X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=Configure;h=8e1b25f89733a6db09a403b8a5ba8b251bfb6e69;hb=49616d925251a8d38ef2af55d045a778215a7b55;hp=bf5b2c667c25b18d67cad8ef0bdfc52ca586bcc5;hpb=25d498c1761bf04f415900d4b64d14ccdbce3e30;p=openssl.git diff --git a/Configure b/Configure index bf5b2c667c..8e1b25f897 100755 --- a/Configure +++ b/Configure @@ -9,12 +9,12 @@ ## Configure -- OpenSSL source tree configuration script -require 5.10.0; +use 5.10.0; use strict; use File::Basename; use File::Spec::Functions qw/:DEFAULT abs2rel rel2abs/; use File::Path qw/mkpath/; -use if $^O ne "VMS", 'File::Glob' => qw/glob/; +use if $^O ne "VMS", 'File::Glob' => qw/:bsd_glob/; # see INSTALL for instructions. @@ -59,13 +59,29 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lx # zlib-dynamic Like "zlib", but the zlib library is expected to be a shared # library and will be loaded in run-time by the OpenSSL library. # sctp include SCTP support -# 386 generate 80386 code # enable-weak-ssl-ciphers -# Enable weak ciphers that are disabled by default. This currently -# only includes RC4 based ciphers. -# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2 +# Enable weak ciphers that are disabled by default. +# 386 generate 80386 code in assembly modules +# no-sse2 disables IA-32 SSE2 code in assembly modules, the above +# mentioned '386' option implies this one # no- build without specified algorithm (rsa, idea, rc5, ...) # - + compiler options are passed through +# -static while -static is also a pass-through compiler option (and +# as such is limited to environments where it's actually +# meaningful), it triggers a number configuration options, +# namely no-dso, no-pic, no-shared and no-threads. It is +# argued that the only reason to produce statically linked +# binaries (and in context it means executables linked with +# -static flag, and not just executables linked with static +# libcrypto.a) is to eliminate dependency on specific run-time, +# a.k.a. libc version. The mentioned config options are meant +# to achieve just that. Unfortunately on Linux it's impossible +# to eliminate the dependency completely for openssl executable +# because of getaddrinfo and gethostbyname calls, which can +# invoke dynamically loadable library facility anyway to meet +# the lookup requests. For this reason on Linux statically +# linked openssl executable has rather debugging value than +# production quality. # # DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items # provided to stack calls. Generates unique stack functions for @@ -99,11 +115,15 @@ my $gcc_devteam_warn = "-DDEBUG_UNUSED" # but 'long long' type. . " -DPEDANTIC -pedantic -Wno-long-long" . " -Wall" + . " -Wextra" + . " -Wno-unused-parameter" + . " -Wno-missing-field-initializers" . " -Wsign-compare" . " -Wmissing-prototypes" . " -Wshadow" . " -Wformat" . " -Wtype-limits" + . " -Wundef" . " -Werror" ; @@ -118,9 +138,6 @@ my $gcc_devteam_warn = "-DDEBUG_UNUSED" # -Wextended-offsetof -- no, needed in CMS ASN1 code my $clang_devteam_warn = "" . " -Qunused-arguments" - . " -Wextra" - . " -Wno-unused-parameter" - . " -Wno-missing-field-initializers" . " -Wno-language-extension-token" . " -Wno-extended-offsetof" . " -Wconditional-uninitialized" @@ -184,6 +201,45 @@ my $local_config_envname = 'OPENSSL_LOCAL_CONFIG_DIR'; $config{sourcedir} = abs2rel($srcdir); $config{builddir} = abs2rel($blddir); +# Collect reconfiguration information if needed +my @argvcopy=@ARGV; + +if (grep /^reconf(igure)?$/, @argvcopy) { + if (-f "./configdata.pm") { + my $file = "./configdata.pm"; + unless (my $return = do $file) { + die "couldn't parse $file: $@" if $@; + die "couldn't do $file: $!" unless defined $return; + die "couldn't run $file" unless $return; + } + + @argvcopy = defined($configdata::config{perlargv}) ? + @{$configdata::config{perlargv}} : (); + die "Incorrect data to reconfigure, please do a normal configuration\n" + if (grep(/^reconf/,@argvcopy)); + $ENV{CROSS_COMPILE} = $configdata::config{cross_compile_prefix} + if defined($configdata::config{cross_compile_prefix}); + $ENV{CC} = $configdata::config{cc} + if defined($configdata::config{cc}); + $ENV{BUILDFILE} = $configdata::config{build_file} + if defined($configdata::config{build_file}); + $ENV{$local_config_envname} = $configdata::config{local_config_dir} + if defined($configdata::config{local_config_dir}); + + print "Reconfiguring with: ", join(" ",@argvcopy), "\n"; + print " CROSS_COMPILE = ",$ENV{CROSS_COMPILE},"\n" + if $ENV{CROSS_COMPILE}; + print " CC = ",$ENV{CC},"\n" if $ENV{CC}; + print " BUILDFILE = ",$ENV{BUILDFILE},"\n" if $ENV{BUILDFILE}; + print " $local_config_envname = ",$ENV{$local_config_envname},"\n" + if $ENV{$local_config_envname}; + } else { + die "Insufficient data to reconfigure, please do a normal configuration\n"; + } +} + +$config{perlargv} = [ @argvcopy ]; + # Collect version numbers $config{version} = "unknown"; $config{version_num} = "unknown"; @@ -230,7 +286,7 @@ if (defined $ENV{$local_config_envname}) { } -print "Configuring OpenSSL version $config{version} (0x$config{version_num})\n"; +print "Configuring OpenSSL version $config{version} ($config{version_num})\n"; $config{prefix}=""; $config{openssldir}=""; @@ -245,7 +301,7 @@ my $default_ranlib; $config{fips}=0; # Top level directories to build -$config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "tools", "fuzz" ]; +$config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "util", "tools", "fuzz" ]; # crypto/ subdirectories to build $config{sdirs} = [ "objects", @@ -365,10 +421,13 @@ my %deprecated_disablables = ( our %disabled = ( # "what" => "comment" "asan" => "default", + "crypto-mdebug" => "default", + "crypto-mdebug-backtrace" => "default", "ec_nistp_64_gcc_128" => "default", "egd" => "default", "fuzz-libfuzzer" => "default", "fuzz-afl" => "default", + "heartbeats" => "default", "md2" => "default", "msan" => "default", "rc5" => "default", @@ -381,9 +440,6 @@ our %disabled = ( # "what" => "comment" "weak-ssl-ciphers" => "default", "zlib" => "default", "zlib-dynamic" => "default", - "crypto-mdebug" => "default", - "crypto-mdebug-backtrace" => "default", - "heartbeats" => "default", ); # Note: => pair form used for aesthetics, not to truly make a hash table @@ -400,6 +456,8 @@ my @disable_cascades = ( "dgram" => [ "dtls", "sctp" ], "sock" => [ "dgram" ], "dtls" => [ @dtls ], + sub { 0 == scalar grep { !$disabled{$_} } @dtls } + => [ "dtls" ], # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA "md5" => [ "ssl", "tls1", "tls1_1", "dtls1" ], @@ -420,6 +478,8 @@ my @disable_cascades = ( "dtls1", "dtls1_2" ], "tls" => [ @tls ], + sub { 0 == scalar grep { !$disabled{$_} } @tls } + => [ "tls" ], # SRP and HEARTBEATS require TLSEXT "tlsext" => [ "srp", "heartbeats" ], @@ -483,62 +543,11 @@ my $target=""; $config{options}=""; $config{build_type} = "release"; -my @argvcopy=@ARGV; - -if (grep /^reconf(igure)?$/, @argvcopy) { - if (-f "./configdata.pm") { - my $file = "./configdata.pm"; - unless (my $return = do $file) { - die "couldn't parse $file: $@" if $@; - die "couldn't do $file: $!" unless defined $return; - die "couldn't run $file" unless $return; - } - - @argvcopy = defined($configdata::config{perlargv}) ? - @{$configdata::config{perlargv}} : (); - die "Incorrect data to reconfigure, please do a normal configuration\n" - if (grep(/^reconf/,@argvcopy)); - $ENV{CROSS_COMPILE} = $configdata::config{cross_compile_prefix} - if defined($configdata::config{cross_compile_prefix}); - $ENV{CROSS_COMPILE} = $configdata::config{cc} - if defined($configdata::config{cc}); - - print "Reconfiguring with: ", join(" ",@argvcopy), "\n"; - print " CROSS_COMPILE = ",$ENV{CROSS_COMPILE},"\n" - if $ENV{CROSS_COMPILE}; - print " CC = ",$ENV{CC},"\n" if $ENV{CC}; - } elsif (open IN, ") { - s|\R$||; - if (/^CONFIGURE_ARGS=\s*(.*)\s*/) { - # Older form, we split the string and hope for the best - @argvcopy = split /\s+/, $_; - die "Incorrect data to reconfigure, please do a normal configuration\n" - if (grep(/^reconf/,@argvcopy)); - } elsif (/^CROSS_COMPILE=\s*(.*)/) { - $ENV{CROSS_COMPILE}=$1; - } elsif (/^CC=\s*(?:\$\(CROSS_COMPILE\))?(.*?)$/) { - $ENV{CC}=$1; - } - } - # - # END OF TEMPORARY SECTION - # - } else { - die "Insufficient data to reconfigure, please do a normal configuration\n"; - } -} - -$config{perlargv} = [ @argvcopy ]; - my %unsupported_options = (); my %deprecated_options = (); -foreach (@argvcopy) +while (@argvcopy) { + $_ = shift @argvcopy; # VMS is a case insensitive environment, and depending on settings # out of our control, we may receive options uppercased. Let's # downcase at least the part before any equal sign. @@ -725,6 +734,22 @@ foreach (@argvcopy) { $libs.=$_." "; } + elsif (/^-rpath$/ or /^-R$/) + # -rpath is the OSF1 rpath flag + # -R is the old Solaris rpath flag + { + my $rpath = shift(@argvcopy) || ""; + $rpath .= " " if $rpath ne ""; + $libs.=$_." ".$rpath; + } + elsif (/^-static$/) + { + $libs.=$_." "; + $disabled{"dso"} = "forced"; + $disabled{"pic"} = "forced"; + $disabled{"shared"} = "forced"; + $disabled{"threads"} = "forced"; + } elsif (/^-D(.*)$/) { push @user_defines, $1; @@ -769,6 +794,13 @@ foreach (@argvcopy) } } +if ($libs =~ /(^|\s)-Wl,-rpath,/ + && !$disabled{shared} + && !($disabled{asan} && $disabled{msan} && $disabled{ubsan})) { + die "***** Cannot simultaneously use -rpath, shared libraries, and\n", + "***** any of asan, msan or ubsan\n"; +} + if ($config{fips}) { delete $disabled{"shared"} if ($disabled{"shared"} =~ /^default/); @@ -793,7 +825,9 @@ while (@tocheckfor) { @tocheckfor = (keys %new_tocheckfor); } +our $die = sub { die @_; }; if ($target eq "TABLE") { + local $die = sub { warn @_; }; foreach (sort keys %table) { print_table_entry($_, "TABLE"); } @@ -808,6 +842,7 @@ if ($target eq "LIST") { } if ($target eq "HASH") { + local $die = sub { warn @_; }; print "%table = (\n"; foreach (sort keys %table) { print_table_entry($_, "HASH"); @@ -849,33 +884,35 @@ foreach (sort (keys %disabled)) @{$config{dirs}} = grep !/^engines$/, @{$config{dirs}}; @{$config{sdirs}} = grep !/^engine$/, @{$config{sdirs}}; push @{$config{openssl_other_defines}}, "OPENSSL_NO_ENGINE"; + print " OPENSSL_NO_ENGINE (skip engines)"; } else { - my ($ALGO, $algo); - ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/; + my ($WHAT, $what); + + ($WHAT = $what = $_) =~ tr/[\-a-z]/[_A-Z]/; + + # Fix up C macro end names + $WHAT = "RMD160" if $what eq "ripemd"; - if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/ || /^async$/ - || /^autoalginit/ || /^autoerrinit/) + # fix-up crypto/directory name(s) + $what = "ripemd" if $what eq "rmd160"; + $what = "whrlpool" if $what eq "whirlpool"; + + if ($what ne "async" && $what ne "err" + && grep { $_ eq $what } @{$config{sdirs}}) { - push @{$config{openssl_other_defines}}, "OPENSSL_NO_$ALGO"; - print " OPENSSL_NO_$ALGO"; + push @{$config{openssl_algorithm_defines}}, "OPENSSL_NO_$WHAT"; + @{$config{sdirs}} = grep { $_ ne $what} @{$config{sdirs}}; - if (/^err$/) { push @user_defines, "OPENSSL_NO_ERR"; } + print " OPENSSL_NO_$WHAT (skip dir)"; } else { - ($ALGO,$algo) = ("RMD160","rmd160") if ($algo eq "ripemd"); - - push @{$config{openssl_algorithm_defines}}, "OPENSSL_NO_$ALGO"; - print " OPENSSL_NO_$ALGO"; - - # fix-up crypto/directory name(s) - $algo="whrlpool" if $algo eq "whirlpool"; - $algo="ripemd" if $algo eq "rmd160"; - @{$config{sdirs}} = grep { $_ ne $algo} @{$config{sdirs}}; + push @{$config{openssl_other_defines}}, "OPENSSL_NO_$WHAT"; + print " OPENSSL_NO_$WHAT"; - print " (skip dir)"; + if (/^err$/) { push @user_defines, "OPENSSL_NO_ERR"; } } } @@ -899,6 +936,8 @@ my %target = resolve_config($target); &usage if (!%target || $target{template}); +my %conf_files = map { $_ => 1 } (@{$target{_conf_fname_int}}); +$config{conf_files} = [ sort keys %conf_files ]; %target = ( %{$table{DEFAULTS}}, %target ); $target{exe_extension}=""; @@ -931,6 +970,13 @@ $target{nm} = $ENV{'NM'} || $target{nm} || "nm"; $target{rc} = $ENV{'RC'} || $ENV{'WINDRES'} || $target{rc} || "windres"; +# Allow overriding the build file name +$target{build_file} = $ENV{BUILDFILE} || $target{build_file} || "Makefile"; + +# Cache information necessary for reconfiguration +$config{cc} = $target{cc}; +$config{build_file} = $target{build_file}; + # For cflags, lflags, plib_lflags, ex_libs and defines, add the debug_ # or release_ attributes. # Do it in such a way that no spurious space is appended (hence the grep). @@ -946,6 +992,25 @@ $target{build_scheme} = [ $target{build_scheme} ] my ($builder, $builder_platform, @builder_opts) = @{$target{build_scheme}}; +foreach my $checker (($builder_platform."-".$target{build_file}."-checker.pm", + $builder_platform."-checker.pm")) { + my $checker_path = catfile($srcdir, "Configurations", $checker); + if (-f $checker_path) { + my $fn = $ENV{CONFIGURE_CHECKER_WARN} + ? sub { warn $@; } : sub { die $@; }; + if (! do $checker_path) { + if ($@) { + $fn->($@); + } elsif ($!) { + $fn->($!); + } else { + $fn->("The detected tools didn't match the platform\n"); + } + } + last; + } +} + push @{$config{defines}}, "NDEBUG" if $config{build_type} eq "release"; if ($target =~ /^mingw/ && `$target{cc} --target-help 2>&1` =~ m/-mno-cygwin/m) @@ -1116,6 +1181,9 @@ unless ($disabled{asm}) { push @{$config{defines}}, "SHA256_ASM" if ($target{sha1_asm_src} =~ /sha256/); push @{$config{defines}}, "SHA512_ASM" if ($target{sha1_asm_src} =~ /sha512/); } + if ($target{rc4_asm_src} ne $table{DEFAULTS}->{rc4_asm_src}) { + push @{$config{defines}}, "RC4_ASM"; + } if ($target{md5_asm_src}) { push @{$config{defines}}, "MD5_ASM"; } @@ -1147,6 +1215,9 @@ unless ($disabled{asm}) { if ($target{ec_asm_src} =~ /ecp_nistz256/) { push @{$config{defines}}, "ECP_NISTZ256_ASM"; } + if ($target{padlock_asm_src} ne $table{DEFAULTS}->{padlock_asm_src}) { + push @{$config{defines}}, "PADLOCK_ASM"; + } if ($target{poly1305_asm_src} ne "") { push @{$config{defines}}, "POLY1305_ASM"; } @@ -1166,7 +1237,7 @@ if ($^O ne "VMS" && !$disabled{makedepend}) { # We know that GNU C version 3 and up as well as all clang # versions support dependency generation $config{makedepprog} = $ccpcc - if (/clang/ || (/gcc/ && $compiler_major > 3)); + if (/clang/ || (/gcc/ && $compiler_major >= 3)); $ecc = "clang" if /clang/; $ecc = "gcc" if /gcc/; last if ($config{makedepprog} || !$lines--); @@ -1282,31 +1353,6 @@ my %unified_info = (); my $buildinfo_debug = defined($ENV{CONFIGURE_DEBUG_BUILDINFO}); if ($builder eq "unified") { - # Store the name of the template file we will build the build file from - # in %config. This may be useful for the build file itself. - my $build_file_template; - - for my $filename (( $builder_platform."-".$target{build_file}.".tmpl", - $target{build_file}.".tmpl" )) { - if (defined $ENV{$local_config_envname}) { - if ($^O eq 'VMS') { - # VMS environment variables are logical names, - # which can be used as is - $build_file_template = $local_config_envname . ':' . $filename; - } else { - $build_file_template = catfile($ENV{$local_config_envname}, - $filename); - } - } - - last if -f $build_file_template; - - $build_file_template = catfile($srcdir, "Configurations", $filename); - - last if -f $build_file_template; - } - $config{build_file_template} = $build_file_template; - use lib catdir(dirname(__FILE__),"util"); use with_fallback qw(Text::Template); @@ -1343,6 +1389,47 @@ if ($builder eq "unified") { return $res; } + # Store the name of the template file we will build the build file from + # in %config. This may be useful for the build file itself. + my @build_file_template_names = + ( $builder_platform."-".$target{build_file}.".tmpl", + $target{build_file}.".tmpl" ); + my @build_file_templates = (); + + # First, look in the user provided directory, if given + if (defined $ENV{$local_config_envname}) { + @build_file_templates = + map { + if ($^O eq 'VMS') { + # VMS environment variables are logical names, + # which can be used as is + $local_config_envname . ':' . $_; + } else { + catfile($ENV{$local_config_envname}, $_); + } + } + @build_file_template_names; + } + # Then, look in our standard directory + push @build_file_templates, + ( map { cleanfile($srcdir, catfile("Configurations", $_), $blddir) } + @build_file_template_names ); + + my $build_file_template; + for $_ (@build_file_templates) { + $build_file_template = $_; + last if -f $build_file_template; + + $build_file_template = undef; + } + if (!defined $build_file_template) { + die "*** Couldn't find any of:\n", join("\n", @build_file_templates), "\n"; + } + $config{build_file_templates} + = [ $build_file_template, + cleanfile($srcdir, catfile("Configurations", "common.tmpl"), + $blddir) ]; + my @build_infos = ( [ ".", "build.info" ] ); foreach (@{$config{dirs}}) { push @build_infos, [ $_, "build.info" ] @@ -2018,8 +2105,7 @@ print "RC4 uses $config{rc4_int}\n" if $config{rc4_int} ne $def_int; my %builders = ( unified => sub { run_dofile(catfile($blddir, $target{build_file}), - $config{build_file_template}, - catfile($srcdir, "Configurations", "common.tmpl")); + @{$config{build_file_templates}}); }, ); @@ -2197,7 +2283,8 @@ sub read_config { close(CONFFILE); my %targets = (); { - local %table = %::table; # Protect %table from tampering + # Protect certain tables from tampering + local %table = %::table; eval $content; warn $@ if $@; @@ -2212,7 +2299,9 @@ sub read_config { warn "Misconfigured target configuration for $_ (should be a hash table), ignoring...\n"; } delete $targets{$_}; - } + } else { + $targets{$_}->{_conf_fname_int} = add([ $fname ]); + } } %table = (%table, %targets); @@ -2381,7 +2470,8 @@ sub run_dofile foreach (@templates) { die "Can't open $_, $!" unless -f $_; } - my $cmd = "$config{perl} \"-I.\" \"-Mconfigdata\" \"$dofile\" -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; + my $perlcmd = (quotify("maybeshell", $config{perl}))[0]; + my $cmd = "$perlcmd \"-I.\" \"-Mconfigdata\" \"$dofile\" -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; #print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n"; system($cmd); exit 1 if $? != 0; @@ -2428,41 +2518,53 @@ sub print_table_entry "unistd", "ld", "lflags", + "loutflag", "plib_lflags", "ex_libs", "bn_ops", - "cpuid_obj", - "bn_obj", - "ec_obj", - "des_obj", - "aes_obj", - "bf_obj", - "md5_obj", - "sha1_obj", - "cast_obj", - "rc4_obj", - "rmd160_obj", - "rc5_obj", - "wp_obj", - "cmll_obj", - "modes_obj", - "padlock_obj", + "apps_aux_src", + "cpuid_asm_src", + "uplink_aux_src", + "bn_asm_src", + "ec_asm_src", + "des_asm_src", + "aes_asm_src", + "bf_asm_src", + "md5_asm_src", + "cast_asm_src", + "sha1_asm_src", + "rc4_asm_src", + "rmd160_asm_src", + "rc5_asm_src", + "wp_asm_src", + "cmll_asm_src", + "modes_asm_src", + "padlock_asm_src", + "chacha_asm_src", + "poly1035_asm_src", "thread_scheme", "perlasm_scheme", "dso_scheme", "shared_target", "shared_cflag", + "shared_defines", "shared_ldflag", "shared_rcflag", "shared_extension", - "shared_extension_simple", - "shared_import_extension", "dso_extension", "obj_extension", "exe_extension", "ranlib", "ar", "arflags", + "aroutflag", + "rc", + "rcflags", + "rcoutflag", + "mt", + "mtflags", + "mtinflag", + "mtoutflag", "multilib", "build_scheme", ); @@ -2505,7 +2607,7 @@ sub isabsolute { # On non-platforms, we just use file_name_is_absolute(). return file_name_is_absolute($file) unless $^O eq "VMS"; - # If the file spec includes a device or a directpry spec, + # If the file spec includes a device or a directory spec, # file_name_is_absolute() is perfectly safe. return file_name_is_absolute($file) if $file =~ m|[:\[]|; @@ -2541,6 +2643,14 @@ sub quotify { perl => sub { my $x = shift; $x =~ s/([\\\$\@"])/\\$1/g; return '"'.$x.'"'; }, + maybeshell => sub { my $x = shift; + (my $y = $x) =~ s/([\\\"])/\\$1/g; + if ($x ne $y || $x =~ m|\s|) { + return '"'.$y.'"'; + } else { + return $x; + } + }, ); my $for = shift; my $processor =