X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=Configure;h=1c1fd51c8140cf65a1e1a84a0e8d3ca51468a292;hp=2389e5258846661971b997f53128d48968cbc474;hb=070ce40be1dce27cf321b437a4a5446add17e945;hpb=9b7e82f8d939ca6894f941268b219da55f069b26 diff --git a/Configure b/Configure index 2389e52588..1c1fd51c81 100755 --- a/Configure +++ b/Configure @@ -21,6 +21,9 @@ use OpenSSL::Glob; # see INSTALL for instructions. +my $orig_death_handler = $SIG{__DIE__}; +$SIG{__DIE__} = \&death_handler; + my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; # Options: @@ -125,6 +128,7 @@ my $gcc_devteam_warn = "-DDEBUG_UNUSED" . " -Wswitch" . " -Wsign-compare" . " -Wmissing-prototypes" + . " -Wstrict-prototypes" . " -Wshadow" . " -Wformat" . " -Wtype-limits" @@ -179,6 +183,10 @@ my $apitable = { our %table = (); our %config = (); our %withargs = (); +our $now_printing; # set to current entry's name in print_table_entry + # (todo: right thing would be to encapsulate name + # into %target [class] and make print_table_entry + # a method) # Forward declarations ############################################### @@ -278,11 +286,15 @@ if (defined env($local_config_envname)) { } } +# Save away perl command information +$config{perl_cmd} = $^X; +$config{perl_version} = $Config{version}; +$config{perl_archname} = $Config{archname}; + $config{prefix}=""; $config{openssldir}=""; $config{processor}=""; $config{libdir}=""; -$config{cross_compile_prefix}=""; my $auto_threads=1; # enable threads automatically? true by default my $default_ranlib; @@ -293,7 +305,7 @@ $config{sdirs} = [ "objects", "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", "sm3", "des", "aes", "rc2", "rc4", "rc5", "idea", "aria", "bf", "cast", "camellia", "seed", "sm4", "chacha", "modes", - "bn", "ec", "rsa", "dsa", "dh", "dso", "engine", + "bn", "ec", "rsa", "dsa", "dh", "sm2", "dso", "engine", "buffer", "bio", "stack", "lhash", "rand", "err", "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store" @@ -317,6 +329,7 @@ my @disablables = ( "async", "autoalginit", "autoerrinit", + "autoload-config", "bf", "blake2", "camellia", @@ -378,6 +391,7 @@ my @disablables = ( "seed", "shared", "siphash", + "sm2", "sm3", "sm4", "sock", @@ -391,7 +405,6 @@ my @disablables = ( "tests", "threads", "tls", - "tls13downgrade", "ts", "ubsan", "ui-console", @@ -414,10 +427,10 @@ my %deprecated_disablables = ( "ui" => "ui-console", ); -# All of the following is disabled by default (RC5 was enabled before 0.9.8): +# All of the following are disabled by default: our %disabled = ( # "what" => "comment" - "asan" => "default", + "asan" => "default", "crypto-mdebug" => "default", "crypto-mdebug-backtrace" => "default", "devcryptoeng" => "default", @@ -435,7 +448,6 @@ our %disabled = ( # "what" => "comment" "ssl3" => "default", "ssl3-method" => "default", "ubsan" => "default", - "tls13downgrade" => "default", "unit-test" => "default", "weak-ssl-ciphers" => "default", "zlib" => "default", @@ -480,7 +492,8 @@ my @disable_cascades = ( "apps" => [ "tests" ], "tests" => [ "external-tests" ], "comp" => [ "zlib" ], - "ec" => [ "tls1_3" ], + "ec" => [ "tls1_3", "sm2" ], + "sm3" => [ "sm2" ], sub { !$disabled{"unit-test"} } => [ "heartbeats" ], sub { !$disabled{"msan"} } => [ "asm" ], @@ -519,30 +532,37 @@ my $list_separator_re = { VMS => qr/(? qr/(? {$^O} // qr/(? undef, + AR => env('AR'), ARFLAGS => [], AS => undef, ASFLAGS => [], - CC => undef, + CC => env('CC'), CFLAGS => [], - CXX => undef, + CXX => env('CXX'), CXXFLAGS => [], CPP => undef, CPPFLAGS => [], # -D, -I, -Wp, CPPDEFINES => [], # Alternative for -D CPPINCLUDES => [], # Alternative for -I - HASHBANGPERL=> undef, + CROSS_COMPILE => env('CROSS_COMPILE'), + HASHBANGPERL=> env('HASHBANGPERL') || env('PERL'), LD => undef, LDFLAGS => [], # -L, -Wl, LDLIBS => [], # -l MT => undef, MTFLAGS => [], - RANLIB => undef, - RC => undef, + PERL => env('PERL') || ($^O ne "VMS" ? $^X : "perl"), + RANLIB => env('RANLIB'), + RC => env('RC') || env('WINDRES'), RCFLAGS => [], RM => undef, ); +# Info about what "make variables" may be prefixed with the cross compiler +# prefix. This should NEVER mention any such variable with a list for value. +my @user_crossable = qw ( AR AS CC CXX CPP LD MT RANLIB RC ); # The same but for flags given as Configure options. These are *additional* # input, as opposed to the VAR=string option that override the corresponding # config target attributes @@ -560,14 +580,31 @@ my %user_synonyms = ( HASHBANGPERL=> 'PERL', RC => 'WINDRES', ); -my %user_to_target = ( - # If not given here, the value is the lc of the key - CPPDEFINES => 'defines', - CPPINCLUDES => 'includes', - LDFLAGS => 'lflags', - LDLIBS => 'ex_libs', + +# Some target attributes have been renamed, this is the translation table +my %target_attr_translate =( + ar => 'AR', + as => 'AS', + cc => 'CC', + cxx => 'CXX', + cpp => 'CPP', + hashbangperl => 'HASHBANGPERL', + ld => 'LD', + mt => 'MT', + ranlib => 'RANLIB', + rc => 'RC', + rm => 'RM', ); +# Initialisers coming from 'config' scripts +$config{defines} = [ split(/$list_separator_re/, env('__CNF_CPPDEFINES')) ]; +$config{includes} = [ split(/$list_separator_re/, env('__CNF_CPPINCLUDES')) ]; +$config{cppflags} = [ env('__CNF_CPPFLAGS') || () ]; +$config{cflags} = [ env('__CNF_CFLAGS') || () ]; +$config{cxxflags} = [ env('__CNF_CXXFLAGS') || () ]; +$config{lflags} = [ env('__CNF_LDFLAGS') || () ]; +$config{ex_libs} = [ env('__CNF_LDLIBS') || () ]; + $config{openssl_api_defines}=[]; $config{openssl_algorithm_defines}=[]; $config{openssl_thread_defines}=[]; @@ -577,6 +614,7 @@ $config{options}=""; $config{build_type} = "release"; my $target=""; +my %cmdvars = (); # Stores FOO='blah' type arguments my %unsupported_options = (); my %deprecated_options = (); # If you change this, update apps/version.c @@ -589,17 +627,17 @@ while (@argvcopy) # Support env variable assignments among the options if (m|^(\w+)=(.+)?$|) { - $config{perlenv}->{$1} = $2; + $cmdvars{$1} = $2; # Every time a variable is given as a configuration argument, # it acts as a reset if the variable. if (exists $user{$1}) { $user{$1} = ref $user{$1} eq "ARRAY" ? [] : undef; } - if (exists $useradd{$1}) - { - $useradd{$1} = []; - } + #if (exists $useradd{$1}) + # { + # $useradd{$1} = []; + # } next; } @@ -610,7 +648,9 @@ while (@argvcopy) { s/^([^=]*)/lc($1)/e; } - s /^-no-/no-/; # some people just can't read the instructions + + # some people just can't read the instructions, clang people have to... + s/^-no-(?!integrated-as)/no-/; # rewrite some options in "enable-..." form s /^-?-?shared$/enable-shared/; @@ -779,17 +819,13 @@ while (@argvcopy) } elsif (/^--cross-compile-prefix=(.*)$/) { - $config{cross_compile_prefix}=$1; + $user{CROSS_COMPILE}=$1; } elsif (/^--config=(.*)$/) { read_config $1; } - elsif (/^-L(.*)$/) - { - push @{$useradd{LDFLAGS}}, $_; - } - elsif (/^-l(.*)$/ or /^-Wl,/) + elsif (/^-l(.*)$/) { push @{$useradd{LDLIBS}}, $_; } @@ -797,6 +833,10 @@ while (@argvcopy) { push @{$useradd{LDLIBS}}, $_, shift(@argvcopy); } + elsif (/^-L(.*)$/ or /^-Wl,/) + { + push @{$useradd{LDFLAGS}}, $_; + } elsif (/^-rpath$/ or /^-R$/) # -rpath is the OSF1 rpath flag # -R is the old Solaris rpath flag @@ -849,26 +889,63 @@ while (@argvcopy) else { $config{options} .= " ".$_; } } + } - if (defined($config{api}) && !exists $apitable->{$config{api}}) { - die "***** Unsupported api compatibility level: $config{api}\n", - } +if (defined($config{api}) && !exists $apitable->{$config{api}}) { + die "***** Unsupported api compatibility level: $config{api}\n", +} - if (keys %deprecated_options) - { - warn "***** Deprecated options: ", - join(", ", keys %deprecated_options), "\n"; - } - if (keys %unsupported_options) - { - die "***** Unsupported options: ", - join(", ", keys %unsupported_options), "\n"; - } +if (keys %deprecated_options) + { + warn "***** Deprecated options: ", + join(", ", keys %deprecated_options), "\n"; + } +if (keys %unsupported_options) + { + die "***** Unsupported options: ", + join(", ", keys %unsupported_options), "\n"; } +# If any %useradd entry has been set, we must check that the "make +# variables" haven't been set. We start by checking of any %useradd entry +# is set. +if (grep { scalar @$_ > 0 } values %useradd) { + # Hash of env / make variables names. The possible values are: + # 1 - "make vars" + # 2 - %useradd entry set + # 3 - both set + my %detected_vars = + map { my $v = 0; + $v += 1 if $cmdvars{$_}; + $v += 2 if @{$useradd{$_}}; + $_ => $v } + keys %useradd; + + # If any of the corresponding "make variables" is set, we error + if (grep { $_ & 1 } values %detected_vars) { + my $names = join(', ', grep { $detected_vars{$_} > 0 } + sort keys %detected_vars); + die <<"_____"; +***** Mixing make variables and additional compiler/linker flags as +***** configure command line option is not permitted. +***** Affected make variables: $names +_____ + } +} + +# Check through all supported command line variables to see if any of them +# were set, and canonicalise the values we got. If no compiler or linker +# flag or anything else that affects %useradd was set, we also check the +# environment for values. +my $anyuseradd = + grep { defined $_ && (ref $_ ne 'ARRAY' || @$_) } values %useradd; foreach (keys %user) { - my $value = env($_); - $value //= defined $user_synonyms{$_} ? env($user_synonyms{$_}) : undef; + my $value = $cmdvars{$_}; + $value //= env($_) unless $anyuseradd; + $value //= + defined $user_synonyms{$_} ? $cmdvars{$user_synonyms{$_}} : undef; + $value //= defined $user_synonyms{$_} ? env($user_synonyms{$_}) : undef + unless $anyuseradd; if (defined $value) { if (ref $user{$_} eq 'ARRAY') { @@ -879,24 +956,13 @@ foreach (keys %user) { } } -if (grep { $_ =~ /(^|\s)-Wl,-rpath,/ } ($user{LDLIBS} ? @{$user{LDLIBS}} : ()) +if (grep { /-rpath\b/ } ($user{LDFLAGS} ? @{$user{LDFLAGS}} : ()) && !$disabled{shared} && !($disabled{asan} && $disabled{msan} && $disabled{ubsan})) { die "***** Cannot simultaneously use -rpath, shared libraries, and\n", "***** any of asan, msan or ubsan\n"; } -if (scalar(@seed_sources) == 0) { - print "Using implicit seed configuration\n"; - push @seed_sources, 'os'; -} -die "Cannot seed with none and anything else" - if scalar(grep { $_ eq 'none' } @seed_sources) > 0 - && scalar(@seed_sources) > 1; -push @{$config{openssl_other_defines}}, - map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" } - @seed_sources; - my @tocheckfor = (keys %disabled); while (@tocheckfor) { my %new_tocheckfor = (); @@ -940,6 +1006,31 @@ if ($target eq "HASH") { print "Configuring OpenSSL version $config{version} ($config{version_num}) "; print "for $target\n"; +if (scalar(@seed_sources) == 0) { + print "Using os-specific seed configuration\n"; + push @seed_sources, 'os'; +} +if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) { + die "Cannot seed with none and anything else" if scalar(@seed_sources) > 1; + warn <<_____ if scalar(@seed_sources) == 1; + +============================== WARNING =============================== +You have selected the --with-rand-seed=none option, which effectively +disables automatic reseeding of the OpenSSL random generator. +All operations depending on the random generator such as creating keys +will not work unless the random generator is seeded manually by the +application. + +Please read the 'Note on random number generation' section in the +INSTALL instructions and the RAND_DRBG(7) manual page for more details. +============================== WARNING =============================== + +_____ +} +push @{$config{openssl_other_defines}}, + map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" } + @seed_sources; + # Backward compatibility? if ($target =~ m/^CygWin32(-.*)$/) { $target = "Cygwin".$1; @@ -955,18 +1046,25 @@ if ($d) { $target = $t; } } + +&usage if !$table{$target} || $table{$target}->{template}; + $config{target} = $target; my %target = resolve_config($target); -&usage if (!%target || $target{template}); +foreach (keys %target_attr_translate) { + $target{$target_attr_translate{$_}} = $target{$_} + if $target{$_}; + delete $target{$_}; +} %target = ( %{$table{DEFAULTS}}, %target ); # Make the flags to build DSOs the same as for shared libraries unless they # are already defined -$target{dso_cflags} = $target{shared_cflag} unless defined $target{dso_cflags}; -$target{dso_cxxflags} = $target{shared_cxxflag} unless defined $target{dso_cxxflags}; -$target{dso_lflags} = $target{shared_ldflag} unless defined $target{dso_lflags}; +$target{module_cflags} = $target{shared_cflag} unless defined $target{module_cflags}; +$target{module_cxxflags} = $target{shared_cxxflag} unless defined $target{module_cxxflags}; +$target{module_ldflags} = $target{shared_ldflag} unless defined $target{module_ldflags}; { my $shared_info_pl = catfile(dirname($0), "Configurations", "shared-info.pl"); @@ -988,10 +1086,10 @@ $target{dso_lflags} = $target{shared_ldflag} unless defined $target{dso_lflags}; # Windows and VMS. if (defined $si) { # Just as above, copy certain shared_* attributes to the corresponding - # dso_ attribute unless the latter is already defined - $si->{dso_cflags} = $si->{shared_cflag} unless defined $si->{dso_cflags}; - $si->{dso_cxxflags} = $si->{shared_cxxflag} unless defined $si->{dso_cxxflags}; - $si->{dso_lflags} = $si->{shared_ldflag} unless defined $si->{dso_lflags}; + # module_ attribute unless the latter is already defined + $si->{module_cflags} = $si->{shared_cflag} unless defined $si->{module_cflags}; + $si->{module_cxxflags} = $si->{shared_cxxflag} unless defined $si->{module_cxxflags}; + $si->{module_ldflags} = $si->{shared_ldflag} unless defined $si->{module_ldflags}; foreach (sort keys %$si) { $target{$_} = defined $target{$_} ? add($si->{$_})->($target{$_}) @@ -1022,28 +1120,23 @@ foreach my $feature (@{$target{enable}}) { } } -$target{cxxflags}//=$target{cflags} if $target{cxx}; +$target{CXXFLAGS}//=$target{CFLAGS} if $target{CXX}; +$target{cxxflags}//=$target{cflags} if $target{CXX}; $target{exe_extension}=""; $target{exe_extension}=".exe" if ($config{target} eq "DJGPP" || $config{target} =~ /^(?:Cygwin|mingw)/); $target{exe_extension}=".pm" if ($config{target} =~ /vos/); ($target{shared_extension_simple}=$target{shared_extension}) - =~ s|\.\$\(SHLIB_VERSION_NUMBER\)||; -$target{dso_extension}=$target{shared_extension_simple}; + =~ s|\.\$\(SHLIB_VERSION_NUMBER\)|| + unless defined($target{shared_extension_simple}); +$target{dso_extension}//=$target{shared_extension_simple}; ($target{shared_import_extension}=$target{shared_extension_simple}.".a") if ($config{target} =~ /^(?:Cygwin|mingw)/); - -$config{cross_compile_prefix} = env('CROSS_COMPILE') - if $config{cross_compile_prefix} eq ""; - -# Allow overriding the names of some tools. USE WITH CARE -# Note: only Unix cares about HASHBANGPERL... that explains -# the default string. -$config{perl} = ($^O ne "VMS" ? $^X : "perl"); +# Fill %config with values from %user, and in case those are undefined or +# empty, use values from %target (acting as a default). foreach (keys %user) { - my $target_key = $user_to_target{$_} // lc $_; my $ref_type = ref $user{$_}; # Temporary function. Takes an intended ref type (empty string or "ARRAY") @@ -1069,12 +1162,11 @@ foreach (keys %user) { return $value; }; - $config{$target_key} = + $config{$_} = $mkvalue->($ref_type, $user{$_}) - || $mkvalue->($ref_type, $target{$target_key}); - delete $config{$target_key} unless defined $config{$target_key}; + || $mkvalue->($ref_type, $target{$_}); + delete $config{$_} unless defined $config{$_}; } -$config{plib_lflags} = [ $target{plib_lflags} ]; # Allow overriding the build file name $config{build_file} = env('BUILDFILE') || $target{build_file} || "Makefile"; @@ -1144,10 +1236,10 @@ foreach my $checker (($builder_platform."-".$target{build_file}."-checker.pm", push @{$config{defines}}, "NDEBUG" if $config{build_type} eq "release"; -if ($target =~ /^mingw/ && `$config{cc} --target-help 2>&1` =~ m/-mno-cygwin/m) +if ($target =~ /^mingw/ && `$config{CC} --target-help 2>&1` =~ m/-mno-cygwin/m) { push @{$config{cflags}}, "-mno-cygwin"; - push @{$config{cxxflags}}, "-mno-cygwin" if $config{cxx}; + push @{$config{cxxflags}}, "-mno-cygwin" if $config{CXX}; push @{$config{shared_ldflag}}, "-mno-cygwin"; } @@ -1159,32 +1251,9 @@ if ($target =~ /linux.*-mips/ && !$disabled{asm} $value = '-mips2' if ($target =~ /mips32/); $value = '-mips3' if ($target =~ /mips64/); unshift @{$config{cflags}}, $value; - unshift @{$config{cxxflags}}, $value if $config{cxx}; + unshift @{$config{cxxflags}}, $value if $config{CXX}; } -# The DSO code currently always implements all functions so that no -# applications will have to worry about that from a compilation point -# of view. However, the "method"s may return zero unless that platform -# has support compiled in for them. Currently each method is enabled -# by a define "DSO_" ... we translate the "dso_scheme" config -# string entry into using the following logic; -if (!$disabled{dso} && $target{dso_scheme} ne "") - { - $target{dso_scheme} =~ tr/[a-z]/[A-Z]/; - if ($target{dso_scheme} eq "DLFCN") - { - unshift @{$config{defines}}, "DSO_DLFCN", "HAVE_DLFCN_H"; - } - elsif ($target{dso_scheme} eq "DLFCN_NO_H") - { - unshift @{$config{defines}}, "DSO_DLFCN"; - } - else - { - unshift @{$config{defines}}, "DSO_$target{dso_scheme}"; - } - } - # If threads aren't disabled, check how possible they are unless ($disabled{threads}) { if ($auto_threads) { @@ -1232,16 +1301,16 @@ if ($target{shared_target} eq "") } if ($disabled{"dynamic-engine"}) { - push @{$config{defines}}, "OPENSSL_NO_DYNAMIC_ENGINE"; + push @{$config{openssl_other_defines}}, "OPENSSL_NO_DYNAMIC_ENGINE"; $config{dynamic_engines} = 0; } else { - push @{$config{defines}}, "OPENSSL_NO_STATIC_ENGINE"; + push @{$config{openssl_other_defines}}, "OPENSSL_NO_STATIC_ENGINE"; $config{dynamic_engines} = 1; } unless ($disabled{asan}) { push @{$config{cflags}}, "-fsanitize=address"; - push @{$config{cxxflags}}, "-fsanitize=address" if $config{cxx}; + push @{$config{cxxflags}}, "-fsanitize=address" if $config{CXX}; } unless ($disabled{ubsan}) { @@ -1249,18 +1318,18 @@ unless ($disabled{ubsan}) { # platforms. push @{$config{cflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all"; push @{$config{cxxflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all" - if $config{cxx}; + if $config{CXX}; } unless ($disabled{msan}) { push @{$config{cflags}}, "-fsanitize=memory"; - push @{$config{cxxflags}}, "-fsanitize=memory" if $config{cxx}; + push @{$config{cxxflags}}, "-fsanitize=memory" if $config{CXX}; } unless ($disabled{"fuzz-libfuzzer"} && $disabled{"fuzz-afl"} && $disabled{asan} && $disabled{ubsan} && $disabled{msan}) { push @{$config{cflags}}, "-fno-omit-frame-pointer", "-g"; - push @{$config{cxxflags}}, "-fno-omit-frame-pointer", "-g" if $config{cxx}; + push @{$config{cxxflags}}, "-fno-omit-frame-pointer", "-g" if $config{CXX}; } # # Platform fix-ups @@ -1270,9 +1339,9 @@ unless ($disabled{"fuzz-libfuzzer"} && $disabled{"fuzz-afl"} if ($disabled{pic}) { foreach (qw(shared_cflag shared_cxxflag shared_cppflag - shared_defines shared_includes shared_ldflag - dso_cflags dso_cxxflags dso_cppflags - dso_defines dso_includes dso_lflags)) + shared_defines shared_includes shared_ldflag + module_cflags module_cxxflags module_cppflags + module_defines module_includes module_lflags)) { delete $config{$_}; $target{$_} = ""; @@ -1280,7 +1349,7 @@ if ($disabled{pic}) } else { - push @{$config{defines}}, "OPENSSL_PIC"; + push @{$config{lib_defines}}, "OPENSSL_PIC"; } if ($target{sys_id} ne "") @@ -1290,66 +1359,72 @@ if ($target{sys_id} ne "") unless ($disabled{asm}) { $target{cpuid_asm_src}=$table{DEFAULTS}->{cpuid_asm_src} if ($config{processor} eq "386"); - push @{$config{defines}}, "OPENSSL_CPUID_OBJ" if ($target{cpuid_asm_src} ne "mem_clr.c"); + push @{$config{lib_defines}}, "OPENSSL_CPUID_OBJ" if ($target{cpuid_asm_src} ne "mem_clr.c"); $target{bn_asm_src} =~ s/\w+-gf2m.c// if (defined($disabled{ec2m})); # bn-586 is the only one implementing bn_*_part_words - push @{$config{defines}}, "OPENSSL_BN_ASM_PART_WORDS" if ($target{bn_asm_src} =~ /bn-586/); - push @{$config{defines}}, "OPENSSL_IA32_SSE2" if (!$disabled{sse2} && $target{bn_asm_src} =~ /86/); + push @{$config{lib_defines}}, "OPENSSL_BN_ASM_PART_WORDS" if ($target{bn_asm_src} =~ /bn-586/); + push @{$config{lib_defines}}, "OPENSSL_IA32_SSE2" if (!$disabled{sse2} && $target{bn_asm_src} =~ /86/); - push @{$config{defines}}, "OPENSSL_BN_ASM_MONT" if ($target{bn_asm_src} =~ /-mont/); - push @{$config{defines}}, "OPENSSL_BN_ASM_MONT5" if ($target{bn_asm_src} =~ /-mont5/); - push @{$config{defines}}, "OPENSSL_BN_ASM_GF2m" if ($target{bn_asm_src} =~ /-gf2m/); + push @{$config{lib_defines}}, "OPENSSL_BN_ASM_MONT" if ($target{bn_asm_src} =~ /-mont/); + push @{$config{lib_defines}}, "OPENSSL_BN_ASM_MONT5" if ($target{bn_asm_src} =~ /-mont5/); + push @{$config{lib_defines}}, "OPENSSL_BN_ASM_GF2m" if ($target{bn_asm_src} =~ /-gf2m/); if ($target{sha1_asm_src}) { - push @{$config{defines}}, "SHA1_ASM" if ($target{sha1_asm_src} =~ /sx86/ || $target{sha1_asm_src} =~ /sha1/); - push @{$config{defines}}, "SHA256_ASM" if ($target{sha1_asm_src} =~ /sha256/); - push @{$config{defines}}, "SHA512_ASM" if ($target{sha1_asm_src} =~ /sha512/); + push @{$config{lib_defines}}, "SHA1_ASM" if ($target{sha1_asm_src} =~ /sx86/ || $target{sha1_asm_src} =~ /sha1/); + push @{$config{lib_defines}}, "SHA256_ASM" if ($target{sha1_asm_src} =~ /sha256/); + push @{$config{lib_defines}}, "SHA512_ASM" if ($target{sha1_asm_src} =~ /sha512/); + } + if ($target{keccak1600_asm_src} ne $table{DEFAULTS}->{keccak1600_asm_src}) { + push @{$config{lib_defines}}, "KECCAK1600_ASM"; } if ($target{rc4_asm_src} ne $table{DEFAULTS}->{rc4_asm_src}) { - push @{$config{defines}}, "RC4_ASM"; + push @{$config{lib_defines}}, "RC4_ASM"; } if ($target{md5_asm_src}) { - push @{$config{defines}}, "MD5_ASM"; + push @{$config{lib_defines}}, "MD5_ASM"; } $target{cast_asm_src}=$table{DEFAULTS}->{cast_asm_src} unless $disabled{pic}; # CAST assembler is not PIC if ($target{rmd160_asm_src}) { - push @{$config{defines}}, "RMD160_ASM"; + push @{$config{lib_defines}}, "RMD160_ASM"; } if ($target{aes_asm_src}) { - push @{$config{defines}}, "AES_ASM" if ($target{aes_asm_src} =~ m/\baes-/);; + push @{$config{lib_defines}}, "AES_ASM" if ($target{aes_asm_src} =~ m/\baes-/);; # aes-ctr.fake is not a real file, only indication that assembler # module implements AES_ctr32_encrypt... - push @{$config{defines}}, "AES_CTR_ASM" if ($target{aes_asm_src} =~ s/\s*aes-ctr\.fake//); + push @{$config{lib_defines}}, "AES_CTR_ASM" if ($target{aes_asm_src} =~ s/\s*aes-ctr\.fake//); # aes-xts.fake indicates presence of AES_xts_[en|de]crypt... - push @{$config{defines}}, "AES_XTS_ASM" if ($target{aes_asm_src} =~ s/\s*aes-xts\.fake//); + push @{$config{lib_defines}}, "AES_XTS_ASM" if ($target{aes_asm_src} =~ s/\s*aes-xts\.fake//); $target{aes_asm_src} =~ s/\s*(vpaes|aesni)-x86\.s//g if ($disabled{sse2}); - push @{$config{defines}}, "VPAES_ASM" if ($target{aes_asm_src} =~ m/vpaes/); - push @{$config{defines}}, "BSAES_ASM" if ($target{aes_asm_src} =~ m/bsaes/); + push @{$config{lib_defines}}, "VPAES_ASM" if ($target{aes_asm_src} =~ m/vpaes/); + push @{$config{lib_defines}}, "BSAES_ASM" if ($target{aes_asm_src} =~ m/bsaes/); } if ($target{wp_asm_src} =~ /mmx/) { if ($config{processor} eq "386") { $target{wp_asm_src}=$table{DEFAULTS}->{wp_asm_src}; } elsif (!$disabled{"whirlpool"}) { - push @{$config{defines}}, "WHIRLPOOL_ASM"; + push @{$config{lib_defines}}, "WHIRLPOOL_ASM"; } } if ($target{modes_asm_src} =~ /ghash-/) { - push @{$config{defines}}, "GHASH_ASM"; + push @{$config{lib_defines}}, "GHASH_ASM"; } if ($target{ec_asm_src} =~ /ecp_nistz256/) { - push @{$config{defines}}, "ECP_NISTZ256_ASM"; + push @{$config{lib_defines}}, "ECP_NISTZ256_ASM"; + } + if ($target{ec_asm_src} =~ /x25519/) { + push @{$config{lib_defines}}, "X25519_ASM"; } if ($target{padlock_asm_src} ne $table{DEFAULTS}->{padlock_asm_src}) { - push @{$config{defines}}, "PADLOCK_ASM"; + push @{$config{lib_defines}}, "PADLOCK_ASM"; } if ($target{poly1305_asm_src} ne "") { - push @{$config{defines}}, "POLY1305_ASM"; + push @{$config{lib_defines}}, "POLY1305_ASM"; } } -my %predefined = compiler_predefined($config{cc}); +my %predefined = compiler_predefined($config{CROSS_COMPILE}.$config{CC}); # Check for makedepend capabilities. if (!$disabled{makedepend}) { @@ -1357,10 +1432,12 @@ if (!$disabled{makedepend}) { # For VC- and vms- targets, there's nothing more to do here. The # functionality is hard coded in the corresponding build files for # cl (Windows) and CC/DECC (VMS). - } elsif ($predefined{__GNUC__} >= 3) { + } elsif (($predefined{__GNUC__} // -1) >= 3 + && !($predefined{__APPLE_CC__} && !$predefined{__clang__})) { # We know that GNU C version 3 and up as well as all clang - # versions support dependency generation - $config{makedepprog} = "\$(CROSS_COMPILE)$config{cc}"; + # versions support dependency generation, but Xcode did not + # handle $cc -M before clang support (but claims __GNUC__ = 3) + $config{makedepprog} = "\$(CROSS_COMPILE)$config{CC}"; } else { # In all other cases, we look for 'makedepend', and disable the # capability if not found. @@ -1369,6 +1446,27 @@ if (!$disabled{makedepend}) { } } +if (!$disabled{asm} && !$predefined{__MACH__} && $^O ne 'VMS') { + # probe for -Wa,--noexecstack option... + if ($predefined{__clang__}) { + # clang has builtin assembler, which doesn't recognize --help, + # but it apparently recognizes the option in question on all + # supported platforms even when it's meaningless. In other words + # probe would fail, but probed option always accepted... + push @{$config{cflags}}, "-Wa,--noexecstack", "-Qunused-arguments"; + } else { + my $cc = $config{CROSS_COMPILE}.$config{CC}; + open(PIPE, "$cc -Wa,--help -c -o null.$$.o -x assembler /dev/null 2>&1 |"); + while() { + if (m/--noexecstack/) { + push @{$config{cflags}}, "-Wa,--noexecstack"; + last; + } + } + close(PIPE); + unlink("null.$$.o"); + } +} # Deal with bn_ops ################################################### @@ -1402,7 +1500,7 @@ die "Exactly one of SIXTY_FOUR_BIT|SIXTY_FOUR_BIT_LONG|THIRTY_TWO_BIT can be set $config{cflags} = [ map { (my $x = $_) =~ s/([\\\"])/\\$1/g; $x } @{$config{cflags}} ]; $config{cxxflags} = [ map { (my $x = $_) =~ s/([\\\"])/\\$1/g; $x } - @{$config{cxxflags}} ] if $config{cxx}; + @{$config{cxxflags}} ] if $config{CXX}; if (defined($config{api})) { $config{openssl_api_defines} = [ "OPENSSL_MIN_API=".$apitable->{$config{api}} ]; @@ -1410,11 +1508,6 @@ if (defined($config{api})) { push @{$config{defines}}, $apiflag; } -if (defined($predefined{__clang__}) && !$disabled{asm}) { - push @{$config{cflags}}, "-Qunused-arguments"; - push @{$config{cxxflags}}, "-Qunused-arguments" if $config{cxx}; -} - if ($strict_warnings) { my $wopt; @@ -1422,13 +1515,12 @@ if ($strict_warnings) die "ERROR --strict-warnings requires gcc[>=4] or gcc-alike" unless $gccver >= 4; - $gcc_devteam_warn .= " -Wmisleading-indentation" if $gccver >= 6; foreach $wopt (split /\s+/, $gcc_devteam_warn) { push @{$config{cflags}}, $wopt unless grep { $_ eq $wopt } @{$config{cflags}}; push @{$config{cxxflags}}, $wopt - if ($config{cxx} + if ($config{CXX} && !grep { $_ eq $wopt } @{$config{cxxflags}}); } if (defined($predefined{__clang__})) @@ -1438,7 +1530,7 @@ if ($strict_warnings) push @{$config{cflags}}, $wopt unless grep { $_ eq $wopt } @{$config{cflags}}; push @{$config{cxxflags}}, $wopt - if ($config{cxx} + if ($config{CXX} && !grep { $_ eq $wopt } @{$config{cxxflags}}); } } @@ -1451,7 +1543,7 @@ unless ($disabled{"crypto-mdebug-backtrace"}) push @{$config{cflags}}, $wopt unless grep { $_ eq $wopt } @{$config{cflags}}; push @{$config{cxxflags}}, $wopt - if ($config{cxx} + if ($config{CXX} && !grep { $_ eq $wopt } @{$config{cxxflags}}); } if ($target =~ /^BSD-/) @@ -1462,9 +1554,9 @@ unless ($disabled{"crypto-mdebug-backtrace"}) unless ($disabled{afalgeng}) { $config{afalgeng}=""; - if ($target =~ m/^linux/) { + if (grep { $_ eq 'afalgeng' } @{$target{enable}}) { my $minver = 4*10000 + 1*100 + 0; - if ($config{cross_compile_prefix} eq "") { + if ($config{CROSS_COMPILE} eq "") { my $verstr = `uname -r`; my ($ma, $mi1, $mi2) = split("\\.", $verstr); ($mi2) = $mi2 =~ /(\d+)/; @@ -1491,12 +1583,10 @@ foreach (keys %useradd) { die "internal error: \$useradd{$_} isn't an ARRAY\n" unless ref $useradd{$_} eq 'ARRAY'; - my $target_key = $user_to_target{$_} // lc $_; - - if (defined $config{$target_key}) { - push @{$config{$target_key}}, @{$useradd{$_}}; + if (defined $config{$_}) { + push @{$config{$_}}, @{$useradd{$_}}; } else { - $config{$target_key} = [ @{$useradd{$_}} ]; + $config{$_} = [ @{$useradd{$_}} ]; } } @@ -1579,7 +1669,9 @@ if ($builder eq "unified") { die "*** Couldn't find any of:\n", join("\n", @build_file_templates), "\n"; } $config{build_file_templates} - = [ $build_file_template, + = [ cleanfile($srcdir, catfile("Configurations", "common0.tmpl"), + $blddir), + $build_file_template, cleanfile($srcdir, catfile("Configurations", "common.tmpl"), $blddir) ]; @@ -1633,6 +1725,10 @@ if ($builder eq "unified") { my %sharednames = (); my %generate = (); + # We want to detect configdata.pm in the source tree, so we + # don't use it if the build tree is different. + my $src_configdata = cleanfile($srcdir, "configdata.pm", $blddir); + push @{$config{build_infos}}, catfile(abs2rel($sourced, $blddir), $f); my $template = Text::Template->new(TYPE => 'FILE', @@ -1929,7 +2025,7 @@ EOF # If it isn't in the source tree, we assume it's generated # in the build tree - if (! -f $s || $generate{$_}) { + if ($s eq $src_configdata || ! -f $s || $generate{$_}) { $s = cleanfile($buildd, $_, $blddir); } # We recognise C++, C and asm files @@ -1940,6 +2036,13 @@ EOF $o = cleanfile($buildd, $o, $blddir); $unified_info{sources}->{$ddest}->{$o} = 1; $unified_info{sources}->{$o}->{$s} = 1; + } elsif ($s =~ /\.rc$/) { + # We also recognise resource files + my $o = $_; + $o =~ s/\.rc$/.res/; # Resource configuration + my $o = cleanfile($buildd, $o, $blddir); + $unified_info{sources}->{$ddest}->{$o} = 1; + $unified_info{sources}->{$o}->{$s} = 1; } else { $unified_info{sources}->{$ddest}->{$s} = 1; } @@ -1957,7 +2060,7 @@ EOF # If it isn't in the source tree, we assume it's generated # in the build tree - if (! -f $s || $generate{$_}) { + if ($s eq $src_configdata || ! -f $s || $generate{$_}) { $s = cleanfile($buildd, $_, $blddir); } @@ -2007,7 +2110,7 @@ EOF # If the destination doesn't exist in source, it can only be # a generated file in the build tree. - if ($ddest ne "" && ! -f $ddest) { + if ($ddest ne "" && ($ddest eq $src_configdata || ! -f $ddest)) { $ddest = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$ddest}) { $ddest = $unified_info{rename}->{$ddest}; @@ -2021,7 +2124,8 @@ EOF # in the build tree rather than the source tree, and assume # and that there are lines to build it in a BEGINRAW..ENDRAW # section or in the Makefile template. - if (! -f $d + if ($d eq $src_configdata + || ! -f $d || (grep { $d eq $_ } map { cleanfile($srcdir, $_, $blddir) } grep { /\.h$/ } keys %{$unified_info{generate}})) { @@ -2048,7 +2152,7 @@ EOF # If the destination doesn't exist in source, it can only be # a generated file in the build tree. - if (! -f $ddest) { + if ($ddest eq $src_configdata || ! -f $ddest) { $ddest = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$ddest}) { $ddest = $unified_info{rename}->{$ddest}; @@ -2081,16 +2185,12 @@ EOF next if $dest eq ""; foreach my $d (keys %{$unified_info{depends}->{$dest}}) { next unless $d =~ /\.(h|pm)$/; - if ($d eq "configdata.pm" - || defined($unified_info{generate}->{$d})) { - my $i = cleandir($blddir, dirname($d)); - push @{$unified_info{includes}->{$dest}->{build}}, $i - unless grep { $_ eq $i } @{$unified_info{includes}->{$dest}->{build}}; - } else { - my $i = cleandir($srcdir, dirname($d)); - push @{$unified_info{includes}->{$dest}->{source}}, $i - unless grep { $_ eq $i } @{$unified_info{includes}->{$dest}->{source}}; - } + my $i = dirname($d); + my $spot = + $d eq "configdata.pm" || defined($unified_info{generate}->{$d}) + ? 'build' : 'source'; + push @{$unified_info{includes}->{$dest}->{$spot}}, $i + unless grep { $_ eq $i } @{$unified_info{includes}->{$dest}->{$spot}}; } } @@ -2160,7 +2260,7 @@ foreach (grep /_(asm|aux)_src$/, keys %target) { print "Creating configdata.pm\n"; open(OUT,">configdata.pm") || die "unable to create configdata.pm: $!\n"; print OUT <<"EOF"; -#! $config{hashbangperl} +#! $config{HASHBANGPERL} package configdata; @@ -2296,10 +2396,11 @@ if ($builder eq "unified") { EOF } -print OUT "my \%makevars = (\n"; +print OUT + "# The following data is only used when this files is use as a script\n"; +print OUT "my \@makevars = (\n"; foreach (sort keys %user) { - print OUT ' ',$_,' ' x (20 - length $_),'=> ', - "'",$user_to_target{$_} || lc $_,"',\n"; + print OUT " '",$_,"',\n"; } print OUT ");\n"; print OUT "my \%disabled_info = (\n"; @@ -2318,6 +2419,7 @@ foreach my $what (sort keys %disabled_info) { print OUT " },\n"; } print OUT ");\n"; +print OUT 'my @user_crossable = qw( ', join (' ', @user_crossable), " );\n"; print OUT << 'EOF'; # If run directly, we can give some answers, and even reconfigure unless (caller) { @@ -2370,17 +2472,22 @@ _____ -verbose => 2); } if ($dump || $cmdline) { - print "\n(with current working directory = $here)"; - print "\nCommand line:\n\n"; + print "\nCommand line (with current working directory = $here):\n\n"; print ' ',join(' ', - $config{perl}, + $config{PERL}, catfile($config{sourcedir}, 'Configure'), @{$config{perlargv}}), "\n"; + print "\nPerl information:\n\n"; + print ' ',$config{perl_cmd},"\n"; + print ' ',$config{perl_version},' for ',$config{perl_archname},"\n"; } if ($dump || $options) { my $longest = 0; + my $longest2 = 0; foreach my $what (@disablables) { $longest = length($what) if $longest < length($what); + $longest2 = length($disabled{$what}) + if $disabled{$what} && $longest2 < length($disabled{$what}); } print "\nEnabled features:\n\n"; foreach my $what (@disablables) { @@ -2390,7 +2497,7 @@ _____ foreach my $what (@disablables) { if ($disabled{$what}) { print " $what", ' ' x ($longest - length($what) + 1), - "[$disabled{$what}]", ' ' x (10 - length($disabled{$what})); + "[$disabled{$what}]", ' ' x ($longest2 - length($disabled{$what}) + 1); print $disabled_info{$what}->{macro} if $disabled_info{$what}->{macro}; print ' (skip ', @@ -2424,13 +2531,17 @@ _____ } if ($dump || $makevars) { print "\nMakevars:\n\n"; - foreach (sort keys %makevars) { - print ' ',$_,' ' x (16 - length $_),'= ', - (ref $config{$makevars{$_}} eq 'ARRAY' - ? join(' ', @{$config{$makevars{$_}}}) - : $config{$makevars{$_}}), + foreach my $var (@makevars) { + my $prefix = ''; + $prefix = $config{CROSS_COMPILE} + if grep { $var eq $_ } @user_crossable; + $prefix //= ''; + print ' ',$var,' ' x (16 - length $var),'= ', + (ref $config{$var} eq 'ARRAY' + ? join(' ', @{$config{$var}}) + : $prefix.$config{$var}), "\n" - if defined $config{$makevars{$_}}; + if defined $config{$var}; } my @buildfile = ($config{builddir}, $config{build_file}); @@ -2584,17 +2695,8 @@ my %builders = ( $builders{$builder}->($builder_platform, @builder_opts); -# Show a note on the use of configdata.pm, but ONLY for release 1.1.1 -# (i.e. this message disappears with the following update, 1.1.1a) -print <<"EOF" if ($config{version_num} =~ m|^0x1010100.L$|); - -NOTE: Starting with OpenSSL 1.1.1, 'Configure' doesn't display all the disabled -options or the "make variables" with their values. Instead, you must use -'configdata.pm' as a script to get a display of the configuration data. For -help, please do this: +$SIG{__DIE__} = $orig_death_handler; - perl configdata.pm --help -EOF print <<"EOF" if ($disabled{threads} eq "unavailable"); The library could not be configured for supporting multi-threaded @@ -2611,12 +2713,22 @@ or position independent code, please let us know (but please first make sure you have tried with a current version of OpenSSL). EOF -print <<"EOF" if (-f catfile($srcdir, "configdata.pm") && $srcdir ne $blddir); - -WARNING: there are indications that another build was made in the source -directory. This build may have picked up artifacts from that build, the -safest course of action is to clean the source directory and redo this -configuration. +print <<"EOF"; + +********************************************************************** +*** *** +*** OpenSSL has been successfully configured *** +*** *** +*** If you encounter a problem while building, please open an *** +*** issue on GitHub *** +*** and include the output from the following command: *** +*** *** +*** perl configdata.pm --dump *** +*** *** +*** (If you are new to OpenSSL, you might want to consult the *** +*** 'Troubleshooting' section in the INSTALL file first) *** +*** *** +********************************************************************** EOF exit(0); @@ -2626,6 +2738,24 @@ exit(0); # Helpers and utility functions # +# Death handler, to print a helpful message in case of failure ####### +# +sub death_handler { + die @_ if $^S; # To prevent the added message in eval blocks + my $build_file = $target{build_file} // "build file"; + my @message = ( <<"_____", @_ ); + +Failure! $build_file wasn't produced. +Please read INSTALL and associated NOTES files. You may also have to look over +your available compiler tool chain or change your configuration. + +_____ + + # Dying is terminal, so it's ok to reset the signal handler here. + $SIG{__DIE__} = $orig_death_handler; + die @message; +} + # Configuration file reading ######################################### # Note: All of the helper functions are for lazy evaluation. They all @@ -2690,7 +2820,10 @@ sub threads { return sub { add($disabled{threads} ? () : @flags)->(); } } - +sub shared { + my @flags = @_; + return sub { add($disabled{shared} ? () : @flags)->(); } +} our $add_called = 0; # Helper function to implement adding values to already existing configuration @@ -2973,7 +3106,7 @@ sub run_dofile foreach (@templates) { die "Can't open $_, $!" unless -f $_; } - my $perlcmd = (quotify("maybeshell", $config{perl}))[0]; + my $perlcmd = (quotify("maybeshell", $config{PERL}))[0]; my $cmd = "$perlcmd \"-I.\" \"-Mconfigdata\" \"$dofile\" -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; #print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n"; system($cmd); @@ -2983,28 +3116,27 @@ sub run_dofile sub compiler_predefined { state %predefined; - my $default_compiler = shift; + my $cc = shift; return () if $^O eq 'VMS'; - die 'compiler_predefines called without a default compiler' - unless $default_compiler; + die 'compiler_predefined called without a compiler command' + unless $cc; - if (! $predefined{$default_compiler}) { - my $cc = "$config{cross_compile_prefix}$default_compiler"; + if (! $predefined{$cc}) { - $predefined{$default_compiler} = {}; + $predefined{$cc} = {}; # collect compiler pre-defines from gcc or gcc-alike... open(PIPE, "$cc -dM -E -x c /dev/null 2>&1 |"); while (my $l = ) { $l =~ m/^#define\s+(\w+(?:\(\w+\))?)(?:\s+(.+))?/ or last; - $predefined{$default_compiler}->{$1} = $2 // ''; + $predefined{$cc}->{$1} = $2 // ''; } close(PIPE); } - return %{$predefined{$default_compiler}}; + return %{$predefined{$cc}}; } sub which @@ -3031,13 +3163,16 @@ sub which sub env { my $name = shift; + my %opts = @_; - # Note that if $ENV{$name} doesn't exist or is undefined, - # $config{perlenv}->{$name} will be created with the value - # undef. This is intentional. + unless ($opts{cacheonly}) { + # Note that if $ENV{$name} doesn't exist or is undefined, + # $config{perlenv}->{$name} will be created with the value + # undef. This is intentional. - $config{perlenv}->{$name} = $ENV{$name} - if ! exists $config{perlenv}->{$name}; + $config{perlenv}->{$name} = $ENV{$name} + if ! exists $config{perlenv}->{$name}; + } return $config{perlenv}->{$name}; } @@ -3045,8 +3180,8 @@ sub env sub print_table_entry { - my $target = shift; - my %target = resolve_config($target); + local $now_printing = shift; + my %target = resolve_config($now_printing); my $type = shift; # Don't print the templates @@ -3064,7 +3199,6 @@ sub print_table_entry "ld", "lflags", "loutflag", - "plib_lflags", "ex_libs", "bn_ops", "apps_aux_src", @@ -3116,7 +3250,7 @@ sub print_table_entry if ($type eq "TABLE") { print "\n"; - print "*** $target\n"; + print "*** $now_printing\n"; foreach (@sequence) { if (ref($target{$_}) eq "ARRAY") { printf "\$%-12s = %s\n", $_, join(" ", @{$target{$_}}); @@ -3127,7 +3261,7 @@ sub print_table_entry } elsif ($type eq "HASH") { my $largest = length((sort { length($a) <=> length($b) } @sequence)[-1]); - print " '$target' => {\n"; + print " '$now_printing' => {\n"; foreach (@sequence) { if ($target{$_}) { if (ref($target{$_}) eq "ARRAY") {