X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=Configure;h=21811113c6a6424ebacabeacf807a2a25ec248e9;hp=a85beeaf6ef03c6cdf0efd42f5a0bf065cbdb817;hb=cd01707b7f7e71b6c5df013212c9b3613e9eab7c;hpb=dad8c264c78d1bc57b6fcf6c0204a00523c13940 diff --git a/Configure b/Configure index a85beeaf6e..21811113c6 100755 --- a/Configure +++ b/Configure @@ -21,6 +21,9 @@ use OpenSSL::Glob; # see INSTALL for instructions. +my $orig_death_handler = $SIG{__DIE__}; +$SIG{__DIE__} = \&death_handler; + my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; # Options: @@ -125,6 +128,7 @@ my $gcc_devteam_warn = "-DDEBUG_UNUSED" . " -Wswitch" . " -Wsign-compare" . " -Wmissing-prototypes" + . " -Wstrict-prototypes" . " -Wshadow" . " -Wformat" . " -Wtype-limits" @@ -179,6 +183,10 @@ my $apitable = { our %table = (); our %config = (); our %withargs = (); +our $now_printing; # set to current entry's name in print_table_entry + # (todo: right thing would be to encapsulate name + # into %target [class] and make print_table_entry + # a method) # Forward declarations ############################################### @@ -321,6 +329,7 @@ my @disablables = ( "async", "autoalginit", "autoerrinit", + "autoload-config", "bf", "blake2", "camellia", @@ -396,7 +405,6 @@ my @disablables = ( "tests", "threads", "tls", - "tls13downgrade", "ts", "ubsan", "ui-console", @@ -419,10 +427,10 @@ my %deprecated_disablables = ( "ui" => "ui-console", ); -# All of the following is disabled by default (RC5 was enabled before 0.9.8): +# All of the following are disabled by default: our %disabled = ( # "what" => "comment" - "asan" => "default", + "asan" => "default", "crypto-mdebug" => "default", "crypto-mdebug-backtrace" => "default", "devcryptoeng" => "default", @@ -440,7 +448,6 @@ our %disabled = ( # "what" => "comment" "ssl3" => "default", "ssl3-method" => "default", "ubsan" => "default", - "tls13downgrade" => "default", "unit-test" => "default", "weak-ssl-ciphers" => "default", "zlib" => "default", @@ -486,6 +493,7 @@ my @disable_cascades = ( "tests" => [ "external-tests" ], "comp" => [ "zlib" ], "ec" => [ "tls1_3", "sm2" ], + "sm3" => [ "sm2" ], sub { !$disabled{"unit-test"} } => [ "heartbeats" ], sub { !$disabled{"msan"} } => [ "asm" ], @@ -546,6 +554,7 @@ my %user = ( LDLIBS => [], # -l MT => undef, MTFLAGS => [], + PERL => env('PERL') || ($^O ne "VMS" ? $^X : "perl"), RANLIB => env('RANLIB'), RC => env('RC') || env('WINDRES'), RCFLAGS => [], @@ -588,13 +597,13 @@ my %target_attr_translate =( ); # Initialisers coming from 'config' scripts -$config{defines} = [ split(/$list_separator_re/, env('__CNF_CPPDEFINES')) ], -$config{includes} = [ split(/$list_separator_re/, env('__CNF_CPPINCLUDES')) ], -$config{cppflags} = [ env('__CNF_CPPFLAGS') || () ], -$config{cflags} = [ env('__CNF_CFLAGS') || () ], -$config{cxxflags} = [ env('__CNF_CXXFLAGS') || () ], -$config{lflags} = [ env('__CNF_LDFLAGS') || () ], -$config{ex_libs} = [ env('__CNF_LDLIBS') || () ], +$config{defines} = [ split(/$list_separator_re/, env('__CNF_CPPDEFINES')) ]; +$config{includes} = [ split(/$list_separator_re/, env('__CNF_CPPINCLUDES')) ]; +$config{cppflags} = [ env('__CNF_CPPFLAGS') || () ]; +$config{cflags} = [ env('__CNF_CFLAGS') || () ]; +$config{cxxflags} = [ env('__CNF_CXXFLAGS') || () ]; +$config{lflags} = [ env('__CNF_LDFLAGS') || () ]; +$config{ex_libs} = [ env('__CNF_LDLIBS') || () ]; $config{openssl_api_defines}=[]; $config{openssl_algorithm_defines}=[]; @@ -816,11 +825,7 @@ while (@argvcopy) { read_config $1; } - elsif (/^-L(.*)$/) - { - push @{$useradd{LDFLAGS}}, $_; - } - elsif (/^-l(.*)$/ or /^-Wl,/) + elsif (/^-l(.*)$/) { push @{$useradd{LDLIBS}}, $_; } @@ -828,6 +833,10 @@ while (@argvcopy) { push @{$useradd{LDLIBS}}, $_, shift(@argvcopy); } + elsif (/^-L(.*)$/ or /^-Wl,/) + { + push @{$useradd{LDFLAGS}}, $_; + } elsif (/^-rpath$/ or /^-R$/) # -rpath is the OSF1 rpath flag # -R is the old Solaris rpath flag @@ -880,21 +889,21 @@ while (@argvcopy) else { $config{options} .= " ".$_; } } + } - if (defined($config{api}) && !exists $apitable->{$config{api}}) { - die "***** Unsupported api compatibility level: $config{api}\n", - } +if (defined($config{api}) && !exists $apitable->{$config{api}}) { + die "***** Unsupported api compatibility level: $config{api}\n", +} - if (keys %deprecated_options) - { - warn "***** Deprecated options: ", - join(", ", keys %deprecated_options), "\n"; - } - if (keys %unsupported_options) - { - die "***** Unsupported options: ", - join(", ", keys %unsupported_options), "\n"; - } +if (keys %deprecated_options) + { + warn "***** Deprecated options: ", + join(", ", keys %deprecated_options), "\n"; + } +if (keys %unsupported_options) + { + die "***** Unsupported options: ", + join(", ", keys %unsupported_options), "\n"; } # If any %useradd entry has been set, we must check that the "make @@ -947,7 +956,7 @@ foreach (keys %user) { } } -if (grep { $_ =~ /(^|\s)-Wl,-rpath,/ } ($user{LDLIBS} ? @{$user{LDLIBS}} : ()) +if (grep { /-rpath\b/ } ($user{LDFLAGS} ? @{$user{LDFLAGS}} : ()) && !$disabled{shared} && !($disabled{asan} && $disabled{msan} && $disabled{ubsan})) { die "***** Cannot simultaneously use -rpath, shared libraries, and\n", @@ -1001,9 +1010,23 @@ if (scalar(@seed_sources) == 0) { print "Using os-specific seed configuration\n"; push @seed_sources, 'os'; } -die "Cannot seed with none and anything else" - if scalar(grep { $_ eq 'none' } @seed_sources) > 0 - && scalar(@seed_sources) > 1; +if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) { + die "Cannot seed with none and anything else" if scalar(@seed_sources) > 1; + warn <<_____ if scalar(@seed_sources) == 1; + +============================== WARNING =============================== +You have selected the --with-rand-seed=none option, which effectively +disables automatic reseeding of the OpenSSL random generator. +All operations depending on the random generator such as creating keys +will not work unless the random generator is seeded manually by the +application. + +Please read the 'Note on random number generation' section in the +INSTALL instructions and the RAND_DRBG(7) manual page for more details. +============================== WARNING =============================== + +_____ +} push @{$config{openssl_other_defines}}, map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" } @seed_sources; @@ -1023,11 +1046,12 @@ if ($d) { $target = $t; } } + +&usage if !$table{$target} || $table{$target}->{template}; + $config{target} = $target; my %target = resolve_config($target); -&usage if (!%target || $target{template}); - foreach (keys %target_attr_translate) { $target{$target_attr_translate{$_}} = $target{$_} if $target{$_}; @@ -1104,15 +1128,14 @@ $target{exe_extension}=".exe" if ($config{target} eq "DJGPP" $target{exe_extension}=".pm" if ($config{target} =~ /vos/); ($target{shared_extension_simple}=$target{shared_extension}) - =~ s|\.\$\(SHLIB_VERSION_NUMBER\)||; -$target{dso_extension}=$target{shared_extension_simple}; + =~ s|\.\$\(SHLIB_VERSION_NUMBER\)|| + unless defined($target{shared_extension_simple}); +$target{dso_extension}//=$target{shared_extension_simple}; ($target{shared_import_extension}=$target{shared_extension_simple}.".a") if ($config{target} =~ /^(?:Cygwin|mingw)/); -# Allow overriding the names of some tools. USE WITH CARE -# Note: only Unix cares about HASHBANGPERL... that explains -# the default string. -$config{perl} = ($^O ne "VMS" ? $^X : "perl"); +# Fill %config with values from %user, and in case those are undefined or +# empty, use values from %target (acting as a default). foreach (keys %user) { my $ref_type = ref $user{$_}; @@ -1231,29 +1254,6 @@ if ($target =~ /linux.*-mips/ && !$disabled{asm} unshift @{$config{cxxflags}}, $value if $config{CXX}; } -# The DSO code currently always implements all functions so that no -# applications will have to worry about that from a compilation point -# of view. However, the "method"s may return zero unless that platform -# has support compiled in for them. Currently each method is enabled -# by a define "DSO_" ... we translate the "dso_scheme" config -# string entry into using the following logic; -if (!$disabled{dso} && $target{dso_scheme} ne "") - { - $target{dso_scheme} =~ tr/[a-z]/[A-Z]/; - if ($target{dso_scheme} eq "DLFCN") - { - unshift @{$config{lib_defines}}, "DSO_DLFCN", "HAVE_DLFCN_H"; - } - elsif ($target{dso_scheme} eq "DLFCN_NO_H") - { - unshift @{$config{lib_defines}}, "DSO_DLFCN"; - } - else - { - unshift @{$config{lib_defines}}, "DSO_$target{dso_scheme}"; - } - } - # If threads aren't disabled, check how possible they are unless ($disabled{threads}) { if ($auto_threads) { @@ -1376,6 +1376,9 @@ unless ($disabled{asm}) { push @{$config{lib_defines}}, "SHA256_ASM" if ($target{sha1_asm_src} =~ /sha256/); push @{$config{lib_defines}}, "SHA512_ASM" if ($target{sha1_asm_src} =~ /sha512/); } + if ($target{keccak1600_asm_src} ne $table{DEFAULTS}->{keccak1600_asm_src}) { + push @{$config{lib_defines}}, "KECCAK1600_ASM"; + } if ($target{rc4_asm_src} ne $table{DEFAULTS}->{rc4_asm_src}) { push @{$config{lib_defines}}, "RC4_ASM"; } @@ -1421,7 +1424,7 @@ unless ($disabled{asm}) { } } -my %predefined = compiler_predefined($config{CC}); +my %predefined = compiler_predefined($config{CROSS_COMPILE}.$config{CC}); # Check for makedepend capabilities. if (!$disabled{makedepend}) { @@ -1429,9 +1432,11 @@ if (!$disabled{makedepend}) { # For VC- and vms- targets, there's nothing more to do here. The # functionality is hard coded in the corresponding build files for # cl (Windows) and CC/DECC (VMS). - } elsif ($predefined{__GNUC__} >= 3) { + } elsif (($predefined{__GNUC__} // -1) >= 3 + && !($predefined{__APPLE_CC__} && !$predefined{__clang__})) { # We know that GNU C version 3 and up as well as all clang - # versions support dependency generation + # versions support dependency generation, but Xcode did not + # handle $cc -M before clang support (but claims __GNUC__ = 3) $config{makedepprog} = "\$(CROSS_COMPILE)$config{CC}"; } else { # In all other cases, we look for 'makedepend', and disable the @@ -1441,6 +1446,27 @@ if (!$disabled{makedepend}) { } } +if (!$disabled{asm} && !$predefined{__MACH__} && $^O ne 'VMS') { + # probe for -Wa,--noexecstack option... + if ($predefined{__clang__}) { + # clang has builtin assembler, which doesn't recognize --help, + # but it apparently recognizes the option in question on all + # supported platforms even when it's meaningless. In other words + # probe would fail, but probed option always accepted... + push @{$config{cflags}}, "-Wa,--noexecstack", "-Qunused-arguments"; + } else { + my $cc = $config{CROSS_COMPILE}.$config{CC}; + open(PIPE, "$cc -Wa,--help -c -o null.$$.o -x assembler /dev/null 2>&1 |"); + while() { + if (m/--noexecstack/) { + push @{$config{cflags}}, "-Wa,--noexecstack"; + last; + } + } + close(PIPE); + unlink("null.$$.o"); + } +} # Deal with bn_ops ################################################### @@ -1482,11 +1508,6 @@ if (defined($config{api})) { push @{$config{defines}}, $apiflag; } -if (defined($predefined{__clang__}) && !$disabled{asm}) { - push @{$config{cflags}}, "-Qunused-arguments"; - push @{$config{cxxflags}}, "-Qunused-arguments" if $config{CXX}; -} - if ($strict_warnings) { my $wopt; @@ -1494,7 +1515,6 @@ if ($strict_warnings) die "ERROR --strict-warnings requires gcc[>=4] or gcc-alike" unless $gccver >= 4; - $gcc_devteam_warn .= " -Wmisleading-indentation" if $gccver >= 6; foreach $wopt (split /\s+/, $gcc_devteam_warn) { push @{$config{cflags}}, $wopt @@ -1649,7 +1669,9 @@ if ($builder eq "unified") { die "*** Couldn't find any of:\n", join("\n", @build_file_templates), "\n"; } $config{build_file_templates} - = [ $build_file_template, + = [ cleanfile($srcdir, catfile("Configurations", "common0.tmpl"), + $blddir), + $build_file_template, cleanfile($srcdir, catfile("Configurations", "common.tmpl"), $blddir) ]; @@ -2014,6 +2036,13 @@ EOF $o = cleanfile($buildd, $o, $blddir); $unified_info{sources}->{$ddest}->{$o} = 1; $unified_info{sources}->{$o}->{$s} = 1; + } elsif ($s =~ /\.rc$/) { + # We also recognise resource files + my $o = $_; + $o =~ s/\.rc$/.res/; # Resource configuration + my $o = cleanfile($buildd, $o, $blddir); + $unified_info{sources}->{$ddest}->{$o} = 1; + $unified_info{sources}->{$o}->{$s} = 1; } else { $unified_info{sources}->{$ddest}->{$s} = 1; } @@ -2214,6 +2243,42 @@ EOF [ @{$unified_info{includes}->{$dest}->{source}} ]; } } + + # For convenience collect information regarding directories where + # files are generated, those generated files and the end product + # they end up in where applicable. Then, add build rules for those + # directories + my %loopinfo = ( "lib" => [ @{$unified_info{libraries}} ], + "dso" => [ @{$unified_info{engines}} ], + "bin" => [ @{$unified_info{programs}} ], + "script" => [ @{$unified_info{scripts}} ] ); + foreach my $type (keys %loopinfo) { + foreach my $product (@{$loopinfo{$type}}) { + my %dirs = (); + my $pd = dirname($product); + + foreach (@{$unified_info{sources}->{$product}}, + @{$unified_info{shared_sources}->{$product} // []}) { + my $d = dirname($_); + + # We don't want to create targets for source directories + # when building out of source + next if ($config{sourcedir} ne $config{builddir} + && $d =~ m|^\Q$config{sourcedir}\E|); + # We already have a "test" target, and the current directory + # is just silly to make a target for + next if $d eq "test" || $d eq "."; + + $dirs{$d} = 1; + push @{$unified_info{dirinfo}->{$d}->{deps}}, $_ + if $d ne $pd; + } + foreach (keys %dirs) { + push @{$unified_info{dirinfo}->{$_}->{products}->{$type}}, + $product; + } + } + } } # For the schemes that need it, we provide the old *_obj configs @@ -2445,7 +2510,7 @@ _____ if ($dump || $cmdline) { print "\nCommand line (with current working directory = $here):\n\n"; print ' ',join(' ', - $config{perl}, + $config{PERL}, catfile($config{sourcedir}, 'Configure'), @{$config{perlargv}}), "\n"; print "\nPerl information:\n\n"; @@ -2666,6 +2731,8 @@ my %builders = ( $builders{$builder}->($builder_platform, @builder_opts); +$SIG{__DIE__} = $orig_death_handler; + print <<"EOF" if ($disabled{threads} eq "unavailable"); The library could not be configured for supporting multi-threaded @@ -2686,10 +2753,16 @@ print <<"EOF"; ********************************************************************** *** *** -*** If you want to report a building issue, please include the *** -*** output from this command: *** +*** OpenSSL has been successfully configured *** +*** *** +*** If you encounter a problem while building, please open an *** +*** issue on GitHub *** +*** and include the output from the following command: *** *** *** -*** perl configdata.pm --dump *** +*** perl configdata.pm --dump *** +*** *** +*** (If you are new to OpenSSL, you might want to consult the *** +*** 'Troubleshooting' section in the INSTALL file first) *** *** *** ********************************************************************** EOF @@ -2701,6 +2774,24 @@ exit(0); # Helpers and utility functions # +# Death handler, to print a helpful message in case of failure ####### +# +sub death_handler { + die @_ if $^S; # To prevent the added message in eval blocks + my $build_file = $target{build_file} // "build file"; + my @message = ( <<"_____", @_ ); + +Failure! $build_file wasn't produced. +Please read INSTALL and associated NOTES files. You may also have to look over +your available compiler tool chain or change your configuration. + +_____ + + # Dying is terminal, so it's ok to reset the signal handler here. + $SIG{__DIE__} = $orig_death_handler; + die @message; +} + # Configuration file reading ######################################### # Note: All of the helper functions are for lazy evaluation. They all @@ -2765,7 +2856,10 @@ sub threads { return sub { add($disabled{threads} ? () : @flags)->(); } } - +sub shared { + my @flags = @_; + return sub { add($disabled{shared} ? () : @flags)->(); } +} our $add_called = 0; # Helper function to implement adding values to already existing configuration @@ -3048,7 +3142,7 @@ sub run_dofile foreach (@templates) { die "Can't open $_, $!" unless -f $_; } - my $perlcmd = (quotify("maybeshell", $config{perl}))[0]; + my $perlcmd = (quotify("maybeshell", $config{PERL}))[0]; my $cmd = "$perlcmd \"-I.\" \"-Mconfigdata\" \"$dofile\" -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; #print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n"; system($cmd); @@ -3058,28 +3152,27 @@ sub run_dofile sub compiler_predefined { state %predefined; - my $default_compiler = shift; + my $cc = shift; return () if $^O eq 'VMS'; - die 'compiler_predefined called without a default compiler' - unless $default_compiler; + die 'compiler_predefined called without a compiler command' + unless $cc; - if (! $predefined{$default_compiler}) { - my $cc = "$config{CROSS_COMPILE}$default_compiler"; + if (! $predefined{$cc}) { - $predefined{$default_compiler} = {}; + $predefined{$cc} = {}; # collect compiler pre-defines from gcc or gcc-alike... open(PIPE, "$cc -dM -E -x c /dev/null 2>&1 |"); while (my $l = ) { $l =~ m/^#define\s+(\w+(?:\(\w+\))?)(?:\s+(.+))?/ or last; - $predefined{$default_compiler}->{$1} = $2 // ''; + $predefined{$cc}->{$1} = $2 // ''; } close(PIPE); } - return %{$predefined{$default_compiler}}; + return %{$predefined{$cc}}; } sub which @@ -3123,8 +3216,8 @@ sub env sub print_table_entry { - my $target = shift; - my %target = resolve_config($target); + local $now_printing = shift; + my %target = resolve_config($now_printing); my $type = shift; # Don't print the templates @@ -3193,7 +3286,7 @@ sub print_table_entry if ($type eq "TABLE") { print "\n"; - print "*** $target\n"; + print "*** $now_printing\n"; foreach (@sequence) { if (ref($target{$_}) eq "ARRAY") { printf "\$%-12s = %s\n", $_, join(" ", @{$target{$_}}); @@ -3204,7 +3297,7 @@ sub print_table_entry } elsif ($type eq "HASH") { my $largest = length((sort { length($a) <=> length($b) } @sequence)[-1]); - print " '$target' => {\n"; + print " '$now_printing' => {\n"; foreach (@sequence) { if ($target{$_}) { if (ref($target{$_}) eq "ARRAY") {