X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=Configure;h=6ef641503580bd6ff0c5fdf5e0d46d3430c9170f;hp=9a600913c76269f9a7903c4dedd87acb22fc0de8;hb=99f0c7a8a6999e2f78fc065e4da78643ae14c14c;hpb=91860165820daf7a17836597f18752f094b887c8 diff --git a/Configure b/Configure index 9a600913c7..6ef6415035 100755 --- a/Configure +++ b/Configure @@ -1,6 +1,6 @@ #! /usr/bin/env perl # -*- mode: perl; -*- -# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -21,6 +21,9 @@ use OpenSSL::Glob; # see INSTALL for instructions. +my $orig_death_handler = $SIG{__DIE__}; +$SIG{__DIE__} = \&death_handler; + my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; # Options: @@ -116,22 +119,27 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lx # code, so we just tell compiler to be pedantic about everything # but 'long long' type. -my $gcc_devteam_warn = "-DDEBUG_UNUSED" - . " -DPEDANTIC -pedantic -Wno-long-long" - . " -Wall" - . " -Wextra" - . " -Wno-unused-parameter" - . " -Wno-missing-field-initializers" - . " -Wswitch" - . " -Wsign-compare" - . " -Wmissing-prototypes" - . " -Wstrict-prototypes" - . " -Wshadow" - . " -Wformat" - . " -Wtype-limits" - . " -Wundef" - . " -Werror" - ; +my %gcc_devteam_warn = (); +{ + my @common = qw( -DDEBUG_UNUSED + -DPEDANTIC -pedantic -Wno-long-long + -Wall + -Wextra + -Wno-unused-parameter + -Wno-missing-field-initializers + -Wswitch + -Wsign-compare + -Wshadow + -Wformat + -Wtype-limits + -Wundef + -Werror ); + %gcc_devteam_warn = ( + CFLAGS => [ @common, qw( -Wmissing-prototypes + -Wstrict-prototypes ) ], + CXXFLAGS => [ @common ] + ); +} # These are used in addition to $gcc_devteam_warn when the compiler is clang. # TODO(openssl-team): fix problems and investigate if (at least) the @@ -141,16 +149,20 @@ my $gcc_devteam_warn = "-DDEBUG_UNUSED" # -Wlanguage-extension-token -- no, we use asm() # -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc # -Wextended-offsetof -- no, needed in CMS ASN1 code -my $clang_devteam_warn = "" - . " -Wswitch-default" - . " -Wno-parentheses-equality" - . " -Wno-language-extension-token" - . " -Wno-extended-offsetof" - . " -Wconditional-uninitialized" - . " -Wincompatible-pointer-types-discards-qualifiers" - . " -Wmissing-variable-declarations" - . " -Wno-unknown-warning-option" - ; +my %clang_devteam_warn = (); +{ + my @common = qw( -Wswitch-default + -Wno-parentheses-equality + -Wno-language-extension-token + -Wno-extended-offsetof + -Wconditional-uninitialized + -Wincompatible-pointer-types-discards-qualifiers + -Wno-unknown-warning-option ); + %clang_devteam_warn = ( + CFLAGS => [ @common, qw( -Wmissing-variable-declarations ) ], + CXXFLAGS => [ @common ] + ); +} # This adds backtrace information to the memory leak info. Is only used # when crypto-mdebug-backtrace is enabled. @@ -371,6 +383,7 @@ my @disablables = ( "msan", "multiblock", "nextprotoneg", + "pinshared", "ocb", "ocsp", "pic", @@ -402,7 +415,6 @@ my @disablables = ( "tests", "threads", "tls", - "tls13downgrade", "ts", "ubsan", "ui-console", @@ -446,7 +458,6 @@ our %disabled = ( # "what" => "comment" "ssl3" => "default", "ssl3-method" => "default", "ubsan" => "default", - "tls13downgrade" => "default", "unit-test" => "default", "weak-ssl-ciphers" => "default", "zlib" => "default", @@ -539,20 +550,21 @@ my %user = ( AS => undef, ASFLAGS => [], CC => env('CC'), - CFLAGS => [], + CFLAGS => [ env('CFLAGS') || () ], CXX => env('CXX'), - CXXFLAGS => [], + CXXFLAGS => [ env('CXXFLAGS') || () ], CPP => undef, - CPPFLAGS => [], # -D, -I, -Wp, + CPPFLAGS => [ env('CPPFLAGS') || () ], # -D, -I, -Wp, CPPDEFINES => [], # Alternative for -D CPPINCLUDES => [], # Alternative for -I CROSS_COMPILE => env('CROSS_COMPILE'), HASHBANGPERL=> env('HASHBANGPERL') || env('PERL'), LD => undef, - LDFLAGS => [], # -L, -Wl, - LDLIBS => [], # -l + LDFLAGS => [ env('LDFLAGS') || () ], # -L, -Wl, + LDLIBS => [ env('LDLIBS') || () ], # -l MT => undef, MTFLAGS => [], + PERL => env('PERL') || ($^O ne "VMS" ? $^X : "perl"), RANLIB => env('RANLIB'), RC => env('RC') || env('WINDRES'), RCFLAGS => [], @@ -744,7 +756,11 @@ while (@argvcopy) } elsif (/^--strict-warnings$/) { - $strict_warnings = 1; + # Pretend that our strict flags is a C flag, and replace it + # with the proper flags later on + push @{$useradd{CFLAGS}}, '--ossl-strict-warnings'; + push @{$useradd{CXXFLAGS}}, '--ossl-strict-warnings'; + $strict_warnings=1; } elsif (/^--debug$/) { @@ -823,11 +839,7 @@ while (@argvcopy) { read_config $1; } - elsif (/^-L(.*)$/) - { - push @{$useradd{LDFLAGS}}, $_; - } - elsif (/^-l(.*)$/ or /^-Wl,/) + elsif (/^-l(.*)$/) { push @{$useradd{LDLIBS}}, $_; } @@ -835,6 +847,10 @@ while (@argvcopy) { push @{$useradd{LDLIBS}}, $_, shift(@argvcopy); } + elsif (/^-L(.*)$/ or /^-Wl,/) + { + push @{$useradd{LDFLAGS}}, $_; + } elsif (/^-rpath$/ or /^-R$/) # -rpath is the OSF1 rpath flag # -R is the old Solaris rpath flag @@ -887,21 +903,21 @@ while (@argvcopy) else { $config{options} .= " ".$_; } } + } - if (defined($config{api}) && !exists $apitable->{$config{api}}) { - die "***** Unsupported api compatibility level: $config{api}\n", - } +if (defined($config{api}) && !exists $apitable->{$config{api}}) { + die "***** Unsupported api compatibility level: $config{api}\n", +} - if (keys %deprecated_options) - { - warn "***** Deprecated options: ", - join(", ", keys %deprecated_options), "\n"; - } - if (keys %unsupported_options) - { - die "***** Unsupported options: ", - join(", ", keys %unsupported_options), "\n"; - } +if (keys %deprecated_options) + { + warn "***** Deprecated options: ", + join(", ", keys %deprecated_options), "\n"; + } +if (keys %unsupported_options) + { + die "***** Unsupported options: ", + join(", ", keys %unsupported_options), "\n"; } # If any %useradd entry has been set, we must check that the "make @@ -954,7 +970,7 @@ foreach (keys %user) { } } -if (grep { $_ =~ /(^|\s)-Wl,-rpath,/ } ($user{LDLIBS} ? @{$user{LDLIBS}} : ()) +if (grep { /-rpath\b/ } ($user{LDFLAGS} ? @{$user{LDFLAGS}} : ()) && !$disabled{shared} && !($disabled{asan} && $disabled{msan} && $disabled{ubsan})) { die "***** Cannot simultaneously use -rpath, shared libraries, and\n", @@ -1008,9 +1024,23 @@ if (scalar(@seed_sources) == 0) { print "Using os-specific seed configuration\n"; push @seed_sources, 'os'; } -die "Cannot seed with none and anything else" - if scalar(grep { $_ eq 'none' } @seed_sources) > 0 - && scalar(@seed_sources) > 1; +if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) { + die "Cannot seed with none and anything else" if scalar(@seed_sources) > 1; + warn <<_____ if scalar(@seed_sources) == 1; + +============================== WARNING =============================== +You have selected the --with-rand-seed=none option, which effectively +disables automatic reseeding of the OpenSSL random generator. +All operations depending on the random generator such as creating keys +will not work unless the random generator is seeded manually by the +application. + +Please read the 'Note on random number generation' section in the +INSTALL instructions and the RAND_DRBG(7) manual page for more details. +============================== WARNING =============================== + +_____ +} push @{$config{openssl_other_defines}}, map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" } @seed_sources; @@ -1030,11 +1060,12 @@ if ($d) { $target = $t; } } + +&usage if !$table{$target} || $table{$target}->{template}; + $config{target} = $target; my %target = resolve_config($target); -&usage if (!%target || $target{template}); - foreach (keys %target_attr_translate) { $target{$target_attr_translate{$_}} = $target{$_} if $target{$_}; @@ -1093,13 +1124,13 @@ foreach my $feature (@{$target{disable}}) { $disabled{$feature} = 'config'; } foreach my $feature (@{$target{enable}}) { - if ("default" eq ($disabled{$_} // "")) { + if ("default" eq ($disabled{$feature} // "")) { if (exists $deprecated_disablables{$feature}) { warn "***** config $target enables deprecated feature $feature\n"; } elsif (!grep { $feature eq $_ } @disablables) { die "***** config $target enables unknown feature $feature\n"; } - delete $disabled{$_}; + delete $disabled{$feature}; } } @@ -1111,15 +1142,14 @@ $target{exe_extension}=".exe" if ($config{target} eq "DJGPP" $target{exe_extension}=".pm" if ($config{target} =~ /vos/); ($target{shared_extension_simple}=$target{shared_extension}) - =~ s|\.\$\(SHLIB_VERSION_NUMBER\)||; -$target{dso_extension}=$target{shared_extension_simple}; + =~ s|\.\$\(SHLIB_VERSION_NUMBER\)|| + unless defined($target{shared_extension_simple}); +$target{dso_extension}//=$target{shared_extension_simple}; ($target{shared_import_extension}=$target{shared_extension_simple}.".a") if ($config{target} =~ /^(?:Cygwin|mingw)/); -# Allow overriding the names of some tools. USE WITH CARE -# Note: only Unix cares about HASHBANGPERL... that explains -# the default string. -$config{perl} = ($^O ne "VMS" ? $^X : "perl"); +# Fill %config with values from %user, and in case those are undefined or +# empty, use values from %target (acting as a default). foreach (keys %user) { my $ref_type = ref $user{$_}; @@ -1354,6 +1384,7 @@ unless ($disabled{asm}) { push @{$config{lib_defines}}, "OPENSSL_BN_ASM_MONT" if ($target{bn_asm_src} =~ /-mont/); push @{$config{lib_defines}}, "OPENSSL_BN_ASM_MONT5" if ($target{bn_asm_src} =~ /-mont5/); push @{$config{lib_defines}}, "OPENSSL_BN_ASM_GF2m" if ($target{bn_asm_src} =~ /-gf2m/); + push @{$config{lib_defines}}, "BN_DIV3W" if ($target{bn_asm_src} =~ /-div3w/); if ($target{sha1_asm_src}) { push @{$config{lib_defines}}, "SHA1_ASM" if ($target{sha1_asm_src} =~ /sx86/ || $target{sha1_asm_src} =~ /sha1/); @@ -1401,14 +1432,17 @@ unless ($disabled{asm}) { push @{$config{lib_defines}}, "X25519_ASM"; } if ($target{padlock_asm_src} ne $table{DEFAULTS}->{padlock_asm_src}) { - push @{$config{lib_defines}}, "PADLOCK_ASM"; + push @{$config{dso_defines}}, "PADLOCK_ASM"; } if ($target{poly1305_asm_src} ne "") { push @{$config{lib_defines}}, "POLY1305_ASM"; } } -my %predefined = compiler_predefined($config{CROSS_COMPILE}.$config{CC}); +my %predefined_C = compiler_predefined($config{CROSS_COMPILE}.$config{CC}); +my %predefined_CXX = $config{CXX} + ? compiler_predefined($config{CROSS_COMPILE}.$config{CXX}) + : (); # Check for makedepend capabilities. if (!$disabled{makedepend}) { @@ -1416,8 +1450,8 @@ if (!$disabled{makedepend}) { # For VC- and vms- targets, there's nothing more to do here. The # functionality is hard coded in the corresponding build files for # cl (Windows) and CC/DECC (VMS). - } elsif (($predefined{__GNUC__} // -1) >= 3 - && !($predefined{__APPLE_CC__} && !$predefined{__clang__})) { + } elsif (($predefined_C{__GNUC__} // -1) >= 3 + && !($predefined_C{__APPLE_CC__} && !$predefined_C{__clang__})) { # We know that GNU C version 3 and up as well as all clang # versions support dependency generation, but Xcode did not # handle $cc -M before clang support (but claims __GNUC__ = 3) @@ -1430,15 +1464,15 @@ if (!$disabled{makedepend}) { } } -if (!$disabled{asm}) { +if (!$disabled{asm} && !$predefined_C{__MACH__} && $^O ne 'VMS') { # probe for -Wa,--noexecstack option... - if ($predefined{__clang__}) { + if ($predefined_C{__clang__}) { # clang has builtin assembler, which doesn't recognize --help, # but it apparently recognizes the option in question on all # supported platforms even when it's meaningless. In other words # probe would fail, but probed option always accepted... push @{$config{cflags}}, "-Wa,--noexecstack", "-Qunused-arguments"; - } elsif ($^O ne 'VMS') { + } else { my $cc = $config{CROSS_COMPILE}.$config{CC}; open(PIPE, "$cc -Wa,--help -c -o null.$$.o -x assembler /dev/null 2>&1 |"); while() { @@ -1492,33 +1526,36 @@ if (defined($config{api})) { push @{$config{defines}}, $apiflag; } +my %strict_warnings_collection=( CFLAGS => [], CXXFLAGS => []); if ($strict_warnings) { my $wopt; - my $gccver = $predefined{__GNUC__} // -1; + my $gccver = $predefined_C{__GNUC__} // -1; + my $gxxver = $predefined_CXX{__GNUC__} // -1; - die "ERROR --strict-warnings requires gcc[>=4] or gcc-alike" + warn "WARNING --strict-warnings requires gcc[>=4] or gcc-alike" unless $gccver >= 4; - foreach $wopt (split /\s+/, $gcc_devteam_warn) - { - push @{$config{cflags}}, $wopt - unless grep { $_ eq $wopt } @{$config{cflags}}; - push @{$config{cxxflags}}, $wopt - if ($config{CXX} - && !grep { $_ eq $wopt } @{$config{cxxflags}}); - } - if (defined($predefined{__clang__})) + warn "WARNING --strict-warnings requires g++[>=4] or g++-alike" + unless $gxxver >= 4; + foreach (qw(CFLAGS CXXFLAGS)) { - foreach $wopt (split /\s+/, $clang_devteam_warn) - { - push @{$config{cflags}}, $wopt - unless grep { $_ eq $wopt } @{$config{cflags}}; - push @{$config{cxxflags}}, $wopt - if ($config{CXX} - && !grep { $_ eq $wopt } @{$config{cxxflags}}); - } + push @{$strict_warnings_collection{$_}}, + @{$gcc_devteam_warn{$_}}; } + push @{$strict_warnings_collection{CFLAGS}}, + @{$clang_devteam_warn{CFLAGS}} + if (defined($predefined_C{__clang__})); + push @{$strict_warnings_collection{CXXFLAGS}}, + @{$clang_devteam_warn{CXXFLAGS}} + if (defined($predefined_CXX{__clang__})); } +foreach my $idx (qw(CFLAGS CXXFLAGS)) + { + $useradd{$idx} = [ map { $_ eq '--ossl-strict-warnings' + ? @{$strict_warnings_collection{$idx}} + : ( $_ ) } + @{$useradd{$idx}} ]; + } unless ($disabled{"crypto-mdebug-backtrace"}) { @@ -2163,6 +2200,16 @@ EOF # Massage the result + # If the user configured no-shared, we allow no shared sources + if ($disabled{shared}) { + foreach (keys %{$unified_info{shared_sources}}) { + foreach (keys %{$unified_info{shared_sources}->{$_}}) { + delete $unified_info{sources}->{$_}; + } + } + $unified_info{shared_sources} = {}; + } + # If we depend on a header file or a perl module, add an inclusion of # its directory to allow smoothe inclusion foreach my $dest (keys %{$unified_info{depends}}) { @@ -2187,8 +2234,8 @@ EOF next unless defined($unified_info{includes}->{$dest}->{$k}); my @incs = reverse @{$unified_info{includes}->{$dest}->{$k}}; foreach my $obj (grep /\.o$/, - (keys %{$unified_info{sources}->{$dest}}, - keys %{$unified_info{shared_sources}->{$dest}})) { + (keys %{$unified_info{sources}->{$dest} // {}}, + keys %{$unified_info{shared_sources}->{$dest} // {}})) { foreach my $inc (@incs) { unshift @{$unified_info{includes}->{$obj}->{$k}}, $inc unless grep { $_ eq $inc } @{$unified_info{includes}->{$obj}->{$k}}; @@ -2227,6 +2274,42 @@ EOF [ @{$unified_info{includes}->{$dest}->{source}} ]; } } + + # For convenience collect information regarding directories where + # files are generated, those generated files and the end product + # they end up in where applicable. Then, add build rules for those + # directories + my %loopinfo = ( "lib" => [ @{$unified_info{libraries}} ], + "dso" => [ @{$unified_info{engines}} ], + "bin" => [ @{$unified_info{programs}} ], + "script" => [ @{$unified_info{scripts}} ] ); + foreach my $type (keys %loopinfo) { + foreach my $product (@{$loopinfo{$type}}) { + my %dirs = (); + my $pd = dirname($product); + + foreach (@{$unified_info{sources}->{$product} // []}, + @{$unified_info{shared_sources}->{$product} // []}) { + my $d = dirname($_); + + # We don't want to create targets for source directories + # when building out of source + next if ($config{sourcedir} ne $config{builddir} + && $d =~ m|^\Q$config{sourcedir}\E|); + # We already have a "test" target, and the current directory + # is just silly to make a target for + next if $d eq "test" || $d eq "."; + + $dirs{$d} = 1; + push @{$unified_info{dirinfo}->{$d}->{deps}}, $_ + if $d ne $pd; + } + foreach (keys %dirs) { + push @{$unified_info{dirinfo}->{$_}->{products}->{$type}}, + $product; + } + } + } } # For the schemes that need it, we provide the old *_obj configs @@ -2458,7 +2541,7 @@ _____ if ($dump || $cmdline) { print "\nCommand line (with current working directory = $here):\n\n"; print ' ',join(' ', - $config{perl}, + $config{PERL}, catfile($config{sourcedir}, 'Configure'), @{$config{perlargv}}), "\n"; print "\nPerl information:\n\n"; @@ -2679,6 +2762,8 @@ my %builders = ( $builders{$builder}->($builder_platform, @builder_opts); +$SIG{__DIE__} = $orig_death_handler; + print <<"EOF" if ($disabled{threads} eq "unavailable"); The library could not be configured for supporting multi-threaded @@ -2699,10 +2784,16 @@ print <<"EOF"; ********************************************************************** *** *** -*** If you want to report a building issue, please include the *** -*** output from this command: *** +*** OpenSSL has been successfully configured *** +*** *** +*** If you encounter a problem while building, please open an *** +*** issue on GitHub *** +*** and include the output from the following command: *** +*** *** +*** perl configdata.pm --dump *** *** *** -*** perl configdata.pm --dump *** +*** (If you are new to OpenSSL, you might want to consult the *** +*** 'Troubleshooting' section in the INSTALL file first) *** *** *** ********************************************************************** EOF @@ -2714,6 +2805,24 @@ exit(0); # Helpers and utility functions # +# Death handler, to print a helpful message in case of failure ####### +# +sub death_handler { + die @_ if $^S; # To prevent the added message in eval blocks + my $build_file = $target{build_file} // "build file"; + my @message = ( <<"_____", @_ ); + +Failure! $build_file wasn't produced. +Please read INSTALL and associated NOTES files. You may also have to look over +your available compiler tool chain or change your configuration. + +_____ + + # Dying is terminal, so it's ok to reset the signal handler here. + $SIG{__DIE__} = $orig_death_handler; + die @message; +} + # Configuration file reading ######################################### # Note: All of the helper functions are for lazy evaluation. They all @@ -3064,7 +3173,7 @@ sub run_dofile foreach (@templates) { die "Can't open $_, $!" unless -f $_; } - my $perlcmd = (quotify("maybeshell", $config{perl}))[0]; + my $perlcmd = (quotify("maybeshell", $config{PERL}))[0]; my $cmd = "$perlcmd \"-I.\" \"-Mconfigdata\" \"$dofile\" -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; #print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n"; system($cmd);