X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=util%2Fmkdef.pl;h=d7baf8aa050378a685fc9c602141a8f3a5ab4259;hp=b54c925c4c5014dfc8ee3152f401248e68eb92c9;hb=8d2214c0a49584044d96b80e846ac8f6df35a0ad;hpb=74656a82e606d7b4924166d459d18677ea83f9d8 diff --git a/util/mkdef.pl b/util/mkdef.pl index b54c925c4c..d7baf8aa05 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -24,7 +24,7 @@ # existence:platform:kind:algorithms # # - "existence" can be "EXIST" or "NOEXIST" depending on if the symbol is -# found somewhere in the source, +# found somewhere in the source, # - "platforms" is empty if it exists on all platforms, otherwise it contains # comma-separated list of the platform, just as they are if the symbol exists # for those platforms, or prepended with a "!" if not. This helps resolve @@ -48,6 +48,10 @@ use lib "."; use configdata; use File::Spec::Functions; +use File::Basename; +use FindBin; +use lib "$FindBin::Bin/perl"; +use OpenSSL::Glob; my $debug=0; @@ -63,11 +67,10 @@ my $do_ctest = 0; my $do_ctestall = 0; my $do_checkexist = 0; -my $VMSVAX=0; -my $VMSNonVAX=0; my $VMS=0; my $W32=0; my $NT=0; +my $UNIX=0; my $linux=0; # Set this to make typesafe STACK definitions appear in DEF my $safe_stack_def = 0; @@ -75,13 +78,14 @@ my $safe_stack_def = 0; my @known_platforms = ( "__FreeBSD__", "PERL5", "EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32" ); -my @known_ossl_platforms = ( "VMS", "WIN32", "WINNT", "OS2" ); +my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" ); my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", "SHA256", "SHA512", "RMD160", "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M", - "HMAC", "AES", "CAMELLIA", "SEED", "GOST", + "HMAC", "AES", "CAMELLIA", "SEED", "GOST", "ARIA", "SCRYPT", "CHACHA", "POLY1305", "BLAKE2", + "SIPHASH", # EC_NISTP_64_GCC_128 "EC_NISTP_64_GCC_128", # Envelope "algorithms" @@ -115,6 +119,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "DEPRECATEDIN_0_9_8", "DEPRECATEDIN_1_0_0", "DEPRECATEDIN_1_1_0", + "DEPRECATEDIN_1_2_0", # SCTP "SCTP", # SRTP @@ -124,7 +129,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", # Unit testing "UNIT_TEST", # User Interface - "UI", + "UI_CONSOLE", # "TS", # OCB mode @@ -142,6 +147,14 @@ foreach (@known_algorithms) { # disabled by default $disabled_algorithms{"STATIC_ENGINE"} = 1; +my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api}); +foreach (keys %disabled_algorithms) { + if (/^DEPRECATEDIN_(\d+)_(\d+)_(\d+)$/) { + my $depv = sprintf "%x%02x%02x", $1, $2, $3; + $disabled_algorithms{$_} = 1 if $apiv ge $depv; + } +} + my $zlib; foreach (@ARGV, split(/ /, $config{options})) @@ -153,18 +166,11 @@ foreach (@ARGV, split(/ /, $config{options})) $W32 = 1; $NT = 1; } - if ($_ eq "VMS-VAX") { - $VMS=1; - $VMSVAX=1; - } - if ($_ eq "VMS-NonVAX") { - $VMS=1; - $VMSNonVAX=1; - } if ($_ eq "linux") { $linux=1; + $UNIX=1; } - $VMS=$VMSNonVAX=1 if $_ eq "VMS"; + $VMS=1 if $_ eq "VMS"; if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic" || $_ eq "enable-zlib-dynamic") { $zlib = 1; @@ -172,7 +178,7 @@ foreach (@ARGV, split(/ /, $config{options})) $do_ssl=1 if $_ eq "libssl"; if ($_ eq "ssl") { - $do_ssl=1; + $do_ssl=1; $libname=$_ } $do_crypto=1 if $_ eq "libcrypto"; @@ -185,25 +191,9 @@ foreach (@ARGV, split(/ /, $config{options})) $do_ctest=1 if $_ eq "ctest"; $do_ctestall=1 if $_ eq "ctestall"; $do_checkexist=1 if $_ eq "exist"; - if (/^--api=(\d+)\.(\d+)\.(\d+)$/) { - my $apiv = sprintf "%x%02x%02x", $1, $2, $3; - foreach (keys %disabled_algorithms) { - if (/^DEPRECATEDIN_(\d+)_(\d+)_(\d+)$/) { - my $depv = sprintf "%x%02x%02x", $1, $2, $3; - $disabled_algorithms{$_} = 1 if $apiv ge $depv; - } - } - } - if (/^no-deprecated$/) { - foreach (keys %disabled_algorithms) { - if (/^DEPRECATEDIN_/) { - $disabled_algorithms{$_} = 1; - } - } - } - elsif (/^(enable|disable|no)-(.*)$/) { + if (/^(enable|disable|no)-(.*)$/) { my $alg = uc $2; - $alg =~ tr/-/_/; + $alg =~ tr/-/_/; if (exists $disabled_algorithms{$alg}) { $disabled_algorithms{$alg} = $1 eq "enable" ? 0 : 1; } @@ -211,7 +201,7 @@ foreach (@ARGV, split(/ /, $config{options})) } -if (!$libname) { +if (!$libname) { if ($do_ssl) { $libname="LIBSSL"; } @@ -239,74 +229,30 @@ $max_ssl = $max_num; $max_crypto = $max_num; my $ssl="include/openssl/ssl.h"; +$ssl.=" include/openssl/sslerr.h"; $ssl.=" include/openssl/tls1.h"; $ssl.=" include/openssl/srtp.h"; +# When scanning include/openssl, skip all SSL files and some internal ones. +my %skipthese; +foreach my $f ( split(/\s+/, $ssl) ) { + $skipthese{$f} = 1; +} +$skipthese{'include/openssl/conf_api.h'} = 1; +$skipthese{'include/openssl/ebcdic.h'} = 1; +$skipthese{'include/openssl/opensslconf.h'} = 1; + # We use headers found in include/openssl and include/internal only. # The latter is needed so libssl.so/.dll/.exe can link properly. -my $crypto ="include/openssl/crypto.h"; +my $crypto ="include/internal/dso.h"; $crypto.=" include/internal/o_dir.h"; $crypto.=" include/internal/o_str.h"; $crypto.=" include/internal/err.h"; -$crypto.=" include/openssl/des.h" ; # unless $no_des; -$crypto.=" include/openssl/idea.h" ; # unless $no_idea; -$crypto.=" include/openssl/rc4.h" ; # unless $no_rc4; -$crypto.=" include/openssl/rc5.h" ; # unless $no_rc5; -$crypto.=" include/openssl/rc2.h" ; # unless $no_rc2; -$crypto.=" include/openssl/blowfish.h" ; # unless $no_bf; -$crypto.=" include/openssl/cast.h" ; # unless $no_cast; -$crypto.=" include/openssl/whrlpool.h" ; -$crypto.=" include/openssl/md2.h" ; # unless $no_md2; -$crypto.=" include/openssl/md4.h" ; # unless $no_md4; -$crypto.=" include/openssl/md5.h" ; # unless $no_md5; -$crypto.=" include/openssl/mdc2.h" ; # unless $no_mdc2; -$crypto.=" include/openssl/sha.h" ; # unless $no_sha; -$crypto.=" include/openssl/ripemd.h" ; # unless $no_ripemd; -$crypto.=" include/openssl/aes.h" ; # unless $no_aes; -$crypto.=" include/openssl/camellia.h" ; # unless $no_camellia; -$crypto.=" include/openssl/seed.h"; # unless $no_seed; - -$crypto.=" include/openssl/bn.h"; -$crypto.=" include/openssl/rsa.h" ; # unless $no_rsa; -$crypto.=" include/openssl/dsa.h" ; # unless $no_dsa; -$crypto.=" include/openssl/dh.h" ; # unless $no_dh; -$crypto.=" include/openssl/ec.h" ; # unless $no_ec; -$crypto.=" include/openssl/hmac.h" ; # unless $no_hmac; -$crypto.=" include/openssl/cmac.h" ; - -$crypto.=" include/openssl/engine.h"; # unless $no_engine; -$crypto.=" include/openssl/stack.h" ; # unless $no_stack; -$crypto.=" include/openssl/buffer.h" ; # unless $no_buffer; -$crypto.=" include/openssl/bio.h" ; # unless $no_bio; -$crypto.=" include/internal/dso.h" ; # unless $no_dso; -$crypto.=" include/openssl/lhash.h" ; # unless $no_lhash; -$crypto.=" include/openssl/conf.h"; -$crypto.=" include/openssl/txt_db.h"; - -$crypto.=" include/openssl/evp.h" ; # unless $no_evp; -$crypto.=" include/openssl/objects.h"; -$crypto.=" include/openssl/pem.h"; -#$crypto.=" include/openssl/meth.h"; -$crypto.=" include/openssl/asn1.h"; -$crypto.=" include/openssl/asn1t.h"; -$crypto.=" include/openssl/err.h" ; # unless $no_err; -$crypto.=" include/openssl/pkcs7.h"; -$crypto.=" include/openssl/pkcs12.h"; -$crypto.=" include/openssl/x509.h"; -$crypto.=" include/openssl/x509_vfy.h"; -$crypto.=" include/openssl/x509v3.h"; -$crypto.=" include/openssl/ts.h"; -$crypto.=" include/openssl/rand.h"; -$crypto.=" include/openssl/comp.h" ; # unless $no_comp; -$crypto.=" include/openssl/ocsp.h"; -$crypto.=" include/openssl/ui.h"; -#$crypto.=" include/openssl/store.h"; -$crypto.=" include/openssl/cms.h"; -$crypto.=" include/openssl/srp.h"; -$crypto.=" include/openssl/modes.h"; -$crypto.=" include/openssl/async.h"; -$crypto.=" include/openssl/ct.h"; -$crypto.=" include/openssl/kdf.h"; +$crypto.=" include/internal/rand.h"; +foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) { + my $fn = "include/openssl/" . lc(basename($f)); + $crypto .= " $fn" if !defined $skipthese{$fn} && $f !~ m@/[a-z]+err\.h$@; +} my $symhacks="include/openssl/symhacks.h"; @@ -339,7 +285,7 @@ if($do_crypto == 1) { } &update_numbers(*OUT,"LIBCRYPTO",*crypto_list,$max_crypto,@crypto_symbols); close OUT; -} +} } elsif ($do_checkexist) { &check_existing(*ssl_list, @ssl_symbols) @@ -396,13 +342,14 @@ sub do_defs { my $fn = catfile($config{sourcedir},$file); print STDERR "DEBUG: starting on $fn:\n" if $debug; - open(IN,"<$fn") || die "unable to open $fn:$!\n"; + open(IN,"<$fn") || die "Can't open $fn, $!,"; my $line = "", my $def= ""; my %tag = ( (map { $_ => 0 } @known_platforms), (map { "OPENSSL_SYS_".$_ => 0 } @known_ossl_platforms), (map { "OPENSSL_NO_".$_ => 0 } @known_algorithms), (map { "OPENSSL_USE_".$_ => 0 } @known_algorithms), + (grep /^DEPRECATED_/, @known_algorithms), NOPROTO => 0, PERL5 => 0, _WINDLL => 0, @@ -515,7 +462,22 @@ sub do_defs s/{[^{}]*}//gs; # ignore {} blocks print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne ""; print STDERR "DEBUG: \$_=\"$_\"\n" if $debug; - if (/^\#\s*ifndef\s+(.*)/) { + if (/^\#\s*if\s+OPENSSL_API_COMPAT\s*(\S)\s*(0x[0-9a-fA-F]{8})L\s*$/) { + my $op = $1; + my $v = hex($2); + if ($op ne '<' && $op ne '>=') { + die "$file unacceptable operator $op: $_\n"; + } + my ($one, $major, $minor) = + ( ($v >> 28) & 0xf, + ($v >> 20) & 0xff, + ($v >> 12) & 0xff ); + my $t = "DEPRECATEDIN_${one}_${major}_${minor}"; + push(@tag,"-"); + push(@tag,$t); + $tag{$t}=($op eq '<' ? 1 : -1); + print STDERR "DEBUG: $file: found tag $t = $tag{$t}\n" if $debug; + } elsif (/^\#\s*ifndef\s+(.*)/) { push(@tag,"-"); push(@tag,$1); $tag{$1}=-1; @@ -646,6 +608,9 @@ sub do_defs , grep(!/^$/, map { $tag{"OPENSSL_USE_".$_} == 1 ? $_ : "" } @known_algorithms); + push @current_algorithms, + grep { /^DEPRECATEDIN_/ && $tag{$_} == 1 } + @known_algorithms; $def .= "#INFO:" .join(',',@current_platforms).":" @@ -980,19 +945,6 @@ sub do_defs $platform{"PEM_write_NS_CERT_SEQ"} = "VMS"; $platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS"; $platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS"; - $platform{"EVP_sha384"} = "!VMSVAX"; - $platform{"EVP_sha512"} = "!VMSVAX"; - $platform{"SHA384_Init"} = "!VMSVAX"; - $platform{"SHA384_Transform"} = "!VMSVAX"; - $platform{"SHA384_Update"} = "!VMSVAX"; - $platform{"SHA384_Final"} = "!VMSVAX"; - $platform{"SHA384"} = "!VMSVAX"; - $platform{"SHA512_Init"} = "!VMSVAX"; - $platform{"SHA512_Transform"} = "!VMSVAX"; - $platform{"SHA512_Update"} = "!VMSVAX"; - $platform{"SHA512_Final"} = "!VMSVAX"; - $platform{"SHA512"} = "!VMSVAX"; - # Info we know about @@ -1117,17 +1069,15 @@ sub is_valid if ($platforms) { # platforms - if ($keyword eq "VMSVAX" && $VMSVAX) { return 1; } - if ($keyword eq "VMSNonVAX" && $VMSNonVAX) { return 1; } + if ($keyword eq "UNIX" && $UNIX) { return 1; } if ($keyword eq "VMS" && $VMS) { return 1; } if ($keyword eq "WIN32" && $W32) { return 1; } if ($keyword eq "_WIN32" && $W32) { return 1; } if ($keyword eq "WINNT" && $NT) { return 1; } # Special platforms: # EXPORT_VAR_AS_FUNCTION means that global variables - # will be represented as functions. This currently - # only happens on VMS-VAX. - if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32)) { + # will be represented as functions. + if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && $W32) { return 1; } if ($keyword eq "ZLIB" && $zlib) { return 1; } @@ -1266,7 +1216,6 @@ EOF if(!$do_update); } else { (my $n, my $symversion, my $dummy) = split /\\/, $nums{$s}; - next if $symversion ne $thisversion; my %pf = (); my $p = ($i =~ /^[^:]*:([^:]*):/,$1); my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1); @@ -1279,6 +1228,7 @@ EOF } $prev = $s2; # To warn about duplicates... if($linux) { + next if $symversion ne $thisversion; if ($symversion ne $prevsymversion) { if ($prevsymversion ne "") { if ($prevprevsymversion ne "") { @@ -1334,7 +1284,7 @@ EOF } } } - } while ($thisversion ne $currversion); + } while ($linux && $thisversion ne $currversion); if ($linux) { if ($prevprevsymversion ne "") { print OUT " local: *;\n} OPENSSL_$prevprevsymversion;\n\n"; @@ -1630,8 +1580,7 @@ sub check_version_lte() if ($cvnums ne $tvnums) { die "Invalid version number: $testversion " ."for current version $currversion\n" - if (substr($cvnums, -1) < substr($tvnums, -1) - || substr($cvnums, 0, 4) ne substr($tvnums, 0, 4)); + if (substr($cvnums, 0, 4) ne substr($tvnums, 0, 4)); return; } #If we get here then the base version (i.e. the numbers) are the same - they