Add a compile time test to verify that openssl/rsa.h and complex.h can

[openssl.git] / Configure

diff --git a/Configure b/Configure
index 653d777e7af9c27de78d9f5a12b6c2191a457980..3baa8ce016f81bad5149fc89e79f4fb57d0dcc7e 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -405,7 +405,6 @@ my @disablables = (
     "tests",
     "threads",
     "tls",
-    "tls13downgrade",
     "ts",
     "ubsan",
     "ui-console",
@@ -449,7 +448,6 @@ our %disabled = ( # "what"         => "comment"
                  "ssl3"                => "default",
                  "ssl3-method"         => "default",
                   "ubsan"              => "default",
-                 "tls13downgrade"      => "default",
                  "unit-test"           => "default",
                  "weak-ssl-ciphers"    => "default",
                  "zlib"                => "default",
@@ -1012,9 +1010,18 @@ if (scalar(@seed_sources) == 0) {
     print "Using os-specific seed configuration\n";
     push @seed_sources, 'os';
 }
-die "Cannot seed with none and anything else"
-    if scalar(grep { $_ eq 'none' } @seed_sources) > 0
-        && scalar(@seed_sources) > 1;
+if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) {
+    die "Cannot seed with none and anything else" if scalar(@seed_sources) > 1;
+    warn <<_____ if scalar(@seed_sources) == 1;
+You have selected the --with-rand-seed=none option, which effectively disables
+automatic reseeding of the OpenSSL random generator. All operations depending
+on the random generator such as creating keys will not work unless the random
+generator is seeded manually by the application.
+
+Please read the 'Note on random number generation' section in the INSTALL
+instructions and the RAND_DRBG(7) manual page for more details.
+_____
+}
 push @{$config{openssl_other_defines}},
      map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" }
        @seed_sources;
@@ -1034,11 +1041,12 @@ if ($d) {
        $target = $t;
     }
 }
+
+&usage if !$table{$target} || $table{$target}->{template};
+
 $config{target} = $target;
 my %target = resolve_config($target);
 
-&usage if (!%target || $target{template});
-
 foreach (keys %target_attr_translate) {
     $target{$target_attr_translate{$_}} = $target{$_}
         if $target{$_};
@@ -1433,7 +1441,7 @@ if (!$disabled{makedepend}) {
     }
 }
 
-if (!$disabled{asm}) {
+if (!$disabled{asm} && !$predefined{__MACH__} && $^O ne 'VMS') {
     # probe for -Wa,--noexecstack option...
     if ($predefined{__clang__}) {
         # clang has builtin assembler, which doesn't recognize --help,
@@ -1441,7 +1449,7 @@ if (!$disabled{asm}) {
         # supported platforms even when it's meaningless. In other words
         # probe would fail, but probed option always accepted...
         push @{$config{cflags}}, "-Wa,--noexecstack", "-Qunused-arguments";
-    } elsif ($^O ne 'VMS') {
+    } else {
         my $cc = $config{CROSS_COMPILE}.$config{CC};
         open(PIPE, "$cc -Wa,--help -c -o null.$$.o -x assembler /dev/null 2>&1 |");
         while(<PIPE>) {
@@ -2722,14 +2730,19 @@ exit(0);
 # Death handler, to print a helpful message in case of failure #######
 #
 sub death_handler {
+    die @_ if $^S;              # To prevent the added message in eval blocks
     my $build_file = $target{build_file} // "build file";
-    print STDERR <<"_____";
+    my @message = ( <<"_____", @_ );
 
 Failure!  $build_file wasn't produced.
 Please read INSTALL and associated NOTES files.  You may also have to look over
 your available compiler tool chain or change your configuration.
 
 _____
+
+    # Dying is terminal, so it's ok to reset the signal handler here.
+    $SIG{__DIE__} = $orig_death_handler;
+    die @message;
 }
 
 # Configuration file reading #########################################