X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=util%2Fmk1mf.pl;h=7901ff121da96845f18dd02ae1d95a79b1bff2cf;hp=014c4df0b20bd550ddf636db36216efe56affe62;hb=668bcfd5ca237fdf6fbef1ab463697a4a48caf39;hpb=dc01b6b1f20e9fa8a975f5f28e55fdaa75fe37e6 diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 014c4df0b2..7901ff121d 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -6,42 +6,111 @@ # $INSTALLTOP="/usr/local/ssl"; +$OPENSSLDIR="/usr/local/ssl"; $OPTIONS=""; $ssl_version=""; $banner="\t\@echo Building OpenSSL"; -open(IN," \$ssl_version, + OPTIONS => \$OPTIONS, + INSTALLTOP => \$INSTALLTOP, + OPENSSLDIR => \$OPENSSLDIR, + PLATFORM => \$mf_platform, + CFLAG => \$mf_cflag, + DEPFLAG => \$mf_depflag, + CPUID_OBJ => \$mf_cpuid_asm, + BN_ASM => \$mf_bn_asm, + DES_ENC => \$mf_des_asm, + AES_ENC => \$mf_aes_asm, + BF_ENC => \$mf_bf_asm, + CAST_ENC => \$mf_cast_asm, + RC4_ENC => \$mf_rc4_asm, + RC5_ENC => \$mf_rc5_asm, + MD5_ASM_OBJ => \$mf_md5_asm, + SHA1_ASM_OBJ => \$mf_sha_asm, + RMD160_ASM_OBJ => \$mf_rmd_asm, + WP_ASM_OBJ => \$mf_wp_asm, + CMLL_ENC => \$mf_cm_asm, + MODES_ASM_OBJ => \$mf_modes_asm, + FIPSCANISTERONLY => \$mf_fipscanisteronly, + FIPSCANISTERINTERNAL => \$mf_fipscanisterinternal +); + +open(IN,") { - $ssl_version=$1 if (/^VERSION=(.*)$/); - $OPTIONS=$1 if (/^OPTIONS=(.*)$/); - $INSTALLTOP=$1 if (/^INSTALLTOP=(.*$)/); + my ($mf_opt, $mf_ref); + while (($mf_opt, $mf_ref) = each %mf_import) { + if (/^$mf_opt\s*=\s*(.*)$/) { + $$mf_ref = $1; + } + } } close(IN); -die "Makefile.ssl is not the toplevel Makefile!\n" if $ssl_version eq ""; +$debug = 1 if $mf_platform =~ /^debug-/; + +if ($mf_fipscanisterinternal eq "y") { + $fips = 1; + $fipscanisterbuild = 1; + $fipscanisteronly = 1; +} + + +die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq ""; $infile="MINFO"; %ops=( "VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X", + "VC-WIN64I", "Microsoft C/C++ - Win64/IA-64", + "VC-WIN64A", "Microsoft C/C++ - Win64/x64", + "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", - "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286", - "VC-WIN16", "Alias for VC-W31-32", - "VC-W31-32", "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+", - "VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS", "Mingw32", "GNU C++ - Windows NT or 9x", "Mingw32-files", "Create files with DOS copy ...", "BC-NT", "Borland C++ 4.5 - Windows NT", - "BC-W31", "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING", - "BC-MSDOS","Borland C++ 4.5 - MSDOS", "linux-elf","Linux elf", "ultrix-mips","DEC mips ultrix", "FreeBSD","FreeBSD distribution", "OS2-EMX", "EMX GCC OS/2", + "netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets", + "netware-clib-bsdsock", "CodeWarrior for NetWare - CLib - with BSD Sockets", + "netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets", + "netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets", "default","cc under unix", + "auto", "auto detect from top level Makefile" ); $platform=""; +my $xcflags=""; foreach (@ARGV) { if (!&read_options && !defined($ops{$_})) @@ -56,13 +125,21 @@ and [options] can be one of no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest no-ripemd no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher - no-bf no-cast no-aes + no-bf no-cast no-aes no-camellia no-seed no-rsa no-dsa no-dh - Skip this public key cipher no-ssl2 no-ssl3 - Skip this version of SSL just-ssl - remove all non-ssl keys/digest no-asm - No x86 asm no-krb5 - No KRB5 + no-srp - No SRP + no-ec - No EC + no-ecdsa - No ECDSA + no-ecdh - No ECDH + no-engine - No engine + no-hw - No hw nasm - Use NASM for x86 asm + nw-nasm - Use NASM x86 asm for NetWare + nw-mwasm - Use Metrowerks x86 asm for NetWare gaswin - Use GNU as with Mingw32 no-socks - No socket code no-err - No error strings @@ -87,19 +164,22 @@ foreach (grep(!/^$/, split(/ /, $OPTIONS))) print STDERR "unknown option - $_\n" if !&read_options; } +$no_static_engine = 0 if (!$shlib); + $no_mdc2=1 if ($no_des); $no_ssl3=1 if ($no_md5 || $no_sha); $no_ssl3=1 if ($no_rsa && $no_dh); -$no_ssl2=1 if ($no_md5 || $no_rsa); +$no_ssl2=1 if ($no_md5); $no_ssl2=1 if ($no_rsa); $out_def="out"; $inc_def="outinc"; $tmp_def="tmp"; -$mkdir="mkdir"; +$perl="perl" unless defined $perl; +$mkdir="-mkdir" unless defined $mkdir; ($ssl,$crypto)=("ssl","crypto"); $ranlib="echo ranlib"; @@ -110,30 +190,20 @@ $bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:''; # $bin_dir.=$o causes a core dump on my sparc :-( + $NT=0; push(@INC,"util/pl","pl"); -if ($platform eq "VC-MSDOS") - { - $asmbits=16; - $msdos=1; - require 'VC-16.pl'; - } -elsif ($platform eq "VC-W31-16") - { - $asmbits=16; - $msdos=1; $win16=1; - require 'VC-16.pl'; - } -elsif (($platform eq "VC-W31-32") || ($platform eq "VC-WIN16")) - { - $asmbits=32; - $msdos=1; $win16=1; - require 'VC-16.pl'; - } -elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) + +if ($platform eq "auto") { + $platform = $mf_platform; + print STDERR "Imported platform $mf_platform\n"; +} + +if (($platform =~ /VC-(.+)/)) { - $NT = 1 if $platform eq "VC-NT"; + $FLAVOR=$1; + $NT = 1 if $1 eq "NT"; require 'VC-32.pl'; } elsif ($platform eq "Mingw32") @@ -149,23 +219,6 @@ elsif ($platform eq "BC-NT") $bc=1; require 'BC-32.pl'; } -elsif ($platform eq "BC-W31") - { - $bc=1; - $msdos=1; $w16=1; - require 'BC-16.pl'; - } -elsif ($platform eq "BC-Q16") - { - $msdos=1; $w16=1; $shlib=0; $qw=1; - require 'BC-16.pl'; - } -elsif ($platform eq "BC-MSDOS") - { - $asmbits=16; - $msdos=1; - require 'BC-16.pl'; - } elsif ($platform eq "FreeBSD") { require 'unix.pl'; @@ -188,6 +241,13 @@ elsif ($platform eq "OS2-EMX") $wc=1; require 'OS2-EMX.pl'; } +elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") || + ($platform eq "netware-clib-bsdsock") || ($platform eq "netware-libc-bsdsock")) + { + $LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock"; + $BSDSOCK=1 if ($platform eq "netware-libc-bsdsock") || ($platform eq "netware-clib-bsdsock"); + require 'netware.pl'; + } else { require "unix.pl"; @@ -202,8 +262,12 @@ $inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def; $bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq '')); +$cflags= "$xcflags$cflags" if $xcflags ne ""; + $cflags.=" -DOPENSSL_NO_IDEA" if $no_idea; $cflags.=" -DOPENSSL_NO_AES" if $no_aes; +$cflags.=" -DOPENSSL_NO_CAMELLIA" if $no_camellia; +$cflags.=" -DOPENSSL_NO_SEED" if $no_seed; $cflags.=" -DOPENSSL_NO_RC2" if $no_rc2; $cflags.=" -DOPENSSL_NO_RC4" if $no_rc4; $cflags.=" -DOPENSSL_NO_RC5" if $no_rc5; @@ -212,7 +276,7 @@ $cflags.=" -DOPENSSL_NO_MD4" if $no_md4; $cflags.=" -DOPENSSL_NO_MD5" if $no_md5; $cflags.=" -DOPENSSL_NO_SHA" if $no_sha; $cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1; -$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_rmd160; +$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd; $cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2; $cflags.=" -DOPENSSL_NO_BF" if $no_bf; $cflags.=" -DOPENSSL_NO_CAST" if $no_cast; @@ -220,11 +284,36 @@ $cflags.=" -DOPENSSL_NO_DES" if $no_des; $cflags.=" -DOPENSSL_NO_RSA" if $no_rsa; $cflags.=" -DOPENSSL_NO_DSA" if $no_dsa; $cflags.=" -DOPENSSL_NO_DH" if $no_dh; +$cflags.=" -DOPENSSL_NO_WHIRLPOOL" if $no_whirlpool; $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock; $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; +$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; +$cflags.=" -DOPENSSL_NO_SRP" if $no_srp; +$cflags.=" -DOPENSSL_NO_CMS" if $no_cms; $cflags.=" -DOPENSSL_NO_ERR" if $no_err; -$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; +$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; +$cflags.=" -DOPENSSL_NO_EC" if $no_ec; +$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa; +$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh; +$cflags.=" -DOPENSSL_NO_GOST" if $no_gost; +$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; +$cflags.=" -DOPENSSL_NO_HW" if $no_hw; +$cflags.=" -DOPENSSL_FIPS" if $fips; +$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake; +$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m; +$cflags.= " -DZLIB" if $zlib_opt; +$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; + +if ($no_static_engine) + { + $cflags .= " -DOPENSSL_NO_STATIC_ENGINE"; + } +else + { + $cflags .= " -DOPENSSL_NO_DYNAMIC_ENGINE"; + } + #$cflags.=" -DRSAref" if $rsaref ne ""; ## if ($unix) @@ -234,6 +323,7 @@ $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; $ex_libs="$l_flags$ex_libs" if ($l_flags ne ""); + %shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL", "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); @@ -249,6 +339,262 @@ if ($msdos) $link="$bin_dir$link" if ($link !~ /^\$/); $INSTALLTOP =~ s|/|$o|g; +$OPENSSLDIR =~ s|/|$o|g; + +############################################# +# We parse in input file and 'store' info for later printing. +open(IN,"<$infile") || die "unable to open $infile:$!\n"; +$_=; +for (;;) + { + s/\s*$//; # was chop, didn't work in mixture of perls for Windows... + + ($key,$val)=/^([^=]+)=(.*)/; + if ($key eq "RELATIVE_DIRECTORY") + { + if ($lib ne "") + { + if ($fips && $dir =~ /^fips/) + { + $uc = "FIPS"; + } + else + { + $uc=$lib; + $uc =~ s/^lib(.*)\.a/$1/; + $uc =~ tr/a-z/A-Z/; + } + if (($uc ne "FIPS") || $fipscanisterbuild) + { + $lib_nam{$uc}=$uc; + $lib_obj{$uc}.=$libobj." "; + } + } + last if ($val eq "FINISHED"); + $lib=""; + $libobj=""; + $dir=$val; + } + + if ($key eq "KRB5_INCLUDES") + { $cflags .= " $val";} + + if ($key eq "ZLIB_INCLUDE") + { $cflags .= " $val" if $val ne "";} + + if ($key eq "LIBZLIB") + { $zlib_lib = "$val" if $val ne "";} + + if ($key eq "LIBKRB5") + { $ex_libs .= " $val" if $val ne "";} + + if ($key eq "TEST" && (!$fipscanisteronly || $dir =~ /^fips/ )) + { $test.=&var_add($dir,$val, 0); } + + if (($key eq "PROGS") || ($key eq "E_OBJ")) + { $e_exe.=&var_add($dir,$val, 0); } + + if ($key eq "LIB") + { + $lib=$val; + $lib =~ s/^.*\/([^\/]+)$/$1/; + } + if ($key eq "LIBNAME" && $no_static_engine) + { + $lib=$val; + $lib =~ s/^.*\/([^\/]+)$/$1/; + $otherlibs .= " $lib"; + } + + if ($key eq "EXHEADER") + { $exheader.=&var_add($dir,$val, 1); } + + if ($key eq "HEADER") + { $header.=&var_add($dir,$val, 1); } + + if ($key eq "LIBOBJ") + { + if ($dir ne "engines" || !$no_static_engine) + { $libobj=&var_add($dir,$val, 0); } + else + { push(@engines_obj,split(/\s+/,&var_add($dir,$val,0))); } + } + if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine) + { $engines.=$val } + + if ($key eq "FIPS_EX_OBJ") + { + $fips_ex_obj=&var_add("crypto",$val,0); + } + + if ($key eq "FIPSLIBDIR") + { + $fipslibdir=$val; + $fipslibdir =~ s/\/$//; + $fipslibdir =~ s/\//$o/g; + } + + if ($key eq "BASEADDR") + { $baseaddr=$val;} + + if (!($_=)) + { $_="RELATIVE_DIRECTORY=FINISHED\n"; } + } +close(IN); + +if ($fips) + { + + foreach (split " ", $fips_ex_obj) + { + $fips_exclude_obj{$1} = 1 if (/\/([^\/]*)$/); + } + foreach (split " ", + "$mf_cpuid_asm $mf_aes_asm $mf_sha_asm $mf_bn_asm " . + "$mf_des_asm $mf_modes_asm") + { + s/\.o//; + $fips_exclude_obj{$_} = 1; + } + my @ltmp = split " ", $lib_obj{"CRYPTO"}; + + + $lib_obj{"CRYPTO"} = ""; + + foreach(@ltmp) + { + if (/\/([^\/]*)$/ && exists $fips_exclude_obj{$1}) + { + if ($fipscanisterbuild) + { + $lib_obj{"FIPS"} .= "$_ "; + } + } + elsif (!$fipscanisteronly) + { + $lib_obj{"CRYPTO"} .= "$_ "; + } + } + + } + +if ($fipscanisterbuild) + { + $fips_canister_path = "\$(LIB_D)${o}fipscanister.lib" if $fips_canister_path eq ""; + $fips_premain_c_path = "\$(LIB_D)${o}fips_premain.c"; + } +else + { + if ($fips_canister_path eq "") + { + $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.lib"; + } + + if ($fips_premain_c_path eq "") + { + $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c"; + } + } + +if ($fips) + { + if ($fips_sha1_exe_path eq "") + { + $fips_sha1_exe_path = + "\$(BIN_D)${o}fips_standalone_sha1$exep"; + } + } + else + { + $fips_sha1_exe_path = ""; + } + +if ($fips_premain_dso_exe_path eq "") + { + $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep"; + } + +# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips); + +if ($fips) + { + if (!$shlib) + { + $build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)"; + $ex_l_libs .= " \$(O_FIPSCANISTER)"; + $ex_libs_dep .= " \$(O_FIPSCANISTER)" if $fipscanisterbuild; + } + if ($fipscanisterbuild) + { + $fipslibdir = "\$(LIB_D)"; + } + else + { + if ($fipslibdir eq "") + { + open (IN, "util/fipslib_path.txt") || fipslib_error(); + $fipslibdir = ; + chomp $fipslibdir; + close IN; + } + fips_check_files($fipslibdir, + "fipscanister.lib", "fipscanister.lib.sha1", + "fips_premain.c", "fips_premain.c.sha1"); + } + } + +if ($fipscanisteronly) + { + $build_targets = "\$(O_FIPSCANISTER) \$(T_EXE)"; + $libs_dep = ""; + } + +$cp2 = $cp unless defined $cp2; + +$extra_install= <<"EOF"; + \$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\" + \$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\" + \$(MKDIR) \"\$(OPENSSLDIR)\" + \$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\" +EOF + +if ($fipscanisteronly) + { + $extra_install = <<"EOF"; + \$(CP) \"\$(O_FIPSCANISTER)\" \"\$(INSTALLTOP)${o}lib\" + \$(CP) \"\$(O_FIPSCANISTER).sha1\" \"\$(INSTALLTOP)${o}lib\" + \$(CP2) \"fips${o}fips_premain.c\" \"\$(INSTALLTOP)${o}lib\" + \$(CP) \"fips${o}fips_premain.c.sha1\" \"\$(INSTALLTOP)${o}lib\" + \$(CP) \"\$(INCO_D)${o}fips.h\" \"\$(INSTALLTOP)${o}include${o}openssl\" + \$(CP) \"\$(INCO_D)${o}fips_rand.h\" \"\$(INSTALLTOP)${o}include${o}openssl\" + \$(CP) "\$(BIN_D)${o}fips_standalone_sha1$exep" \"\$(INSTALLTOP)${o}bin\" + \$(CP) \"util${o}fipslink.pl\" \"\$(INSTALLTOP)${o}bin\" +EOF + } +elsif ($shlib) + { + $extra_install .= <<"EOF"; + \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\" + \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\" + \$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\" + \$(CP) \"\$(L_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\" +EOF + if ($no_static_engine) + { + $extra_install .= <<"EOF" + \$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\" + \$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\" +EOF + } + } +else + { + $extra_install .= <<"EOF"; + \$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\" + \$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\" +EOF + $ex_libs .= " $zlib_lib" if $zlib_opt == 1; + } $defs= <<"EOF"; # This makefile has been automatically generated from the OpenSSL distribution. @@ -264,7 +610,13 @@ $defs= <<"EOF"; # The one monster makefile better suits building in non-unix # environments. +EOF + +$defs .= $preamble if defined $preamble; + +$defs.= <<"EOF"; INSTALLTOP=$INSTALLTOP +OPENSSLDIR=$OPENSSLDIR # Set your compiler options PLATFORM=$platform @@ -284,27 +636,8 @@ SRC_D=$src_dir LINK=$link LFLAGS=$lflags - -BN_ASM_OBJ=$bn_asm_obj -BN_ASM_SRC=$bn_asm_src -BNCO_ASM_OBJ=$bnco_asm_obj -BNCO_ASM_SRC=$bnco_asm_src -DES_ENC_OBJ=$des_enc_obj -DES_ENC_SRC=$des_enc_src -BF_ENC_OBJ=$bf_enc_obj -BF_ENC_SRC=$bf_enc_src -CAST_ENC_OBJ=$cast_enc_obj -CAST_ENC_SRC=$cast_enc_src -RC4_ENC_OBJ=$rc4_enc_obj -RC4_ENC_SRC=$rc4_enc_src -RC5_ENC_OBJ=$rc5_enc_obj -RC5_ENC_SRC=$rc5_enc_src -MD5_ASM_OBJ=$md5_asm_obj -MD5_ASM_SRC=$md5_asm_src -SHA1_ASM_OBJ=$sha1_asm_obj -SHA1_ASM_SRC=$sha1_asm_src -RMD160_ASM_OBJ=$rmd160_asm_obj -RMD160_ASM_SRC=$rmd160_asm_src +RSC=$rsc +FIPSLINK=\$(PERL) util${o}fipslink.pl # The output directory for everything intersting OUT_D=$out_dir @@ -314,7 +647,9 @@ TMP_D=$tmp_dir INC_D=$inc_dir INCO_D=$inc_dir${o}openssl +PERL=$perl CP=$cp +CP2=$cp2 RM=$rm RANLIB=$ranlib MKDIR=$mkdir @@ -322,6 +657,17 @@ MKLIB=$bin_dir$mklib MLFLAGS=$mlflags ASM=$bin_dir$asm +# FIPS validated module and support file locations + +E_PREMAIN_DSO=fips_premain_dso + +FIPSLIB_D=$fipslibdir +BASEADDR=$baseaddr +FIPS_PREMAIN_SRC=$fips_premain_c_path +O_FIPSCANISTER=$fips_canister_path +FIPS_SHA1_EXE=$fips_sha1_exe_path +PREMAIN_DSO_EXE=$fips_premain_dso_exe_path + ###################################################### # You should not need to touch anything below this point ###################################################### @@ -333,12 +679,14 @@ CRYPTO=$crypto # BIN_D - Binary output directory # TEST_D - Binary test file output directory # LIB_D - library output directory +# ENG_D - dynamic engine output directory # Note: if you change these point to different directories then uncomment out # the lines around the 'NB' comment below. # BIN_D=\$(OUT_D) TEST_D=\$(OUT_D) LIB_D=\$(OUT_D) +ENG_D=\$(OUT_D) # INCL_D - local library directory # OBJ_D - temp object file directory @@ -352,7 +700,7 @@ SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp -L_LIBS= \$(L_SSL) \$(L_CRYPTO) +L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs ###################################################### # Don't touch anything below this point @@ -362,19 +710,19 @@ INC=-I\$(INC_D) -I\$(INCL_D) APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) -LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) +LIBS_DEP=$libs_dep ############################################# EOF $rules=<<"EOF"; -all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe +all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) $build_targets banner: $banner \$(TMP_D): - \$(MKDIR) \$(TMP_D) + \$(MKDIR) \"\$(TMP_D)\" # NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different #\$(BIN_D): # \$(MKDIR) \$(BIN_D) @@ -383,31 +731,33 @@ $banner # \$(MKDIR) \$(TEST_D) \$(LIB_D): - \$(MKDIR) \$(LIB_D) + \$(MKDIR) \"\$(LIB_D)\" \$(INCO_D): \$(INC_D) - \$(MKDIR) \$(INCO_D) + \$(MKDIR) \"\$(INCO_D)\" \$(INC_D): - \$(MKDIR) \$(INC_D) + \$(MKDIR) \"\$(INC_D)\" headers: \$(HEADER) \$(EXHEADER) @ -lib: \$(LIBS_DEP) +lib: \$(LIBS_DEP) \$(E_SHLIB) exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep -install: - \$(MKDIR) \$(INSTALLTOP) - \$(MKDIR) \$(INSTALLTOP)${o}bin - \$(MKDIR) \$(INSTALLTOP)${o}include - \$(MKDIR) \$(INSTALLTOP)${o}include${o}openssl - \$(MKDIR) \$(INSTALLTOP)${o}lib - \$(CP) \$(INCO_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include${o}openssl - \$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin - \$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib - \$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib +install: all + \$(MKDIR) \"\$(INSTALLTOP)\" + \$(MKDIR) \"\$(INSTALLTOP)${o}bin\" + \$(MKDIR) \"\$(INSTALLTOP)${o}include\" + \$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\" + \$(MKDIR) \"\$(INSTALLTOP)${o}lib\" +$extra_install + + +test: \$(T_EXE) + cd \$(BIN_D) + ..${o}ms${o}test clean: \$(RM) \$(TMP_D)$o*.* @@ -454,57 +804,6 @@ printf OUT " #define DATE \"%s\"\n", scalar gmtime(); printf OUT "#endif\n"; close(OUT); -############################################# -# We parse in input file and 'store' info for later printing. -open(IN,"<$infile") || die "unable to open $infile:$!\n"; -$_=; -for (;;) - { - chop; - - ($key,$val)=/^([^=]+)=(.*)/; - if ($key eq "RELATIVE_DIRECTORY") - { - if ($lib ne "") - { - $uc=$lib; - $uc =~ s/^lib(.*)\.a/$1/; - $uc =~ tr/a-z/A-Z/; - $lib_nam{$uc}=$uc; - $lib_obj{$uc}.=$libobj." "; - } - last if ($val eq "FINISHED"); - $lib=""; - $libobj=""; - $dir=$val; - } - - if ($key eq "TEST") - { $test.=&var_add($dir,$val); } - - if (($key eq "PROGS") || ($key eq "E_OBJ")) - { $e_exe.=&var_add($dir,$val); } - - if ($key eq "LIB") - { - $lib=$val; - $lib =~ s/^.*\/([^\/]+)$/$1/; - } - - if ($key eq "EXHEADER") - { $exheader.=&var_add($dir,$val); } - - if ($key eq "HEADER") - { $header.=&var_add($dir,$val); } - - if ($key eq "LIBOBJ") - { $libobj=&var_add($dir,$val); } - - if (!($_=)) - { $_="RELATIVE_DIRECTORY=FINISHED\n"; } - } -close(IN); - # Strip of trailing ' ' foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); } $test=&clean_up_ws($test); @@ -517,11 +816,11 @@ foreach (split(/\s+/,$exheader)){ $h{$_}=1; } foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; } chop($h); $header=$h; -$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h"); -$rules.=&do_copy_rule("\$(INCL_D)",$header,".h"); +$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",""); +$rules.=&do_copy_rule("\$(INCL_D)",$header,""); -$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",".h"); -$rules.=&do_copy_rule("\$(INCO_D)",$exheader,".h"); +$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",""); +$rules.=&do_copy_rule("\$(INCO_D)",$exheader,""); $defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj); $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); @@ -529,6 +828,26 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); +# Special case rules for fips_start and fips_end fips_premain_dso + +if ($fips) + { + if ($fipscanisterbuild) + { + $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj", + "fips${o}fips_canister.c", + "-DFIPS_START \$(SHLIB_CFLAGS)"); + $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj", + "fips${o}fips_canister.c", "\$(SHLIB_CFLAGS)"); + } + $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj", + "fips${o}sha${o}fips_standalone_sha1.c", + "\$(APP_CFLAGS)"); + $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj", + "fips${o}fips_premain.c", + "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(APP_CFLAGS)"); + } + foreach (values %lib_nam) { $lib_obj=$lib_obj{$_}; @@ -540,74 +859,120 @@ foreach (values %lib_nam) next; } - if (($bn_asm_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/; - $rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src); - } - if (($bnco_asm_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj .= "\$(BNCO_ASM_OBJ)"; - $rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src); - } - if (($des_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/; - $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /; - $rules.=&do_asm_rule($des_enc_obj,$des_enc_src); - } - if (($bf_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s\S*\/bf_enc\S*/ \$(BF_ENC_OBJ)/; - $rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src); - } - if (($cast_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/(\s\S*\/c_enc\S*)/ \$(CAST_ENC_OBJ)/; - $rules.=&do_asm_rule($cast_enc_obj,$cast_enc_src); - } - if (($rc4_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s\S*\/rc4_enc\S*/ \$(RC4_ENC_OBJ)/; - $rules.=&do_asm_rule($rc4_enc_obj,$rc4_enc_src); - } - if (($rc5_enc_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s\S*\/rc5_enc\S*/ \$(RC5_ENC_OBJ)/; - $rules.=&do_asm_rule($rc5_enc_obj,$rc5_enc_src); - } - if (($md5_asm_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/; - $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src); - } - if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/; - $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src); - } - if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO")) - { - $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; - $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); - } $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); } +# hack to add version info on MSVC +if (($platform eq "VC-WIN32") || ($platform eq "VC-WIN64A") + || ($platform eq "VC-WIN64I") || ($platform eq "VC-NT")) { + $rules.= <<"EOF"; +\$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc + \$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc + +\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc + \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc + +EOF +} + $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep); foreach (split(/\s+/,$test)) { + my $t_libs; $t=&bname($_); + my $ltype; + # Check to see if test program is FIPS + if ($fips && /fips/) + { + # If fips perform static link to + # $(O_FIPSCANISTER) + $t_libs = "\$(O_FIPSCANISTER)"; + $ltype = 2; + } + else + { + $t_libs = "\$(L_LIBS)"; + $ltype = 0; + } + $tt="\$(OBJ_D)${o}$t${obj}"; - $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); + $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","$t_libs \$(EX_LIBS)", $ltype); } +$defs.=&do_defs("E_SHLIB",$engines . $otherlibs,"\$(ENG_D)",$shlibp); + +foreach (split(/\s+/,$engines)) + { + my $engine = $_; + my @objs = grep {/e_$engine/} @engines_obj; + $rules.=&do_compile_rule("\$(OBJ_D)",join(" ",@objs),$lib); + map {$_=~s/.*\/([^\/]+)$/\$(OBJ_D)${o}$1$obj/} @objs; + $rules.= &do_lib_rule(join(" ",@objs),"\$(ENG_D)$o$engine$shlibp","",$shlib,""); + } + + + $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); -$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); +#$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); -$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); +foreach (split(" ",$otherlibs)) + { + my $uc = $_; + $uc =~ tr /a-z/A-Z/; + $rules.= &do_lib_rule("\$(${uc}OBJ)","\$(ENG_D)$o$_$shlibp", "", $shlib, ""); + + } + +if ($fips) + { + if ($shlib) + { + $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", + "\$(O_CRYPTO)", "$crypto", + $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)"); + } + else + { + $rules.= &do_lib_rule("\$(CRYPTOOBJ)", + "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", ""); + $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", + "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", ""); + } + } + else + { + $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib, + "\$(SO_CRYPTO)"); + } + +if ($fips) + { + if ($fipscanisterbuild) + { + $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", + "\$(OBJ_D)${o}fips_start$obj", + "\$(FIPSOBJ)", + "\$(OBJ_D)${o}fips_end$obj", + "\$(FIPS_SHA1_EXE)", ""); + # FIXME + $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)", + "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj $sha1_asm_obj", + "","\$(EX_LIBS)", 1); + } + else + { + $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)", + "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(O_FIPSCANISTER)", + "","", 1); + + } + $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1); + + } + +$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0); print $defs; @@ -615,7 +980,7 @@ if ($platform eq "linux-elf") { print <<"EOF"; # Generate perlasm output files %.cpp: - (cd \$(\@D)/..; PERL=perl make -f Makefile.ssl asm/\$(\@F)) + (cd \$(\@D)/..; PERL=perl make -f Makefile asm/\$(\@F)) EOF } print "###################################################################\n"; @@ -627,11 +992,15 @@ print $rules; # directories sub var_add { - local($dir,$val)=@_; + local($dir,$val,$keepext)=@_; local(@a,$_,$ret); + return("") if $no_engine && $dir =~ /\/engine/; + return("") if $no_hw && $dir =~ /\/hw/; return("") if $no_idea && $dir =~ /\/idea/; return("") if $no_aes && $dir =~ /\/aes/; + return("") if $no_camellia && $dir =~ /\/camellia/; + return("") if $no_seed && $dir =~ /\/seed/; return("") if $no_rc2 && $dir =~ /\/rc2/; return("") if $no_rc4 && $dir =~ /\/rc4/; return("") if $no_rc5 && $dir =~ /\/rc5/; @@ -639,6 +1008,11 @@ sub var_add return("") if $no_rsa && $dir =~ /^rsaref/; return("") if $no_dsa && $dir =~ /\/dsa/; return("") if $no_dh && $dir =~ /\/dh/; + return("") if $no_ec && $dir =~ /\/ec/; + return("") if $no_gost && $dir =~ /\/ccgost/; + return("") if $no_cms && $dir =~ /\/cms/; + return("") if $no_jpake && $dir =~ /\/jpake/; + return("") if !$fips && $dir =~ /^fips/; if ($no_des && $dir =~ /\/des/) { if ($val =~ /read_pwd/) @@ -650,10 +1024,11 @@ sub var_add return("") if $no_sock && $dir =~ /\/proxy/; return("") if $no_bf && $dir =~ /\/bf/; return("") if $no_cast && $dir =~ /\/cast/; + return("") if $no_whirlpool && $dir =~ /\/whrlpool/; $val =~ s/^\s*(.*)\s*$/$1/; @a=split(/\s+/,$val); - grep(s/\.[och]$//,@a); + grep(s/\.[och]$//,@a) unless $keepext; @a=grep(!/^e_.*_3d$/,@a) if $no_des; @a=grep(!/^e_.*_d$/,@a) if $no_des; @@ -664,16 +1039,18 @@ sub var_add @a=grep(!/^e_.*_bf$/,@a) if $no_bf; @a=grep(!/^e_.*_c$/,@a) if $no_cast; @a=grep(!/^e_rc4$/,@a) if $no_rc4; + @a=grep(!/^e_camellia$/,@a) if $no_camellia; + @a=grep(!/^e_seed$/,@a) if $no_seed; - @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; - @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; + #@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2; + #@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3; @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock; @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2; @a=grep(!/(^md4)|(_md4$)/,@a) if $no_md4; @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5; - @a=grep(!/(rmd)|(ripemd)/,@a) if $no_rmd160; + @a=grep(!/(rmd)|(ripemd)/,@a) if $no_ripemd; @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa; @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa; @@ -690,6 +1067,10 @@ sub var_add @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1; @a=grep(!/_mdc2$/,@a) if $no_mdc2; + @a=grep(!/(srp)/,@a) if $no_srp; + + @a=grep(!/^engine$/,@a) if $no_engine; + @a=grep(!/^hw$/,@a) if $no_hw; @a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa; @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa; @a=grep(!/^gendsa$/,@a) if $no_sha1; @@ -738,6 +1119,7 @@ sub do_defs else { $pf=$postfix; } if ($_ =~ /BN_ASM/) { $t="$_ "; } elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; } + elsif ($_ =~ /AES_ASM/){ $t="$_ "; } elsif ($_ =~ /DES_ENC/) { $t="$_ "; } elsif ($_ =~ /BF_ENC/) { $t="$_ "; } elsif ($_ =~ /CAST_ENC/){ $t="$_ "; } @@ -746,12 +1128,22 @@ sub do_defs elsif ($_ =~ /MD5_ASM/) { $t="$_ "; } elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; } elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; } + elsif ($_ =~ /WHIRLPOOL_ASM/){ $t="$_ "; } + elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; } else { $t="$location${o}$_$pf "; } $Vars{$var}.="$t "; $ret.=$t; } - chop($ret); + # hack to add version info on MSVC + if ($shlib && (($platform eq "VC-WIN32") || ($platfrom eq "VC-WIN64I") || ($platform eq "VC-WIN64A") || ($platform eq "VC-NT"))) + { + if ($var eq "CRYPTOOBJ") + { $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; } + elsif ($var eq "SSLOBJ") + { $ret.="\$(OBJ_D)\\\$(SSL).res "; } + } + chomp($ret); $ret.="\n\n"; return($ret); } @@ -764,6 +1156,13 @@ sub bname return($ret); } +# return the leading path +sub dname + { + my $ret=shift; + $ret =~ s/(^.*)[\\\/][^\\\/]+$/$1/; + return($ret); + } ############################################################## # do a rule for each file that says 'compile' to new direcory @@ -771,19 +1170,67 @@ sub bname sub do_compile_rule { local($to,$files,$ex)=@_; - local($ret,$_,$n); - + local($ret,$_,$n,$d,$s); + $files =~ s/\//$o/g if $o ne '/'; foreach (split(/\s+/,$files)) { $n=&bname($_); - $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex) + $d=&dname($_); + if (-f "${_}.c") + { + $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex) + } + elsif (-f ($s="${d}${o}asm${o}${n}.pl") or + ($s=~s/sha256/sha512/ and -f $s) or + -f ($s="${d}${o}${n}.pl")) + { + $ret.=&perlasm_compile_target("$to${o}$n$obj",$s,$n); + } + elsif (-f ($s="${d}${o}asm${o}${n}.S") or + -f ($s="${d}${o}${n}.S")) + { + $ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n); + } + else { die "no rule for $_"; } } return($ret); } ############################################################## # do a rule for each file that says 'compile' to new direcory +sub perlasm_compile_target + { + my($target,$source,$bname)=@_; + my($ret); + $bname =~ s/(.*)\.[^\.]$/$1/; + $ret ="\$(TMP_D)$o$bname.asm: $source\n"; + $ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n"; + if ($fipscanisteronly) + { + $ret .= "\t\$(PERL) util\\fipsas.pl . \$@ norunasm \$(CFLAG)\n"; + } + $ret .= "\n"; + $ret.="$target: \$(TMP_D)$o$bname.asm\n"; + $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n"; + return($ret); + } + +sub Sasm_compile_target + { + my($target,$source,$bname)=@_; + my($ret); + + $bname =~ s/(.*)\.[^\.]$/$1/; + $ret ="\$(TMP_D)$o$bname.asm: $source\n"; + $ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n"; + $ret.="\t\$(PERL) util\\fipsas.pl . \$@ norunasm \$(CFLAG)\n" if $fipscanisteronly; + $ret.="\n"; + $ret.="$target: \$(TMP_D)$o$bname.asm\n"; + $ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n"; + return($ret); + } + sub cc_compile_target { local($target,$source,$ex_flags)=@_; @@ -806,13 +1253,25 @@ sub do_asm_rule $target =~ s/\//$o/g if $o ne "/"; $src =~ s/\//$o/g if $o ne "/"; - @s=split(/\s+/,$src); @t=split(/\s+/,$target); + @s=split(/\s+/,$src); + for ($i=0; $i<=$#s; $i++) { - $ret.="$t[$i]: $s[$i]\n"; - $ret.="\t\$(ASM) $afile$t[$i] \$(SRC_D)$o$s[$i]\n\n"; + my $objfile = $t[$i]; + my $srcfile = $s[$i]; + + if ($perl_asm == 1) + { + my $plasm = $objfile; + $plasm =~ s/${obj}/.pl/; + $ret.="$srcfile: $plasm\n"; + $ret.="\t\$(PERL) $plasm $asmtype \$(CFLAG) >$srcfile\n\n"; + } + + $ret.="$objfile: $srcfile\n"; + $ret.="\t\$(ASM) $afile$objfile \$(SRC_D)$o$srcfile\n\n"; } return($ret); } @@ -846,55 +1305,159 @@ sub do_copy_rule if ($n =~ /bss_file/) { $pp=".c"; } else { $pp=$p; } - $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n"; + $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n"; } return($ret); } sub read_options { - if (/^no-rc2$/) { $no_rc2=1; } - elsif (/^no-rc4$/) { $no_rc4=1; } - elsif (/^no-rc5$/) { $no_rc5=1; } - elsif (/^no-idea$/) { $no_idea=1; } - elsif (/^no-aes$/) { $no_aes=1; } - elsif (/^no-des$/) { $no_des=1; } - elsif (/^no-bf$/) { $no_bf=1; } - elsif (/^no-cast$/) { $no_cast=1; } - elsif (/^no-md2$/) { $no_md2=1; } - elsif (/^no-md4$/) { $no_md4=1; } - elsif (/^no-md5$/) { $no_md5=1; } - elsif (/^no-sha$/) { $no_sha=1; } - elsif (/^no-sha1$/) { $no_sha1=1; } - elsif (/^no-ripemd$/) { $no_ripemd=1; } - elsif (/^no-mdc2$/) { $no_mdc2=1; } - elsif (/^no-patents$/) { $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; } - elsif (/^no-rsa$/) { $no_rsa=1; } - elsif (/^no-dsa$/) { $no_dsa=1; } - elsif (/^no-dh$/) { $no_dh=1; } - elsif (/^no-hmac$/) { $no_hmac=1; } - elsif (/^no-rijndael$/) { $no_rijndael=1; } - elsif (/^no-asm$/) { $no_asm=1; } - elsif (/^nasm$/) { $nasm=1; } - elsif (/^gaswin$/) { $gaswin=1; } - elsif (/^no-ssl2$/) { $no_ssl2=1; } - elsif (/^no-ssl3$/) { $no_ssl3=1; } - elsif (/^no-err$/) { $no_err=1; } - elsif (/^no-sock$/) { $no_sock=1; } - elsif (/^no-krb5$/) { $no_krb5=1; } - - elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1; - $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1; - $no_ssl2=$no_err=$no_rmd160=$no_rc5=1; - $no_aes=1; } - - elsif (/^rsaref$/) { } - elsif (/^gcc$/) { $gcc=1; } - elsif (/^debug$/) { $debug=1; } - elsif (/^profile$/) { $profile=1; } - elsif (/^shlib$/) { $shlib=1; } - elsif (/^dll$/) { $shlib=1; } - elsif (/^shared$/) { } # We just need to ignore it for now... + # Many options are handled in a similar way. In particular + # no-xxx sets zero or more scalars to 1. + # Process these using a hash containing the option name and + # reference to the scalars to set. + + my %valid_options = ( + "no-rc2" => \$no_rc2, + "no-rc4" => \$no_rc4, + "no-rc5" => \$no_rc5, + "no-idea" => \$no_idea, + "no-aes" => \$no_aes, + "no-camellia" => \$no_camellia, + "no-seed" => \$no_seed, + "no-des" => \$no_des, + "no-bf" => \$no_bf, + "no-cast" => \$no_cast, + "no-md2" => \$no_md2, + "no-md4" => \$no_md4, + "no-md5" => \$no_md5, + "no-sha" => \$no_sha, + "no-sha1" => \$no_sha1, + "no-ripemd" => \$no_ripemd, + "no-mdc2" => \$no_mdc2, + "no-whirlpool" => \$no_whirlpool, + "no-patents" => + [\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa], + "no-rsa" => \$no_rsa, + "no-dsa" => \$no_dsa, + "no-dh" => \$no_dh, + "no-hmac" => \$no_hmac, + "no-asm" => \$no_asm, + "nasm" => \$nasm, + "nw-nasm" => \$nw_nasm, + "nw-mwasm" => \$nw_mwasm, + "gaswin" => \$gaswin, + "no-ssl2" => \$no_ssl2, + "no-ssl3" => \$no_ssl3, + "no-tlsext" => \$no_tlsext, + "no-srp" => \$no_srp, + "no-cms" => \$no_cms, + "no-jpake" => \$no_jpake, + "no-ec2m" => \$no_ec2m, + "no-ec_nistp_64_gcc_128" => 0, + "no-err" => \$no_err, + "no-sock" => \$no_sock, + "no-krb5" => \$no_krb5, + "no-ec" => \$no_ec, + "no-ecdsa" => \$no_ecdsa, + "no-ecdh" => \$no_ecdh, + "no-gost" => \$no_gost, + "no-engine" => \$no_engine, + "no-hw" => \$no_hw, + "just-ssl" => + [\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast, + \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh, + \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5, + \$no_aes, \$no_camellia, \$no_seed, \$no_srp], + "rsaref" => 0, + "gcc" => \$gcc, + "debug" => \$debug, + "profile" => \$profile, + "shlib" => \$shlib, + "dll" => \$shlib, + "shared" => 0, + "no-sctp" => 0, + "no-gmp" => 0, + "no-rfc3779" => 0, + "no-montasm" => 0, + "no-shared" => 0, + "no-store" => 0, + "no-zlib" => 0, + "no-zlib-dynamic" => 0, + "no-ssl-trace" => 0, + "fips" => \$fips, + "fipscanisterbuild" => [\$fips, \$fipscanisterbuild], + "fipscanisteronly" => [\$fips, \$fipscanisterbuild, \$fipscanisteronly], + "fipscheck" => [\$fips, \$fipscanisterbuild, \$fipscanisteronly], + ); + + if (exists $valid_options{$_}) + { + my $r = $valid_options{$_}; + if ( ref $r eq "SCALAR") + { $$r = 1;} + elsif ( ref $r eq "ARRAY") + { + my $r2; + foreach $r2 (@$r) + { + $$r2 = 1; + } + } + } + elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; } + elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 } + elsif (/^enable-zlib-dynamic$/) + { + $zlib_opt = 2; + } + elsif (/^no-static-engine/) + { + $no_static_engine = 1; + } + elsif (/^enable-static-engine/) + { + $no_static_engine = 0; + } + # There are also enable-xxx options which correspond to + # the no-xxx. Since the scalars are enabled by default + # these can be ignored. + elsif (/^enable-/) + { + my $t = $_; + $t =~ s/^enable/no/; + if (exists $valid_options{$t}) + {return 1;} + return 0; + } + # experimental-xxx is mostly like enable-xxx, but opensslconf.v + # will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx. + # (No need to fail if we don't know the algorithm -- this is for adventurous users only.) + elsif (/^experimental-/) + { + my $algo, $ALGO; + ($algo = $_) =~ s/^experimental-//; + ($ALGO = $algo) =~ tr/[a-z]/[A-Z]/; + + $xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags"; + + } + elsif (/^--with-krb5-flavor=(.*)$/) + { + my $krb5_flavor = $1; + if ($krb5_flavor =~ /^force-[Hh]eimdal$/) + { + $xcflags="-DKRB5_HEIMDAL $xcflags"; + } + elsif ($krb5_flavor =~ /^MIT/i) + { + $xcflags="-DKRB5_MIT $xcflags"; + if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i) + { + $xcflags="-DKRB5_MIT_OLD11 $xcflags" + } + } + } elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; } elsif (/^-[lL].*$/) { $l_flags.="$_ "; } elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/) @@ -902,3 +1465,31 @@ sub read_options else { return(0); } return(1); } + +sub fipslib_error + { + print STDERR "***FIPS module directory sanity check failed***\n"; + print STDERR "FIPS module build failed, or was deleted\n"; + print STDERR "Please rebuild FIPS module.\n"; + exit 1; + } + +sub fips_check_files + { + my $dir = shift @_; + my $ret = 1; + if (!-d $dir) + { + print STDERR "FIPS module directory $dir does not exist\n"; + fipslib_error(); + } + foreach (@_) + { + if (!-f "$dir${o}$_") + { + print STDERR "FIPS module file $_ does not exist!\n"; + $ret = 0; + } + } + fipslib_error() if ($ret == 0); + }