleanfile($sourced, $generator[0], $blddir), + $unified_info{generate}->{$ddest} = [ @generator ]; + } + foreach (keys %depends) { my $dest = $_; my $ddest = cleanfile($buildd, $_, $blddir); @@ -1531,7 +1600,7 @@ EOF ### Make unified_info a bit more efficient # One level structures - foreach (("programs", "libraries", "engines", "scripts", "extra")) { + foreach (("programs", "libraries", "engines", "scripts", "extra", "overrides")) { $unified_info{$_} = [ sort keys %{$unified_info{$_}} ]; } # Two level structures @@ -1671,11 +1740,11 @@ close(OUT); print "IsMK1MF =", ($builder eq "mk1mf" ? "yes" : "no"), "\n"; print "CC =$target{cc}\n"; -print "CFLAG =$config{cflags}\n"; -print "DEFINES =",join(" ", @{$config{defines}}),"\n"; +print "CFLAG =$target{cflags} $config{cflags}\n"; +print "DEFINES =",join(" ", @{$target{defines}}, @{$config{defines}}),"\n"; print "LFLAG =$target{lflags}\n"; print "PLIB_LFLAG =$target{plib_lflags}\n"; -print "EX_LIBS =$config{ex_libs}\n"; +print "EX_LIBS =$target{ex_libs} $config{ex_libs}\n"; print "APPS_OBJ =$target{apps_obj}\n"; print "CPUID_OBJ =$target{cpuid_obj}\n"; print "UPLINK_OBJ =$target{uplink_obj}\n"; @@ -1801,11 +1870,11 @@ BEGIN VALUE "FileDescription", "OpenSSL Shared Library\\0" VALUE "FileVersion", "$config{version}\\0" #if defined(CRYPTO) - VALUE "InternalName", "libeay32\\0" - VALUE "OriginalFilename", "libeay32.dll\\0" + VALUE "InternalName", "libcrypto32\\0" + VALUE "OriginalFilename", "libcrypto32.dll\\0" #elif defined(SSL) - VALUE "InternalName", "ssleay32\\0" - VALUE "OriginalFilename", "ssleay32.dll\\0" + VALUE "InternalName", "libssl32\\0" + VALUE "OriginalFilename", "libssl32.dll\\0" #endif VALUE "ProductName", "The OpenSSL Toolkit\\0" VALUE "ProductVersion", "$config{version}\\0" @@ -1851,39 +1920,6 @@ or position independent code, please let us know (but please first make sure you have tried with a current version of OpenSSL). EOF -###### TO BE REMOVED BEFORE FINAL RELEASE -###### -###### If the user hasn't chosen --unified, try to nudge them. -if ($target{build_file} eq "Makefile" - && $target{build_scheme}->[0] eq "unixmake" - && !$unified) { - - my $plausible_builddir = - abs2rel(rel2abs("../_openssl-build_$target"),rel2abs(".")); - my $plausible_to_sourcedir = - abs2rel(rel2abs("."),rel2abs("../_openssl-build_$target")); - print <<"EOF"; - ----------------------------------------------------------------------- -Please consider configuring with the flag --unified . -It's to test out a new "unified" building system. - -One cool feature is that you can have your build directory elsewhere, -for example: - - make clean # Clean the current configuration away - mkdir $plausible_builddir - cd $plausible_builddir - $plausible_to_sourcedir/config --unified - make - make test - -Please report any problem you have. ----------------------------------------------------------------------- - -EOF -} - exit(0); ######################################################################