util/mkdef.pl: Trust configdata.pm

This script kept its own database of disablable algorithms, which is a
maintenance problem, as it's not always perfectly in sync with what
Configure does.  However, we do have all the data in configdata.pm,
produced by Configure, so let's use that instead.

Also, make sure to parse the *err.h header files, as they contain
function declarations that might not be present elsewhere.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5157)

diff --git a/util/mkdef.pl b/util/mkdef.pl
index 98cdae537c45cbdbc64b9f9b4cac43e58919c480..72d1c8f4677ddd68189a7952c3cd624879f6ed2f 100755 (executable)
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -133,73 +133,23 @@ my @known_platforms = ( "__FreeBSD__", "PERL5",
                        "EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32"
                        );
 my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" );
                        "EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32"
                        );
 my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" );

-my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
-                        "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
-                        "SHA256", "SHA512", "RMD160",
-                        "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M",
-                        "HMAC", "AES", "CAMELLIA", "SEED", "GOST", "ARIA", "SM4",
-                         "SCRYPT", "CHACHA", "POLY1305", "BLAKE2",
-                        "SIPHASH", "SM3",
-                        # EC_NISTP_64_GCC_128
-                        "EC_NISTP_64_GCC_128",
-                        # Envelope "algorithms"
-                        "EVP", "X509", "ASN1_TYPEDEFS",
-                        # Helper "algorithms"
-                        "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
-                        "LOCKING",
-                        # External "algorithms"
-                        "FP_API", "STDIO", "SOCK", "DGRAM",
-                         "CRYPTO_MDEBUG",
-                        # Engines
-                         "STATIC_ENGINE", "ENGINE", "HW", "GMP",
-                        # Entropy Gathering
-                        "EGD",
-                        # Certificate Transparency
-                        "CT",
-                        # RFC3779
-                        "RFC3779",
-                        # TLS
-                        "PSK", "SRP", "HEARTBEATS",
-                        # CMS
-                        "CMS",
-                         "OCSP",
-                        # CryptoAPI Engine
-                        "CAPIENG",
-                        # SSL methods
-                        "SSL3_METHOD", "TLS1_METHOD", "TLS1_1_METHOD", "TLS1_2_METHOD", "DTLS1_METHOD", "DTLS1_2_METHOD",
-                        # NEXTPROTONEG
-                        "NEXTPROTONEG",
-                        # Deprecated functions
+my @known_algorithms = ( # These are algorithms we know are guarded in relevant
+                        # header files, but aren't actually disablable.
+                        # Without these, this script will warn a lot.
+                        "RSA", "MD5",
+                        # @disablables comes from configdata.pm
+                        map { (my $x = uc $_) =~ s|-|_|g; $x; } @disablables,
+                        # Deprecated functions.  Not really algorithmss, but
+                        # treated as such here for the sake of simplicity

                         "DEPRECATEDIN_0_9_8",
                         "DEPRECATEDIN_1_0_0",
                         "DEPRECATEDIN_1_1_0",
                         "DEPRECATEDIN_1_2_0",
                         "DEPRECATEDIN_0_9_8",
                         "DEPRECATEDIN_1_0_0",
                         "DEPRECATEDIN_1_1_0",
                         "DEPRECATEDIN_1_2_0",

-                        # SCTP
-                        "SCTP",
-                        # SRTP
-                        "SRTP",
-                        # SSL TRACE
-                        "SSL_TRACE",
-                        # Unit testing
-                        "UNIT_TEST",
-                        # User Interface
-                        "UI_CONSOLE",
-                        #
-                        "TS",
-                        # OCB mode
-                        "OCB",
-                        "CMAC",
-                         # APPLINK (win build feature?)
-                         "APPLINK"

                      );
 
                      );
 

-my %disabled_algorithms;
-
-foreach (@known_algorithms) {
-    $disabled_algorithms{$_} = 0;
-}
-# disabled by default
-$disabled_algorithms{"STATIC_ENGINE"} = 1;
+# %disabled comes from configdata.pm
+my %disabled_algorithms =
+    map { (my $x = uc $_) =~ s|-|_|g; $x => 1; } keys %disabled;

 
 my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api});
 foreach (keys %disabled_algorithms) {
 
 my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api});
 foreach (keys %disabled_algorithms) {


@@ -240,14 +190,6 @@ foreach (@ARGV, split(/ /, $config{options}))
        $do_ctest=1 if $_ eq "ctest";
        $do_ctestall=1 if $_ eq "ctestall";
        $do_checkexist=1 if $_ eq "exist";
        $do_ctest=1 if $_ eq "ctest";
        $do_ctestall=1 if $_ eq "ctestall";
        $do_checkexist=1 if $_ eq "exist";

-       if (/^(enable|disable|no)-(.*)$/) {
-               my $alg = uc $2;
-               $alg =~ tr/-/_/;
-               if (exists $disabled_algorithms{$alg}) {
-                       $disabled_algorithms{$alg} = $1 eq "enable" ? 0 : 1;
-               }
-       }
-

        }
 $libname = $unified_info{sharednames}->{libcrypto} if $do_crypto;
 $libname = $unified_info{sharednames}->{libssl} if $do_ssl;
        }
 $libname = $unified_info{sharednames}->{libcrypto} if $do_crypto;
 $libname = $unified_info{sharednames}->{libssl} if $do_ssl;


@@ -302,7 +244,7 @@ $crypto.=" include/internal/err.h";
 $crypto.=" include/internal/rand.h";
 foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) {
     my $fn = "include/openssl/" . lc(basename($f));
 $crypto.=" include/internal/rand.h";
 foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) {
     my $fn = "include/openssl/" . lc(basename($f));

-    $crypto .= " $fn" if !defined $skipthese{$fn} && $f !~ m@/[a-z]+err\.h$@;
+    $crypto .= " $fn" if !defined $skipthese{$fn};

 }
 
 my $symhacks="include/openssl/symhacks.h";
 }
 
 my $symhacks="include/openssl/symhacks.h";


@@ -1138,7 +1080,7 @@ sub is_valid
                        return 0;
                } else {
                        # algorithms
                        return 0;
                } else {
                        # algorithms

-                       if ($disabled_algorithms{$keyword} == 1) { return 0;}
+                       if ($disabled_algorithms{$keyword}) { return 0;}

 
                        # Nothing recognise as true
                        return 1;
 
                        # Nothing recognise as true
                        return 1;