X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=Configure;h=e0d086f8f217d6c0c5c01cc0e0227727d1ff488b;hp=97df83c0db82ce3e82777b59cf5bbc1cf4700b86;hb=5e6e650d62af09f47d63bfdd6c92e3b16e9da644;hpb=ec182ef044abe06a2bd9a898d51f5f367e1c48dd diff --git a/Configure b/Configure index 97df83c0db..e0d086f8f2 100755 --- a/Configure +++ b/Configure @@ -1,21 +1,24 @@ #! /usr/bin/env perl # -*- mode: perl; -*- +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html -## ## Configure -- OpenSSL source tree configuration script -## If editing this file, run this command before committing -## make -f Makefile.in TABLE -## -require 5.000; +require 5.10.0; use strict; use File::Basename; use File::Spec::Functions qw/:DEFAULT abs2rel rel2abs/; use File::Path qw/mkpath/; +use if $^O ne "VMS", 'File::Glob' => qw/glob/; # see INSTALL for instructions. -my $usage="Usage: Configure [no- ...] [enable- ...] [experimental- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; +my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; # Options: # @@ -32,10 +35,6 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [experimenta # This becomes the value of OPENSSLDIR in Makefile and in C. # (Default: PREFIX/ssl) # -# --install_prefix Additional prefix for package builders (empty by -# default). This needn't be set in advance, you can -# just as well use "make INSTALL_PREFIX=/whatever install". -# # --cross-compile-prefix Add specified prefix to binutils components. # # --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for @@ -50,6 +49,8 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [experimenta # multithreaded applications (default is "threads" if we # know how to do it) # [no-]shared [don't] try to create shared libraries when supported. +# [no-]pic [don't] try to build position independent code when supported. +# If disabled, it also disables shared and dynamic-engine. # no-asm do not use assembler # no-dso do not compile in any native shared-library methods. This # will ensure that all methods just return NULL. @@ -59,6 +60,9 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [experimenta # library and will be loaded in run-time by the OpenSSL library. # sctp include SCTP support # 386 generate 80386 code +# enable-weak-ssl-ciphers +# Enable weak ciphers that are disabled by default. This currently +# only includes RC4 based ciphers. # no-sse2 disables IA-32 SSE2 code, above option implies no-sse2 # no- build without specified algorithm (rsa, idea, rc5, ...) # - + compiler options are passed through @@ -70,9 +74,9 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [experimenta # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # Following are set automatically by this script # -# MD5_ASM use some extra md5 assember, -# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86 -# RMD160_ASM use some extra ripemd160 assember, +# MD5_ASM use some extra md5 assembler, +# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86 +# RMD160_ASM use some extra ripemd160 assembler, # SHA256_ASM sha256_block is implemented in assembler # SHA512_ASM sha512_block is implemented in assembler # AES_ASM ASE_[en|de]crypt is implemented in assembler @@ -80,23 +84,53 @@ my $usage="Usage: Configure [no- ...] [enable- ...] [experimenta # Minimum warning options... any contributions to OpenSSL should at least get # past these. -my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Werror -DREF_CHECK -DDEBUG_UNUSED"; +# DEBUG_UNUSED enables __owur (warn unused result) checks. +my $gcc_devteam_warn = "-DDEBUG_UNUSED" + # -DPEDANTIC complements -pedantic and is meant to mask code that + # is not strictly standard-compliant and/or implementation-specifc, + # e.g. inline assembly, disregards to alignment requirements, such + # that -pedantic would complain about. Incidentally -DPEDANTIC has + # to be used even in sanitized builds, because sanitizer too is + # supposed to and does take notice of non-standard behaviour. Then + # -pedantic with pre-C9x compiler would also complain about 'long + # long' not being supported. As 64-bit algorithms are common now, + # it grew impossible to resolve this without sizeable additional + # code, so we just tell compiler to be pedantic about everything + # but 'long long' type. + . " -DPEDANTIC -pedantic -Wno-long-long" + . " -Wall" + . " -Wsign-compare" + . " -Wmissing-prototypes" + . " -Wshadow" + . " -Wformat" + . " -Wtype-limits" + . " -Werror" + ; # These are used in addition to $gcc_devteam_warn when the compiler is clang. # TODO(openssl-team): fix problems and investigate if (at least) the # following warnings can also be enabled: -# -Wswitch-enum, -Wunused-macros, -Wmissing-field-initializers, -# -Wcast-align, -# -Wunreachable-code -Wunused-parameter -Wlanguage-extension-token -# -Wextended-offsetof -my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Qunused-arguments -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations"; - -# Warn that "make depend" should be run? -my $warn_make_depend = 0; - -# These are used in addition to $gcc_devteam_warn unless this is a mingw build. -# This adds backtrace information to the memory leak info. -my $memleak_devteam_backtrace = "-rdynamic -DCRYPTO_MDEBUG_BACKTRACE"; +# -Wswitch-enum +# -Wcast-align +# -Wunreachable-code +# -Wlanguage-extension-token -- no, we use asm() +# -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc +# -Wextended-offsetof -- no, needed in CMS ASN1 code +my $clang_devteam_warn = "" + . " -Qunused-arguments" + . " -Wextra" + . " -Wno-unused-parameter" + . " -Wno-missing-field-initializers" + . " -Wno-language-extension-token" + . " -Wno-extended-offsetof" + . " -Wconditional-uninitialized" + . " -Wincompatible-pointer-types-discards-qualifiers" + . " -Wmissing-variable-declarations" + ; + +# This adds backtrace information to the memory leak info. Is only used +# when crypto-mdebug-backtrace is enabled. +my $memleak_devteam_backtrace = "-rdynamic"; my $strict_warnings = 0; @@ -107,7 +141,7 @@ my $strict_warnings = 0; # which has to be accompanied by explicit -D_THREAD_SAFE and # sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which # seems to be sufficient? -my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT"; +our $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT"; # # API compability name to version number mapping. @@ -119,9 +153,9 @@ my $apitable = { "0.9.8" => "0x00908000L", }; -my $base_target = "BASE"; # The template that all other inherit from our %table = (); our %config = (); +our %withargs = (); # Forward declarations ############################################### @@ -133,7 +167,7 @@ sub read_config; # resolve_config(target) # -# Resolves all the late evalutations, inheritances and so on for the +# Resolves all the late evaluations, inheritances and so on for the # chosen target and any target it inherits from. sub resolve_config; @@ -145,6 +179,8 @@ my $srcdir = catdir(absolutedir(dirname($0))); # catdir ensures local syntax my $blddir = catdir(absolutedir(".")); # catdir ensures local syntax my $dofile = abs2rel(catfile($srcdir, "util/dofile.pl")); +my $local_config_envname = 'OPENSSL_LOCAL_CONFIG_DIR'; + $config{sourcedir} = abs2rel($srcdir); $config{builddir} = abs2rel($blddir); @@ -175,30 +211,36 @@ die "erroneous version information in opensslv.h: ", # Collect target configurations my $pattern = catfile(dirname($0), "Configurations", "*.conf"); -foreach (sort glob($pattern) ) { +foreach (sort glob($pattern)) { &read_config($_); } +if (defined $ENV{$local_config_envname}) { + if ($^O eq 'VMS') { + # VMS environment variables are logical names, + # which can be used as is + $pattern = $local_config_envname . ':' . '*.conf'; + } else { + $pattern = catfile($ENV{$local_config_envname}, '*.conf'); + } + + foreach (sort glob($pattern)) { + &read_config($_); + } +} + print "Configuring OpenSSL version $config{version} (0x$config{version_num})\n"; -$config{perl}; $config{prefix}=""; $config{openssldir}=""; $config{processor}=""; $config{libdir}=""; -$config{install_prefix}= "$ENV{'INSTALL_PREFIX'}"; $config{cross_compile_prefix}=""; $config{fipslibdir}="/usr/local/ssl/fips-2.0/lib/"; my $nofipscanistercheck=0; $config{baseaddr}="0xFB00000"; -my $no_threads=0; -my $threads=0; -$config{no_shared}=0; # but "no-shared" is default -my $zlib=1; # but "no-zlib" is default -my $no_rfc3779=0; -my $no_asm=0; -my $no_dso=0; +my $auto_threads=1; # enable threads automatically? true by default my $default_ranlib; $config{fips}=0; @@ -207,27 +249,31 @@ $config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "tools" ]; # crypto/ subdirectories to build $config{sdirs} = [ "objects", - "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", + "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "des", "aes", "rc2", "rc4", "rc5", "idea", "bf", "cast", "camellia", "seed", "chacha", "modes", "bn", "ec", "rsa", "dsa", "dh", "dso", "engine", "buffer", "bio", "stack", "lhash", "rand", "err", "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", - "cms", "ts", "jpake", "srp", "store", "cmac", "ct", "async", "kdf" + "cms", "ts", "srp", "cmac", "ct", "async", "kdf" ]; # Known TLS and DTLS protocols my @tls = qw(ssl3 tls1 tls1_1 tls1_2); my @dtls = qw(dtls1 dtls1_2); -# Explicitelly known options that are possible to disable. They can +# Explicitly known options that are possible to disable. They can # be regexps, and will be used like this: /^no-${option}$/ # For developers: keep it sorted alphabetically my @disablables = ( - "aes", + "afalgeng", + "asan", "asm", "async", + "autoalginit", + "autoerrinit", "bf", + "blake2", "camellia", "capieng", "cast", @@ -236,6 +282,7 @@ my @disablables = ( "cms", "comp", "crypto-mdebug", + "crypto-mdebug-backtrace", "ct", "deprecated", "des", @@ -244,7 +291,7 @@ my @disablables = ( "dsa", "dso", "dtls", - "dynamic[-_]engine", + "dynamic-engine", "ec", "ec2m", "ecdh", @@ -252,21 +299,23 @@ my @disablables = ( "ec_nistp_64_gcc_128", "egd", "engine", - "err", # Really??? + "err", + "filenames", + "fuzz-libfuzzer", + "fuzz-afl", + "gost", "heartbeats", - "hmac", "hw(-.+)?", "idea", - "jpake", - "locking", # Really??? + "makedepend", "md2", "md4", - "md5", "mdc2", - "md[-_]ghost94", + "multiblock", "nextprotoneg", "ocb", "ocsp", + "pic", "poly1305", "posix-io", "psk", @@ -275,14 +324,10 @@ my @disablables = ( "rc5", "rdrand", "rfc3779", - "rijndael", # Old AES name "rmd160", - "rsa", "scrypt", - "sct", "sctp", "seed", - "sha", "shared", "sock", "srp", @@ -292,11 +337,14 @@ my @disablables = ( "ssl-trace", "static-engine", "stdio", - "store", "threads", "tls", + "ts", + "ubsan", + "ui", "unit-test", "whirlpool", + "weak-ssl-ciphers", "zlib", "zlib-dynamic", ); @@ -306,24 +354,35 @@ foreach my $proto ((@tls, @dtls)) push(@disablables, "$proto-method"); } +my %deprecated_disablables = ( + "ssl2" => undef, + "buf-freelists" => undef, + "ripemd" => "rmd160" + ); + # All of the following is disabled by default (RC5 was enabled before 0.9.8): -my %disabled = ( # "what" => "comment" [or special keyword "experimental"] - "ec_nistp_64_gcc_128" => "default", - "egd" => "default", - "jpake" => "experimental", - "md2" => "default", - "rc5" => "default", - "sctp" => "default", - "shared" => "default", - "ssl-trace" => "default", - "store" => "experimental", - "unit-test" => "default", - "zlib" => "default", - "zlib-dynamic" => "default", - "crypto-mdebug" => "default", - ); -my @experimental = (); +our %disabled = ( # "what" => "comment" + "asan" => "default", + "ec_nistp_64_gcc_128" => "default", + "egd" => "default", + "fuzz-libfuzzer" => "default", + "fuzz-afl" => "default", + "md2" => "default", + "rc5" => "default", + "sctp" => "default", + "ssl-trace" => "default", + "ssl3" => "default", + "ssl3-method" => "default", + "ubsan" => "default", + "unit-test" => "default", + "weak-ssl-ciphers" => "default", + "zlib" => "default", + "zlib-dynamic" => "default", + "crypto-mdebug" => "default", + "crypto-mdebug-backtrace" => "default", + "heartbeats" => "default", + ); # Note: => pair form used for aesthetics, not to truly make a hash table my @disable_cascades = ( @@ -333,12 +392,11 @@ my @disable_cascades = ( "ssl" => [ "ssl3" ], "ssl3-method" => [ "ssl3" ], "zlib" => [ "zlib-dynamic" ], - "rijndael" => [ "aes" ], "des" => [ "mdc2" ], "ec" => [ "ecdsa", "ecdh" ], - "psk" => [ "jpake" ], - "dgram" => [ "dtls" ], + "dgram" => [ "dtls", "sctp" ], + "sock" => [ "dgram" ], "dtls" => [ @dtls ], # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA @@ -363,6 +421,24 @@ my @disable_cascades = ( # SRP and HEARTBEATS require TLSEXT "tlsext" => [ "srp", "heartbeats" ], + + "crypto-mdebug" => [ "crypto-mdebug-backtrace" ], + + # Without DSO, we can't load dynamic engines, so don't build them dynamic + "dso" => [ "dynamic-engine" ], + + # Without position independent code, there can be no shared libraries or DSOs + "pic" => [ "shared" ], + "shared" => [ "dynamic-engine" ], + "engine" => [ "afalgeng" ], + + # no-autoalginit is only useful when building non-shared + "autoalginit" => [ "shared", "apps" ], + + "stdio" => [ "apps" ], + "apps" => [ "tests" ], + "comp" => [ "zlib" ], + sub { !$disabled{"unit-test"} } => [ "heartbeats" ], ); # Avoid protocol support holes. Also disable all versions below N, if version @@ -383,30 +459,16 @@ while ((my $first, my $second) = (shift @list, shift @list)) { unshift @list, $second; } -# Construct the string of what $config{depflags} should look like with the defaults -# from %disabled above. (we need this to see if we should advise the user -# to run "make depend"): -my $default_depflags = join(" ", - map { my $x = $_; $x =~ tr{[a-z]-}{[A-Z]_}; "-DOPENSSL_NO_$x"; } - grep { $disabled{$_} !~ /\(no-depflags\)$/ } - sort keys %disabled); - # Explicit "no-..." options will be collected in %disabled along with the defaults. -# To remove something from %disabled, use "enable-foo" (unless it's experimental). +# To remove something from %disabled, use "enable-foo". # For symmetry, "disable-foo" is a synonym for "no-foo". -# For features called "experimental" here, a more explicit "experimental-foo" is needed to enable. -# We will collect such requests in @experimental. -# To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO. - - my $no_sse2=0; &usage if ($#ARGV < 0); -my $flags=""; -$config{depflags}=""; -$config{openssl_experimental_defines}=[]; +my $user_cflags=""; +my @user_defines=(); $config{openssl_api_defines}=[]; $config{openssl_algorithm_defines}=[]; $config{openssl_thread_defines}=[]; @@ -415,9 +477,7 @@ $config{openssl_other_defines}=[]; my $libs=""; my $target=""; $config{options}=""; -my $make_depend=0; -my %withargs=(); -my $build_prefix = "release_"; +$config{build_type} = "release"; my @argvcopy=@ARGV; @@ -449,7 +509,7 @@ if (grep /^reconf(igure)?$/, @argvcopy) { # centered information gathering the reading configdata.pm # while () { - chomp; + s|\R$||; if (/^CONFIGURE_ARGS=\s*(.*)\s*/) { # Older form, we split the string and hope for the best @argvcopy = split /\s+/, $_; @@ -472,8 +532,16 @@ if (grep /^reconf(igure)?$/, @argvcopy) { $config{perlargv} = [ @argvcopy ]; my %unsupported_options = (); +my %deprecated_options = (); foreach (@argvcopy) { + # VMS is a case insensitive environment, and depending on settings + # out of our control, we may receive options uppercased. Let's + # downcase at least the part before any equal sign. + if ($^O eq "VMS") + { + s/^([^=]*)/lc($1)/e; + } s /^-no-/no-/; # some people just can't read the instructions # rewrite some options in "enable-..." form @@ -483,66 +551,90 @@ foreach (@argvcopy) s /^zlib$/enable-zlib/; s /^zlib-dynamic$/enable-zlib-dynamic/; - if (/^(no|disable|enable|experimental)-(.+)$/) - { - my $word = $2; - if (!grep { $word =~ /^${_}$/ } @disablables) - { - $unsupported_options{$_} = 1; - next; - } - } - if (/^no-(.+)$/ || /^disable-(.+)$/) - { - if (!($disabled{$1} eq "experimental")) - { - foreach my $proto ((@tls, @dtls)) - { - if ($1 eq "$proto-method") - { - $disabled{"$proto"} = "option($proto-method)"; - last; - } - } - if ($1 eq "dtls") - { - foreach my $proto (@dtls) - { - $disabled{$proto} = "option(dtls)"; - } - } - elsif ($1 eq "ssl") - { - # Last one of its kind - $disabled{"ssl3"} = "option(ssl)"; - } - elsif ($1 eq "tls") - { - # XXX: Tests will fail if all SSL/TLS - # protocols are disabled. - foreach my $proto (@tls) - { - $disabled{$proto} = "option(tls)"; - } - } - else - { - $disabled{$1} = "option"; - } - } + if (/^(no|disable|enable)-(.+)$/) + { + my $word = $2; + if (!exists $deprecated_disablables{$word} + && !grep { $word =~ /^${_}$/ } @disablables) + { + $unsupported_options{$_} = 1; + next; + } + } + if (/^no-(.+)$/ || /^disable-(.+)$/) + { + foreach my $proto ((@tls, @dtls)) + { + if ($1 eq "$proto-method") + { + $disabled{"$proto"} = "option($proto-method)"; + last; + } + } + if ($1 eq "dtls") + { + foreach my $proto (@dtls) + { + $disabled{$proto} = "option(dtls)"; + } + $disabled{"dtls"} = "option(dtls)"; + } + elsif ($1 eq "ssl") + { + # Last one of its kind + $disabled{"ssl3"} = "option(ssl)"; + } + elsif ($1 eq "tls") + { + # XXX: Tests will fail if all SSL/TLS + # protocols are disabled. + foreach my $proto (@tls) + { + $disabled{$proto} = "option(tls)"; + } + } + elsif ($1 eq "static-engine") + { + delete $disabled{"dynamic-engine"}; + } + elsif ($1 eq "dynamic-engine") + { + $disabled{"dynamic-engine"} = "option"; + } + elsif (exists $deprecated_disablables{$1}) + { + $deprecated_options{$_} = 1; + if (defined $deprecated_disablables{$1}) + { + $disabled{$deprecated_disablables{$1}} = "option"; + } + } + else + { + $disabled{$1} = "option"; + } + # No longer an automatic choice + $auto_threads = 0 if ($1 eq "threads"); } - elsif (/^enable-(.+)$/ || /^experimental-(.+)$/) + elsif (/^enable-(.+)$/) { + if ($1 eq "static-engine") + { + $disabled{"dynamic-engine"} = "option"; + } + elsif ($1 eq "dynamic-engine") + { + delete $disabled{"dynamic-engine"}; + } + elsif ($1 eq "zlib-dynamic") + { + delete $disabled{"zlib"}; + } my $algo = $1; - if ($disabled{$algo} eq "experimental") - { - die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n" - unless (/^experimental-/); - push @experimental, $algo; - } delete $disabled{$algo}; - $threads = 1 if ($algo eq "threads"); + # No longer an automatic choice + $auto_threads = 0 if ($1 eq "threads"); } elsif (/^--strict-warnings$/) { @@ -550,11 +642,11 @@ foreach (@argvcopy) } elsif (/^--debug$/) { - $build_prefix = "debug_"; + $config{build_type} = "debug"; } elsif (/^--release$/) { - $build_prefix = "release_"; + $config{build_type} = "release"; } elsif (/^386$/) { $config{processor}=386; } @@ -578,6 +670,8 @@ foreach (@argvcopy) if (/^--prefix=(.*)$/) { $config{prefix}=$1; + die "Directory given with --prefix MUST be absolute\n" + unless file_name_is_absolute($config{prefix}); } elsif (/^--api=(.*)$/) { @@ -591,17 +685,21 @@ foreach (@argvcopy) { $config{openssldir}=$1; } - elsif (/^--install.prefix=(.*)$/) - { - $config{install_prefix}=$1; - } elsif (/^--with-zlib-lib=(.*)$/) { $withargs{zlib_lib}=$1; } elsif (/^--with-zlib-include=(.*)$/) { - $withargs{zlib_include}="-I$1"; + $withargs{zlib_include}=$1; + } + elsif (/^--with-fuzzer-lib=(.*)$/) + { + $withargs{fuzzer_lib}=$1; + } + elsif (/^--with-fuzzer-include=(.*)$/) + { + $withargs{fuzzer_include}=$1; } elsif (/^--with-fipslibdir=(.*)$/) { @@ -623,17 +721,16 @@ foreach (@argvcopy) { $libs.=$_." "; } + elsif (/^-D(.*)$/) + { + push @user_defines, $1; + } else # common if (/^[-+]/), just pass down... { $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei; - $flags.=$_." "; + $user_cflags.=" ".$_; } } - elsif ($_ =~ /^([^:]+):(.+)$/) - { - eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string - $target=$1; - } else { die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); @@ -642,7 +739,7 @@ foreach (@argvcopy) unless ($_ eq $target || /^no-/ || /^disable-/) { # "no-..." follows later after implied disactivations - # have been derived. (Don't take this too seroiusly, + # have been derived. (Don't take this too seriously, # we really only write OPTIONS to the Makefile out of # nostalgia.) @@ -656,6 +753,11 @@ foreach (@argvcopy) die "***** Unsupported api compatibility level: $config{api}\n", } + if (keys %deprecated_options) + { + warn "***** Deprecated options: ", + join(", ", keys %deprecated_options), "\n"; + } if (keys %unsupported_options) { die "***** Unsupported options: ", @@ -679,9 +781,9 @@ while (@tocheckfor) { while (@cascade_copy) { my ($test, $descendents) = (shift @cascade_copy, shift @cascade_copy); if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) { - map { - $new_tocheckfor{$_} => 1; $disabled{$_} = "forced"; - } grep { !defined($disabled{$_}) } @$descendents; + foreach(grep { !defined($disabled{$_}) } @$descendents) { + $new_tocheckfor{$_} = 1; $disabled{$_} = "forced"; + } } } @tocheckfor = (keys %new_tocheckfor); @@ -721,40 +823,47 @@ foreach (sort (keys %disabled)) printf " no-%-12s %-10s", $_, "[$disabled{$_}]"; if (/^dso$/) - { $no_dso = 1; } + { } elsif (/^threads$/) - { $no_threads = 1; } + { } elsif (/^shared$/) - { $config{no_shared} = 1; } + { } + elsif (/^pic$/) + { } elsif (/^zlib$/) - { $zlib = 0; } - elsif (/^static-engine$/) + { } + elsif (/^dynamic-engine$/) + { } + elsif (/^makedepend$/) { } elsif (/^zlib-dynamic$/) { } elsif (/^sse2$/) { $no_sse2 = 1; } elsif (/^engine$/) - { @{$config{dirs}} = grep !/^engine$/, @{$config{dirs}}; } + { + @{$config{dirs}} = grep !/^engines$/, @{$config{dirs}}; + @{$config{sdirs}} = grep !/^engine$/, @{$config{sdirs}}; + push @{$config{openssl_other_defines}}, "OPENSSL_NO_ENGINE"; + } else { my ($ALGO, $algo); ($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/; - if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/ || /^async$/) + if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/ || /^async$/ + || /^autoalginit/ || /^autoerrinit/) { push @{$config{openssl_other_defines}}, "OPENSSL_NO_$ALGO"; print " OPENSSL_NO_$ALGO"; - if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; } - elsif (/^asm$/) { $no_asm = 1; } + if (/^err$/) { push @user_defines, "OPENSSL_NO_ERR"; } } else { ($ALGO,$algo) = ("RMD160","rmd160") if ($algo eq "ripemd"); push @{$config{openssl_algorithm_defines}}, "OPENSSL_NO_$ALGO"; - $config{depflags} .= " -DOPENSSL_NO_$ALGO"; print " OPENSSL_NO_$ALGO"; # fix-up crypto/directory name(s) @@ -769,24 +878,12 @@ foreach (sort (keys %disabled)) print "\n"; } -my $exp_cflags = ""; - -foreach (sort @experimental) - { - my $ALGO; - ($ALGO = $_) =~ tr/[a-z]/[A-Z]/; - - # opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined - push @{$config{openssl_experimental_defines}}, "OPENSSL_NO_$ALGO"; - $exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO"; - } - print "Configuring for $target\n"; # Support for legacy targets having a name starting with 'debug-' my ($d, $t) = $target =~ m/^(debug-)?(.*)$/; if ($d) { - $build_prefix = "debug_"; + $config{build_type} = "debug"; # If we do not find debug-foo in the table, the target is set to foo. if (!$table{$target}) { @@ -794,51 +891,46 @@ if ($d) { } } $config{target} = $target; -delete $table{$base_target}->{template}; # or the next test will fail. -my %target = ( %{$table{$base_target}}, resolve_config($target) ); +my %target = resolve_config($target); &usage if (!%target || $target{template}); +%target = ( %{$table{DEFAULTS}}, %target ); + $target{exe_extension}=""; -$target{exe_extension}=".exe" if ($config{target} eq "Cygwin" || $config{target} eq "DJGPP" || $config{target} =~ /^mingw/); -$target{exe_extension}=".nlm" if ($config{target} =~ /netware/); +$target{exe_extension}=".exe" if ($config{target} eq "DJGPP" + || $config{target} =~ /^(?:Cygwin|mingw)/); $target{exe_extension}=".pm" if ($config{target} =~ /vos/); -$default_ranlib = which("ranlib") || "true"; -$config{perl} = $ENV{'PERL'} || which("perl5") || which("perl") || "perl"; -my $make = $ENV{'MAKE'} || "make"; +($target{shared_extension_simple}=$target{shared_extension}) + =~ s|\.\$\(SHLIB_MAJOR\)\.\$\(SHLIB_MINOR\)||; +$target{dso_extension}=$target{shared_extension_simple}; +($target{shared_import_extension}=$target{shared_extension_simple}.".a") + if ($config{target} =~ /^(?:Cygwin|mingw)/); + $config{cross_compile_prefix} = $ENV{'CROSS_COMPILE'} if $config{cross_compile_prefix} eq ""; -$config{prefix} = "/usr/local" if !$config{prefix}; -$config{openssldir} = "ssl" if !$config{openssldir}; -$config{openssldir} = catdir($config{prefix}, $config{openssldir}) - unless file_name_is_absolute($config{openssldir}); - -# Allow environment CC to override compiler... -$target{cc} = $ENV{CC} || $target{cc}; - -# For cflags, lflags, plib_lflags and ex_libs, add the debug_ or release_ -# attributes. +# Allow overriding the names of some tools. USE WITH CARE +$config{perl} = $ENV{'PERL'} || ($^O ne "VMS" ? $^X : "perl"); +$target{cc} = $ENV{'CC'} || $target{cc} || "cc"; +$target{ranlib} = $ENV{'RANLIB'} || $target{ranlib} || + (which("$config{cross_compile_prefix}ranlib") ? + "\$(CROSS_COMPILE)ranlib" : "true"); +$target{ar} = $ENV{'AR'} || $target{ar} || "ar"; +$target{nm} = $ENV{'NM'} || $target{nm} || "nm"; +$target{rc} = + $ENV{'RC'} || $ENV{'WINDRES'} || $target{rc} || "windres"; + +# For cflags, lflags, plib_lflags, ex_libs and defines, add the debug_ +# or release_ attributes. # Do it in such a way that no spurious space is appended (hence the grep). -$config{cflags} = join(" ", - grep { $_ ne "" } ($target{cflags}, - $target{$build_prefix."cflags"})); -$config{lflags} = join(" ", - grep { $_ ne "" } ($target{lflags}, - $target{$build_prefix."lflags"})); -$config{plib_lflags} = join(" ", - grep { $_ ne "" } ($target{plib_lflags}, - $target{$build_prefix."plib_lflags"})); -$config{ex_libs} = join(" ", - grep { $_ ne "" } ($target{ex_libs}, - $target{$build_prefix."ex_libs"})); - -$target{ranlib} = $ENV{'RANLIB'} || $target{ranlib} || $default_ranlib; -$target{ar} = $ENV{'AR'} || "ar"; -$target{arflags} = "" if !defined($target{arflags}); -$target{nm} = "nm"; +$config{defines} = []; +$config{cflags} = ""; +$config{ex_libs} = ""; +$config{shared_ldflag} = ""; + # Make sure build_scheme is consistent. $target{build_scheme} = [ $target{build_scheme} ] if ref($target{build_scheme}) ne "ARRAY"; @@ -846,24 +938,15 @@ $target{build_scheme} = [ $target{build_scheme} ] my ($builder, $builder_platform, @builder_opts) = @{$target{build_scheme}}; -# if $config{prefix}/lib$target{multilib} is not an existing directory, then -# assume that it's not searched by linker automatically, in -# which case adding $target{multilib} suffix causes more grief than -# we're ready to tolerate, so don't... -$target{multilib}="" if !-d "$config{prefix}/lib$target{multilib}"; - -$config{libdir}="lib$target{multilib}" if $config{libdir} eq ""; -$config{enginesdir}=$config{prefix} . "/" . $config{libdir} . "/engines"; +push @{$config{defines}}, "NDEBUG" if $config{build_type} eq "release"; -$config{cflags} .= "$exp_cflags"; - -if ($target =~ /^mingw/ && `$target{cc} --target-help 2>&1` !~ m/-mno-cygwin/m) +if ($target =~ /^mingw/ && `$target{cc} --target-help 2>&1` =~ m/-mno-cygwin/m) { - $config{cflags} =~ s/-mno-cygwin\s*//; - $target{shared_ldflag} =~ s/-mno-cygwin\s*//; + $config{cflags} .= " -mno-cygwin"; + $config{shared_ldflag} .= " -mno-cygwin"; } -if ($target =~ /linux.*-mips/ && !$no_asm && $flags !~ /-m(ips|arch=)/) { +if ($target =~ /linux.*-mips/ && !$disabled{asm} && $user_cflags !~ /-m(ips|arch=)/) { # minimally required architecture flags for assembly modules $config{cflags}="-mips2 $config{cflags}" if ($target =~ /mips32/); $config{cflags}="-mips3 $config{cflags}" if ($target =~ /mips64/); @@ -871,9 +954,7 @@ if ($target =~ /linux.*-mips/ && !$no_asm && $flags !~ /-m(ips|arch=)/) { my $no_shared_warn=0; my $no_user_cflags=0; - -if ($flags ne "") { $config{cflags}="$flags$config{cflags}"; } -else { $no_user_cflags=1; } +my $no_user_defines=0; # The DSO code currently always implements all functions so that no # applications will have to worry about that from a compilation point @@ -881,85 +962,66 @@ else { $no_user_cflags=1; } # has support compiled in for them. Currently each method is enabled # by a define "DSO_" ... we translate the "dso_scheme" config # string entry into using the following logic; -my $dso_cflags; -if (!$no_dso && $target{dso_scheme} ne "") +if (!$disabled{dso} && $target{dso_scheme} ne "") { $target{dso_scheme} =~ tr/[a-z]/[A-Z]/; if ($target{dso_scheme} eq "DLFCN") { - $dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H"; + unshift @{$config{defines}}, "DSO_DLFCN", "HAVE_DLFCN_H"; } elsif ($target{dso_scheme} eq "DLFCN_NO_H") { - $dso_cflags = "-DDSO_DLFCN"; + unshift @{$config{defines}}, "DSO_DLFCN"; } else { - $dso_cflags = "-DDSO_$target{dso_scheme}"; + unshift @{$config{defines}}, "DSO_$target{dso_scheme}"; } - $config{cflags} = "$dso_cflags $config{cflags}"; - } - -my $thread_cflags = ""; -my @thread_defines; -if ($target{thread_cflag} ne "(unknown)" && !$no_threads) - { - # If we know how to do it, support threads by default. - $threads = 1; - } -if ($target{thread_cflag} eq "(unknown)" && $threads) - { - # If the user asked for "threads", [s]he is also expected to - # provide any system-dependent compiler options that are - # necessary. - if ($no_user_cflags) - { - print "You asked for multi-threading support, but didn't\n"; - print "provide any system-specific compiler options\n"; - exit(1); - } - $thread_cflags="-DOPENSSL_THREADS" ; - push @thread_defines, "OPENSSL_THREADS"; - } -else - { - $thread_cflags="-DOPENSSL_THREADS $target{thread_cflag}"; - push @thread_defines, "OPENSSL_THREADS"; } $config{ex_libs}="$libs$config{ex_libs}" if ($libs ne ""); -if ($no_asm) - { - $config{cflags}=~s/-D[BL]_ENDIAN// if ($config{fips}); - } - -if ($threads) - { - $config{cflags} = "$thread_cflags $config{cflags}" if $thread_cflags; - push @{$config{openssl_thread_defines}}, @thread_defines; - } - -if ($zlib) +if ($disabled{asm}) { - $config{cflags} = "-DZLIB $config{cflags}"; - if (defined($disabled{"zlib-dynamic"})) + if ($config{fips}) { - if (defined($withargs{zlib_lib})) - { - $config{ex_libs} .= " -L" . $withargs{zlib_lib} . " -lz"; - } - else - { - $config{ex_libs} .= " -lz"; - } - } - else - { - $config{cflags} = "-DZLIB_SHARED $config{cflags}"; + @{$config{defines}} = grep !/^[BL]_ENDIAN$/, @{$config{defines}}; + @{$target{defines}} = grep !/^[BL]_ENDIAN$/, @{$target{defines}}; } } +# If threads aren't disabled, check how possible they are +unless ($disabled{threads}) { + if ($auto_threads) { + # Enabled by default, disable it forcibly if unavailable + if ($target{thread_scheme} eq "(unknown)") { + $disabled{threads} = "unavailable"; + } + } else { + # The user chose to enable threads explicitly, let's see + # if there's a chance that's possible + if ($target{thread_scheme} eq "(unknown)") { + # If the user asked for "threads" and we don't have internal + # knowledge how to do it, [s]he is expected to provide any + # system-dependent compiler options that are necessary. We + # can't truly check that the given options are correct, but + # we expect the user to know what [s]He is doing. + if ($no_user_cflags && $no_user_defines) { + die "You asked for multi-threading support, but didn't\n" + ,"provide any system-specific compiler options\n"; + } + } + } +} + +# If threads still aren't disabled, add a C macro to ensure the source +# code knows about it. Any other flag is taken care of by the configs. +unless($disabled{threads}) { + foreach (("defines", "openssl_thread_defines")) { + push @{$config{$_}}, "OPENSSL_THREADS"; + } +} + # With "deprecated" disable all deprecated features. if (defined($disabled{"deprecated"})) { $config{api} = $maxapi; @@ -967,132 +1029,147 @@ if (defined($disabled{"deprecated"})) { if ($target{shared_target} eq "") { - $no_shared_warn = 1 if !$config{no_shared} && !$config{fips}; - $config{no_shared} = 1; - } -if (!$config{no_shared}) - { - if ($target{shared_cflag} ne "") - { - $config{cflags} = "$target{shared_cflag} -DOPENSSL_PIC $config{cflags}"; - } + $no_shared_warn = 1 + if ((!$disabled{shared} || !$disabled{"dynamic-engine"}) + && !$config{fips}); + $disabled{shared} = "no-shared-target"; + $disabled{pic} = $disabled{shared} = $disabled{"dynamic-engine"} = + "no-shared-target"; } -if ($builder ne "mk1mf") - { - # add {no-}static-engine to options to allow mkdef.pl to work without extra arguments - if ($config{no_shared}) - { - push @{$config{openssl_other_defines}}, "OPENSSL_NO_DYNAMIC_ENGINE"; - $config{options}.=" static-engine"; - } - else - { - push @{$config{openssl_other_defines}}, "OPENSSL_NO_STATIC_ENGINE"; - $config{options}.=" no-static-engine"; - } - } +if ($disabled{"dynamic-engine"}) { + push @{$config{defines}}, "OPENSSL_NO_DYNAMIC_ENGINE"; + $config{dynamic_engines} = 0; +} else { + push @{$config{defines}}, "OPENSSL_NO_STATIC_ENGINE"; + $config{dynamic_engines} = 1; +} + +unless ($disabled{"fuzz-libfuzzer"}) { + push @{$config{dirs}}, "fuzz"; + $config{cflags} .= "-fsanitize-coverage=edge,indirect-calls "; +} + +unless ($disabled{"fuzz-afl"}) { + push @{$config{dirs}}, "fuzz"; +} + +unless ($disabled{asan}) { + $config{cflags} .= "-fsanitize=address "; +} +unless ($disabled{ubsan}) { + # -DPEDANTIC or -fnosanitize=aligmnent may also be required on some + # platforms. + $config{cflags} .= "-fsanitize=undefined -fno-sanitize-recover=all "; +} + +unless ($disabled{"fuzz-libfuzzer"} && $disabled{"fuzz-afl"} + && $disabled{asan} && $disabled{ubsan}) { + $config{cflags} .= "-fno-omit-frame-pointer -g "; +} # # Platform fix-ups # -# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time -# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on -# .so objects. Apparently application RPATH is not global and does -# not apply to .so linked with other .so. Problem manifests itself -# when libssl.so fails to load libcrypto.so. One can argue that we -# should engrave this into Makefile.shared rules or into BSD-* config -# lines above. Meanwhile let's try to be cautious and pass -rpath to -# linker only when --prefix is not /usr. -if ($target =~ /^BSD-/) + +# This saves the build files from having to check +if ($disabled{pic}) { - $target{shared_ldflag}.=" -Wl,-rpath,\$\$(LIBRPATH)" if ($config{prefix} !~ m|^/usr[/]*$|); + $target{shared_cflag} = $target{shared_ldflag} = + $target{shared_rcflag} = ""; } - -if ($target{sys_id} ne "") +else { - #$config{cflags}="-DOPENSSL_SYS_$target{sys_id} $config{cflags}"; - push @{$config{openssl_sys_defines}}, "OPENSSL_SYS_$target{sys_id}"; + push @{$config{defines}}, "OPENSSL_PIC"; } -if ($target{ranlib} eq "") +if ($target{sys_id} ne "") { - $target{ranlib} = $default_ranlib; + push @{$config{openssl_sys_defines}}, "OPENSSL_SYS_$target{sys_id}"; } -if (!$no_asm) { - $target{cpuid_asm_src}=$table{BASE}->{cpuid_asm_src} if ($config{processor} eq "386"); - $target{cpuid_asm_src}.=" uplink.c uplink-x86.s" if ($config{cflags} =~ /-DOPENSSL_USE_APPLINK/); - +unless ($disabled{asm}) { + $target{cpuid_asm_src}=$table{DEFAULTS}->{cpuid_asm_src} if ($config{processor} eq "386"); $target{bn_asm_src} =~ s/\w+-gf2m.c// if (defined($disabled{ec2m})); # bn-586 is the only one implementing bn_*_part_words - $config{cflags}.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($target{bn_asm_src} =~ /bn-586/); - $config{cflags}.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $target{bn_asm_src} =~ /86/); + push @{$config{defines}}, "OPENSSL_BN_ASM_PART_WORDS" if ($target{bn_asm_src} =~ /bn-586/); + push @{$config{defines}}, "OPENSSL_IA32_SSE2" if (!$no_sse2 && $target{bn_asm_src} =~ /86/); - $config{cflags}.=" -DOPENSSL_BN_ASM_MONT" if ($target{bn_asm_src} =~ /-mont/); - $config{cflags}.=" -DOPENSSL_BN_ASM_MONT5" if ($target{bn_asm_src} =~ /-mont5/); - $config{cflags}.=" -DOPENSSL_BN_ASM_GF2m" if ($target{bn_asm_src} =~ /-gf2m/); + push @{$config{defines}}, "OPENSSL_BN_ASM_MONT" if ($target{bn_asm_src} =~ /-mont/); + push @{$config{defines}}, "OPENSSL_BN_ASM_MONT5" if ($target{bn_asm_src} =~ /-mont5/); + push @{$config{defines}}, "OPENSSL_BN_ASM_GF2m" if ($target{bn_asm_src} =~ /-gf2m/); if ($config{fips}) { push @{$config{openssl_other_defines}}, "OPENSSL_FIPS"; } if ($target{sha1_asm_src}) { - $config{cflags}.=" -DSHA1_ASM" if ($target{sha1_asm_src} =~ /sx86/ || $target{sha1_asm_src} =~ /sha1/); - $config{cflags}.=" -DSHA256_ASM" if ($target{sha1_asm_src} =~ /sha256/); - $config{cflags}.=" -DSHA512_ASM" if ($target{sha1_asm_src} =~ /sha512/); + push @{$config{defines}}, "SHA1_ASM" if ($target{sha1_asm_src} =~ /sx86/ || $target{sha1_asm_src} =~ /sha1/); + push @{$config{defines}}, "SHA256_ASM" if ($target{sha1_asm_src} =~ /sha256/); + push @{$config{defines}}, "SHA512_ASM" if ($target{sha1_asm_src} =~ /sha512/); } if ($target{md5_asm_src}) { - $config{cflags}.=" -DMD5_ASM"; + push @{$config{defines}}, "MD5_ASM"; } - $target{cast_asm_src}=$table{BASE}->{cast_asm_src} if (!$config{no_shared}); # CAST assembler is not PIC + $target{cast_asm_src}=$table{DEFAULTS}->{cast_asm_src} unless $disabled{pic}; # CAST assembler is not PIC if ($target{rmd160_asm_src}) { - $config{cflags}.=" -DRMD160_ASM"; + push @{$config{defines}}, "RMD160_ASM"; } if ($target{aes_asm_src}) { - $config{cflags}.=" -DAES_ASM" if ($target{aes_asm_src} =~ m/\baes-/);; + push @{$config{defines}}, "AES_ASM" if ($target{aes_asm_src} =~ m/\baes-/);; # aes-ctr.fake is not a real file, only indication that assembler # module implements AES_ctr32_encrypt... - $config{cflags}.=" -DAES_CTR_ASM" if ($target{aes_asm_src} =~ s/\s*aes-ctr\.fake//); + push @{$config{defines}}, "AES_CTR_ASM" if ($target{aes_asm_src} =~ s/\s*aes-ctr\.fake//); # aes-xts.fake indicates presence of AES_xts_[en|de]crypt... - $config{cflags}.=" -DAES_XTS_ASM" if ($target{aes_asm_src} =~ s/\s*aes-xts\.fake//); + push @{$config{defines}}, "AES_XTS_ASM" if ($target{aes_asm_src} =~ s/\s*aes-xts\.fake//); $target{aes_asm_src} =~ s/\s*(vpaes|aesni)-x86\.s//g if ($no_sse2); - $config{cflags}.=" -DVPAES_ASM" if ($target{aes_asm_src} =~ m/vpaes/); - $config{cflags}.=" -DBSAES_ASM" if ($target{aes_asm_src} =~ m/bsaes/); + push @{$config{defines}}, "VPAES_ASM" if ($target{aes_asm_src} =~ m/vpaes/); + push @{$config{defines}}, "BSAES_ASM" if ($target{aes_asm_src} =~ m/bsaes/); } if ($target{wp_asm_src} =~ /mmx/) { if ($config{processor} eq "386") { - $target{wp_asm_src}=$table{BASE}->{wp_asm_src}; + $target{wp_asm_src}=$table{DEFAULTS}->{wp_asm_src}; } elsif (!$disabled{"whirlpool"}) { - $config{cflags}.=" -DWHIRLPOOL_ASM"; + push @{$config{defines}}, "WHIRLPOOL_ASM"; } } if ($target{modes_asm_src} =~ /ghash-/) { - $config{cflags}.=" -DGHASH_ASM"; + push @{$config{defines}}, "GHASH_ASM"; } if ($target{ec_asm_src} =~ /ecp_nistz256/) { - $config{cflags}.=" -DECP_NISTZ256_ASM"; + push @{$config{defines}}, "ECP_NISTZ256_ASM"; } if ($target{poly1305_asm_src} ne "") { - $config{cflags}.=" -DPOLY1305_ASM"; + push @{$config{defines}}, "POLY1305_ASM"; } } -# Is the compiler gcc or clang? $ecc is used below to see if error-checking -# can be turned on. my $ecc = $target{cc}; -my $ccpcc = "$config{cross_compile_prefix}$target{cc}"; -$config{makedepprog} = 'makedepend'; -open(PIPE, "$ccpcc --version 2>&1 | head -2 |"); -while ( ) { - $config{makedepprog} = $ccpcc if /clang|gcc/; - $ecc = "clang" if /clang/; - $ecc = "gcc" if /gcc/; +if ($^O ne "VMS" && !$disabled{makedepend}) { + # Is the compiler gcc or clang? $ecc is used below to see if + # error-checking can be turned on. + my $ccpcc = "$config{cross_compile_prefix}$target{cc}"; + open(PIPE, "$ccpcc --version 2>&1 |"); + my $lines = 2; + while ( ) { + # Find the version number and save the major. + m|(?:.*)\b(\d+)\.\d+\.\d+\b(?:.*)|; + my $compiler_major = $1; + # We know that GNU C version 3 and up as well as all clang + # versions support dependency generation + $config{makedepprog} = $ccpcc + if (/clang/ || (/gcc/ && $compiler_major > 3)); + $ecc = "clang" if /clang/; + $ecc = "gcc" if /gcc/; + last if ($config{makedepprog} || !$lines--); + } + close(PIPE); + + $config{makedepprog} = which('makedepend') unless $config{makedepprog}; + $disabled{makedepend} = "unavailable" unless $config{makedepprog}; } -close(PIPE); -$config{depflags} =~ s/^\s*//; # Deal with bn_ops ################################################### @@ -1124,13 +1201,12 @@ die "Exactly one of SIXTY_FOUR_BIT|SIXTY_FOUR_BIT_LONG|THIRTY_TWO_BIT can be set # "Stringify" the C flags string. This permits it to be made part of a string # and works as well on command lines. -$config{cflags} =~ s/([\\\"])/\\\1/g; +$config{cflags} =~ s/([\\\"])/\\$1/g; if (defined($config{api})) { $config{openssl_api_defines} = [ "OPENSSL_MIN_API=".$apitable->{$config{api}} ]; - my $apiflag = sprintf("-DOPENSSL_API_COMPAT=%s", $apitable->{$config{api}}); - $default_depflags .= " $apiflag"; - $config{cflags} .= " $apiflag"; + my $apiflag = sprintf("OPENSSL_API_COMPAT=%s", $apitable->{$config{api}}); + push @{$config{defines}}, $apiflag; } if ($strict_warnings) @@ -1140,67 +1216,122 @@ if ($strict_warnings) unless $ecc eq 'gcc' || $ecc eq 'clang'; foreach $wopt (split /\s+/, $gcc_devteam_warn) { - $config{cflags} .= " $wopt" unless ($config{cflags} =~ /(^|\s)$wopt(\s|$)/) + $config{cflags} .= " $wopt" unless ($config{cflags} =~ /(?:^|\s)$wopt(?:\s|$)/) } if ($ecc eq "clang") { foreach $wopt (split /\s+/, $clang_devteam_warn) { - $config{cflags} .= " $wopt" unless ($config{cflags} =~ /(^|\s)$wopt(\s|$)/) + $config{cflags} .= " $wopt" unless ($config{cflags} =~ /(?:^|\s)$wopt(?:\s|$)/) } } - if ($target !~ /^mingw/) + } + +unless ($disabled{"crypto-mdebug-backtrace"}) + { + foreach my $wopt (split /\s+/, $memleak_devteam_backtrace) + { + $config{cflags} .= " $wopt" unless ($config{cflags} =~ /(?:^|\s)$wopt(?:\s|$)/) + } + if ($target =~ /^BSD-/) { - foreach $wopt (split /\s+/, $memleak_devteam_backtrace) - { - $config{cflags} .= " $wopt" unless ($config{cflags} =~ /(^|\s)$wopt(\s|$)/) - } - if ($target =~ /^BSD-/) - { - $config{ex_libs} .= " -lexecinfo"; - } + $config{ex_libs} .= " -lexecinfo"; } } +if ($user_cflags ne "") { $config{cflags}="$config{cflags}$user_cflags"; } +else { $no_user_cflags=1; } +if (@user_defines) { $config{defines}=[ @{$config{defines}}, @user_defines ]; } +else { $no_user_defines=1; } + +# ALL MODIFICATIONS TO %config and %target MUST BE DONE FROM HERE ON + +unless ($disabled{afalgeng}) { + $config{afalgeng}=""; + if ($target =~ m/^linux/) { + my $minver = 4*10000 + 1*100 + 0; + if ($config{cross_compile_prefix} eq "") { + my $verstr = `uname -r`; + my ($ma, $mi1, $mi2) = split("\\.", $verstr); + ($mi2) = $mi2 =~ /(\d+)/; + my $ver = $ma*10000 + $mi1*100 + $mi2; + if ($ver < $minver) { + $disabled{afalgeng} = "too-old-kernel"; + } else { + push @{$config{engdirs}}, "afalg"; + } + } else { + $disabled{afalgeng} = "cross-compiling"; + } + } else { + $disabled{afalgeng} = "not-linux"; + } +} + +push @{$config{openssl_other_defines}}, "OPENSSL_NO_AFALGENG" if ($disabled{afalgeng}); + # If we use the unified build, collect information from build.info files my %unified_info = (); +my $buildinfo_debug = defined($ENV{CONFIGURE_DEBUG_BUILDINFO}); if ($builder eq "unified") { # Store the name of the template file we will build the build file from # in %config. This may be useful for the build file itself. - my $build_file_template = - catfile($srcdir, "Configurations", - $builder_platform."-".$target{build_file}.".tmpl"); - $build_file_template = - catfile($srcdir, "Configurations", $target{build_file}.".tmpl") - if (! -f $build_file_template); + my $build_file_template; + + for my $filename (( $builder_platform."-".$target{build_file}.".tmpl", + $target{build_file}.".tmpl" )) { + if (defined $ENV{$local_config_envname}) { + if ($^O eq 'VMS') { + # VMS environment variables are logical names, + # which can be used as is + $build_file_template = $local_config_envname . ':' . $filename; + } else { + $build_file_template = catfile($ENV{$local_config_envname}, + $filename); + } + } + + last if -f $build_file_template; + + $build_file_template = catfile($srcdir, "Configurations", $filename); + + last if -f $build_file_template; + } $config{build_file_template} = $build_file_template; use lib catdir(dirname(__FILE__),"util"); use with_fallback qw(Text::Template); sub cleandir { + my $base = shift; my $dir = shift; - my $base = shift || "."; + my $relativeto = shift || "."; + + $dir = catdir($base,$dir) unless isabsolute($dir); # Make sure the directories we're building in exists mkpath($dir); - my $res = abs2rel(absolutedir($dir), rel2abs($base)); + my $res = abs2rel(absolutedir($dir), rel2abs($relativeto)); #print STDERR "DEBUG[cleandir]: $dir , $base => $res\n"; return $res; } sub cleanfile { + my $base = shift; my $file = shift; - my $base = shift || "."; + my $relativeto = shift || "."; + + $file = catfile($base,$file) unless isabsolute($file); + my $d = dirname($file); my $f = basename($file); # Make sure the directories we're building in exists mkpath($d); - my $res = abs2rel(catfile(absolutedir($d), $f), rel2abs($base)); + my $res = abs2rel(catfile(absolutedir($d), $f), rel2abs($relativeto)); #print STDERR "DEBUG[cleanfile]: $d , $f => $res\n"; return $res; } @@ -1219,6 +1350,8 @@ if ($builder eq "unified") { if (-f catfile($srcdir, "engines", $_, "build.info")); } + $config{build_infos} = [ ]; + foreach (@build_infos) { my $sourced = catdir($srcdir, $_->[0]); my $buildd = catdir($blddir, $_->[0]); @@ -1232,16 +1365,20 @@ if ($builder eq "unified") { my @engines = (); my @scripts = (); my @extra = (); + my @overrides = (); my @intermediates = (); my @rawlines = (); my %ordinals = (); my %sources = (); + my %shared_sources = (); my %includes = (); my %depends = (); my %renames = (); my %sharednames = (); + my %generate = (); + push @{$config{build_infos}}, catfile(abs2rel($sourced, $blddir), $f); my $template = Text::Template->new(TYPE => 'FILE', SOURCE => catfile($sourced, $f)); die "Something went wrong with $sourced/$f: $!\n" unless $template; @@ -1249,6 +1386,8 @@ if ($builder eq "unified") { split /^/m, $template->fill_in(HASH => { config => \%config, target => \%target, + disabled => \%disabled, + withargs => \%withargs, builddir => abs2rel($buildd, $blddir), sourcedir => abs2rel($sourced, $blddir), buildtop => abs2rel($blddir, $blddir), @@ -1268,7 +1407,13 @@ if ($builder eq "unified") { $l1 =~ s/\\$//; $l1.$l2 }), # Info we're looking for qr/^\s*IF\[((?:\\.|[^\\\]])*)\]\s*$/ - => sub { push @skip, !! $1; }, + => sub { + if (! @skip || $skip[$#skip] > 0) { + push @skip, !! $1; + } else { + push @skip, -1; + } + }, qr/^\s*ELSIF\[((?:\\.|[^\\\]])*)\]\s*$/ => sub { die "ELSIF out of scope" if ! @skip; die "ELSIF following ELSE" if abs($skip[$#skip]) == 2; @@ -1283,45 +1428,54 @@ if ($builder eq "unified") { => sub { die "ENDIF out of scope" if ! @skip; pop @skip; }, qr/^\s*PROGRAMS\s*=\s*(.*)\s*$/ - => sub { push @programs, split(/\s+/, $1) + => sub { push @programs, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*LIBS\s*=\s*(.*)\s*$/ - => sub { push @libraries, split(/\s+/, $1) + => sub { push @libraries, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*ENGINES\s*=\s*(.*)\s*$/ - => sub { push @engines, split(/\s+/, $1) + => sub { push @engines, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*SCRIPTS\s*=\s*(.*)\s*$/ - => sub { push @scripts, split(/\s+/, $1) + => sub { push @scripts, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*EXTRA\s*=\s*(.*)\s*$/ - => sub { push @extra, split(/\s+/, $1) + => sub { push @extra, tokenize($1) + if !@skip || $skip[$#skip] > 0 }, + qr/^\s*OVERRIDES\s*=\s*(.*)\s*$/ + => sub { push @overrides, tokenize($1) if !@skip || $skip[$#skip] > 0 }, qr/^\s*ORDINALS\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/, - => sub { push @{$ordinals{$1}}, split(/\s+/, $2) + => sub { push @{$ordinals{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*SOURCE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$sources{$1}}, split(/\s+/, $2) + => sub { push @{$sources{$1}}, tokenize($2) + if !@skip || $skip[$#skip] > 0 }, + qr/^\s*SHARED_SOURCE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ + => sub { push @{$shared_sources{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*INCLUDE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$includes{$1}}, split(/\s+/, $2) + => sub { push @{$includes{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, - qr/^\s*DEPEND\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$depends{$1}}, split(/\s+/, $2) + qr/^\s*DEPEND\[((?:\\.|[^\\\]])*)\]\s*=\s*(.*)\s*$/ + => sub { push @{$depends{$1}}, tokenize($2) + if !@skip || $skip[$#skip] > 0 }, + qr/^\s*GENERATE\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ + => sub { push @{$generate{$1}}, $2 if !@skip || $skip[$#skip] > 0 }, qr/^\s*RENAME\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$renames{$1}}, split(/\s+/, $2) + => sub { push @{$renames{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*SHARED_NAME\[((?:\\.|[^\\\]])+)\]\s*=\s*(.*)\s*$/ - => sub { push @{$sharednames{$1}}, split(/\s+/, $2) + => sub { push @{$sharednames{$1}}, tokenize($2) if !@skip || $skip[$#skip] > 0 }, qr/^\s*BEGINRAW\[((?:\\.|[^\\\]])+)\]\s*$/ => sub { my $lineiterator = shift; my $target_kind = $1; while (defined $lineiterator->()) { - chomp; + s|\R$||; if (/^\s*ENDRAW\[((?:\\.|[^\\\]])+)\]\s*$/) { die "ENDRAW doesn't match BEGINRAW" if $1 ne $target_kind; @@ -1334,7 +1488,18 @@ if ($builder eq "unified") { } }, qr/^(?:#.*|\s*)$/ => sub { }, - "OTHERWISE" => sub { die "Something wrong with this line:\n$_\nat $sourced/$f" } + "OTHERWISE" => sub { die "Something wrong with this line:\n$_\nat $sourced/$f" }, + "BEFORE" => sub { + if ($buildinfo_debug) { + print STDERR "DEBUG: Parsing ",join(" ", @_),"\n"; + print STDERR "DEBUG: ... before parsing, skip stack is ",join(" ", map { int($_) } @skip),"\n"; + } + }, + "AFTER" => sub { + if ($buildinfo_debug) { + print STDERR "DEBUG: .... after parsing, skip stack is ",join(" ", map { int($_) } @skip),"\n"; + } + }, ); die "runaway IF?" if (@skip); @@ -1342,8 +1507,8 @@ if ($builder eq "unified") { die "$_ renamed to more than one thing: " ,join(" ", @{$renames{$_}}),"\n" if scalar @{$renames{$_}} > 1; - my $dest = cleanfile(catfile($buildd, $_), $blddir); - my $to = cleanfile(catfile($buildd, $renames{$_}->[0]), $blddir); + my $dest = cleanfile($buildd, $_, $blddir); + my $to = cleanfile($buildd, $renames{$_}->[0], $blddir); die "$dest renamed to more than one thing: " ,$unified_info{rename}->{$dest}, $to unless !defined($unified_info{rename}->{$dest}) @@ -1352,7 +1517,7 @@ if ($builder eq "unified") { } foreach (@programs) { - my $program = cleanfile(catfile($buildd, $_), $blddir); + my $program = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$program}) { $program = $unified_info{rename}->{$program}; } @@ -1360,19 +1525,19 @@ if ($builder eq "unified") { } foreach (@libraries) { - my $library = cleanfile(catfile($buildd, $_), $blddir); + my $library = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$library}) { $library = $unified_info{rename}->{$library}; } $unified_info{libraries}->{$library} = 1; } - die <<"EOF" if $config{no_shared} && scalar @engines; -ENGINES can only be used if configured with 'shared'. + die <<"EOF" if scalar @engines and !$config{dynamic_engines}; +ENGINES can only be used if configured with 'dynamic-engine'. This is usually a fault in a build.info file. EOF foreach (@engines) { - my $library = cleanfile(catfile($buildd, $_), $blddir); + my $library = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$library}) { $library = $unified_info{rename}->{$library}; } @@ -1380,7 +1545,7 @@ EOF } foreach (@scripts) { - my $script = cleanfile(catfile($buildd, $_), $blddir); + my $script = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$script}) { $script = $unified_info{rename}->{$script}; } @@ -1388,24 +1553,28 @@ EOF } foreach (@extra) { - my $extra = cleanfile(catfile($buildd, $_), $blddir); + my $extra = cleanfile($buildd, $_, $blddir); $unified_info{extra}->{$extra} = 1; } + foreach (@overrides) { + my $override = cleanfile($buildd, $_, $blddir); + $unified_info{overrides}->{$override} = 1; + } + push @{$unified_info{rawlines}}, @rawlines; - if (!$config{no_shared}) { + unless ($disabled{shared}) { # Check sharednames. foreach (keys %sharednames) { - my $dest = cleanfile(catfile($buildd, $_), $blddir); + my $dest = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$dest}) { $dest = $unified_info{rename}->{$dest}; } die "shared_name for $dest with multiple values: " ,join(" ", @{$sharednames{$_}}),"\n" if scalar @{$sharednames{$_}} > 1; - my $to = cleanfile(catfile($buildd, $sharednames{$_}->[0]), - $blddir); + my $to = cleanfile($buildd, $sharednames{$_}->[0], $blddir); die "shared_name found for a library $dest that isn't defined\n" unless $unified_info{libraries}->{$dest}; die "shared_name for $dest with multiple values: " @@ -1426,7 +1595,7 @@ EOF foreach (keys %ordinals) { my $dest = $_; - my $ddest = cleanfile(catfile($buildd, $_), $blddir); + my $ddest = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$ddest}) { $ddest = $unified_info{rename}->{$ddest}; } @@ -1434,9 +1603,9 @@ EOF my %known_ordinals = ( crypto => - cleanfile(catfile($sourced, "util", "libeay.num"), $blddir), + cleanfile($sourced, catfile("util", "libcrypto.num"), $blddir), ssl => - cleanfile(catfile($sourced, "util", "ssleay.num"), $blddir) + cleanfile($sourced, catfile("util", "libssl.num"), $blddir) ); my $o = $known_ordinals{$_}; die "Ordinals for $ddest defined more than once\n" @@ -1447,22 +1616,22 @@ EOF foreach (keys %sources) { my $dest = $_; - my $ddest = cleanfile(catfile($buildd, $_), $blddir); + my $ddest = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$ddest}) { $ddest = $unified_info{rename}->{$ddest}; } foreach (@{$sources{$dest}}) { - my $s = cleanfile(catfile($sourced, $_), $blddir); + my $s = cleanfile($sourced, $_, $blddir); # If it isn't in the source tree, we assume it's generated # in the build tree if (! -f $s) { - $s = cleanfile(catfile($buildd, $_), $blddir); + $s = cleanfile($buildd, $_, $blddir); } # We recognise C and asm files if ($s =~ /\.[csS]\b$/) { (my $o = $_) =~ s/\.[csS]\b$/.o/; - $o = cleanfile(catfile($buildd, $o), $blddir); + $o = cleanfile($buildd, $o, $blddir); $unified_info{sources}->{$ddest}->{$o} = 1; $unified_info{sources}->{$o}->{$s} = 1; } else { @@ -1471,28 +1640,80 @@ EOF } } - foreach (keys %depends) { + foreach (keys %shared_sources) { my $dest = $_; - my $ddest = cleanfile(catfile($buildd, $_), $blddir); + my $ddest = cleanfile($buildd, $_, $blddir); if ($unified_info{rename}->{$ddest}) { $ddest = $unified_info{rename}->{$ddest}; } - foreach (@{$depends{$dest}}) { - my $d = cleanfile(catfile($sourced, $_), $blddir); + foreach (@{$shared_sources{$dest}}) { + my $s = cleanfile($sourced, $_, $blddir); + + # If it isn't in the source tree, we assume it's generated + # in the build tree + if (! -f $s) { + $s = cleanfile($buildd, $_, $blddir); + } + # We recognise C and asm files + if ($s =~ /\.[csS]\b$/) { + (my $o = $_) =~ s/\.[csS]\b$/.o/; + $o = cleanfile($buildd, $o, $blddir); + $unified_info{shared_sources}->{$ddest}->{$o} = 1; + $unified_info{sources}->{$o}->{$s} = 1; + } else { + die "unrecognised source file type for shared library: $s\n"; + } + } + } + + foreach (keys %generate) { + my $dest = $_; + my $ddest = cleanfile($buildd, $_, $blddir); + if ($unified_info{rename}->{$ddest}) { + $ddest = $unified_info{rename}->{$ddest}; + } + die "more than one generator for $dest: " + ,join(" ", @{$generate{$_}}),"\n" + if scalar @{$generate{$_}} > 1; + my @generator = split /\s+/, $generate{$dest}->[0]; + $generator[0] = cleanfile($sourced, $generator[0], $blddir), + $unified_info{generate}->{$ddest} = [ @generator ]; + } - # If it isn't found in the source, let's assume it's generated - # and that the Makefile template has the lines - if (! -f $d) { - $d = cleanfile(catfile($buildd, $_), $blddir); + foreach (keys %depends) { + my $dest = $_; + my $ddest = $dest eq "" ? "" : cleanfile($sourced, $_, $blddir); + + # If the destination doesn't exist in source, it can only be + # a generated file in the build tree. + if ($ddest ne "" && ! -f $ddest) { + $ddest = cleanfile($buildd, $_, $blddir); + if ($unified_info{rename}->{$ddest}) { + $ddest = $unified_info{rename}->{$ddest}; + } + } + foreach (@{$depends{$dest}}) { + my $d = cleanfile($sourced, $_, $blddir); + + # If we know it's generated, or assume it is because we can't + # find it in the source tree, we set file we depend on to be + # in the build tree rather than the source tree, and assume + # and that there are lines to build it in a BEGINRAW..ENDRAW + # section or in the Makefile template. + if (! -f $d + || (grep { $d eq $_ } + map { cleanfile($srcdir, $_, $blddir) } + grep { /\.h$/ } keys %{$unified_info{generate}})) { + $d = cleanfile($buildd, $_, $blddir); } # Take note if the file to depend on is being renamed if ($unified_info{rename}->{$d}) { $d = $unified_info{rename}->{$d}; } $unified_info{depends}->{$ddest}->{$d} = 1; - # If we depend on a header file, let's make sure it - # can get included - if ($d =~ /\.h$/) { + # If we depend on a header file or a perl module, let's make + # sure it can get included + if ($dest ne "" && $d =~ /\.(h|pm)$/) { my $i = dirname($d); push @{$unified_info{includes}->{$ddest}}, $i unless grep { $_ eq $i } @{$unified_info{includes}->{$ddest}}; @@ -1502,12 +1723,18 @@ EOF foreach (keys %includes) { my $dest = $_; - my $ddest = cleanfile(catfile($buildd, $_), $blddir); - if ($unified_info{rename}->{$ddest}) { - $ddest = $unified_info{rename}->{$ddest}; + my $ddest = cleanfile($sourced, $_, $blddir); + + # If the destination doesn't exist in source, it can only be + # a generated file in the build tree. + if (! -f $ddest) { + $ddest = cleanfile($buildd, $_, $blddir); + if ($unified_info{rename}->{$ddest}) { + $ddest = $unified_info{rename}->{$ddest}; + } } foreach (@{$includes{$dest}}) { - my $i = cleandir(catdir($sourced, $_), $blddir); + my $i = cleandir($sourced, $_, $blddir); push @{$unified_info{includes}->{$ddest}}, $i unless grep { $_ eq $i } @{$unified_info{includes}->{$ddest}}; } @@ -1516,11 +1743,11 @@ EOF ### Make unified_info a bit more efficient # One level structures - foreach (("programs", "libraries", "engines", "scripts", "extra")) { + foreach (("programs", "libraries", "engines", "scripts", "extra", "overrides")) { $unified_info{$_} = [ sort keys %{$unified_info{$_}} ]; } # Two level structures - foreach my $l1 (("sources", "ldadd", "depends")) { + foreach my $l1 (("sources", "shared_sources", "ldadd", "depends")) { foreach my $l2 (sort keys %{$unified_info{$l1}}) { $unified_info{$l1}->{$l2} = [ sort keys %{$unified_info{$l1}->{$l2}} ]; @@ -1530,9 +1757,9 @@ EOF # For the schemes that need it, we provide the old *_obj configs # from the *_asm_obj ones -foreach (grep /_asm_src$/, keys %target) { +foreach (grep /_(asm|aux)_src$/, keys %target) { my $src = $_; - (my $obj = $_) =~ s/_asm_src$/_obj/; + (my $obj = $_) =~ s/_(asm|aux)_src$/_obj/; ($target{$obj} = $target{$src}) =~ s/\.[csS]\b/.o/g; } @@ -1548,7 +1775,7 @@ use warnings; use Exporter; #use vars qw(\@ISA \@EXPORT); our \@ISA = qw(Exporter); -our \@EXPORT = qw(\%config \%target %withargs %unified_info); +our \@EXPORT = qw(\%config \%target \%disabled \%withargs \%unified_info \@disablables); EOF print OUT "our %config = (\n"; @@ -1585,6 +1812,14 @@ print OUT " dtls => [ ", join(", ", map { quotify("perl", $_) } @dtls), " ],\n" print OUT <<"EOF"; ); +EOF +print OUT "our \@disablables = (\n"; +foreach (@disablables) { + print OUT " ", quotify("perl", $_), ",\n"; +} +print OUT <<"EOF"; +); + EOF print OUT "our \%disabled = (\n"; foreach (sort keys %disabled) { @@ -1653,21 +1888,17 @@ EOF print OUT "1;\n"; close(OUT); -die <<"EOF" if $builder ne "unified" && $srcdir ne $blddir; - -***** Trying building anywhere else than in the source tree will not -***** work for target $config{target}. To make it possible, it needs -***** to use the "unified" build scheme. -EOF - -print "IsMK1MF =", ($builder eq "mk1mf" ? "yes" : "no"), "\n"; -print "CC =$target{cc}\n"; -print "CFLAG =$config{cflags}\n"; -print "LFLAG =$config{lflags}\n"; -print "PLIB_LFLAG =$config{plib_lflags}\n"; -print "EX_LIBS =$config{ex_libs}\n"; +print "CC =$config{cross_compile_prefix}$target{cc}\n"; +print "CFLAG =$target{cflags} $config{cflags}\n"; +print "SHARED_CFLAG =$target{shared_cflag}\n"; +print "DEFINES =",join(" ", @{$target{defines}}, @{$config{defines}}),"\n"; +print "LFLAG =$target{lflags}\n"; +print "PLIB_LFLAG =$target{plib_lflags}\n"; +print "EX_LIBS =$target{ex_libs} $config{ex_libs}\n"; +print "APPS_OBJ =$target{apps_obj}\n"; print "CPUID_OBJ =$target{cpuid_obj}\n"; +print "UPLINK_OBJ =$target{uplink_obj}\n"; print "BN_ASM =$target{bn_obj}\n"; print "EC_ASM =$target{ec_obj}\n"; print "DES_ENC =$target{des_obj}\n"; @@ -1684,8 +1915,11 @@ print "MODES_OBJ =$target{modes_obj}\n"; print "PADLOCK_OBJ =$target{padlock_obj}\n"; print "CHACHA_ENC =$target{chacha_obj}\n"; print "POLY1305_OBJ =$target{poly1305_obj}\n"; +print "BLAKE2_OBJ =$target{blake2_obj}\n"; print "PROCESSOR =$config{processor}\n"; -print "RANLIB =$target{ranlib}\n"; +print "RANLIB =", $target{ranlib} eq '$(CROSS_COMPILE)ranlib' ? + "$config{cross_compile_prefix}ranlib" : + "$target{ranlib}", "\n"; print "ARFLAGS =$target{arflags}\n"; print "PERL =$config{perl}\n"; print "\n"; @@ -1693,166 +1927,13 @@ print "SIXTY_FOUR_BIT_LONG mode\n" if $config{b64l}; print "SIXTY_FOUR_BIT mode\n" if $config{b64}; print "THIRTY_TWO_BIT mode\n" if $config{b32}; print "BN_LLONG mode\n" if $config{bn_ll}; -print "RC4 uses $config{rc4_int}\n" if $config{rc4_int} != $def_int; - -mkpath(catdir($blddir, "include/openssl")); -run_dofile(catfile($blddir, "include/openssl/opensslconf.h"), - catfile($srcdir, "include/openssl/opensslconf.h.in")); - -mkpath(catdir($blddir, "crypto/include/internal")); -foreach my $alg ( 'bn' ) { - run_dofile(catfile($blddir, "crypto/include/internal/${alg}_conf.h"), - catfile($srcdir, "crypto/include/internal/${alg}_conf.h.in")); -} - -### -### When the old "unixmake" scheme goes away, so does this function -### -sub build_Makefile { - run_dofile("Makefile","Makefile.in"); - - # Copy all Makefile.in to Makefile (except top-level) - use File::Find; - use IO::File; - find( - { - preprocess => sub { - grep(!/^\./, @_); - }, - wanted => sub { - return if ($_ ne "Makefile.in" || $File::Find::dir eq "."); - my $in = IO::File->new($_, "r") or - die sprintf "Error reading Makefile.in in %s: !$\n", - $File::Find::dir; - my $out = IO::File->new("Makefile", "w") or - die sprintf "Error writing Makefile in %s: !$\n", - $File::Find::dir; - print $out "# Generated from $_, do not edit\n"; - while (my $line = <$in>) { print $out $line } - $in->close() or - die sprintf "Error reading Makefile.in in %s: !$\n", - $File::Find::dir; - $out->close() or - die sprintf "Error writing Makefile in %s: !$\n", - $File::Find::dir; - }, - }, - "."); -} +print "RC4 uses $config{rc4_int}\n" if $config{rc4_int} ne $def_int; my %builders = ( unified => sub { run_dofile(catfile($blddir, $target{build_file}), $config{build_file_template}, catfile($srcdir, "Configurations", "common.tmpl")); - - my $make_command = "$make PERL=\'$config{perl}\'"; - my $make_targets = ""; - $make_targets .= " depend" - if $config{depflags} ne $default_depflags && $make_depend; - (system $make_command.$make_targets) == 0 - or die "make $make_targets failed" - if $make_targets ne ""; - if ($config{depflags} ne $default_depflags && !$make_depend) { - $warn_make_depend++; - } - }, - unixmake => sub { - build_Makefile(); - - run_dofile("util/domd", "util/domd.in"); - chmod 0755, "util/domd"; - - my $make_command = "$make PERL=\'$config{perl}\'"; - my $make_targets = ""; - $make_targets .= " depend" - if $config{depflags} ne $default_depflags && $make_depend; - (system $make_command.$make_targets) == 0 - or die "make $make_targets failed" - if $make_targets ne ""; - - if ($config{depflags} ne $default_depflags && !$make_depend) { - $warn_make_depend++; - } - }, - mk1mf => sub { - my $platform = shift; - # The only reason we do this is to have something to build MINFO from - build_Makefile(); - - open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h"; - printf OUT <<"EOF"; -#ifndef MK1MF_BUILD - /* auto-generated by Configure for crypto/cversion.c: - * for Unix builds, crypto/Makefile.ssl generates functional definitions; - * Windows builds (and other mk1mf builds) compile cversion.c with - * -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */ - #error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles" -#endif -EOF - close(OUT); - - # create the ms/version32.rc file if needed - if ($platform eq "netware") { - my ($v1, $v2, $v3, $v4); - if ($config{version_num} =~ /^0x([0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{1})L$/i) { - $v1=hex $1; - $v2=hex $2; - $v3=hex $3; - $v4=hex $4; - } - open (OUT,">ms/version32.rc") || die "Can't open ms/version32.rc"; - print OUT <<"EOF"; -#include - -LANGUAGE 0x09,0x01 - -1 VERSIONINFO - FILEVERSION $v1,$v2,$v3,$v4 - PRODUCTVERSION $v1,$v2,$v3,$v4 - FILEFLAGSMASK 0x3fL -#ifdef _DEBUG - FILEFLAGS 0x01L -#else - FILEFLAGS 0x00L -#endif - FILEOS VOS__WINDOWS32 - FILETYPE VFT_DLL - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - // Required: - VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0" - VALUE "FileDescription", "OpenSSL Shared Library\\0" - VALUE "FileVersion", "$config{version}\\0" -#if defined(CRYPTO) - VALUE "InternalName", "libeay32\\0" - VALUE "OriginalFilename", "libeay32.dll\\0" -#elif defined(SSL) - VALUE "InternalName", "ssleay32\\0" - VALUE "OriginalFilename", "ssleay32.dll\\0" -#endif - VALUE "ProductName", "The OpenSSL Toolkit\\0" - VALUE "ProductVersion", "$config{version}\\0" - // Optional: - //VALUE "Comments", "\\0" - VALUE "LegalCopyright", "Copyright © 1998-2015 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0" - //VALUE "LegalTrademarks", "\\0" - //VALUE "PrivateBuild", "\\0" - //VALUE "SpecialBuild", "\\0" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 0x4b0 - END -END -EOF - close(OUT); - } }, ); @@ -1863,7 +1944,7 @@ print <<"EOF"; Configured for $target. EOF -print <<"EOF" if (!$no_threads && !$threads); +print <<"EOF" if ($disabled{threads} eq "unavailable"); The library could not be configured for supporting multi-threaded applications as the compiler options required on this system are not known. @@ -1872,18 +1953,19 @@ EOF print <<"EOF" if ($no_shared_warn); -You gave the option 'shared', which is not supported on this platform, so -we will pretend you gave the option 'no-shared'. If you know how to implement -shared libraries, please let us know (but please first make sure you have -tried with a current version of OpenSSL). +The options 'shared', 'pic' and 'dynamic-engine' aren't supported on this +platform, so we will pretend you gave the option 'no-pic', which also disables +'shared' and 'dynamic-engine'. If you know how to implement shared libraries +or position independent code, please let us know (but please first make sure +you have tried with a current version of OpenSSL). EOF -print <<"EOF" if ($warn_make_depend); - -*** Because of configuration changes, you MUST do the following before -*** building: +print <<"EOF" if (-f catfile($srcdir, "configdata.pm") && $srcdir ne $blddir); - make depend +WARNING: there are indications that another build was made in the source +directory. This build may have picked up artifacts from that build, the +safest course of action is to clean the source directory and redo this +configuration. EOF exit(0); @@ -1895,51 +1977,122 @@ exit(0); # Configuration file reading ######################################### +# Note: All of the helper functions are for lazy evaluation. They all +# return a CODE ref, which will return the intended value when evaluated. +# Thus, whenever there's mention of a returned value, it's about that +# intended value. + # Helper function to implement conditional inheritance depending on the -# value of $no_asm. Used in inherit_from values as follows: +# value of $disabled{asm}. Used in inherit_from values as follows: # # inherit_from => [ "template", asm("asm_tmpl") ] # sub asm { my @x = @_; sub { - $no_asm ? () : @x; + $disabled{asm} ? () : @x; } } +# Helper function to implement conditional value variants, with a default +# plus additional values based on the value of $config{build_type}. +# Arguments are given in hash table form: +# +# picker(default => "Basic string: ", +# debug => "debug", +# release => "release") +# +# When configuring with --debug, the resulting string will be +# "Basic string: debug", and when not, it will be "Basic string: release" +# +# This can be used to create variants of sets of flags according to the +# build type: +# +# cflags => picker(default => "-Wall", +# debug => "-g -O0", +# release => "-O3") +# +sub picker { + my %opts = @_; + return sub { add($opts{default} || (), + $opts{$config{build_type}} || ())->(); } +} + +# Helper function to combine several values of different types into one. +# This is useful if you want to combine a string with the result of a +# lazy function, such as: +# +# cflags => combine("-Wall", sub { $disabled{zlib} ? () : "-DZLIB" }) +# +sub combine { + my @stuff = @_; + return sub { add(@stuff)->(); } +} + +# Helper function to implement conditional values depending on the value +# of $disabled{threads}. Can be used as follows: +# +# cflags => combine("-Wall", threads("-pthread")) +# +sub threads { + my @flags = @_; + return sub { add($disabled{threads} ? () : @flags)->(); } +} + + + +our $add_called = 0; # Helper function to implement adding values to already existing configuration # values. It handles elements that are ARRAYs, CODEs and scalars sub _add { my $separator = shift; - # If there's any ARRAY in the collection of values, we will return - # an ARRAY of combined values, otherwise a string of joined values - # with $separator as the separator. - my $found_array = 0; + # If there's any ARRAY in the collection of values OR the separator + # is undef, we will return an ARRAY of combined values, otherwise a + # string of joined values with $separator as the separator. + my $found_array = !defined($separator); my @values = map { - if (ref($_) eq "ARRAY") { - $found_array = 1; - @$_; + my $res = $_; + while (ref($res) eq "CODE") { + $res = $res->(); + } + if (defined($res)) { + if (ref($res) eq "ARRAY") { + $found_array = 1; + @$res; + } else { + $res; + } } else { - $_; + (); } } (@_); + $add_called = 1; + if ($found_array) { [ @values ]; } else { - join($separator, @values); + join($separator, grep { defined($_) && $_ ne "" } @values); } } sub add_before { - my $separator = shift; + my $separator = " "; + if (ref($_[$#_]) eq "HASH") { + my $opts = pop; + $separator = $opts->{separator}; + } my @x = @_; sub { _add($separator, @x, @_) }; } sub add { - my $separator = shift; + my $separator = " "; + if (ref($_[$#_]) eq "HASH") { + my $opts = pop; + $separator = $opts->{separator}; + } my @x = @_; sub { _add($separator, @_, @x) }; } @@ -1980,13 +2133,15 @@ sub read_config { } -# configuration resolver. Will only resolve all the lazy evalutation -# codeblocks for the chozen target and all those it inherits from, +# configuration resolver. Will only resolve all the lazy evaluation +# codeblocks for the chosen target and all those it inherits from, # recursively sub resolve_config { my $target = shift; my @breadcrumbs = @_; +# my $extra_checks = defined($ENV{CONFIGURE_EXTRA_CHECKS}); + if (grep { $_ eq $target } @breadcrumbs) { die "inherit_from loop! target backtrace:\n " ,$target,"\n ",join("\n ", @breadcrumbs),"\n"; @@ -2013,12 +2168,12 @@ sub resolve_config { # the config that had it. delete $inherited_config{template}; - map { + foreach (keys %inherited_config) { if (!$combined_inheritance{$_}) { $combined_inheritance{$_} = []; } push @{$combined_inheritance{$_}}, $inherited_config{$_}; - } keys %inherited_config; + } } } @@ -2032,17 +2187,45 @@ sub resolve_config { # - If a value is a coderef, it will be executed with the list of # inherited values as arguments. # - If the corresponding key doesn't have a value at all or is the - # emoty string, the inherited value list will be run through the + # empty string, the inherited value list will be run through the # default combiner (below), and the result becomes this target's # value. # - Otherwise, this target's value is assumed to be a string that # will simply override the inherited list of values. - my $default_combiner = add(" "); + my $default_combiner = add(); my %all_keys = map { $_ => 1 } (keys %combined_inheritance, keys %{$table{$target}}); + + sub process_values { + my $object = shift; + my $inherited = shift; # Always a [ list ] + my $target = shift; + my $entry = shift; + + $add_called = 0; + + while(ref($object) eq "CODE") { + $object = $object->(@$inherited); + } + if (!defined($object)) { + return (); + } + elsif (ref($object) eq "ARRAY") { + local $add_called; # To make sure recursive calls don't affect it + return [ map { process_values($_, $inherited, $target, $entry) } + @$object ]; + } elsif (ref($object) eq "") { + return $object; + } else { + die "cannot handle reference type ",ref($object) + ," found in target ",$target," -> ",$entry,"\n"; + } + } + foreach (sort keys %all_keys) { + my $previous = $combined_inheritance{$_}; # Current target doesn't have a value for the current key? # Assign it the default combiner, the rest of this loop body @@ -2051,20 +2234,16 @@ sub resolve_config { $table{$target}->{$_} = $default_combiner; } - my $valuetype = ref($table{$target}->{$_}); - if ($valuetype eq "CODE") { - # CODE reference, execute it with the inherited values as - # arguments. - $table{$target}->{$_} = - $table{$target}->{$_}->(@{$combined_inheritance{$_}}); - } elsif ($valuetype eq "ARRAY" || $valuetype eq "") { - # ARRAY or Scalar, just leave it as is. - } else { - # Some other type of reference that we don't handle. - # Better to abort at this point. - die "cannot handle reference type $valuetype," - ," found in target $target -> $_\n"; - } + $table{$target}->{$_} = process_values($table{$target}->{$_}, + $combined_inheritance{$_}, + $target, $_); + unless(defined($table{$target}->{$_})) { + delete $table{$target}->{$_}; + } +# if ($extra_checks && +# $previous && !($add_called || $previous ~~ $table{$target}->{$_})) { +# warn "$_ got replaced in $target\n"; +# } } # Finally done, return the result. @@ -2106,7 +2285,7 @@ sub usage exit(1); } -sub run_dofile() +sub run_dofile { my $out = shift; my @templates = @_; @@ -2116,13 +2295,34 @@ sub run_dofile() foreach (@templates) { die "Can't open $_, $!" unless -f $_; } - my $cmd = "$config{perl} \"-I.\" \"-Mconfigdata\" $dofile -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; + my $cmd = "$config{perl} \"-I.\" \"-Mconfigdata\" \"$dofile\" -o\"Configure\" \"".join("\" \"",@templates)."\" > \"$out.new\""; #print STDERR "DEBUG[run_dofile]: \$cmd = $cmd\n"; system($cmd); exit 1 if $? != 0; rename("$out.new", $out) || die "Can't rename $out.new, $!"; } +sub which +{ + my ($name)=@_; + + if (eval { require IPC::Cmd; 1; }) { + IPC::Cmd->import(); + return scalar IPC::Cmd::can_run($name); + } else { + # if there is $directories component in splitpath, + # then it's not something to test with $PATH... + return $name if (File::Spec->splitpath($name))[1]; + + foreach (File::Spec->path()) { + my $fullpath = catfile($_, "$name$target{exe_extension}"); + if (-f $fullpath and -x $fullpath) { + return $fullpath; + } + } + } +} + # Configuration printer ############################################## sub print_table_entry @@ -2138,20 +2338,12 @@ sub print_table_entry "sys_id", "cc", "cflags", - "debug_cflags", - "release_cflags", - "thread_cflag", + "defines", "unistd", "ld", "lflags", "plib_lflags", "ex_libs", - "debug_lflags", - "debug_plib_lflags", - "debug_ex_libs", - "release_lflags", - "release_plib_lflags", - "release_ex_libs", "bn_ops", "cpuid_obj", "bn_obj", @@ -2169,12 +2361,17 @@ sub print_table_entry "cmll_obj", "modes_obj", "padlock_obj", + "thread_scheme", "perlasm_scheme", "dso_scheme", "shared_target", "shared_cflag", "shared_ldflag", + "shared_rcflag", "shared_extension", + "shared_extension_simple", + "shared_import_extension", + "dso_extension", "obj_extension", "exe_extension", "ranlib", @@ -2187,14 +2384,24 @@ sub print_table_entry if ($type eq "TABLE") { print "\n"; print "*** $target\n"; - printf "\$%-12s = %s\n", $_, $target{$_} foreach (@sequence); + foreach (@sequence) { + if (ref($target{$_}) eq "ARRAY") { + printf "\$%-12s = %s\n", $_, join(" ", @{$target{$_}}); + } else { + printf "\$%-12s = %s\n", $_, $target{$_}; + } + } } elsif ($type eq "HASH") { my $largest = length((sort { length($a) <=> length($b) } @sequence)[-1]); print " '$target' => {\n"; foreach (@sequence) { if ($target{$_}) { - print " '",$_,"'"," " x ($largest - length($_))," => '",$target{$_},"',\n"; + if (ref($target{$_}) eq "ARRAY") { + print " '",$_,"'"," " x ($largest - length($_))," => [ ",join(", ", map { "'$_'" } @{$target{$_}})," ],\n"; + } else { + print " '",$_,"'"," " x ($largest - length($_))," => '",$target{$_},"',\n"; + } } } print " },\n"; @@ -2203,6 +2410,23 @@ sub print_table_entry # Utility routines ################################################### +# On VMS, if the given file is a logical name, File::Spec::Functions +# will consider it an absolute path. There are cases when we want a +# purely syntactic check without checking the environment. +sub isabsolute { + my $file = shift; + + # On non-platforms, we just use file_name_is_absolute(). + return file_name_is_absolute($file) unless $^O eq "VMS"; + + # If the file spec includes a device or a directpry spec, + # file_name_is_absolute() is perfectly safe. + return file_name_is_absolute($file) if $file =~ m|[:\[]|; + + # Here, we know the given file spec isn't absolute + return 0; +} + # Makes a directory absolute and cleans out /../ in paths like foo/../bar # On some platforms, this uses rel2abs(), while on others, realpath() is used. # realpath() requires that at least all path components except the last is an @@ -2226,20 +2450,6 @@ sub absolutedir { return realpath($dir); } -sub which - { - my($name)=@_; - my $path; - foreach $path (split /:/, $ENV{PATH}) - { - if (-f "$path/$name$target{exe_extension}" and -x _) - { - return "$path/$name$target{exe_extension}" unless ($name eq "perl" and - system("$path/$name$target{exe_extension} -e " . '\'exit($]<5.0);\'')); - } - } - } - sub quotify { my %processors = ( perl => sub { my $x = shift; @@ -2250,7 +2460,7 @@ sub quotify { my $processor = defined($processors{$for}) ? $processors{$for} : sub { shift; }; - map { $processor->($_); } @_; + return map { $processor->($_); } @_; } # collect_from_file($filename, $line_concat_cond_re, $line_concat) @@ -2267,7 +2477,7 @@ sub collect_from_file { my $saved_line = ""; $_ = ""; while (<$fh>) { - chomp; + s|\R$||; if (defined $line_concat) { $_ = $line_concat->($saved_line, $_); $saved_line = ""; @@ -2298,7 +2508,7 @@ sub collect_from_array { my $saved_line = ""; $_ = ""; while (defined($_ = shift @array)) { - chomp; + s|\R$||; if (defined $line_concat) { $_ = $line_concat->($saved_line, $_); $saved_line = ""; @@ -2323,10 +2533,13 @@ sub collect_information { my %collectors = @_; while(defined($_ = $lineiterator->())) { - chomp; + s|\R$||; my $found = 0; + if ($collectors{"BEFORE"}) { + $collectors{"BEFORE"}->($_); + } foreach my $re (keys %collectors) { - if ($re ne "OTHERWISE" && /$re/) { + if ($re !~ /^OTHERWISE|BEFORE|AFTER$/ && /$re/) { $collectors{$re}->($lineiterator); $found = 1; }; @@ -2335,5 +2548,46 @@ sub collect_information { $collectors{"OTHERWISE"}->($lineiterator, $_) unless $found || !defined $collectors{"OTHERWISE"}; } + if ($collectors{"AFTER"}) { + $collectors{"AFTER"}->($_); + } + } +} + +# tokenize($line) +# $line is a line of text to split up into tokens +# returns a list of tokens +# +# Tokens are divided by spaces. If the tokens include spaces, they +# have to be quoted with single or double quotes. Double quotes +# inside a double quoted token must be escaped. Escaping is done +# with backslash. +# Basically, the same quoting rules apply for " and ' as in any +# Unix shell. +sub tokenize { + my $line = my $debug_line = shift; + my @result = (); + + while ($line =~ s|^\s+||, $line ne "") { + my $token = ""; + while ($line ne "" && $line !~ m|^\s|) { + if ($line =~ m/^"((?:[^"\\]+|\\.)*)"/) { + $token .= $1; + $line = $'; + } elsif ($line =~ m/^'([^']*)'/) { + $token .= $1; + $line = $'; + } elsif ($line =~ m/^(\S+)/) { + $token .= $1; + $line = $'; + } + } + push @result, $token; + } + + if ($ENV{CONFIGURE_DEBUG_TOKENIZE}) { + print STDERR "DEBUG[tokenize]: Parsed '$debug_line' into:\n"; + print STDERR "DEBUG[tokenize]: ('", join("', '", @result), "')\n"; } + return @result; }