#! /usr/bin/env perl # -*- mode: perl; -*- ## ## Configure -- OpenSSL source tree configuration script ## If editing this file, run this command before committing ## make -f Makefile.in TABLE ## require 5.000; use strict; use File::Basename; use File::Spec::Functions; # see INSTALL for instructions. my $usage="Usage: Configure [no- ...] [enable- ...] [experimental- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; # Options: # # --config add the given configuration file, which will be read after # any "Configurations*" files that are found in the same # directory as this script. # --prefix prefix for the OpenSSL installation, which includes the # directories bin, lib, include, share/man, share/doc/openssl # This becomes the value of INSTALLTOP in Makefile # (Default: /usr/local) # --openssldir OpenSSL data area, such as openssl.cnf, certificates and keys. # If it's a relative directory, it will be added on the directory # given with --prefix. # This becomes the value of OPENSSLDIR in Makefile and in C. # (Default: PREFIX/ssl) # # --install_prefix Additional prefix for package builders (empty by # default). This needn't be set in advance, you can # just as well use "make INSTALL_PREFIX=/whatever install". # # --cross-compile-prefix Add specified prefix to binutils components. # # --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for # interfaces deprecated as of the specified OpenSSL version. # # no-hw-xxx do not compile support for specific crypto hardware. # Generic OpenSSL-style methods relating to this support # are always compiled but return NULL if the hardware # support isn't compiled. # no-hw do not compile support for any crypto hardware. # [no-]threads [don't] try to create a library that is suitable for # multithreaded applications (default is "threads" if we # know how to do it) # [no-]shared [don't] try to create shared libraries when supported. # no-asm do not use assembler # no-dso do not compile in any native shared-library methods. This # will ensure that all methods just return NULL. # no-egd do not compile support for the entropy-gathering daemon APIs # [no-]zlib [don't] compile support for zlib compression. # zlib-dynamic Like "zlib", but the zlib library is expected to be a shared # library and will be loaded in run-time by the OpenSSL library. # sctp include SCTP support # 386 generate 80386 code # no-sse2 disables IA-32 SSE2 code, above option implies no-sse2 # no- build without specified algorithm (rsa, idea, rc5, ...) # - + compiler options are passed through # # DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items # provided to stack calls. Generates unique stack functions for # each possible stack type. # DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h # DES_RISC1 use different DES_ENCRYPT macro that helps reduce register # dependancies but needs to more registers, good for RISC CPU's # DES_RISC2 A different RISC variant. # DES_UNROLL unroll the inner DES loop, sometimes helps, somtimes hinders. # DES_INT use 'int' instead of 'long' for DES_LONG in crypto/des/des.h # This is used on the DEC Alpha where long is 8 bytes # and int is 4 # BN_LLONG use the type 'long long' in crypto/bn/bn.h # MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h # MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h # IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h # IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h # RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on # array lookups instead of pointer use. # RC4_CHUNK enables code that handles data aligned at long (natural CPU # word) boundary. # RC4_CHUNK_LL enables code that handles data aligned at long long boundary # (intended for 64-bit CPUs running 32-bit OS). # BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha). # BF_PTR2 intel specific version (generic version is more efficient). # # Following are set automatically by this script # # MD5_ASM use some extra md5 assember, # SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 # RMD160_ASM use some extra ripemd160 assember, # SHA256_ASM sha256_block is implemented in assembler # SHA512_ASM sha512_block is implemented in assembler # AES_ASM ASE_[en|de]crypt is implemented in assembler # Minimum warning options... any contributions to OpenSSL should at least get # past these. my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Werror -DREF_CHECK -DDEBUG_UNUSED"; # These are used in addition to $gcc_devteam_warn when the compiler is clang. # TODO(openssl-team): fix problems and investigate if (at least) the # following warnings can also be enabled: # -Wswitch-enum, -Wunused-macros, -Wmissing-field-initializers, # -Wcast-align, # -Wunreachable-code -Wunused-parameter -Wlanguage-extension-token # -Wextended-offsetof my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Qunused-arguments -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations"; # Warn that "make depend" should be run? my $warn_make_depend = 0; # These are used in addition to $gcc_devteam_warn unless this is a mingw build. # This adds backtrace information to the memory leak info. my $memleak_devteam_backtrace = "-rdynamic -DCRYPTO_MDEBUG_BACKTRACE"; my $strict_warnings = 0; my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL"; # MD2_CHAR slags pentium pros my $x86_gcc_opts="RC4_INDEX MD2_INT"; # As for $BSDthreads. Idea is to maintain "collective" set of flags, # which would cover all BSD flavors. -pthread applies to them all, # but is treated differently. OpenBSD expands is as -D_POSIX_THREAD # -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r, # which has to be accompanied by explicit -D_THREAD_SAFE and # sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which # seems to be sufficient? my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT"; # # API compability name to version number mapping. # my $maxapi = "1.1.0"; # API for "no-deprecated" builds my $apitable = { "1.1.0" => "0x10100000L", "1.0.0" => "0x10000000L", "0.9.8" => "0x00908000L", }; my $base_target = "BASE"; # The template that all other inherit from our %table = (); # Forward declarations ############################################### # read_config(filename) # # Reads a configuration file and populates %table with the contents # (which the configuration file places in %targets). sub read_config; # resolve_config(target) # # Resolves all the late evalutations, inheritances and so on for the # chosen target and any target it inherits from. sub resolve_config; my ($vol, $dir, $dummy) = File::Spec->splitpath($0); my $pattern = File::Spec->catpath($vol, $dir, "Configurations/*.conf"); foreach (sort glob($pattern) ) { &read_config($_); } my $prefix=""; my $libdir=""; my $openssldir=""; my $exe_ext=""; my $install_prefix= "$ENV{'INSTALL_PREFIX'}"; my $cross_compile_prefix=""; my $fipslibdir="/usr/local/ssl/fips-2.0/lib/"; my $nofipscanistercheck=0; my $baseaddr="0xFB00000"; my $no_threads=0; my $threads=0; my $no_shared=0; # but "no-shared" is default my $zlib=1; # but "no-zlib" is default my $no_rfc3779=0; my $no_asm=0; my $no_dso=0; my @skip=(); my $Makefile="Makefile"; my $processor=""; my $default_ranlib; my $perl; my $fips=0; # Known TLS and DTLS protocols my @tls = qw(ssl3 tls1 tls1_1 tls1_2); my @dtls = qw(dtls1 dtls1_2); # Explicitelly known options that are possible to disable. They can # be regexps, and will be used like this: /^no-${option}$/ # For developers: keep it sorted alphabetically my @disablables = ( "aes", "asm", "bf", "camellia", "capieng", "cast", "chacha", "cmac", "cms", "comp", "crypto-mdebug", "ct", "deprecated", "des", "dgram", "dh", "dsa", "dso", "dtls", "dynamic[-_]engine", "ec", "ec2m", "ecdh", "ecdsa", "ec_nistp_64_gcc_128", "engine", "err", # Really??? "gost", "heartbeats", "hmac", "hw(-.+)?", "idea", "jpake", "locking", # Really??? "md2", "md4", "md5", "mdc2", "md[-_]ghost94", "nextprotoneg", "ocb", "ocsp", "poly1305", "posix-io", "psk", "rc2", "rc4", "rc5", "rdrand", "rfc3779", "rijndael", # Old AES name "rmd160", "rsa", "scrypt", "sct", "sctp", "seed", "sha", "shared", "sock", "srp", "srtp", "sse2", "ssl", "ssl-trace", "static-engine", "stdio", "store", "threads", "tls", "unit-test", "whirlpool", "zlib", "zlib-dynamic", ); foreach my $proto ((@tls, @dtls)) { push(@disablables, $proto); push(@disablables, "$proto-method"); } # All of the following is disabled by default (RC5 was enabled before 0.9.8): my %disabled = ( # "what" => "comment" [or special keyword "experimental"] "ec_nistp_64_gcc_128" => "default", "egd" => "default", "jpake" => "experimental", "md2" => "default", "rc5" => "default", "sctp" => "default", "shared" => "default", "ssl-trace" => "default", "store" => "experimental", "unit-test" => "default", "zlib" => "default", "zlib-dynamic" => "default", "crypto-mdebug" => "default", ); my @experimental = (); # Note: => pair form used for aesthetics, not to truly make a hash table my @disable_cascades = ( # "what" => [ "cascade", ... ] sub { $processor eq "386" } => [ "sse2" ], "ssl" => [ "ssl3" ], "ssl3-method" => [ "ssl3" ], "zlib" => [ "zlib-dynamic" ], "rijndael" => [ "aes" ], "des" => [ "mdc2" ], "ec" => [ "ecdsa", "ecdh", "gost" ], "dsa" => [ "gost" ], "dh" => [ "gost" ], "dgram" => [ "dtls" ], "dtls" => [ @dtls ], # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA "md5" => [ "ssl", "tls1", "tls1_1", "dtls1" ], "sha" => [ "ssl", "tls1", "tls1_1", "dtls1" ], # Additionally, SSL 3.0 requires either RSA or DSA+DH sub { $disabled{rsa} && ($disabled{dsa} || $disabled{dh}); } => [ "ssl" ], # (D)TLS 1.0 and TLS 1.1 also require either RSA or DSA+DH # or ECDSA + ECDH. (D)TLS 1.2 has this requirement as well. # (XXX: We don't support PSK-only builds). sub { $disabled{rsa} && ($disabled{dsa} || $disabled{dh}) && ($disabled{ecdsa} || $disabled{ecdh}); } => [ "tls1", "tls1_1", "tls1_2", "dtls1", "dtls1_2" ], "tls" => [ @tls ], # SRP and HEARTBEATS require TLSEXT "tlsext" => [ "srp", "heartbeats" ], ); # Avoid protocol support holes. Also disable all versions below N, if version # N is disabled while N+1 is enabled. # my @list = (reverse @tls); while ((my $first, my $second) = (shift @list, shift @list)) { last unless @list; push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} } => [ @list ] ); unshift @list, $second; } my @list = (reverse @dtls); while ((my $first, my $second) = (shift @list, shift @list)) { last unless @list; push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} } => [ @list ] ); unshift @list, $second; } # Construct the string of what $depflags should look like with the defaults # from %disabled above. (we need this to see if we should advise the user # to run "make depend"): my $default_depflags = " ".join(" ", map { my $x = $_; $x =~ tr{[a-z]-}{[A-Z]_}; "-DOPENSSL_NO_$x"; } grep { $disabled{$_} !~ /\(no-depflags\)$/ } sort keys %disabled); # Explicit "no-..." options will be collected in %disabled along with the defaults. # To remove something from %disabled, use "enable-foo" (unless it's experimental). # For symmetry, "disable-foo" is a synonym for "no-foo". # For features called "experimental" here, a more explicit "experimental-foo" is needed to enable. # We will collect such requests in @experimental. # To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO. my $no_sse2=0; &usage if ($#ARGV < 0); my $flags=""; my $depflags=""; my $openssl_experimental_defines=""; my $openssl_algorithm_defines=""; my $openssl_thread_defines=""; my $openssl_sys_defines=""; my $openssl_other_defines=""; my $libs=""; my $target=""; my $options=""; my $api; my $make_depend=0; my %withargs=(); my $build_prefix = "release_"; my @argvcopy=@ARGV; if (grep /^reconf(igure)?$/, @argvcopy) { if (open IN, "<$Makefile") { while () { chomp; if (/^CONFIGURE_ARGS=\s*(.*)\s*/) { my $line = $1; if ($line =~ /^\s*\(/) { # New form perl expression saved in Makefile, eval it @argvcopy = eval $line; } else { # Older form, we split the string and hope for the best @argvcopy = split /\s+/, $line; } die "Incorrect data to reconfigure, please do a normal configuration\n" if (grep(/^reconf/,@argvcopy)); } elsif (/^CROSS_COMPILE=\s*(.*)/) { $ENV{CROSS_COMPILE}=$1; } elsif (/^CC=\s*(?:\$\(CROSS_COMPILE\))?(.*?)$/) { $ENV{CC}=$1; } } print "Reconfiguring with: ", join(" ",@argvcopy), "\n"; print " CROSS_COMPILE = ",$ENV{CROSS_COMPILE},"\n" if $ENV{CROSS_COMPILE}; print " CC = ",$ENV{CC},"\n" if $ENV{CC}; close IN; } else { die "Insufficient data to reconfigure, please do a normal configuration\n"; } } my %unsupported_options = (); foreach (@argvcopy) { s /^-no-/no-/; # some people just can't read the instructions # rewrite some options in "enable-..." form s /^-?-?shared$/enable-shared/; s /^sctp$/enable-sctp/; s /^threads$/enable-threads/; s /^zlib$/enable-zlib/; s /^zlib-dynamic$/enable-zlib-dynamic/; if (/^(no|disable|enable|experimental)-(.+)$/) { my $word = $2; if (!grep { $word =~ /^${_}$/ } @disablables) { $unsupported_options{$_} = 1; next; } } if (/^no-(.+)$/ || /^disable-(.+)$/) { if (!($disabled{$1} eq "experimental")) { foreach my $proto ((@tls, @dtls)) { if ($1 eq "$proto-method") { $disabled{"$proto"} = "option($proto-method)"; last; } } if ($1 eq "dtls") { foreach my $proto (@dtls) { $disabled{$proto} = "option(dtls)"; } } elsif ($1 eq "ssl") { # Last one of its kind $disabled{"ssl3"} = "option(ssl)"; } elsif ($1 eq "tls") { # XXX: Tests will fail if all SSL/TLS # protocols are disabled. foreach my $proto (@tls) { $disabled{$proto} = "option(tls)"; } } else { $disabled{$1} = "option"; } } } elsif (/^enable-(.+)$/ || /^experimental-(.+)$/) { my $algo = $1; if ($disabled{$algo} eq "experimental") { die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n" unless (/^experimental-/); push @experimental, $algo; } delete $disabled{$algo}; $threads = 1 if ($algo eq "threads"); } elsif (/^--strict-warnings$/) { $strict_warnings = 1; } elsif (/^--debug$/) { $build_prefix = "debug_"; } elsif (/^--release$/) { $build_prefix = "release_"; } elsif (/^386$/) { $processor=386; } elsif (/^fips$/) { $fips=1; } elsif (/^rsaref$/) { # No RSAref support any more since it's not needed. # The check for the option is there so scripts aren't # broken } elsif (/^nofipscanistercheck$/) { $fips = 1; $nofipscanistercheck = 1; } elsif (/^[-+]/) { if (/^--prefix=(.*)$/) { $prefix=$1; } elsif (/^--api=(.*)$/) { $api=$1; } elsif (/^--libdir=(.*)$/) { $libdir=$1; } elsif (/^--openssldir=(.*)$/) { $openssldir=$1; } elsif (/^--install.prefix=(.*)$/) { $install_prefix=$1; } elsif (/^--with-zlib-lib=(.*)$/) { $withargs{"zlib-lib"}=$1; } elsif (/^--with-zlib-include=(.*)$/) { $withargs{"zlib-include"}="-I$1"; } elsif (/^--with-fipslibdir=(.*)$/) { $fipslibdir="$1/"; } elsif (/^--with-baseaddr=(.*)$/) { $baseaddr="$1"; } elsif (/^--cross-compile-prefix=(.*)$/) { $cross_compile_prefix=$1; } elsif (/^--config=(.*)$/) { read_config $1; } elsif (/^-[lL](.*)$/ or /^-Wl,/) { $libs.=$_." "; } else # common if (/^[-+]/), just pass down... { $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei; $flags.=$_." "; } } elsif ($_ =~ /^([^:]+):(.+)$/) { eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string $target=$1; } else { die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); $target=$_; } unless ($_ eq $target || /^no-/ || /^disable-/) { # "no-..." follows later after implied disactivations # have been derived. (Don't take this too seroiusly, # we really only write OPTIONS to the Makefile out of # nostalgia.) if ($options eq "") { $options = $_; } else { $options .= " ".$_; } } if (defined($api) && !exists $apitable->{$api}) { die "***** Unsupported api compatibility level: $api\n", } if (keys %unsupported_options) { die "***** Unsupported options: ", join(", ", keys %unsupported_options), "\n"; } } if ($fips) { delete $disabled{"shared"} if ($disabled{"shared"} =~ /^default/); } my @tocheckfor = (keys %disabled); while (@tocheckfor) { my %new_tocheckfor = (); my @cascade_copy = (@disable_cascades); while (@cascade_copy) { my ($test, $descendents) = (shift @cascade_copy, shift @cascade_copy); if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) { map { $new_tocheckfor{$_} => 1; $disabled{$_} = "forced"; } grep { !defined($disabled{$_}) } @$descendents; } } @tocheckfor = (keys %new_tocheckfor); } if ($target eq "TABLE") { foreach $target (sort keys %table) { print_table_entry($target, "TABLE"); } exit 0; } if ($target eq "LIST") { foreach (sort keys %table) { print; print "\n"; } exit 0; } if ($target eq "HASH") { print "%table = (\n"; foreach (sort keys %table) { print_table_entry($_, "HASH"); } exit 0; } if ($target =~ m/^CygWin32(-.*)$/) { $target = "Cygwin".$1; } foreach (sort (keys %disabled)) { $options .= " no-$_"; printf " no-%-12s %-10s", $_, "[$disabled{$_}]"; if (/^dso$/) { $no_dso = 1; } elsif (/^threads$/) { $no_threads = 1; } elsif (/^shared$/) { $no_shared = 1; } elsif (/^zlib$/) { $zlib = 0; } elsif (/^static-engine$/) { } elsif (/^zlib-dynamic$/) { } elsif (/^sse2$/) { $no_sse2 = 1; } else { my ($ALGO, $algo); ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/; if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/) { $openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n"; print " OPENSSL_NO_$ALGO"; if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; } elsif (/^asm$/) { $no_asm = 1; } } else { ($ALGO,$algo) = ("RMD160","rmd160") if ($algo eq "ripemd"); $openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n"; print " OPENSSL_NO_$ALGO"; push @skip, $algo; # fix-up crypto/directory name(s) $skip[$#skip]="whrlpool" if $algo eq "whirlpool"; $skip[$#skip]="ripemd" if $algo eq "rmd160"; print " (skip dir)"; $depflags .= " -DOPENSSL_NO_$ALGO"; } } print "\n"; } my $exp_cflags = ""; foreach (sort @experimental) { my $ALGO; ($ALGO = $_) =~ tr/[a-z]/[A-Z]/; # opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined $openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n"; $exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO"; } print "Configuring for $target\n"; # Support for legacy targets having a name starting with 'debug-' my ($d, $t) = $target =~ m/^(debug-)?(.*)$/; if ($d) { $build_prefix = "debug_"; # If we do not find debug-foo in the table, the target is set to foo. if (!$table{$target}) { $target = $t; } } delete $table{$base_target}->{template}; # or the next test will fail. my %target = ( %{$table{$base_target}}, resolve_config($target) ); &usage if (!%target || $target{template}); $exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/); $exe_ext=".nlm" if ($target =~ /netware/); $exe_ext=".pm" if ($target =~ /vos/); $default_ranlib= &which("ranlib") or $default_ranlib="true"; $perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl") or $perl="perl"; my $make = $ENV{'MAKE'} || "make"; $cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq ""; $prefix = "/usr/local" if !$prefix; $openssldir = "ssl" if !$openssldir; $openssldir = catdir($prefix, $openssldir) unless file_name_is_absolute($openssldir); # Allow environment CC to override compiler... my $cc = $ENV{CC} || $target{cc}; # For cflags and lflags, add the debug_ or release_ attributes # Do it in such a way that no spurious space is appended (hence the grep). my $cflags = join(" ", grep { $_ } ($target{cflags}, $target{$build_prefix."cflags"})); my $lflags = join(" ", grep { $_ } ($target{lflags}, $target{$build_prefix."lflags"})); my $unistd = $target{unistd}; my $thread_cflag = $target{thread_cflag}; my $sys_id = $target{sys_id}; my $bn_ops = $target{bn_ops}; my $cpuid_obj = $target{cpuid_obj}; my $bn_obj = $target{bn_obj}; my $ec_obj = $target{ec_obj}; my $des_obj = $target{des_obj}; my $aes_obj = $target{aes_obj}; my $bf_obj = $target{bf_obj}; my $md5_obj = $target{md5_obj}; my $sha1_obj = $target{sha1_obj}; my $cast_obj = $target{cast_obj}; my $rc4_obj = $target{rc4_obj}; my $rmd160_obj = $target{rmd160_obj}; my $rc5_obj = $target{rc5_obj}; my $wp_obj = $target{wp_obj}; my $cmll_obj = $target{cmll_obj}; my $modes_obj = $target{modes_obj}; my $engines_obj = $target{engines_obj}; my $chacha_obj = $target{chacha_obj}; my $poly1305_obj = $target{poly1305_obj}; my $perlasm_scheme = $target{perlasm_scheme}; my $dso_scheme = $target{dso_scheme}; my $shared_target = $target{shared_target}; my $shared_cflag = $target{shared_cflag}; my $shared_ldflag = $target{shared_ldflag}; my $shared_extension = $target{shared_extension}; my $ranlib = $ENV{'RANLIB'} || $target{ranlib}; my $ar = $ENV{'AR'} || "ar"; my $arflags = $target{arflags}; my $multilib = $target{multilib}; my @build_scheme = ref($target{build_scheme}) eq "ARRAY" ? @{$target{build_scheme}} : ( $target{build_scheme} ); # if $prefix/lib$multilib is not an existing directory, then # assume that it's not searched by linker automatically, in # which case adding $multilib suffix causes more grief than # we're ready to tolerate, so don't... $multilib="" if !-d "$prefix/lib$multilib"; $libdir="lib$multilib" if $libdir eq ""; $cflags = "$cflags$exp_cflags"; # '%' in $lflags is used to split flags to "pre-" and post-flags my ($prelflags,$postlflags)=split('%',$lflags); if (defined($postlflags)) { $lflags=$postlflags; } else { $lflags=$prelflags; undef $prelflags; } if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m) { $cflags =~ s/\-mno\-cygwin\s*//; $shared_ldflag =~ s/\-mno\-cygwin\s*//; } if ($target =~ /linux.*\-mips/ && !$no_asm && $flags !~ /\-m(ips|arch=)/) { # minimally required architecture flags for assembly modules $cflags="-mips2 $cflags" if ($target =~ /mips32/); $cflags="-mips3 $cflags" if ($target =~ /mips64/); } my $no_shared_warn=0; my $no_user_cflags=0; if ($flags ne "") { $cflags="$flags$cflags"; } else { $no_user_cflags=1; } # The DSO code currently always implements all functions so that no # applications will have to worry about that from a compilation point # of view. However, the "method"s may return zero unless that platform # has support compiled in for them. Currently each method is enabled # by a define "DSO_" ... we translate the "dso_scheme" config # string entry into using the following logic; my $dso_cflags; if (!$no_dso && $dso_scheme ne "") { $dso_scheme =~ tr/[a-z]/[A-Z]/; if ($dso_scheme eq "DLFCN") { $dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H"; } elsif ($dso_scheme eq "DLFCN_NO_H") { $dso_cflags = "-DDSO_DLFCN"; } else { $dso_cflags = "-DDSO_$dso_scheme"; } $cflags = "$dso_cflags $cflags"; } my $thread_cflags; my $thread_defines; if ($thread_cflag ne "(unknown)" && !$no_threads) { # If we know how to do it, support threads by default. $threads = 1; } if ($thread_cflag eq "(unknown)" && $threads) { # If the user asked for "threads", [s]he is also expected to # provide any system-dependent compiler options that are # necessary. if ($no_user_cflags) { print "You asked for multi-threading support, but didn't\n"; print "provide any system-specific compiler options\n"; exit(1); } $thread_cflags="-DOPENSSL_THREADS $cflags" ; $thread_defines .= "#define OPENSSL_THREADS\n"; } else { $thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags"; $thread_defines .= "#define OPENSSL_THREADS\n"; # my $def; # foreach $def (split ' ',$thread_cflag) # { # if ($def =~ s/^-D// && $def !~ /^_/) # { # $thread_defines .= "#define $def\n"; # } # } } $lflags="$libs$lflags" if ($libs ne ""); if ($no_asm) { $cflags=~s/\-D[BL]_ENDIAN// if ($fips); $thread_cflags=~s/\-D[BL]_ENDIAN// if ($fips); } if ($threads) { $cflags=$thread_cflags; $openssl_thread_defines .= $thread_defines; } if ($zlib) { $cflags = "-DZLIB $cflags"; if (defined($disabled{"zlib-dynamic"})) { if (defined($withargs{"zlib-lib"})) { $lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz"; } else { $lflags = "$lflags -lz"; } } else { $cflags = "-DZLIB_SHARED $cflags"; } } # With "deprecated" disable all deprecated features. if (defined($disabled{"deprecated"})) { $api = $maxapi; } # You will find shlib_mark1 and shlib_mark2 explained in Makefile.in my $shared_mark = ""; if ($shared_target eq "") { $no_shared_warn = 1 if !$no_shared && !$fips; $no_shared = 1; } if (!$no_shared) { if ($shared_cflag ne "") { $cflags = "$shared_cflag -DOPENSSL_PIC $cflags"; } } if ($build_scheme[0] ne "mk1mf") { # add {no-}static-engine to options to allow mkdef.pl to work without extra arguments if ($no_shared) { $openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n"; $options.=" static-engine"; } else { $openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n"; $options.=" no-static-engine"; } } # # Platform fix-ups # if ($target =~ /\-icc$/) # Intel C compiler { my $iccver=0; if (open(FD,"$cc -V 2>&1 |")) { while() { $iccver=$1 if (/Version ([0-9]+)\./); } close(FD); } if ($iccver>=8) { $cflags=~s/\-KPIC/-fPIC/; # Eliminate unnecessary dependency from libirc.a. This is # essential for shared library support, as otherwise # apps/openssl can end up in endless loop upon startup... $cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset"; } if ($iccver>=9) { $lflags.=" -i-static"; $lflags=~s/\-no_cpprt/-no-cpprt/; } if ($iccver>=10) { $lflags=~s/\-i\-static/-static-intel/; } if ($iccver>=11) { $cflags.=" -no-intel-extensions"; # disable Cilk $lflags=~s/\-no\-cpprt/-no-cxxlib/; } } # Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time # linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on # .so objects. Apparently application RPATH is not global and does # not apply to .so linked with other .so. Problem manifests itself # when libssl.so fails to load libcrypto.so. One can argue that we # should engrave this into Makefile.shared rules or into BSD-* config # lines above. Meanwhile let's try to be cautious and pass -rpath to # linker only when --prefix is not /usr. if ($target =~ /^BSD\-/) { $shared_ldflag.=" -Wl,-rpath,\$\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|); } if ($sys_id ne "") { #$cflags="-DOPENSSL_SYS_$sys_id $cflags"; $openssl_sys_defines="#define OPENSSL_SYS_$sys_id\n"; } if ($ranlib eq "") { $ranlib = $default_ranlib; } if (!$no_asm) { $cpuid_obj=$table{BASE}->{cpuid_obj} if ($processor eq "386"); $cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/); $bn_obj =~ s/\w+-gf2m.o// if (defined($disabled{ec2m})); # bn-586 is the only one implementing bn_*_part_words $cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/); $cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/); $cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/); $cflags.=" -DOPENSSL_BN_ASM_MONT5" if ($bn_obj =~ /-mont5/); $cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($bn_obj =~ /-gf2m/); if ($fips) { $openssl_other_defines.="#define OPENSSL_FIPS\n"; } if ($sha1_obj =~ /\.o$/) { $cflags.=" -DSHA1_ASM" if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/); $cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/); $cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/); if ($sha1_obj =~ /sse2/) { if ($no_sse2) { $sha1_obj =~ s/\S*sse2\S+//; } elsif ($cflags !~ /OPENSSL_IA32_SSE2/) { $cflags.=" -DOPENSSL_IA32_SSE2"; } } } if ($md5_obj =~ /\.o$/) { $cflags.=" -DMD5_ASM"; } $cast_obj=$table{BASE}->{cast_obj} if (!$no_shared); # CAST assembler is not PIC if ($rmd160_obj =~ /\.o$/) { $cflags.=" -DRMD160_ASM"; } if ($aes_obj =~ /\.o$/) { $cflags.=" -DAES_ASM" if ($aes_obj =~ m/\baes\-/);; # aes-ctr.o is not a real file, only indication that assembler # module implements AES_ctr32_encrypt... $cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//); # aes-xts.o indicates presence of AES_xts_[en|de]crypt... $cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//); $aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2); $cflags.=" -DVPAES_ASM" if ($aes_obj =~ m/vpaes/); $cflags.=" -DBSAES_ASM" if ($aes_obj =~ m/bsaes/); } if ($wp_obj =~ /mmx/ && $processor eq "386") { $wp_obj=$table{BASE}->{wp_obj}; } elsif (!$disabled{"whirlpool"}) { $cflags.=" -DWHIRLPOOL_ASM"; } if ($modes_obj =~ /ghash\-/) { $cflags.=" -DGHASH_ASM"; } if ($ec_obj =~ /ecp_nistz256/) { $cflags.=" -DECP_NISTZ256_ASM"; } if ($poly1305_obj =~ /\.o$/) { $cflags.=" -DPOLY1305_ASM"; } } # "Stringify" the C flags string. This permits it to be made part of a string # and works as well on command lines. $cflags =~ s/([\\\"])/\\\1/g; my $version = "unknown"; my $version_num = "unknown"; my $major = "unknown"; my $minor = "unknown"; my $shlib_version_number = "unknown"; my $shlib_version_history = "unknown"; my $shlib_major = "unknown"; my $shlib_minor = "unknown"; open(IN,') { $version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /; $version_num=$1 if /OPENSSL.VERSION.NUMBER.*(0x\S+)/; $shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/; $shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/; } close(IN); if ($shlib_version_history ne "") { $shlib_version_history .= ":"; } if ($version =~ /(^[0-9]*)\.([0-9\.]*)/) { $major=$1; $minor=$2; } if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/) { $shlib_major=$1; $shlib_minor=$2; } if (defined($api)) { my $apiflag = sprintf("-DOPENSSL_API_COMPAT=%s", $apitable->{$api}); $default_depflags .= " $apiflag"; $cflags .= " $apiflag"; } my $ecc = $cc; $ecc = "clang" if `$cc --version 2>&1` =~ /clang/; if ($strict_warnings) { my $wopt; die "ERROR --strict-warnings requires gcc or clang" unless ($ecc =~ /gcc(-\d(\.\d)*)?$/ or $ecc =~ /clang$/); foreach $wopt (split /\s+/, $gcc_devteam_warn) { $cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/) } if ($ecc eq "clang") { foreach $wopt (split /\s+/, $clang_devteam_warn) { $cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/) } } if ($target !~ /^mingw/) { foreach $wopt (split /\s+/, $memleak_devteam_backtrace) { $cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/) } if ($target =~ /^BSD-/) { $lflags .= " -lexecinfo"; } } } open(IN,"$Makefile.new") || die "unable to create $Makefile.new:$!\n"; print OUT "### Generated automatically from Makefile.in by Configure.\n\n"; my $sdirs=0; while () { chomp; $sdirs = 1 if /^SDIRS=/; if ($sdirs) { my $dir; foreach $dir (@skip) { s/(\s)$dir /$1/; s/\s$dir$//; } } $sdirs = 0 unless /\\$/; s/fips // if (/^DIRS=/ && !$fips); s/engines // if (/^DIRS=/ && $disabled{"engine"}); s/^VERSION=.*/VERSION=$version/; s/^MAJOR=.*/MAJOR=$major/; s/^MINOR=.*/MINOR=$minor/; s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/; s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/; s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/; s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/; s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/; s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/; s/^MULTILIB=.*$/MULTILIB=$multilib/; s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/; s/^LIBDIR=.*$/LIBDIR=$libdir/; s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/; s/^PLATFORM=.*$/PLATFORM=$target/; s/^OPTIONS=.*$/OPTIONS=$options/; my $argvstring = "(".join(", ", map { quotify("perl", $_) } @argvcopy).")"; s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/; if ($cross_compile_prefix) { s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/; s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/; s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/; s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/; s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc"; } else { s/^CC=.*$/CC= $cc/; s/^AR=\s*ar/AR= $ar/; s/^RANLIB=.*/RANLIB= $ranlib/; s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $ecc eq "gcc" || $ecc eq "clang"; } s/^CFLAG=.*$/CFLAG= $cflags/; s/^DEPFLAG=.*$/DEPFLAG=$depflags/; s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/; s/^EX_LIBS=.*$/EX_LIBS= $lflags/; s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/; s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/; s/^BN_ASM=.*$/BN_ASM= $bn_obj/; s/^EC_ASM=.*$/EC_ASM= $ec_obj/; s/^DES_ENC=.*$/DES_ENC= $des_obj/; s/^AES_ENC=.*$/AES_ENC= $aes_obj/; s/^BF_ENC=.*$/BF_ENC= $bf_obj/; s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/; s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/; s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/; s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/; s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/; s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/; s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/; s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/; s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/; s/^CHACHA_ENC=.*$/CHACHA_ENC= $chacha_obj/; s/^POLY1305_ASM_OBJ=.*$/POLY1305_ASM_OBJ= $poly1305_obj/; s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/; s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/; s/^PROCESSOR=.*/PROCESSOR= $processor/; s/^ARFLAGS=.*/ARFLAGS= $arflags/; s/^PERL=.*/PERL= $perl/; s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/; s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/; s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/; s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips; s/^SHARED_FIPS=.*/SHARED_FIPS=/; s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl/; s/^BASEADDR=.*/BASEADDR=$baseaddr/; s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/; s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared); if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/) { my $sotmp = $1; s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/; } elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/) { s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/; } elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/) { my $sotmp = $1; s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/; } elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/) { s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/; } s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/; print OUT $_."\n"; } close(IN); close(OUT); rename($Makefile,"$Makefile.orig") || die "unable to rename $Makefile\n" if -e $Makefile; rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n"; print "IsMK1MF =", ($build_scheme[0] eq "mk1mf" ? "yes" : "no"), "\n"; print "CC =$cc\n"; print "CFLAG =$cflags\n"; print "EX_LIBS =$lflags\n"; print "CPUID_OBJ =$cpuid_obj\n"; print "BN_ASM =$bn_obj\n"; print "EC_ASM =$ec_obj\n"; print "DES_ENC =$des_obj\n"; print "AES_ENC =$aes_obj\n"; print "BF_ENC =$bf_obj\n"; print "CAST_ENC =$cast_obj\n"; print "RC4_ENC =$rc4_obj\n"; print "RC5_ENC =$rc5_obj\n"; print "MD5_OBJ_ASM =$md5_obj\n"; print "SHA1_OBJ_ASM =$sha1_obj\n"; print "RMD160_OBJ_ASM=$rmd160_obj\n"; print "CMLL_ENC =$cmll_obj\n"; print "MODES_OBJ =$modes_obj\n"; print "ENGINES_OBJ =$engines_obj\n"; print "CHACHA_ENC =$chacha_obj\n"; print "POLY1305_OBJ =$poly1305_obj\n"; print "PROCESSOR =$processor\n"; print "RANLIB =$ranlib\n"; print "ARFLAGS =$arflags\n"; print "PERL =$perl\n"; my $des_ptr=0; my $des_risc1=0; my $des_risc2=0; my $des_unroll=0; my $bn_ll=0; my $def_int=2; my $rc4_int=$def_int; my $md2_int=$def_int; my $idea_int=$def_int; my $rc2_int=$def_int; my $rc4_idx=0; my $rc4_chunk=0; my $bf_ptr=0; my @type=("char","short","int","long"); my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0); my $export_var_as_fn=0; my $des_int; foreach (sort split(/\s+/,$bn_ops)) { $des_ptr=1 if /DES_PTR/; $des_risc1=1 if /DES_RISC1/; $des_risc2=1 if /DES_RISC2/; $des_unroll=1 if /DES_UNROLL/; $des_int=1 if /DES_INT/; $bn_ll=1 if /BN_LLONG/; $rc4_int=0 if /RC4_CHAR/; $rc4_int=3 if /RC4_LONG/; $rc4_idx=1 if /RC4_INDEX/; $rc4_chunk=1 if /RC4_CHUNK/; $rc4_chunk=2 if /RC4_CHUNK_LL/; $md2_int=0 if /MD2_CHAR/; $md2_int=3 if /MD2_LONG/; $idea_int=1 if /IDEA_SHORT/; $idea_int=3 if /IDEA_LONG/; $rc2_int=1 if /RC2_SHORT/; $rc2_int=3 if /RC2_LONG/; $bf_ptr=1 if $_ eq "BF_PTR"; $bf_ptr=2 if $_ eq "BF_PTR2"; ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/; ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/; $export_var_as_fn=1 if /EXPORT_VAR_AS_FN/; } open(IN,'include/openssl/opensslconf.h.new') || die "unable to create include/openssl/opensslconf.h.new:$!\n"; print OUT "/* opensslconf.h */\n"; print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n"; print OUT "#ifdef __cplusplus\n"; print OUT "extern \"C\" {\n"; print OUT "#endif\n"; print OUT "/* OpenSSL was configured with the following options: */\n"; my $openssl_api_defines = ""; if (defined($api)) { $openssl_api_defines = sprintf "#define OPENSSL_MIN_API %s\n", $apitable->{$api}; } my $openssl_algorithm_defines_trans = $openssl_algorithm_defines; $openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg; $openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg; $openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; $openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algorithm_defines eq ""; $openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; $openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; $openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; print OUT $openssl_sys_defines; print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n"; print OUT $openssl_experimental_defines; print OUT $openssl_api_defines; print OUT "\n"; print OUT $openssl_algorithm_defines; print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n"; print OUT $openssl_thread_defines; print OUT $openssl_other_defines,"\n"; print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n"; print OUT " asks for it. This is a transient feature that is provided for those\n"; print OUT " who haven't had the time to do the appropriate changes in their\n"; print OUT " applications. */\n"; print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n"; print OUT $openssl_algorithm_defines_trans; print OUT "#endif\n\n"; print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o"); while () { if (/^#define\s+OPENSSLDIR/) { my $foo = $openssldir; $foo =~ s/\\/\\\\/g; print OUT "#define OPENSSLDIR \"$foo\"\n"; } elsif (/^#define\s+ENGINESDIR/) { my $foo = "$prefix/$libdir/engines"; $foo =~ s/\\/\\\\/g; print OUT "#define ENGINESDIR \"$foo\"\n"; } elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/) { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n" if $export_var_as_fn; printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n", ($export_var_as_fn)?"define":"undef"; } elsif (/^#define\s+OPENSSL_UNISTD/) { print OUT "#define OPENSSL_UNISTD $unistd\n"; } elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/) { printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; } elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/) { printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; } elsif (/^#((define)|(undef))\s+THIRTY_TWO_BIT/) { printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; } elsif (/^#((define)|(undef))\s+SIXTEEN_BIT/) { printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; } elsif (/^#((define)|(undef))\s+EIGHT_BIT/) { printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; } elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/) { printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; } elsif (/^\#define\s+OSSL_DES_LONG\s+.*/) { printf OUT "#define OSSL_DES_LONG unsigned %s\n", ($des_int)?'int':'long'; } elsif (/^\#(define|undef)\s+DES_PTR/) { printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; } elsif (/^\#(define|undef)\s+DES_RISC1/) { printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; } elsif (/^\#(define|undef)\s+DES_RISC2/) { printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; } elsif (/^\#(define|undef)\s+DES_UNROLL/) { printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; } elsif (/^#define\s+RC4_INT\s/) { printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; } elsif (/^#undef\s+RC4_CHUNK/) { printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0; printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1; printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2; } elsif (/^#((define)|(undef))\s+RC4_INDEX/) { printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; } elsif (/^#(define|undef)\s+I386_ONLY/) { printf OUT "#%s I386_ONLY\n", ($processor eq "386")? "define":"undef"; } elsif (/^#define\s+MD2_INT\s/) { printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; } elsif (/^#define\s+IDEA_INT\s/) {printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];} elsif (/^#define\s+RC2_INT\s/) {printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];} elsif (/^#(define|undef)\s+BF_PTR/) { printf OUT "#undef BF_PTR\n" if $bf_ptr == 0; printf OUT "#define BF_PTR\n" if $bf_ptr == 1; printf OUT "#define BF_PTR2\n" if $bf_ptr == 2; } else { print OUT $_; } } close(IN); print OUT "#ifdef __cplusplus\n"; print OUT "}\n"; print OUT "#endif\n"; close(OUT); rename("include/openssl/opensslconf.h","include/openssl/opensslconf.h.bak") || die "unable to rename include/openssl/opensslconf.h\n" if -e "include/openssl/opensslconf.h"; rename("include/openssl/opensslconf.h.new","include/openssl/opensslconf.h") || die "unable to rename include/openssl/opensslconf.h.new\n"; # Fix the date print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l; print "SIXTY_FOUR_BIT mode\n" if $b64; print "THIRTY_TWO_BIT mode\n" if $b32; print "SIXTEEN_BIT mode\n" if $b16; print "EIGHT_BIT mode\n" if $b8; print "DES_PTR used\n" if $des_ptr; print "DES_RISC1 used\n" if $des_risc1; print "DES_RISC2 used\n" if $des_risc2; print "DES_UNROLL used\n" if $des_unroll; print "DES_INT used\n" if $des_int; print "BN_LLONG mode\n" if $bn_ll; print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int; print "RC4_INDEX mode\n" if $rc4_idx; print "RC4_CHUNK is undefined\n" if $rc4_chunk==0; print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1; print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2; print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int; print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int; print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int; print "BF_PTR used\n" if $bf_ptr == 1; print "BF_PTR2 used\n" if $bf_ptr == 2; # Copy all Makefile.in to Makefile (except top-level) use File::Find; use IO::File; find(sub { return if ($_ ne "Makefile.in" || $File::Find::dir eq "."); my $in = IO::File->new($_, "r") or die sprintf "Error reading Makefile.in in %s: !$\n", $File::Find::dir; my $out = IO::File->new("Makefile", "w") or die sprintf "Error writing Makefile in %s: !$\n", $File::Find::dir; print $out "# Generated from $_, do not edit\n"; while (my $line = <$in>) { print $out $line } $in->close() or die sprintf "Error reading Makefile.in in %s: !$\n", $File::Find::dir; $out->close() or die sprintf "Error writing Makefile in %s: !$\n", $File::Find::dir; }, "."); my %builders = ( unixmake => sub { my $perlguess = $perl =~ m@^/@ ? $perl : '/usr/local/bin/perl'; my $make_command = "$make PERL=\'$perlguess\'"; my $make_targets = ""; $make_targets .= " depend" if $depflags ne $default_depflags && $make_depend; (system $make_command.$make_targets) == 0 or die "make $make_targets failed" if $make_targets ne ""; &dofile("tools/c_rehash",$perlguess, '^#!/' => '#!%s', '^my \$dir;$' => 'my $dir = "' . $openssldir . '";', '^my \$prefix;$' => 'my $prefix = "' . $prefix . '";'); &dofile("apps/CA.pl",$perlguess, '^#!/' => '#!%s'); if ($depflags ne $default_depflags && !$make_depend) { $warn_make_depend++; } }, mk1mf => sub { open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h"; printf OUT <<"EOF"; #ifndef MK1MF_BUILD /* auto-generated by Configure for crypto/cversion.c: * for Unix builds, crypto/Makefile.ssl generates functional definitions; * Windows builds (and other mk1mf builds) compile cversion.c with * -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */ #error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles" #endif EOF close(OUT); # create the ms/version32.rc file if needed if (! grep /^netware/, @build_scheme) { my ($v1, $v2, $v3, $v4); if ($version_num =~ /^0x([0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{1})L$/i) { $v1=hex $1; $v2=hex $2; $v3=hex $3; $v4=hex $4; } open (OUT,">ms/version32.rc") || die "Can't open ms/version32.rc"; print OUT <<"EOF"; #include LANGUAGE 0x09,0x01 1 VERSIONINFO FILEVERSION $v1,$v2,$v3,$v4 PRODUCTVERSION $v1,$v2,$v3,$v4 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x01L #else FILEFLAGS 0x00L #endif FILEOS VOS__WINDOWS32 FILETYPE VFT_DLL FILESUBTYPE 0x0L BEGIN BLOCK "StringFileInfo" BEGIN BLOCK "040904b0" BEGIN // Required: VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0" VALUE "FileDescription", "OpenSSL Shared Library\\0" VALUE "FileVersion", "$version\\0" #if defined(CRYPTO) VALUE "InternalName", "libeay32\\0" VALUE "OriginalFilename", "libeay32.dll\\0" #elif defined(SSL) VALUE "InternalName", "ssleay32\\0" VALUE "OriginalFilename", "ssleay32.dll\\0" #endif VALUE "ProductName", "The OpenSSL Toolkit\\0" VALUE "ProductVersion", "$version\\0" // Optional: //VALUE "Comments", "\\0" VALUE "LegalCopyright", "Copyright © 1998-2015 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0" //VALUE "LegalTrademarks", "\\0" //VALUE "PrivateBuild", "\\0" //VALUE "SpecialBuild", "\\0" END END BLOCK "VarFileInfo" BEGIN VALUE "Translation", 0x409, 0x4b0 END END EOF close(OUT); } }, ); my ($builder, @builder_opts) = @build_scheme; $builders{$builder}->(@builder_opts); print <<"EOF"; Configured for $target. EOF print <<"EOF" if (!$no_threads && !$threads); The library could not be configured for supporting multi-threaded applications as the compiler options required on this system are not known. See file INSTALL for details if you need multi-threading. EOF print <<"EOF" if ($no_shared_warn); You gave the option 'shared', which is not supported on this platform, so we will pretend you gave the option 'no-shared'. If you know how to implement shared libraries, please let us know (but please first make sure you have tried with a current version of OpenSSL). EOF print <<"EOF" if ($warn_make_depend); *** Because of configuration changes, you MUST do the following before *** building: make depend EOF exit(0); ###################################################################### # # Helpers and utility functions # # Configuration file reading ######################################### # Helper function to implement conditional inheritance depending on the # value of $no_asm. Used in inherit_from values as follows: # # inherit_from => [ "template", asm("asm_tmpl") ] # sub asm { my @x = @_; sub { $no_asm ? () : @x; } } # Helper function to implement adding values to already existing configuration # values. It handles elements that are ARRAYs, CODEs and scalars sub _add { my $separator = shift; # If there's any ARRAY in the collection of values, we will return # an ARRAY of combined values, otherwise a string of joined values # with $separator as the separator. my $found_array = 0; my @values = map { if (ref($_) eq "ARRAY") { $found_array = 1; @$_; } else { $_; } } (@_); if ($found_array) { [ @values ]; } else { join($separator, @values); } } sub add_before { my $separator = shift; my @x = @_; sub { _add($separator, @x, @_) }; } sub add { my $separator = shift; my @x = @_; sub { _add($separator, @_, @x) }; } # configuration reader, evaluates the input file as a perl script and expects # it to fill %targets with target configurations. Those are then added to # %table. sub read_config { my $fname = shift; open(CONFFILE, "< $fname") or die "Can't open configuration file '$fname'!\n"; my $x = $/; undef $/; my $content = ; $/ = $x; close(CONFFILE); my %targets = (); { local %table = %::table; # Protect %table from tampering eval $content; warn $@ if $@; } # For each target, check that it's configured with a hash table. foreach (keys %targets) { if (ref($targets{$_}) ne "HASH") { if (ref($targets{$_}) eq "") { warn "Deprecated target configuration for $_, ignoring...\n"; } else { warn "Misconfigured target configuration for $_ (should be a hash table), ignoring...\n"; } delete $targets{$_}; } } %table = (%table, %targets); } # configuration resolver. Will only resolve all the lazy evalutation # codeblocks for the chozen target and all those it inherits from, # recursively sub resolve_config { my $target = shift; my @breadcrumbs = @_; if (grep { $_ eq $target } @breadcrumbs) { die "inherit_from loop! target backtrace:\n " ,$target,"\n ",join("\n ", @breadcrumbs),"\n"; } if (!defined($table{$target})) { warn "Warning! target $target doesn't exist!\n"; return (); } # Recurse through all inheritances. They will be resolved on the # fly, so when this operation is done, they will all just be a # bunch of attributes with string values. # What we get here, though, are keys with references to lists of # the combined values of them all. We will deal with lists after # this stage is done. my %combined_inheritance = (); if ($table{$target}->{inherit_from}) { my @inherit_from = map { ref($_) eq "CODE" ? $_->() : $_ } @{$table{$target}->{inherit_from}}; foreach (@inherit_from) { my %inherited_config = resolve_config($_, $target, @breadcrumbs); # 'template' is a marker that's considered private to # the config that had it. delete $inherited_config{template}; map { if (!$combined_inheritance{$_}) { $combined_inheritance{$_} = []; } push @{$combined_inheritance{$_}}, $inherited_config{$_}; } keys %inherited_config; } } # We won't need inherit_from in this target any more, since we've # resolved all the inheritances that lead to this delete $table{$target}->{inherit_from}; # Now is the time to deal with those lists. Here's the place to # decide what shall be done with those lists, all based on the # values of the target we're currently dealing with. # - If a value is a coderef, it will be executed with the list of # inherited values as arguments. # - If the corresponding key doesn't have a value at all or is the # emoty string, the inherited value list will be run through the # default combiner (below), and the result becomes this target's # value. # - Otherwise, this target's value is assumed to be a string that # will simply override the inherited list of values. my $default_combiner = add(" "); my %all_keys = map { $_ => 1 } (keys %combined_inheritance, keys %{$table{$target}}); foreach (sort keys %all_keys) { # Current target doesn't have a value for the current key? # Assign it the default combiner, the rest of this loop body # will handle it just like any other coderef. if (!exists $table{$target}->{$_}) { $table{$target}->{$_} = $default_combiner; } my $valuetype = ref($table{$target}->{$_}); if ($valuetype eq "CODE") { # CODE reference, execute it with the inherited values as # arguments. $table{$target}->{$_} = $table{$target}->{$_}->(@{$combined_inheritance{$_}}); } elsif ($valuetype eq "ARRAY" || $valuetype eq "") { # ARRAY or Scalar, just leave it as is. } else { # Some other type of reference that we don't handle. # Better to abort at this point. die "cannot handle reference type $valuetype," ," found in target $target -> $_\n"; } } # Finally done, return the result. return %{$table{$target}}; } sub usage { print STDERR $usage; print STDERR "\npick os/compiler from:\n"; my $j=0; my $i; my $k=0; foreach $i (sort keys %table) { next if $table{$i}->{template}; next if $i =~ /^debug/; $k += length($i) + 1; if ($k > 78) { print STDERR "\n"; $k=length($i); } print STDERR $i . " "; } foreach $i (sort keys %table) { next if $table{$i}->{template}; next if $i !~ /^debug/; $k += length($i) + 1; if ($k > 78) { print STDERR "\n"; $k=length($i); } print STDERR $i . " "; } print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n"; exit(1); } sub which { my($name)=@_; my $path; foreach $path (split /:/, $ENV{PATH}) { if (-f "$path/$name$exe_ext" and -x _) { return "$path/$name$exe_ext" unless ($name eq "perl" and system("$path/$name$exe_ext -e " . '\'exit($]<5.0);\'')); } } } sub dofile { my $f; my $p; my %m; my @a; my $k; my $ff; ($f,$p,%m)=@_; open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n"; @a=; close(IN); foreach $k (keys %m) { grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a); } open(OUT,">$f.new") || die "unable to open $f.new:$!\n"; print OUT @a; close(OUT); rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f; rename("$f.new",$f) || die "unable to rename $f.new\n"; } sub print_table_entry { my $target = shift; my %target = resolve_config($target); my $type = shift; # Don't print the templates return if $target{template}; if ($type eq "TABLE") { print <<"EOF" *** $target \$cc = $target{cc} \$cflags = $target{cflags} \$debug_cflags = $target{debug_cflags} \$release_cflags = $target{release_cflags} \$unistd = $target{unistd} \$thread_cflag = $target{thread_cflag} \$sys_id = $target{sys_id} \$lflags = $target{lflags} \$debug_lflags = $target{debug_lflags} \$release_lflags = $target{release_lflags} \$bn_ops = $target{bn_ops} \$cpuid_obj = $target{cpuid_obj} \$bn_obj = $target{bn_obj} \$ec_obj = $target{ec_obj} \$des_obj = $target{des_obj} \$aes_obj = $target{aes_obj} \$bf_obj = $target{bf_obj} \$md5_obj = $target{md5_obj} \$sha1_obj = $target{sha1_obj} \$cast_obj = $target{cast_obj} \$rc4_obj = $target{rc4_obj} \$rmd160_obj = $target{rmd160_obj} \$rc5_obj = $target{rc5_obj} \$wp_obj = $target{wp_obj} \$cmll_obj = $target{cmll_obj} \$modes_obj = $target{modes_obj} \$engines_obj = $target{engines_obj} \$chacha_obj = $target{chacha_obj} \$poly1305_obj = $target{poly1305_obj} \$perlasm_scheme = $target{perlasm_scheme} \$dso_scheme = $target{dso_scheme} \$shared_target= $target{shared_target} \$shared_cflag = $target{shared_cflag} \$shared_ldflag = $target{shared_ldflag} \$shared_extension = $target{shared_extension} \$ranlib = $target{ranlib} \$arflags = $target{arflags} \$multilib = $target{multilib} EOF } elsif ($type eq "HASH") { my @sequence = ( "cc", "cflags", "debug_cflags", "release_cflags", "unistd", "thread_cflag", "sys_id", "lflags", "debug_lflags", "release_lflags", "bn_ops", "cpuid_obj", "bn_obj", "ec_obj", "des_obj", "aes_obj", "bf_obj", "md5_obj", "sha1_obj", "cast_obj", "rc4_obj", "rmd160_obj", "rc5_obj", "wp_obj", "cmll_obj", "modes_obj", "engines_obj", "chacha_obj", "poly1305_obj", "perlasm_scheme", "dso_scheme", "shared_target", "shared_cflag", "shared_ldflag", "shared_extension", "ranlib", "arflags", "multilib", ); my $largest = length((sort { length($a) <=> length($b) } @sequence)[-1]); print " '$target' => {\n"; foreach (@sequence) { if ($target{$_}) { print " '",$_,"'"," " x ($largest - length($_))," => '",$target{$_},"',\n"; } } print " },\n"; } } sub quotify { my %processors = ( perl => sub { my $x = shift; $x =~ s/([\\\$\@"])/\\$1/g; return '"'.$x.'"'; }, ); my $for = shift; my $processor = defined($processors{$for}) ? $processors{$for} : sub { shift; }; map { $processor->($_); } @_; }