X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=Configure;h=e0d086f8f217d6c0c5c01cc0e0227727d1ff488b;hp=b32cb942a7477ddd05fdc8b9d3496fab3a6dee17;hb=14c4201958152392941615626da5d2800c98e943;hpb=8d34daf0ce3bd2fc08dda0f1b0d1213dec452a1d diff --git a/Configure b/Configure index b32cb942a7..e0d086f8f2 100755 --- a/Configure +++ b/Configure @@ -14,6 +14,7 @@ use strict; use File::Basename; use File::Spec::Functions qw/:DEFAULT abs2rel rel2abs/; use File::Path qw/mkpath/; +use if $^O ne "VMS", 'File::Glob' => qw/glob/; # see INSTALL for instructions. @@ -73,9 +74,9 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lx # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # Following are set automatically by this script # -# MD5_ASM use some extra md5 assember, -# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 -# RMD160_ASM use some extra ripemd160 assember, +# MD5_ASM use some extra md5 assembler, +# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86 +# RMD160_ASM use some extra ripemd160 assembler, # SHA256_ASM sha256_block is implemented in assembler # SHA512_ASM sha512_block is implemented in assembler # AES_ASM ASE_[en|de]crypt is implemented in assembler @@ -166,7 +167,7 @@ sub read_config; # resolve_config(target) # -# Resolves all the late evalutations, inheritances and so on for the +# Resolves all the late evaluations, inheritances and so on for the # chosen target and any target it inherits from. sub resolve_config; @@ -178,6 +179,8 @@ my $srcdir = catdir(absolutedir(dirname($0))); # catdir ensures local syntax my $blddir = catdir(absolutedir(".")); # catdir ensures local syntax my $dofile = abs2rel(catfile($srcdir, "util/dofile.pl")); +my $local_config_envname = 'OPENSSL_LOCAL_CONFIG_DIR'; + $config{sourcedir} = abs2rel($srcdir); $config{builddir} = abs2rel($blddir); @@ -208,10 +211,24 @@ die "erroneous version information in opensslv.h: ", # Collect target configurations my $pattern = catfile(dirname($0), "Configurations", "*.conf"); -foreach (sort glob($pattern) ) { +foreach (sort glob($pattern)) { &read_config($_); } +if (defined $ENV{$local_config_envname}) { + if ($^O eq 'VMS') { + # VMS environment variables are logical names, + # which can be used as is + $pattern = $local_config_envname . ':' . '*.conf'; + } else { + $pattern = catfile($ENV{$local_config_envname}, '*.conf'); + } + + foreach (sort glob($pattern)) { + &read_config($_); + } +} + print "Configuring OpenSSL version $config{version} (0x$config{version_num})\n"; @@ -244,12 +261,13 @@ $config{sdirs} = [ my @tls = qw(ssl3 tls1 tls1_1 tls1_2); my @dtls = qw(dtls1 dtls1_2); -# Explicitelly known options that are possible to disable. They can +# Explicitly known options that are possible to disable. They can # be regexps, and will be used like this: /^no-${option}$/ # For developers: keep it sorted alphabetically my @disablables = ( "afalgeng", + "asan", "asm", "async", "autoalginit", @@ -283,6 +301,8 @@ my @disablables = ( "engine", "err", "filenames", + "fuzz-libfuzzer", + "fuzz-afl", "gost", "heartbeats", "hw(-.+)?", @@ -304,10 +324,8 @@ my @disablables = ( "rc5", "rdrand", "rfc3779", - "ripemd", "rmd160", "scrypt", - "sct", "sctp", "seed", "shared", @@ -322,6 +340,7 @@ my @disablables = ( "threads", "tls", "ts", + "ubsan", "ui", "unit-test", "whirlpool", @@ -335,26 +354,33 @@ foreach my $proto ((@tls, @dtls)) push(@disablables, "$proto-method"); } -my @deprecated_disablables = ( - "ssl2", +my %deprecated_disablables = ( + "ssl2" => undef, + "buf-freelists" => undef, + "ripemd" => "rmd160" ); # All of the following is disabled by default (RC5 was enabled before 0.9.8): our %disabled = ( # "what" => "comment" + "asan" => "default", "ec_nistp_64_gcc_128" => "default", "egd" => "default", + "fuzz-libfuzzer" => "default", + "fuzz-afl" => "default", "md2" => "default", "rc5" => "default", "sctp" => "default", "ssl-trace" => "default", "ssl3" => "default", "ssl3-method" => "default", + "ubsan" => "default", "unit-test" => "default", "weak-ssl-ciphers" => "default", "zlib" => "default", "zlib-dynamic" => "default", "crypto-mdebug" => "default", + "crypto-mdebug-backtrace" => "default", "heartbeats" => "default", ); @@ -437,17 +463,6 @@ while ((my $first, my $second) = (shift @list, shift @list)) { # To remove something from %disabled, use "enable-foo". # For symmetry, "disable-foo" is a synonym for "no-foo". -my @generated_headers = ( - "include/openssl/opensslconf.h", - "crypto/include/internal/bn_conf.h", - "crypto/include/internal/dso_conf.h" - ); - -my @generated_by_make_headers = ( - "crypto/buildinf.h" - ); - - my $no_sse2=0; &usage if ($#ARGV < 0); @@ -537,21 +552,17 @@ foreach (@argvcopy) s /^zlib-dynamic$/enable-zlib-dynamic/; if (/^(no|disable|enable)-(.+)$/) - { - my $word = $2; - if (grep { $word =~ /^${_}$/ } @deprecated_disablables) - { - $deprecated_options{$_} = 1; - next; - } - elsif (!grep { $word =~ /^${_}$/ } @disablables) - { - $unsupported_options{$_} = 1; - next; - } - } - if (/^no-(.+)$/ || /^disable-(.+)$/) - { + { + my $word = $2; + if (!exists $deprecated_disablables{$word} + && !grep { $word =~ /^${_}$/ } @disablables) + { + $unsupported_options{$_} = 1; + next; + } + } + if (/^no-(.+)$/ || /^disable-(.+)$/) + { foreach my $proto ((@tls, @dtls)) { if ($1 eq "$proto-method") @@ -590,6 +601,14 @@ foreach (@argvcopy) { $disabled{"dynamic-engine"} = "option"; } + elsif (exists $deprecated_disablables{$1}) + { + $deprecated_options{$_} = 1; + if (defined $deprecated_disablables{$1}) + { + $disabled{$deprecated_disablables{$1}} = "option"; + } + } else { $disabled{$1} = "option"; @@ -674,6 +693,14 @@ foreach (@argvcopy) { $withargs{zlib_include}=$1; } + elsif (/^--with-fuzzer-lib=(.*)$/) + { + $withargs{fuzzer_lib}=$1; + } + elsif (/^--with-fuzzer-include=(.*)$/) + { + $withargs{fuzzer_include}=$1; + } elsif (/^--with-fipslibdir=(.*)$/) { $config{fipslibdir}="$1/"; @@ -712,7 +739,7 @@ foreach (@argvcopy) unless ($_ eq $target || /^no-/ || /^disable-/) { # "no-..." follows later after implied disactivations - # have been derived. (Don't take this too seroiusly, + # have been derived. (Don't take this too seriously, # we really only write OPTIONS to the Makefile out of # nostalgia.) @@ -888,9 +915,13 @@ $config{cross_compile_prefix} = $ENV{'CROSS_COMPILE'} # Allow overriding the names of some tools. USE WITH CARE $config{perl} = $ENV{'PERL'} || ($^O ne "VMS" ? $^X : "perl"); $target{cc} = $ENV{'CC'} || $target{cc} || "cc"; -$target{ranlib} = $ENV{'RANLIB'} || $target{ranlib} || which("ranlib") || "true"; +$target{ranlib} = $ENV{'RANLIB'} || $target{ranlib} || + (which("$config{cross_compile_prefix}ranlib") ? + "\$(CROSS_COMPILE)ranlib" : "true"); $target{ar} = $ENV{'AR'} || $target{ar} || "ar"; $target{nm} = $ENV{'NM'} || $target{nm} || "nm"; +$target{rc} = + $ENV{'RC'} || $ENV{'WINDRES'} || $target{rc} || "windres"; # For cflags, lflags, plib_lflags, ex_libs and defines, add the debug_ # or release_ attributes. @@ -967,7 +998,7 @@ unless ($disabled{threads}) { $disabled{threads} = "unavailable"; } } else { - # The user chose to enable threads explicitely, let's see + # The user chose to enable threads explicitly, let's see # if there's a chance that's possible if ($target{thread_scheme} eq "(unknown)") { # If the user asked for "threads" and we don't have internal @@ -1014,6 +1045,29 @@ if ($disabled{"dynamic-engine"}) { $config{dynamic_engines} = 1; } +unless ($disabled{"fuzz-libfuzzer"}) { + push @{$config{dirs}}, "fuzz"; + $config{cflags} .= "-fsanitize-coverage=edge,indirect-calls "; +} + +unless ($disabled{"fuzz-afl"}) { + push @{$config{dirs}}, "fuzz"; +} + +unless ($disabled{asan}) { + $config{cflags} .= "-fsanitize=address "; +} + +unless ($disabled{ubsan}) { + # -DPEDANTIC or -fnosanitize=aligmnent may also be required on some + # platforms. + $config{cflags} .= "-fsanitize=undefined -fno-sanitize-recover=all "; +} + +unless ($disabled{"fuzz-libfuzzer"} && $disabled{"fuzz-afl"} + && $disabled{asan} && $disabled{ubsan}) { + $config{cflags} .= "-fno-omit-frame-pointer -g "; +} # # Platform fix-ups # @@ -1223,12 +1277,27 @@ my $buildinfo_debug = defined($ENV{CONFIGURE_DEBUG_BUILDINFO}); if ($builder eq "unified") { # Store the name of the template file we will build the build file from # in %config. This may be useful for the build file itself. - my $build_file_template = - catfile($srcdir, "Configurations", - $builder_platform."-".$target{build_file}.".tmpl"); - $build_file_template = - catfile($srcdir, "Configurations", $target{build_file}.".tmpl") - if (! -f $build_file_template); + my $build_file_template; + + for my $filename (( $builder_platform."-".$target{build_file}.".tmpl", + $target{build_file}.".tmpl" )) { + if (defined $ENV{$local_config_envname}) { + if ($^O eq 'VMS') { + # VMS environment variables are logical names, + # which can be used as is + $build_file_template = $local_config_envname . ':' . $filename; + } else { + $build_file_template = catfile($ENV{$local_config_envname}, + $filename); + } + } + + last if -f $build_file_template; + + $build_file_template = catfile($srcdir, "Configurations", $filename); + + last if -f $build_file_template; + } $config{build_file_template} = $build_file_template; use lib catdir(dirname(__FILE__),"util"); @@ -1318,6 +1387,7 @@ if ($builder eq "unified") { $template->fill_in(HASH => { config => \%config, target => \%target, disabled => \%disabled, + withargs => \%withargs, builddir => abs2rel($buildd, $blddir), sourcedir => abs2rel($sourced, $blddir), buildtop => abs2rel($blddir, $blddir), @@ -1358,47 +1428,47 @@ if ($builder eq "unified") { => sub { die "ENDIF out of scope" if ! @skip; pop @skip; }, qr/^\s*PROGRAMS\s*=\s*(.*)\s*$/ - => sub { push @programs, split(/\s+/, $1) + => sub { push @programs, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*LIBS\s*=\s*(.*)\s*$/ - => sub { push @libraries, split(/\s+/, $1) + => sub { push @libraries, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*ENGINES\s*=\s*(.*)\s*$/ - => sub { push @engines, split(/\s+/, $1) + => sub { push @engines, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*SCRIPTS\s*=\s*(.*)\s*$/ - => sub { push @scripts, split(/\s+/, $1) + => sub { push @scripts, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*EXTRA\s*=\s*(.*)\s*$/ - => sub { push @extra, split(/\s+/, $1) + => sub { push @extra, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*OVERRIDES\s*=\s*(.*)\s*$/ - => sub { push @overrides, split(/\s+/, $1) + => sub { push @overrides, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*ORDINALS\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/, - => sub { push @{$ordinals{$1}}, split(/\s+/, $2) + => sub { push @{$ordinals{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*SOURCE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$sources{$1}}, split(/\s+/, $2) + => sub { push @{$sources{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*SHARED_SOURCE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$shared_sources{$1}}, split(/\s+/, $2) + => sub { push @{$shared_sources{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*INCLUDE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$includes{$1}}, split(/\s+/, $2) + => sub { push @{$includes{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, - qr/^\s*DEPEND\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$depends{$1}}, split(/\s+/, $2) + qr/^\s*DEPEND\[((?:\\.|[^\\\]])*)\]\s*=\s*(.*)\s*$/ + => sub { push @{$depends{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*GENERATE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ => sub { push @{$generate{$1}}, $2 if !@skip || $skip[$#skip] > 0 }, qr/^\s*RENAME\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$renames{$1}}, split(/\s+/, $2) + => sub { push @{$renames{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*SHARED_NAME\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$sharednames{$1}}, split(/\s+/, $2) + => sub { push @{$sharednames{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*BEGINRAW\[((?:\\.|[^\\\]])+)\]\s*$/ => sub { @@ -1612,11 +1682,11 @@ EOF foreach (keys %depends) { my $dest = $_; - my $ddest = cleanfile($sourced, $_, $blddir); + my $ddest = $dest eq "" ? "" : cleanfile($sourced, $_, $blddir); # If the destination doesn't exist in source, it can only be # a generated file in the build tree. - if (! -f $ddest) { + if ($ddest ne "" && ! -f $ddest) { $ddest = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$ddest}) { $ddest = $unified_info{rename}->{$ddest}; @@ -1633,7 +1703,7 @@ EOF if (! -f $d || (grep { $d eq $_ } map { cleanfile($srcdir, $_, $blddir) } - (@generated_headers, @generated_by_make_headers))) { + grep { /\.h$/ } keys %{$unified_info{generate}})) { $d = cleanfile($buildd, $_, $blddir); } # Take note if the file to depend on is being renamed @@ -1643,7 +1713,7 @@ EOF $unified_info{depends}->{$ddest}->{$d} = 1; # If we depend on a header file or a perl module, let's make # sure it can get included - if ($d =~ /\.(h|pm)$/) { + if ($dest ne "" && $d =~ /\.(h|pm)$/) { my $i = dirname($d); push @{$unified_info{includes}->{$ddest}}, $i unless grep { $_ eq $i } @{$unified_info{includes}->{$ddest}}; @@ -1819,7 +1889,7 @@ print OUT "1;\n"; close(OUT); -print "CC =$target{cc}\n"; +print "CC =$config{cross_compile_prefix}$target{cc}\n"; print "CFLAG =$target{cflags} $config{cflags}\n"; print "SHARED_CFLAG =$target{shared_cflag}\n"; print "DEFINES =",join(" ", @{$target{defines}}, @{$config{defines}}),"\n"; @@ -1847,7 +1917,9 @@ print "CHACHA_ENC =$target{chacha_obj}\n"; print "POLY1305_OBJ =$target{poly1305_obj}\n"; print "BLAKE2_OBJ =$target{blake2_obj}\n"; print "PROCESSOR =$config{processor}\n"; -print "RANLIB =$target{ranlib}\n"; +print "RANLIB =", $target{ranlib} eq '$(CROSS_COMPILE)ranlib' ? + "$config{cross_compile_prefix}ranlib" : + "$target{ranlib}", "\n"; print "ARFLAGS =$target{arflags}\n"; print "PERL =$config{perl}\n"; print "\n"; @@ -1857,59 +1929,12 @@ print "THIRTY_TWO_BIT mode\n" if $config{b32}; print "BN_LLONG mode\n" if $config{bn_ll}; print "RC4 uses $config{rc4_int}\n" if $config{rc4_int} ne $def_int; -for (@generated_headers) { - mkpath(catdir($blddir, dirname($_))); - run_dofile(catfile($blddir, $_), - catfile($srcdir, $_.".in")); -} - -### -### When the old "unixmake" scheme goes away, so does this function -### -sub build_Makefile { - run_dofile("Makefile","Makefile.in"); - - # Copy all Makefile.in to Makefile (except top-level) - use File::Find; - use IO::File; - find( - { - preprocess => sub { - grep(!/^\./, @_); - }, - wanted => sub { - return if ($_ ne "Makefile.in" || $File::Find::dir eq "."); - my $in = IO::File->new($_, "r") or - die sprintf "Error reading Makefile.in in %s: !$\n", - $File::Find::dir; - my $out = IO::File->new("Makefile", "w") or - die sprintf "Error writing Makefile in %s: !$\n", - $File::Find::dir; - print $out "# Generated from $_, do not edit\n"; - while (my $line = <$in>) { print $out $line } - $in->close() or - die sprintf "Error reading Makefile.in in %s: !$\n", - $File::Find::dir; - $out->close() or - die sprintf "Error writing Makefile in %s: !$\n", - $File::Find::dir; - }, - }, - "."); -} - my %builders = ( unified => sub { run_dofile(catfile($blddir, $target{build_file}), $config{build_file_template}, catfile($srcdir, "Configurations", "common.tmpl")); }, - unixmake => sub { - build_Makefile(); - - run_dofile("util/domd", "util/domd.in"); - chmod 0755, "util/domd"; - }, ); $builders{$builder}->($builder_platform, @builder_opts); @@ -2108,8 +2133,8 @@ sub read_config { } -# configuration resolver. Will only resolve all the lazy evalutation -# codeblocks for the chozen target and all those it inherits from, +# configuration resolver. Will only resolve all the lazy evaluation +# codeblocks for the chosen target and all those it inherits from, # recursively sub resolve_config { my $target = shift; @@ -2162,7 +2187,7 @@ sub resolve_config { # - If a value is a coderef, it will be executed with the list of # inherited values as arguments. # - If the corresponding key doesn't have a value at all or is the - # emoty string, the inherited value list will be run through the + # empty string, the inherited value list will be run through the # default combiner (below), and the result becomes this target's # value. # - Otherwise, this target's value is assumed to be a string that @@ -2270,13 +2295,34 @@ sub run_dofile foreach (@templates) { die "Can't open $_, $!" unless -f $_; } - my $cmd = "$config{perl} \"-I.\" \"-Mconfigdata\" $dofile -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; + my $cmd = "$config{perl} \"-I.\" \"-Mconfigdata\" \"$dofile\" -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; #print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n"; system($cmd); exit 1 if $? != 0; rename("$out.new", $out) || die "Can't rename $out.new, $!"; } +sub which +{ + my ($name)=@_; + + if (eval { require IPC::Cmd; 1; }) { + IPC::Cmd->import(); + return scalar IPC::Cmd::can_run($name); + } else { + # if there is $directories component in splitpath, + # then it's not something to test with $PATH... + return $name if (File::Spec->splitpath($name))[1]; + + foreach (File::Spec->path()) { + my $fullpath = catfile($_, "$name$target{exe_extension}"); + if (-f $fullpath and -x $fullpath) { + return $fullpath; + } + } + } +} + # Configuration printer ############################################## sub print_table_entry @@ -2404,22 +2450,6 @@ sub absolutedir { return realpath($dir); } -sub which - { - my($name)=@_; - my $path; - foreach $path (split /:/, $ENV{PATH}) - { - my $fullpath = "$path/$name$target{exe_extension}"; - if (-f $fullpath and -x $fullpath) - { - return $fullpath - unless ($name eq "perl" and - system("$fullpath -e " . '\'exit($]<5.0);\'')); - } - } - } - sub quotify { my %processors = ( perl => sub { my $x = shift; @@ -2523,3 +2553,41 @@ sub collect_information { } } } + +# tokenize($line) +# $line is a line of text to split up into tokens +# returns a list of tokens +# +# Tokens are divided by spaces. If the tokens include spaces, they +# have to be quoted with single or double quotes. Double quotes +# inside a double quoted token must be escaped. Escaping is done +# with backslash. +# Basically, the same quoting rules apply for " and ' as in any +# Unix shell. +sub tokenize { + my $line = my $debug_line = shift; + my @result = (); + + while ($line =~ s|^\s+||, $line ne "") { + my $token = ""; + while ($line ne "" && $line !~ m|^\s|) { + if ($line =~ m/^"((?:[^"\\]+|\\.)*)"/) { + $token .= $1; + $line = $'; + } elsif ($line =~ m/^'([^']*)'/) { + $token .= $1; + $line = $'; + } elsif ($line =~ m/^(\S+)/) { + $token .= $1; + $line = $'; + } + } + push @result, $token; + } + + if ($ENV{CONFIGURE_DEBUG_TOKENIZE}) { + print STDERR "DEBUG[tokenize]: Parsed '$debug_line' into:\n"; + print STDERR "DEBUG[tokenize]: ('", join("', '", @result), "')\n"; + } + return @result; +}