openssl/Configure
Matt Caswell a8eda4312d Remove the GOST engine
The GOST engine is now out of date and is removed by this commit. An up
to date GOST engine is now being maintained in an external repository.

See:
https://wiki.openssl.org/index.php/Binaries

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-19 22:29:32 +00:00

2607 lines
76 KiB
Perl
Executable File

#! /usr/bin/env perl
# -*- mode: perl; -*-
##
## Configure -- OpenSSL source tree configuration script
## If editing this file, run this command before committing
## make -f Makefile.in TABLE
##
require 5.000;
use strict;
use File::Basename;
use File::Spec::Functions;
# see INSTALL for instructions.
my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n";
# Options:
#
# --config add the given configuration file, which will be read after
# any "Configurations*" files that are found in the same
# directory as this script.
# --openssldir install OpenSSL in OPENSSLDIR (Default: DIR/ssl if the
# --prefix option is given; /usr/local/ssl otherwise)
# --prefix prefix for the OpenSSL include, lib and bin directories
# (Default: the OPENSSLDIR directory)
#
# --install_prefix Additional prefix for package builders (empty by
# default). This needn't be set in advance, you can
# just as well use "make INSTALL_PREFIX=/whatever install".
#
# --test-sanity Make a number of sanity checks on the data in this file.
# This is a debugging tool for OpenSSL developers.
#
# --cross-compile-prefix Add specified prefix to binutils components.
#
# --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for
# interfaces deprecated as of the specified OpenSSL version.
#
# no-hw-xxx do not compile support for specific crypto hardware.
# Generic OpenSSL-style methods relating to this support
# are always compiled but return NULL if the hardware
# support isn't compiled.
# no-hw do not compile support for any crypto hardware.
# [no-]threads [don't] try to create a library that is suitable for
# multithreaded applications (default is "threads" if we
# know how to do it)
# [no-]shared [don't] try to create shared libraries when supported.
# no-asm do not use assembler
# no-dso do not compile in any native shared-library methods. This
# will ensure that all methods just return NULL.
# no-egd do not compile support for the entropy-gathering daemon APIs
# [no-]zlib [don't] compile support for zlib compression.
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
# sctp include SCTP support
# 386 generate 80386 code
# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
#
# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
# provided to stack calls. Generates unique stack functions for
# each possible stack type.
# DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
# DES_RISC1 use different DES_ENCRYPT macro that helps reduce register
# dependancies but needs to more registers, good for RISC CPU's
# DES_RISC2 A different RISC variant.
# DES_UNROLL unroll the inner DES loop, sometimes helps, somtimes hinders.
# DES_INT use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
# This is used on the DEC Alpha where long is 8 bytes
# and int is 4
# BN_LLONG use the type 'long long' in crypto/bn/bn.h
# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
# IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
# IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
# RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
# RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on
# array lookups instead of pointer use.
# RC4_CHUNK enables code that handles data aligned at long (natural CPU
# word) boundary.
# RC4_CHUNK_LL enables code that handles data aligned at long long boundary
# (intended for 64-bit CPUs running 32-bit OS).
# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
# BF_PTR2 intel specific version (generic version is more efficient).
#
# Following are set automatically by this script
#
# MD5_ASM use some extra md5 assember,
# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
# RMD160_ASM use some extra ripemd160 assember,
# SHA256_ASM sha256_block is implemented in assembler
# SHA512_ASM sha512_block is implemented in assembler
# AES_ASM ASE_[en|de]crypt is implemented in assembler
# Minimum warning options... any contributions to OpenSSL should at least get
# past these.
my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Werror -DREF_CHECK -DDEBUG_UNUSED";
# These are used in addition to $gcc_devteam_warn when the compiler is clang.
# TODO(openssl-team): fix problems and investigate if (at least) the
# following warnings can also be enabled:
# -Wswitch-enum, -Wunused-macros, -Wmissing-field-initializers,
# -Wcast-align,
# -Wunreachable-code -Wunused-parameter -Wlanguage-extension-token
# -Wextended-offsetof
my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Qunused-arguments -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations";
# Warn that "make depend" should be run?
my $warn_make_depend = 0;
# These are used in addition to $gcc_devteam_warn unless this is a mingw build.
# This adds backtrace information to the memory leak info.
my $memleak_devteam_backtrace = "-rdynamic -DCRYPTO_MDEBUG_BACKTRACE";
my $strict_warnings = 0;
my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
# MD2_CHAR slags pentium pros
my $x86_gcc_opts="RC4_INDEX MD2_INT";
#$bits1="SIXTEEN_BIT ";
#$bits2="THIRTY_TWO_BIT ";
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";
# As for $BSDthreads. Idea is to maintain "collective" set of flags,
# which would cover all BSD flavors. -pthread applies to them all,
# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r,
# which has to be accompanied by explicit -D_THREAD_SAFE and
# sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which
# seems to be sufficient?
my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
#
# API compability name to version number mapping.
#
my $maxapi = "1.1.0"; # API for "no-deprecated" builds
my $apitable = {
"1.1.0" => "0x10100000L",
"1.0.0" => "0x10000000L",
"0.9.8" => "0x00908000L",
};
# table of known configurations, read in from files
#
# The content of each entry can take one of two forms:
#
# - old style config-string, colon seperated fields with exactly the
# following structure.:
#
# $cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $ec_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $modes_obj : $engines_obj : $perlasm_scheme : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib
#
# We use the stringtohash function - defined below - to combine with the
# fields and form a proper hash table from the string.
#
# - direct transfer of old style config string to hash table, using the names
# of the fields as keys:
#
# {
# cc => $cc,
# cflags => $cflags,
# unistd => $unistd,
# thread_cflag => $thread_cflag,
# sys_id => $sys_id,
# lflags => $lflags,
# bn_ops => $bn_ops,
# cpuid_obj => $cpuid_obj,
# bn_obj => $bn_obj,
# ec_obj => $ec_obj,
# des_obj => $des_obj,
# aes_obj => $aes_obj,
# bf_obj => $bf_obj,
# md5_obj => $md5_obj,
# sha1_obj => $sha1_obj,
# cast_obj => $cast_obj,
# rc4_obj => $rc4_obj,
# rmd160_obj => $rmd160_obj,
# rc5_obj => $rc5_obj,
# wp_obj => $wp_obj,
# cmll_obj => $cmll_obj,
# modes_obj => $modes_obj,
# engines_obj => $engines_obj,
# perlasm_scheme => $perlasm_scheme,
# dso_scheme => $dso_scheme,
# shared_target => $shared_target,
# shared_cflag => $shared_cflag,
# shared_ldflag => $shared_ldflag,
# shared_extension => $shared_extension,
# ranlib => $ranlib,
# arflags => $arflags,
# multilib => $multilib
# }
#
# - new style config hash table, which has additional attributes for debug
# and non-debug flags to be added to the common flags, for cflags and lflags:
#
# {
# cc => $cc,
# cflags => $cflags,
# debug_cflags => $debug_cflags,
# release_cflags => $release_cflags,
# unistd => $unistd,
# thread_cflag => $thread_cflag,
# sys_id => $sys_id,
# lflags => $lflags,
# debug_lflags => $debug_lflags,
# release_lflags => $release_lflags,
# bn_ops => $bn_ops,
# cpuid_obj => $cpuid_obj,
# bn_obj => $bn_obj,
# ec_obj => $ec_obj,
# des_obj => $des_obj,
# aes_obj => $aes_obj,
# bf_obj => $bf_obj,
# md5_obj => $md5_obj,
# sha1_obj => $sha1_obj,
# cast_obj => $cast_obj,
# rc4_obj => $rc4_obj,
# rmd160_obj => $rmd160_obj,
# rc5_obj => $rc5_obj,
# wp_obj => $wp_obj,
# cmll_obj => $cmll_obj,
# modes_obj => $modes_obj,
# engines_obj => $engines_obj,
# chacha_obj => $wp_obj,
# poly1305_obj => $cmll_obj,
# dso_scheme => $dso_scheme,
# shared_target => $shared_target,
# shared_cflag => $shared_cflag,
# shared_ldflag => $shared_ldflag,
# shared_extension => $shared_extension,
# ranlib => $ranlib,
# arflags => $arflags,
# multilib => $multilib
# }
#
# The configuration reader will do what it can to translate everything into
# new style config hash tables, including merging $target and debug-$target
# if they are similar enough.
#
# The configuration hashes can refer to templates in two different manners:
#
# - as part of the hash, one can have a key called 'inherit_from' that
# indicate what other configuration hashes to inherit data from.
# These are resolved recursively.
#
# Inheritance works as a set of default values that can be overriden
# by corresponding attribute values in the inheriting configuration.
#
# If several configurations are given in the 'inherit_from' array, the
# values of same attribute are concatenated with space separation.
# With this, it's possible to have several smaller templates for
# different configuration aspects that can be combined into a complete
# configuration.
#
# Example:
#
# "foo" => {
# template => 1,
# haha => "haha",
# hoho => "ho"
# },
# "bar" => {
# template => 1,
# hoho => "ho",
# hehe => "hehe"
# },
# "laughter" => {
# inherit_from => [ "foo", "bar" ],
# }
#
# The entry for "foo" will become as follows after processing:
#
# "laughter" => {
# haha => "haha",
# hoho => "ho ho",
# hehe => "hehe"
# }
#
# Note 1: any entry from the table can be used as a template.
# Note 2: pure templates have the attribute 'template => 1' and cannot
# be used as targets.
#
# - instead of a string, one can have a code block of the form
# 'sub { /* your code here */ }', where the arguments are the list of
# inherited values for that key. In fact, the concatenation of strings
# is really done by using 'sub { join(" ",@_) }' on the list of inherited
# values.
#
# Example:
#
# "foo" => {
# template => 1,
# haha => "ha ha",
# hoho => "ho",
# ignored => "This should not appear in the end result",
# },
# "bar" => {
# template => 1,
# haha => "ah",
# hoho => "haho",
# hehe => "hehe"
# },
# "laughter" => {
# inherit_from => [ "foo", "bar" ],
# hehe => sub { join(" ",(@_,"!!!")) },
# ignored => "",
# }
#
# The entry for "foo" will become as follows after processing:
#
# "laughter" => {
# haha => "ha ha ah",
# hoho => "ho haho",
# hehe => "hehe !!!",
# ignored => ""
# }
#
my %table=(
# All these templates are merely a translation of the corresponding
# variables further up.
#
# Note: as long as someone might use old style configuration strings,
# or we bother supporting that, those variables need to stay
x86_asm => {
template => 1,
cpuid_obj => "x86cpuid.o",
bn_obj => "bn-586.o co-586.o x86-mont.o x86-gf2m.o",
ec_obj => "ecp_nistz256.o ecp_nistz256-x86.o",
des_obj => "des-586.o crypt586.o",
aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
bf_obj => "bf-586.o",
md5_obj => "md5-586.o",
sha1_obj => "sha1-586.o sha256-586.o sha512-586.o",
rc4_obj => "rc4-586.o",
rmd160_obj => "rmd-586.o",
rc5_obj => "rc5-586.o",
wp_obj => "wp_block.o wp-mmx.o",
cmll_obj => "cmll-x86.o",
modes_obj => "ghash-x86.o",
engines_obj => "e_padlock-x86.o"
},
x86_elf_asm => {
template => 1,
inherit_from => [ "x86_asm" ],
perlasm_scheme => "elf"
},
x86_64_asm => {
template => 1,
cpuid_obj => "x86_64cpuid.o",
bn_obj => "x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o",
ec_obj => "ecp_nistz256.o ecp_nistz256-x86_64.o",
aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
md5_obj => "md5-x86_64.o",
sha1_obj => "sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o",
rc4_obj => "rc4-x86_64.o rc4-md5-x86_64.o",
wp_obj => "wp-x86_64.o",
cmll_obj => "cmll-x86_64.o cmll_misc.o",
modes_obj => "ghash-x86_64.o aesni-gcm-x86_64.o",
engines_obj => "e_padlock-x86_64.o"
},
ia64_asm => {
template => 1,
cpuid_obj => "ia64cpuid.o",
bn_obj => "bn-ia64.o ia64-mont.o",
aes_obj => "aes_core.o aes_cbc.o aes-ia64.o",
md5_obj => "md5-ia64.o",
sha1_obj => "sha1-ia64.o sha256-ia64.o sha512-ia64.o",
rc4_obj => "rc4-ia64.o rc4_skey.o",
modes_obj => "ghash-ia64.o",
perlasm_scheme => "void"
},
sparcv9_asm => {
template => 1,
cpuid_obj => "sparcv9cap.o sparccpuid.o",
bn_obj => "bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o",
ec_obj => "ecp_nistz256.o ecp_nistz256-sparcv9.o",
des_obj => "des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o",
aes_obj => "aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o",
md5_obj => "md5-sparcv9.o",
sha1_obj => "sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o",
cmll_obj => "camellia.o cmll_misc.o cmll_cbc.o cmllt4-sparcv9.o",
modes_obj => "ghash-sparcv9.o",
perlasm_scheme => "void"
},
sparcv8_asm => {
template => 1,
cpuid_obj => "",
bn_obj => "sparcv8.o",
des_obj => "des_enc-sparc.o fcrypt_b.o",
perlasm_scheme => "void"
},
alpha_asm => {
template => 1,
cpuid_obj => "alphacpuid.o",
bn_obj => "bn_asm.o alpha-mont.o",
sha1_obj => "sha1-alpha.o",
modes_obj => "ghash-alpha.o",
perlasm_scheme => "void"
},
mips32_asm => {
template => 1,
bn_obj => "bn-mips.o mips-mont.o",
aes_obj => "aes_cbc.o aes-mips.o",
sha1_obj => "sha1-mips.o sha256-mips.o",
},
mips64_asm => {
inherit_from => [ "mips32_asm" ],
template => 1,
sha1_obj => sub { join(" ", @_, "sha512-mips.o") }
},
s390x_asm => {
template => 1,
cpuid_obj => "s390xcap.o s390xcpuid.o",
bn_obj => "bn-s390x.o s390x-mont.o s390x-gf2m.o",
aes_obj => "aes-s390x.o aes-ctr.o aes-xts.o",
sha1_obj => "sha1-s390x.o sha256-s390x.o sha512-s390x.o",
rc4_obj => "rc4-s390x.o",
modes_obj => "ghash-s390x.o",
},
armv4_asm => {
template => 1,
cpuid_obj => "armcap.o armv4cpuid.o",
bn_obj => "bn_asm.o armv4-mont.o armv4-gf2m.o",
ec_obj => "ecp_nistz256.o ecp_nistz256-armv4.o",
aes_obj => "aes_cbc.o aes-armv4.o bsaes-armv7.o aesv8-armx.o",
sha1_obj => "sha1-armv4-large.o sha256-armv4.o sha512-armv4.o",
modes_obj => "ghash-armv4.o ghashv8-armx.o",
perlasm_scheme => "void"
},
aarch64_asm => {
template => 1,
cpuid_obj => "armcap.o arm64cpuid.o mem_clr.o",
ec_obj => "ecp_nistz256.o ecp_nistz256-armv8.o",
bn_obj => "bn_asm.o armv8-mont.o",
aes_obj => "aes_core.o aes_cbc.o aesv8-armx.o vpaes-armv8.o",
sha1_obj => "sha1-armv8.o sha256-armv8.o sha512-armv8.o",
modes_obj => "ghashv8-armx.o",
},
parisc11_asm => {
template => 1,
cpuid_obj => "pariscid.o",
bn_obj => "bn_asm.o parisc-mont.o",
aes_obj => "aes_core.o aes_cbc.o aes-parisc.o",
sha1_obj => "sha1-parisc.o sha256-parisc.o sha512-parisc.o",
rc4_obj => "rc4-parisc.o",
modes_obj => "ghash-parisc.o",
perlasm_scheme => "32"
},
parisc20_64_asm => {
template => 1,
inherit_from => [ "parisc11_asm" ],
bn_obj => sub { my $r=join(" ",@_); $r=~s/bn_asm/pa-risc2W/; $r; },
perlasm_scheme => "64",
},
ppc64_asm => {
template => 1,
cpuid_obj => "ppccpuid.o ppccap.o",
bn_obj => "bn-ppc.o ppc-mont.o ppc64-mont.o",
aes_obj => "aes_core.o aes_cbc.o aes-ppc.o vpaes-ppc.o aesp8-ppc.o",
sha1_obj => "sha1-ppc.o sha256-ppc.o sha512-ppc.o sha256p8-ppc.o sha512p8-ppc.o",
modes_obj => "ghashp8-ppc.o",
},
ppc32_asm => {
inherit_from => [ "ppc64_asm" ],
template => 1
},
);
{ my $no_asm_templates=0;
foreach (@ARGV) { $no_asm_templates=1 if (/^\-?no\-asm$/); }
sub asm { $no_asm_templates?():@_; }
}
sub stringtohash {
my $in = shift @_;
if (ref($in) eq "HASH") {
return $in;
}
my @stringsequence = (
"cc",
"cflags",
"unistd",
"thread_cflag",
"sys_id",
"lflags",
"bn_ops",
"cpuid_obj",
"bn_obj",
"ec_obj",
"des_obj",
"aes_obj",
"bf_obj",
"md5_obj",
"sha1_obj",
"cast_obj",
"rc4_obj",
"rmd160_obj",
"rc5_obj",
"wp_obj",
"cmll_obj",
"modes_obj",
"engines_obj",
"perlasm_scheme",
"dso_scheme",
"shared_target",
"shared_cflag",
"shared_ldflag",
"shared_extension",
"ranlib",
"arflags",
"multilib",
);
# return a ref to a hash, that's what the outer braces are for.
return { map { shift @stringsequence => $_ } split /:/, $in };
};
# Read configuration target stanzas from a file, so that people can have
# local files with their own definitions
sub read_config {
my $fname = shift;
open(CONFFILE, "< $fname")
or die "Can't open configuration file '$fname'!\n";
my $x = $/;
undef $/;
my $content = <CONFFILE>;
$/ = $x;
close(CONFFILE);
my %targets = ();
eval $content;
# Make sure we have debug- targets first
my @keys =
sort {
my $a_nd = $a =~ m/^debug-/ ? $' :$a;
my $b_nd = $b =~ m/^debug-/ ? $' :$b;
my $res = 0;
if (($a_nd == $a) == ($b_nd == $b)) {
# they are both debug- or not, compare them as they are
$res = $a cmp $b;
} elsif ($a_nd != $a) {
# $a is debug-, make it lesser
$res = -1;
} else {
# $b is debug-, make $a greater
$res = 1;
}
$res;
} keys %targets;
foreach (@keys) {
if (ref($targets{$_}) ne "HASH") {
# Value is assumed to be a string. Split it up to
# become a hash table of parameters. Also, try to
# merge debug- variants with the non-debug target.
# Start with converting the value from a string to a
# standardised hash of fields. Using $tohash is safe,
# if the input is already a hash ref, it's just returned
# back.
$targets{$_} = stringtohash($targets{$_});
# If the current target is a debug target, there might
# be a corresponding non-debug target that we can merge
# with. If it isn't a debug- target, we've already done
# as much merging as we can and do not need to bother
# with that any more.
if ($_ =~ m/^debug-/) {
my $debugkey = $_;
my $nondebugkey = $';
my $debug = $targets{$debugkey};
my $nondebug;
if ($targets{$nondebugkey}) {
$nondebug = stringtohash($targets{$nondebugkey});
}
if ($nondebug) {
# There's both a debug and non-debug variant of
# this target, so we should try to merge them
# together.
# First, check that the non-debug variant isn't
# already built up with all it should have.
if ($nondebug->{debug_cflags}
|| $nondebug->{release_cflags}
|| $nondebug->{debug_lflags}
|| $nondebug->{release_lflags}) {
warn "there's a debug target $debugkey to be merged with a target $nondebugkey, but the latter seems to already have both nodebug and debug information. This requires human intervention. Skipping $debugkey...";
next;
}
# Now, check similarity.
# For keys they have in common, support that
# cflags and lflags can differ, otherwise they
# must have exactly the same values for them
# to be merged into one.
my $similarenough = 1;
for (keys %{$debug}) {
if ($nondebug->{$_} ne $debug->{$_}
&& $_ !~ m/^[cl]flags$/) {
$similarenough = 0;
last;
}
}
if ($similarenough) {
# Here's where the magic happens, split the
# options in the debug and non-debug variants
# cflags and ldflags into three strings each,
# one with common flags, one with extra debug
# flags and one with extra non-debug flags.
# The result ends up in %h_nondebug, which
# becomes the merged variant when we're done.
# for each of cflags and lflags, they are
# replaced with cflags, debug_cflags,
# release_cflags and similar for lflags.
#
# The purpose is that 'cflags' should be
# used together with 'debug_cflags' or
# 'release_cflags' depending on what the
# user asks for.
foreach (("cflags", "lflags")) {
my @list_d = split /\s+/, $debug->{$_};
my @list_nd = split /\s+/, $nondebug->{$_};
my %presence = (); # bitmap
# 1: present in @list_d
# 2: present in @list_nd
# 3: present in both
map { $presence{$_} += 1; } @list_d;
map { $presence{$_} += 2; } @list_nd;
delete $nondebug->{$_};
# Note: we build from the original lists to
# preserve order, it might be important
$nondebug->{"debug-".$_} =
join(" ",
grep { $presence{$_} == 1 } @list_d);
$nondebug->{"nodebug-".$_} =
join(" ",
grep { $presence{$_} == 2 } @list_nd);
$nondebug->{$_} =
join(" ",
grep { $presence{$_} == 3 } @list_d);
}
$targets{$nondebugkey} = $nondebug;
delete $targets{$debugkey};
}
}
}
}
}
%table = (%table, %targets);
# Local function to resolve inheritance
my $resolve_inheritance;
$resolve_inheritance =
sub {
my $target = shift;
my @breadcrumbs = @_;
if (grep { $_ eq $target } @breadcrumbs) {
die "inherit_from loop! target backtrace:\n "
,$target,"\n ",join("\n ", @breadcrumbs),"\n";
}
# Recurse through all inheritances. They will be resolved on
# the fly, so when this operation is done, they will all just
# be a bunch of attributes with string values.
# What we get here, though, are keys with references to lists
# of the combined values of them all. We will deal with lists
# after this stage is done.
my %combined_inheritance = ();
if ($table{$target}->{inherit_from}) {
foreach (@{$table{$target}->{inherit_from}}) {
my %inherited_config =
$resolve_inheritance->($_, $target, @breadcrumbs);
# 'template' is a marker that's considered private to
# the config that had it.
delete $inherited_config{template};
map {
if (!$combined_inheritance{$_}) {
$combined_inheritance{$_} = [];
}
push @{$combined_inheritance{$_}}, $inherited_config{$_};
} keys %inherited_config;
}
}
# We won't need inherit_from in this target any more, since
# we've resolved all the inheritances that lead to this
delete $table{$target}->{inherit_from};
# Now is the time to deal with those lists. Here's the place
# to decide what shall be done with those lists, all based on
# the values of the target we're currently dealing with.
# - If a value is a coderef, it will be executed with the list
# of inherited values as arguments.
# - If the corresponding key doesn't have a value at all or is
# the emoty string, the inherited value list will be run
# through the default combiner (below), and the result
# becomes this target's value.
# - Otherwise, this target's value is assumed to be a string
# that will simply override the inherited list of values.
my $default_combiner = sub { join(' ',@_) };
my %all_keys =
map { $_ => 1 } (keys %combined_inheritance,
keys %{$table{$target}});
foreach (sort keys %all_keys) {
# Current target doesn't have a value for the current key?
# Assign it the default combiner, the rest of this loop
# body will handle it just like any other coderef.
if (!exists $table{$target}->{$_}) {
$table{$target}->{$_} = $default_combiner;
}
my $valuetype = ref($table{$target}->{$_});
if ($valuetype eq "CODE") {
# CODE reference, execute it with the inherited values
# as arguments.
$table{$target}->{$_} =
$table{$target}->{$_}->(@{$combined_inheritance{$_}});
} elsif ($valuetype eq "") {
# Scalar, just leave it as is.
} else {
# Some other type of reference that we don't handle.
# Better to abort at this point.
die "cannot handle reference type $valuetype,"
," found in target $target -> $_\n";
}
}
# Finally done, return the result.
%{$table{$target}};
};
# Go through all new targets and resolve inheritance and template
# references.
foreach (keys %targets) {
# We're ignoring the returned values here, they are only valuable
# to the inner recursion of this function.
$resolve_inheritance->($_);
}
}
my ($vol, $dir, $dummy) = File::Spec->splitpath($0);
my $pattern = File::Spec->catpath($vol, $dir, "Configurations/*.conf");
foreach (sort glob($pattern) ) {
&read_config($_);
}
my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
debug-VC-WIN64I debug-VC-WIN64A
VC-NT VC-CE VC-WIN32 debug-VC-WIN32
BC-32
netware-clib netware-clib-bsdsock
netware-libc netware-libc-bsdsock);
my $prefix="";
my $libdir="";
my $openssldir="";
my $exe_ext="";
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
my $cross_compile_prefix="";
my $fipslibdir="/usr/local/ssl/fips-2.0/lib/";
my $nofipscanistercheck=0;
my $baseaddr="0xFB00000";
my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
my $no_rfc3779=0;
my $no_asm=0;
my $no_dso=0;
my @skip=();
my $Makefile="Makefile";
my $des_locl="crypto/des/des_locl.h";
my $des ="include/openssl/des.h";
my $bn ="include/openssl/bn.h";
my $md2 ="include/openssl/md2.h";
my $rc4 ="include/openssl/rc4.h";
my $rc4_locl="crypto/rc4/rc4_locl.h";
my $idea ="include/openssl/idea.h";
my $rc2 ="include/openssl/rc2.h";
my $bf ="crypto/bf/bf_locl.h";
my $bn_asm ="bn_asm.o";
my $des_enc="des_enc.o fcrypt_b.o";
my $aes_enc="aes_core.o aes_cbc.o";
my $bf_enc ="bf_enc.o";
my $cast_enc="c_enc.o";
my $rc4_enc="rc4_enc.o rc4_skey.o";
my $rc5_enc="rc5_enc.o";
my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
my $chacha_enc="chacha_enc.o";
my $processor="";
my $default_ranlib;
my $perl;
my $fips=0;
# Known TLS and DTLS protocols
my @tls = qw(ssl3 tls1 tls1_1 tls1_2);
my @dtls = qw(dtls1 dtls1_2);
# Explicitelly known options that are possible to disable. They can
# be regexps, and will be used like this: /^no-${option}$/
# For developers: keep it sorted alphabetically
my @disablables = (
"aes",
"asm",
"bf",
"camellia",
"capieng",
"cast",
"chacha",
"cmac",
"cms",
"comp",
"crypto-mdebug",
"ct",
"deprecated",
"des",
"dgram",
"dh",
"dsa",
"dso",
"dtls",
"dynamic[-_]engine",
"ec",
"ec2m",
"ecdh",
"ecdsa",
"ec_nistp_64_gcc_128",
"engine",
"err", # Really???
"gost",
"heartbeats",
"hmac",
"hw(-.+)?",
"idea",
"jpake",
"locking", # Really???
"md2",
"md4",
"md5",
"mdc2",
"md[-_]ghost94",
"nextprotoneg",
"ocb",
"ocsp",
"poly1305",
"posix-io",
"psk",
"rc2",
"rc4",
"rc5",
"rdrand",
"rfc3779",
"rijndael", # Old AES name
"rmd160",
"rsa",
"scrypt",
"sct",
"sctp",
"seed",
"sha",
"shared",
"sock",
"srp",
"srtp",
"sse2",
"ssl",
"ssl-trace",
"static-engine",
"stdio",
"store",
"threads",
"tls",
"unit-test",
"whirlpool",
"zlib",
"zlib-dynamic",
);
foreach my $proto ((@tls, @dtls))
{
push(@disablables, $proto);
push(@disablables, "$proto-method");
}
# All of the following is disabled by default (RC5 was enabled before 0.9.8):
my %disabled = ( # "what" => "comment" [or special keyword "experimental"]
"ec_nistp_64_gcc_128" => "default",
"egd" => "default",
"jpake" => "experimental",
"md2" => "default",
"rc5" => "default",
"sctp" => "default",
"shared" => "default",
"ssl-trace" => "default",
"store" => "experimental",
"unit-test" => "default",
"zlib" => "default",
"zlib-dynamic" => "default",
"crypto-mdebug" => "default",
);
my @experimental = ();
# This is what $depflags will look like with the above defaults
# (we need this to see if we should advise the user to run "make depend"):
my $default_depflags = " -DOPENSSL_NO_CRYPTO_MDEBUG -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST";
# Explicit "no-..." options will be collected in %disabled along with the defaults.
# To remove something from %disabled, use "enable-foo" (unless it's experimental).
# For symmetry, "disable-foo" is a synonym for "no-foo".
# For features called "experimental" here, a more explicit "experimental-foo" is needed to enable.
# We will collect such requests in @experimental.
# To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO.
my $no_sse2=0;
&usage if ($#ARGV < 0);
my $flags;
my $depflags;
my $openssl_experimental_defines;
my $openssl_algorithm_defines;
my $openssl_thread_defines;
my $openssl_sys_defines="";
my $openssl_other_defines;
my $libs;
my $target;
my $options;
my $api;
my $make_depend=0;
my %withargs=();
my $build_prefix = "release_";
my @argvcopy=@ARGV;
my $argvstring="";
my $argv_unprocessed=1;
while($argv_unprocessed)
{
$flags="";
$depflags="";
$openssl_experimental_defines="";
$openssl_algorithm_defines="";
$openssl_thread_defines="";
$openssl_sys_defines="";
$openssl_other_defines="";
$libs="";
$target="";
$options="";
$argv_unprocessed=0;
$argvstring=join(' ',@argvcopy);
PROCESS_ARGS:
{
my %unsupported_options = ();
foreach (@argvcopy)
{
s /^-no-/no-/; # some people just can't read the instructions
# rewrite some options in "enable-..." form
s /^-?-?shared$/enable-shared/;
s /^sctp$/enable-sctp/;
s /^threads$/enable-threads/;
s /^zlib$/enable-zlib/;
s /^zlib-dynamic$/enable-zlib-dynamic/;
if (/^(no|disable|enable|experimental)-(.+)$/)
{
my $word = $2;
if (!grep { $word =~ /^${_}$/ } @disablables)
{
$unsupported_options{$_} = 1;
next;
}
}
if (/^no-(.+)$/ || /^disable-(.+)$/)
{
if (!($disabled{$1} eq "experimental"))
{
foreach my $proto ((@tls, @dtls))
{
if ($1 eq "$proto-method")
{
$disabled{"$proto"} = "option($proto-method)";
last;
}
}
if ($1 eq "dtls")
{
foreach my $proto (@dtls)
{
$disabled{$proto} = "option(dtls)";
}
}
elsif ($1 eq "ssl")
{
# Last one of its kind
$disabled{"ssl3"} = "option(ssl)";
}
elsif ($1 eq "tls")
{
# XXX: Tests will fail if all SSL/TLS
# protocols are disabled.
foreach my $proto (@tls)
{
$disabled{$proto} = "option(tls)";
}
}
else
{
$disabled{$1} = "option";
}
}
}
elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
{
my $algo = $1;
if ($disabled{$algo} eq "experimental")
{
die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
unless (/^experimental-/);
push @experimental, $algo;
}
delete $disabled{$algo};
$threads = 1 if ($algo eq "threads");
}
elsif (/^--test-sanity$/)
{
exit(&test_sanity());
}
elsif (/^--strict-warnings$/)
{
$strict_warnings = 1;
}
elsif (/^--debug$/)
{
$build_prefix = "debug_";
}
elsif (/^--release$/)
{
$build_prefix = "release_";
}
elsif (/^reconfigure/ || /^reconf/)
{
if (open(IN,"<$Makefile"))
{
my $config_args_found=0;
while (<IN>)
{
chomp;
if (/^CONFIGURE_ARGS=(.*)/)
{
$argvstring=$1;
@argvcopy=split(' ',$argvstring);
die "Incorrect data to reconfigure, please do a normal configuration\n"
if (grep(/^reconf/,@argvcopy));
print "Reconfiguring with: $argvstring\n";
$argv_unprocessed=1;
$config_args_found=1;
}
elsif (/^CROSS_COMPILE=\s*(.*)/)
{
$ENV{CROSS_COMPILE}=$1;
}
elsif (/^CC=\s*(?:\$\(CROSS_COMPILE\))?(.*?)$/)
{
$ENV{CC}=$1;
}
}
close(IN);
last PROCESS_ARGS if ($config_args_found);
}
die "Insufficient data to reconfigure, please do a normal configuration\n";
}
elsif (/^386$/)
{ $processor=386; }
elsif (/^fips$/)
{
$fips=1;
}
elsif (/^rsaref$/)
{
# No RSAref support any more since it's not needed.
# The check for the option is there so scripts aren't
# broken
}
elsif (/^nofipscanistercheck$/)
{
$fips = 1;
$nofipscanistercheck = 1;
}
elsif (/^[-+]/)
{
if (/^--prefix=(.*)$/)
{
$prefix=$1;
}
elsif (/^--api=(.*)$/)
{
$api=$1;
}
elsif (/^--libdir=(.*)$/)
{
$libdir=$1;
}
elsif (/^--openssldir=(.*)$/)
{
$openssldir=$1;
}
elsif (/^--install.prefix=(.*)$/)
{
$install_prefix=$1;
}
elsif (/^--with-zlib-lib=(.*)$/)
{
$withargs{"zlib-lib"}=$1;
}
elsif (/^--with-zlib-include=(.*)$/)
{
$withargs{"zlib-include"}="-I$1";
}
elsif (/^--with-fipslibdir=(.*)$/)
{
$fipslibdir="$1/";
}
elsif (/^--with-baseaddr=(.*)$/)
{
$baseaddr="$1";
}
elsif (/^--cross-compile-prefix=(.*)$/)
{
$cross_compile_prefix=$1;
}
elsif (/^--config=(.*)$/)
{
read_config $1;
}
elsif (/^-[lL](.*)$/ or /^-Wl,/)
{
$libs.=$_." ";
}
else # common if (/^[-+]/), just pass down...
{
$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
$flags.=$_." ";
}
}
elsif ($_ =~ /^([^:]+):(.+)$/)
{
eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
$target=$1;
}
else
{
die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
$target=$_;
}
unless ($_ eq $target || /^no-/ || /^disable-/)
{
# "no-..." follows later after implied disactivations
# have been derived. (Don't take this too seroiusly,
# we really only write OPTIONS to the Makefile out of
# nostalgia.)
if ($options eq "")
{ $options = $_; }
else
{ $options .= " ".$_; }
}
}
if (defined($api) && !exists $apitable->{$api}) {
die "***** Unsupported api compatibility level: $api\n",
}
if (keys %unsupported_options)
{
die "***** Unsupported options: ",
join(", ", keys %unsupported_options), "\n";
}
}
}
if ($processor eq "386")
{
$disabled{"sse2"} = "forced";
}
if (!defined($disabled{"zlib-dynamic"}))
{
# "zlib-dynamic" was specifically enabled, so enable "zlib"
delete $disabled{"zlib"};
}
if (defined($disabled{"rijndael"}))
{
$disabled{"aes"} = "forced";
}
if (defined($disabled{"des"}))
{
$disabled{"mdc2"} = "forced";
}
if (defined($disabled{"ec"}))
{
$disabled{"ecdsa"} = "forced";
$disabled{"ecdh"} = "forced";
}
# SSL 3.0 requires MD5 and SHA and either RSA or DSA+DH
if (defined($disabled{"md5"}) || defined($disabled{"sha"})
|| (defined($disabled{"rsa"})
&& (defined($disabled{"dsa"}) || defined($disabled{"dh"}))))
{
$disabled{"ssl3"} = "forced";
$disabled{"ssl"} = "forced";
}
# (D)TLS 1.0 and TLS 1.1 require MD5 and SHA and either RSA or DSA+DH
# or ECDSA + ECDH. (XXX: We don't support PSK-only builds).
#
if (defined($disabled{"md5"}) || defined($disabled{"sha"})
|| (defined($disabled{"rsa"})
&& (defined($disabled{"dsa"}) || defined($disabled{"dh"}))
&& (defined($disabled{"ecdsa"}) || defined($disabled{"ecdh"}))))
{
$disabled{"tls1"} = "forced";
$disabled{"dtls1"} = "forced";
$disabled{"tls1_1"} = "forced";
}
# (D)TLS 1.2 requires either RSA or DSA+DH or ECDSA + ECDH
# So if all are missing, we can't do either TLS or DTLS.
# (XXX: We don't support PSK-only builds).
#
if (defined($disabled{"rsa"})
&& (defined($disabled{"dsa"}) || defined($disabled{"dh"}))
&& (defined($disabled{"ecdsa"}) || defined($disabled{"ecdh"})))
{
$disabled{"tls"} = "forced";
$disabled{"dtls"} = "forced";
foreach my $proto ((@tls, @dtls))
{
$disabled{"$proto"} = "forced";
}
}
# Avoid protocol support holes. Also disable all versions below N, if version
# N is disabled while N+1 is enabled.
#
my $prev_disabled = 1;
my $force_disable = 0;
foreach my $proto (reverse(@tls))
{
if ($force_disable)
{
$disabled{$proto} = 1;
}
elsif (! defined($disabled{$proto}))
{
$prev_disabled = 0;
}
elsif (! $prev_disabled)
{
$force_disable = 1;
}
}
my $prev_disabled = 1;
my $force_disable = 0;
foreach my $proto (reverse(@dtls))
{
if ($force_disable)
{
$disabled{$proto} = 1;
}
elsif (! defined($disabled{$proto}))
{
$prev_disabled = 0;
}
elsif (! $prev_disabled)
{
$force_disable = 1;
}
}
if (defined($disabled{"dgram"}))
{
$disabled{"dtls"} = "forced";
$disabled{"dtls1"} = "forced";
$disabled{"dtls1_2"} = "forced";
}
if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
|| defined($disabled{"dh"}) || defined($disabled{"stdio"}))
{
$disabled{"gost"} = "forced";
}
if ($target eq "TABLE") {
foreach $target (sort keys %table) {
print_table_entry($target, "TABLE");
}
exit 0;
}
if ($target eq "LIST") {
foreach (sort keys %table) {
print;
print "\n";
}
exit 0;
}
if ($target eq "HASH") {
print "%table = (\n";
foreach (sort keys %table) {
print_table_entry($_, "HASH");
}
exit 0;
}
if ($target =~ m/^CygWin32(-.*)$/) {
$target = "Cygwin".$1;
}
print "Configuring for $target\n";
# Support for legacy targets having a name starting with 'debug-'
my ($d, $t) = $target =~ m/^(debug-)?(.*)$/;
if ($d) {
$build_prefix = "debug_";
# If we do not find debug-foo in the table, the target is set to foo,
# but only if the foo target has a noon-empty debug_cflags or debug_lflags
# attribute.
if (!$table{$target}) {
$target = $t;
}
}
&usage if (!defined($table{$target}) || $table{$target}->{template});
if ($fips)
{
delete $disabled{"shared"} if ($disabled{"shared"} eq "default");
}
foreach (sort (keys %disabled))
{
$options .= " no-$_";
printf " no-%-12s %-10s", $_, "[$disabled{$_}]";
if (/^dso$/)
{ $no_dso = 1; }
elsif (/^threads$/)
{ $no_threads = 1; }
elsif (/^shared$/)
{ $no_shared = 1; }
elsif (/^zlib$/)
{ $zlib = 0; }
elsif (/^static-engine$/)
{ }
elsif (/^zlib-dynamic$/)
{ }
elsif (/^sse2$/)
{ $no_sse2 = 1; }
else
{
my ($ALGO, $algo);
($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
{
$openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n";
print " OPENSSL_NO_$ALGO";
if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; }
elsif (/^asm$/) { $no_asm = 1; }
}
else
{
($ALGO,$algo) = ("RMD160","rmd160") if ($algo eq "ripemd");
$openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n";
print " OPENSSL_NO_$ALGO";
push @skip, $algo;
# fix-up crypto/directory name(s)
$skip[$#skip]="whrlpool" if $algo eq "whirlpool";
$skip[$#skip]="ripemd" if $algo eq "rmd160";
print " (skip dir)";
$depflags .= " -DOPENSSL_NO_$ALGO";
}
}
print "\n";
}
my $exp_cflags = "";
foreach (sort @experimental)
{
my $ALGO;
($ALGO = $_) =~ tr/[a-z]/[A-Z]/;
# opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
$openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
$exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
}
my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds;
$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/);
$exe_ext=".nlm" if ($target =~ /netware/);
$exe_ext=".pm" if ($target =~ /vos/);
$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
$prefix=$openssldir if $prefix eq "";
$default_ranlib= &which("ranlib") or $default_ranlib="true";
$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
or $perl="perl";
my $make = $ENV{'MAKE'} || "make";
$cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq "";
chop $openssldir if $openssldir =~ /\/$/;
chop $prefix if $prefix =~ /.\/$/;
$openssldir=$prefix . "/ssl" if $openssldir eq "";
$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
print "IsMK1MF=$IsMK1MF\n";
# Allow environment CC to override compiler...
my $cc = $ENV{CC} || $table{$target}->{cc};
# For cflags and lflags, add the debug_ or release_ attributes
# Do it in such a way that no spurious space is appended (hence the grep).
my $cflags = join(" ",
grep { $_ } ($table{$target}->{cflags},
$table{$target}->{$build_prefix."cflags"}));
my $lflags = join(" ",
grep { $_ } ($table{$target}->{lflags},
$table{$target}->{$build_prefix."lflags"}));
my $unistd = $table{$target}->{unistd};
my $thread_cflag = $table{$target}->{thread_cflag};
my $sys_id = $table{$target}->{sys_id};
my $bn_ops = $table{$target}->{bn_ops};
my $cpuid_obj = $table{$target}->{cpuid_obj};
my $bn_obj = $table{$target}->{bn_obj};
my $ec_obj = $table{$target}->{ec_obj};
my $des_obj = $table{$target}->{des_obj};
my $aes_obj = $table{$target}->{aes_obj};
my $bf_obj = $table{$target}->{bf_obj};
my $md5_obj = $table{$target}->{md5_obj};
my $sha1_obj = $table{$target}->{sha1_obj};
my $cast_obj = $table{$target}->{cast_obj};
my $rc4_obj = $table{$target}->{rc4_obj};
my $rmd160_obj = $table{$target}->{rmd160_obj};
my $rc5_obj = $table{$target}->{rc5_obj};
my $wp_obj = $table{$target}->{wp_obj};
my $cmll_obj = $table{$target}->{cmll_obj};
my $modes_obj = $table{$target}->{modes_obj};
my $engines_obj = $table{$target}->{engines_obj};
my $chacha_obj = $table{$target}->{chacha_obj};
my $poly1305_obj = $table{$target}->{poly1305_obj};
my $perlasm_scheme = $table{$target}->{perlasm_scheme};
my $dso_scheme = $table{$target}->{dso_scheme};
my $shared_target = $table{$target}->{shared_target};
my $shared_cflag = $table{$target}->{shared_cflag};
my $shared_ldflag = $table{$target}->{shared_ldflag};
my $shared_extension = $table{$target}->{shared_extension};
my $ranlib = $ENV{'RANLIB'} || $table{$target}->{ranlib};
my $ar = $ENV{'AR'} || "ar";
my $arflags = $table{$target}->{arflags};
my $multilib = $table{$target}->{multilib};
# if $prefix/lib$multilib is not an existing directory, then
# assume that it's not searched by linker automatically, in
# which case adding $multilib suffix causes more grief than
# we're ready to tolerate, so don't...
$multilib="" if !-d "$prefix/lib$multilib";
$libdir="lib$multilib" if $libdir eq "";
$cflags = "$cflags$exp_cflags";
# '%' in $lflags is used to split flags to "pre-" and post-flags
my ($prelflags,$postlflags)=split('%',$lflags);
if (defined($postlflags)) { $lflags=$postlflags; }
else { $lflags=$prelflags; undef $prelflags; }
if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
{
$cflags =~ s/\-mno\-cygwin\s*//;
$shared_ldflag =~ s/\-mno\-cygwin\s*//;
}
if ($target =~ /linux.*\-mips/ && !$no_asm && $flags !~ /\-m(ips|arch=)/) {
# minimally required architecture flags for assembly modules
$cflags="-mips2 $cflags" if ($target =~ /mips32/);
$cflags="-mips3 $cflags" if ($target =~ /mips64/);
}
my $no_shared_warn=0;
my $no_user_cflags=0;
if ($flags ne "") { $cflags="$flags$cflags"; }
else { $no_user_cflags=1; }
# The DSO code currently always implements all functions so that no
# applications will have to worry about that from a compilation point
# of view. However, the "method"s may return zero unless that platform
# has support compiled in for them. Currently each method is enabled
# by a define "DSO_<name>" ... we translate the "dso_scheme" config
# string entry into using the following logic;
my $dso_cflags;
if (!$no_dso && $dso_scheme ne "")
{
$dso_scheme =~ tr/[a-z]/[A-Z]/;
if ($dso_scheme eq "DLFCN")
{
$dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H";
}
elsif ($dso_scheme eq "DLFCN_NO_H")
{
$dso_cflags = "-DDSO_DLFCN";
}
else
{
$dso_cflags = "-DDSO_$dso_scheme";
}
$cflags = "$dso_cflags $cflags";
}
my $thread_cflags;
my $thread_defines;
if ($thread_cflag ne "(unknown)" && !$no_threads)
{
# If we know how to do it, support threads by default.
$threads = 1;
}
if ($thread_cflag eq "(unknown)" && $threads)
{
# If the user asked for "threads", [s]he is also expected to
# provide any system-dependent compiler options that are
# necessary.
if ($no_user_cflags)
{
print "You asked for multi-threading support, but didn't\n";
print "provide any system-specific compiler options\n";
exit(1);
}
$thread_cflags="-DOPENSSL_THREADS $cflags" ;
$thread_defines .= "#define OPENSSL_THREADS\n";
}
else
{
$thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags";
$thread_defines .= "#define OPENSSL_THREADS\n";
# my $def;
# foreach $def (split ' ',$thread_cflag)
# {
# if ($def =~ s/^-D// && $def !~ /^_/)
# {
# $thread_defines .= "#define $def\n";
# }
# }
}
$lflags="$libs$lflags" if ($libs ne "");
if ($no_asm)
{
$cpuid_obj=$bn_obj=$ec_obj=
$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
$modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj=
$chacha_obj=$poly1305_obj="";
$cflags=~s/\-D[BL]_ENDIAN// if ($fips);
$thread_cflags=~s/\-D[BL]_ENDIAN// if ($fips);
}
elsif (defined($disabled{ec2m}))
{
$bn_obj =~ s/\w+-gf2m.o//;
}
if (!$no_shared)
{
$cast_obj=""; # CAST assembler is not PIC
}
if ($threads)
{
$cflags=$thread_cflags;
$openssl_thread_defines .= $thread_defines;
}
if ($zlib)
{
$cflags = "-DZLIB $cflags";
if (defined($disabled{"zlib-dynamic"}))
{
if (defined($withargs{"zlib-lib"}))
{
$lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz";
}
else
{
$lflags = "$lflags -lz";
}
}
else
{
$cflags = "-DZLIB_SHARED $cflags";
}
}
# With "deprecated" disable all deprecated features.
if (defined($disabled{"deprecated"})) {
$api = $maxapi;
}
# You will find shlib_mark1 and shlib_mark2 explained in Makefile.in
my $shared_mark = "";
if ($shared_target eq "")
{
$no_shared_warn = 1 if !$no_shared && !$fips;
$no_shared = 1;
}
if (!$no_shared)
{
if ($shared_cflag ne "")
{
$cflags = "$shared_cflag -DOPENSSL_PIC $cflags";
}
}
if (!$IsMK1MF)
{
# add {no-}static-engine to options to allow mkdef.pl to work without extra arguments
if ($no_shared)
{
$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
$options.=" static-engine";
}
else
{
$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
$options.=" no-static-engine";
}
}
$cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
#
# Platform fix-ups
#
if ($target =~ /\-icc$/) # Intel C compiler
{
my $iccver=0;
if (open(FD,"$cc -V 2>&1 |"))
{
while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
close(FD);
}
if ($iccver>=8)
{
$cflags=~s/\-KPIC/-fPIC/;
# Eliminate unnecessary dependency from libirc.a. This is
# essential for shared library support, as otherwise
# apps/openssl can end up in endless loop upon startup...
$cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
}
if ($iccver>=9)
{
$lflags.=" -i-static";
$lflags=~s/\-no_cpprt/-no-cpprt/;
}
if ($iccver>=10)
{
$lflags=~s/\-i\-static/-static-intel/;
}
if ($iccver>=11)
{
$cflags.=" -no-intel-extensions"; # disable Cilk
$lflags=~s/\-no\-cpprt/-no-cxxlib/;
}
}
# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on
# .so objects. Apparently application RPATH is not global and does
# not apply to .so linked with other .so. Problem manifests itself
# when libssl.so fails to load libcrypto.so. One can argue that we
# should engrave this into Makefile.shared rules or into BSD-* config
# lines above. Meanwhile let's try to be cautious and pass -rpath to
# linker only when --prefix is not /usr.
if ($target =~ /^BSD\-/)
{
$shared_ldflag.=" -Wl,-rpath,\$\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
}
if ($sys_id ne "")
{
#$cflags="-DOPENSSL_SYS_$sys_id $cflags";
$openssl_sys_defines="#define OPENSSL_SYS_$sys_id\n";
}
if ($ranlib eq "")
{
$ranlib = $default_ranlib;
}
#my ($bn1)=split(/\s+/,$bn_obj);
#$bn1 = "" unless defined $bn1;
#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
#$bn_obj="$bn1";
$cpuid_obj="" if ($processor eq "386");
$bn_obj = $bn_asm unless $bn_obj ne "";
# bn-586 is the only one implementing bn_*_part_words
$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);
$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
$cflags.=" -DOPENSSL_BN_ASM_MONT5" if ($bn_obj =~ /-mont5/);
$cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($bn_obj =~ /-gf2m/);
if ($fips)
{
$openssl_other_defines.="#define OPENSSL_FIPS\n";
}
$cpuid_obj="mem_clr.o" unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
$rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
$rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
if ($sha1_obj =~ /\.o$/)
{
# $sha1_obj=$sha1_enc;
$cflags.=" -DSHA1_ASM" if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
$cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
$cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
if ($sha1_obj =~ /sse2/)
{ if ($no_sse2)
{ $sha1_obj =~ s/\S*sse2\S+//; }
elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
{ $cflags.=" -DOPENSSL_IA32_SSE2"; }
}
}
if ($md5_obj =~ /\.o$/)
{
# $md5_obj=$md5_enc;
$cflags.=" -DMD5_ASM";
}
if ($rmd160_obj =~ /\.o$/)
{
# $rmd160_obj=$rmd160_enc;
$cflags.=" -DRMD160_ASM";
}
if ($aes_obj =~ /\.o$/)
{
$cflags.=" -DAES_ASM" if ($aes_obj =~ m/\baes\-/);;
# aes-ctr.o is not a real file, only indication that assembler
# module implements AES_ctr32_encrypt...
$cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//);
# aes-xts.o indicates presence of AES_xts_[en|de]crypt...
$cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//);
$aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2);
$cflags.=" -DVPAES_ASM" if ($aes_obj =~ m/vpaes/);
$cflags.=" -DBSAES_ASM" if ($aes_obj =~ m/bsaes/);
}
else {
$aes_obj=$aes_enc;
}
$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
if ($wp_obj =~ /\.o$/ && !$disabled{"whirlpool"})
{
$cflags.=" -DWHIRLPOOL_ASM";
}
else {
$wp_obj="wp_block.o";
}
$cmll_obj=$cmll_enc unless ($cmll_obj =~ /.o$/);
if ($modes_obj =~ /ghash\-/)
{
$cflags.=" -DGHASH_ASM";
}
if ($ec_obj =~ /ecp_nistz256/)
{
$cflags.=" -DECP_NISTZ256_ASM";
}
$chacha_obj=$chacha_enc unless ($chacha_obj =~ /\.o$/);
if ($poly1305_obj =~ /\.o$/)
{
$cflags.=" -DPOLY1305_ASM";
}
# "Stringify" the C flags string. This permits it to be made part of a string
# and works as well on command lines.
$cflags =~ s/([\\\"])/\\\1/g;
my $version = "unknown";
my $version_num = "unknown";
my $major = "unknown";
my $minor = "unknown";
my $shlib_version_number = "unknown";
my $shlib_version_history = "unknown";
my $shlib_major = "unknown";
my $shlib_minor = "unknown";
open(IN,'<include/openssl/opensslv.h') || die "unable to read opensslv.h:$!\n";
while (<IN>)
{
$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
$version_num=$1 if /OPENSSL.VERSION.NUMBER.*(0x\S+)/;
$shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;
$shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;
}
close(IN);
if ($shlib_version_history ne "") { $shlib_version_history .= ":"; }
if ($version =~ /(^[0-9]*)\.([0-9\.]*)/)
{
$major=$1;
$minor=$2;
}
if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
{
$shlib_major=$1;
$shlib_minor=$2;
}
if (defined($api)) {
my $apiflag = sprintf("-DOPENSSL_API_COMPAT=%s", $apitable->{$api});
$default_depflags .= " $apiflag";
$cflags .= " $apiflag";
}
my $ecc = $cc;
$ecc = "clang" if `$cc --version 2>&1` =~ /clang/;
if ($strict_warnings)
{
my $wopt;
die "ERROR --strict-warnings requires gcc or clang" unless ($ecc =~ /gcc(-\d(\.\d)*)?$/ or $ecc =~ /clang$/);
foreach $wopt (split /\s+/, $gcc_devteam_warn)
{
$cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
}
if ($ecc eq "clang")
{
foreach $wopt (split /\s+/, $clang_devteam_warn)
{
$cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
}
}
if ($target !~ /^mingw/)
{
foreach $wopt (split /\s+/, $memleak_devteam_backtrace)
{
$cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
}
if ($target =~ /^BSD-/)
{
$lflags .= " -lexecinfo";
}
}
}
open(IN,"<Makefile.in") || die "unable to read Makefile.in$!\n";
unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
print OUT "### Generated automatically from Makefile.in by Configure.\n\n";
my $sdirs=0;
while (<IN>)
{
chomp;
$sdirs = 1 if /^SDIRS=/;
if ($sdirs) {
my $dir;
foreach $dir (@skip) {
s/(\s)$dir /$1/;
s/\s$dir$//;
}
}
$sdirs = 0 unless /\\$/;
s/fips // if (/^DIRS=/ && !$fips);
s/engines // if (/^DIRS=/ && $disabled{"engine"});
s/^VERSION=.*/VERSION=$version/;
s/^MAJOR=.*/MAJOR=$major/;
s/^MINOR=.*/MINOR=$minor/;
s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
s/^MULTILIB=.*$/MULTILIB=$multilib/;
s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
s/^LIBDIR=.*$/LIBDIR=$libdir/;
s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
s/^PLATFORM=.*$/PLATFORM=$target/;
s/^OPTIONS=.*$/OPTIONS=$options/;
s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
if ($cross_compile_prefix)
{
s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/;
s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
}
else {
s/^CC=.*$/CC= $cc/;
s/^AR=\s*ar/AR= $ar/;
s/^RANLIB=.*/RANLIB= $ranlib/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $ecc eq "gcc" || $ecc eq "clang";
}
s/^CFLAG=.*$/CFLAG= $cflags/;
s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
s/^EC_ASM=.*$/EC_ASM= $ec_obj/;
s/^DES_ENC=.*$/DES_ENC= $des_obj/;
s/^AES_ENC=.*$/AES_ENC= $aes_obj/;
s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
s/^CHACHA_ENC=.*$/CHACHA_ENC= $chacha_obj/;
s/^POLY1305_ASM_OBJ=.*$/POLY1305_ASM_OBJ= $poly1305_obj/;
s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
s/^PROCESSOR=.*/PROCESSOR= $processor/;
s/^ARFLAGS=.*/ARFLAGS= $arflags/;
s/^PERL=.*/PERL= $perl/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
s/^SHARED_FIPS=.*/SHARED_FIPS=/;
s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl/;
s/^BASEADDR=.*/BASEADDR=$baseaddr/;
s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
{
my $sotmp = $1;
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
}
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
{
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
}
elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
{
my $sotmp = $1;
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
}
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
{
s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
}
s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
print OUT $_."\n";
}
close(IN);
close(OUT);
rename($Makefile,"$Makefile.orig") || die "unable to rename $Makefile\n" if -e $Makefile;
rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
print "CC =$cc\n";
print "CFLAG =$cflags\n";
print "EX_LIBS =$lflags\n";
print "CPUID_OBJ =$cpuid_obj\n";
print "BN_ASM =$bn_obj\n";
print "EC_ASM =$ec_obj\n";
print "DES_ENC =$des_obj\n";
print "AES_ENC =$aes_obj\n";
print "BF_ENC =$bf_obj\n";
print "CAST_ENC =$cast_obj\n";
print "RC4_ENC =$rc4_obj\n";
print "RC5_ENC =$rc5_obj\n";
print "MD5_OBJ_ASM =$md5_obj\n";
print "SHA1_OBJ_ASM =$sha1_obj\n";
print "RMD160_OBJ_ASM=$rmd160_obj\n";
print "CMLL_ENC =$cmll_obj\n";
print "MODES_OBJ =$modes_obj\n";
print "ENGINES_OBJ =$engines_obj\n";
print "CHACHA_ENC =$chacha_obj\n";
print "POLY1305_OBJ =$poly1305_obj\n";
print "PROCESSOR =$processor\n";
print "RANLIB =$ranlib\n";
print "ARFLAGS =$arflags\n";
print "PERL =$perl\n";
my $des_ptr=0;
my $des_risc1=0;
my $des_risc2=0;
my $des_unroll=0;
my $bn_ll=0;
my $def_int=2;
my $rc4_int=$def_int;
my $md2_int=$def_int;
my $idea_int=$def_int;
my $rc2_int=$def_int;
my $rc4_idx=0;
my $rc4_chunk=0;
my $bf_ptr=0;
my @type=("char","short","int","long");
my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
my $export_var_as_fn=0;
my $des_int;
foreach (sort split(/\s+/,$bn_ops))
{
$des_ptr=1 if /DES_PTR/;
$des_risc1=1 if /DES_RISC1/;
$des_risc2=1 if /DES_RISC2/;
$des_unroll=1 if /DES_UNROLL/;
$des_int=1 if /DES_INT/;
$bn_ll=1 if /BN_LLONG/;
$rc4_int=0 if /RC4_CHAR/;
$rc4_int=3 if /RC4_LONG/;
$rc4_idx=1 if /RC4_INDEX/;
$rc4_chunk=1 if /RC4_CHUNK/;
$rc4_chunk=2 if /RC4_CHUNK_LL/;
$md2_int=0 if /MD2_CHAR/;
$md2_int=3 if /MD2_LONG/;
$idea_int=1 if /IDEA_SHORT/;
$idea_int=3 if /IDEA_LONG/;
$rc2_int=1 if /RC2_SHORT/;
$rc2_int=3 if /RC2_LONG/;
$bf_ptr=1 if $_ eq "BF_PTR";
$bf_ptr=2 if $_ eq "BF_PTR2";
($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
$export_var_as_fn=1 if /EXPORT_VAR_AS_FN/;
}
open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
unlink("include/openssl/opensslconf.h.new") || die "unable to remove old include/openssl/opensslconf.h.new:$!\n" if -e "include/openssl/opensslconf.h.new";
open(OUT,'>include/openssl/opensslconf.h.new') || die "unable to create include/openssl/opensslconf.h.new:$!\n";
print OUT "/* opensslconf.h */\n";
print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
print OUT "#ifdef __cplusplus\n";
print OUT "extern \"C\" {\n";
print OUT "#endif\n";
print OUT "/* OpenSSL was configured with the following options: */\n";
my $openssl_api_defines = "";
if (defined($api)) {
$openssl_api_defines = sprintf "#define OPENSSL_MIN_API %s\n", $apitable->{$api};
}
my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg;
$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg;
$openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algorithm_defines eq "";
$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
print OUT $openssl_sys_defines;
print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
print OUT $openssl_experimental_defines;
print OUT $openssl_api_defines;
print OUT "\n";
print OUT $openssl_algorithm_defines;
print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";
print OUT $openssl_thread_defines;
print OUT $openssl_other_defines,"\n";
print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n";
print OUT " asks for it. This is a transient feature that is provided for those\n";
print OUT " who haven't had the time to do the appropriate changes in their\n";
print OUT " applications. */\n";
print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
print OUT $openssl_algorithm_defines_trans;
print OUT "#endif\n\n";
print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o");
while (<IN>)
{
if (/^#define\s+OPENSSLDIR/)
{
my $foo = $openssldir;
$foo =~ s/\\/\\\\/g;
print OUT "#define OPENSSLDIR \"$foo\"\n";
}
elsif (/^#define\s+ENGINESDIR/)
{
my $foo = "$prefix/$libdir/engines";
$foo =~ s/\\/\\\\/g;
print OUT "#define ENGINESDIR \"$foo\"\n";
}
elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
if $export_var_as_fn;
printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n",
($export_var_as_fn)?"define":"undef"; }
elsif (/^#define\s+OPENSSL_UNISTD/)
{
$unistd = "<unistd.h>" if $unistd eq "";
print OUT "#define OPENSSL_UNISTD $unistd\n";
}
elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
{ printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
{ printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
{ printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+SIXTEEN_BIT/)
{ printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+EIGHT_BIT/)
{ printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/)
{ printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
elsif (/^\#define\s+OSSL_DES_LONG\s+.*/)
{ printf OUT "#define OSSL_DES_LONG unsigned %s\n",
($des_int)?'int':'long'; }
elsif (/^\#(define|undef)\s+DES_PTR/)
{ printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
elsif (/^\#(define|undef)\s+DES_RISC1/)
{ printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
elsif (/^\#(define|undef)\s+DES_RISC2/)
{ printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
elsif (/^\#(define|undef)\s+DES_UNROLL/)
{ printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
elsif (/^#define\s+RC4_INT\s/)
{ printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
elsif (/^#undef\s+RC4_CHUNK/)
{
printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0;
printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1;
printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2;
}
elsif (/^#((define)|(undef))\s+RC4_INDEX/)
{ printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
elsif (/^#(define|undef)\s+I386_ONLY/)
{ printf OUT "#%s I386_ONLY\n", ($processor eq "386")?
"define":"undef"; }
elsif (/^#define\s+MD2_INT\s/)
{ printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
elsif (/^#define\s+IDEA_INT\s/)
{printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
elsif (/^#define\s+RC2_INT\s/)
{printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
elsif (/^#(define|undef)\s+BF_PTR/)
{
printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
}
else
{ print OUT $_; }
}
close(IN);
print OUT "#ifdef __cplusplus\n";
print OUT "}\n";
print OUT "#endif\n";
close(OUT);
rename("include/openssl/opensslconf.h","include/openssl/opensslconf.h.bak") || die "unable to rename include/openssl/opensslconf.h\n" if -e "include/openssl/opensslconf.h";
rename("include/openssl/opensslconf.h.new","include/openssl/opensslconf.h") || die "unable to rename include/openssl/opensslconf.h.new\n";
# Fix the date
print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
print "SIXTY_FOUR_BIT mode\n" if $b64;
print "THIRTY_TWO_BIT mode\n" if $b32;
print "SIXTEEN_BIT mode\n" if $b16;
print "EIGHT_BIT mode\n" if $b8;
print "DES_PTR used\n" if $des_ptr;
print "DES_RISC1 used\n" if $des_risc1;
print "DES_RISC2 used\n" if $des_risc2;
print "DES_UNROLL used\n" if $des_unroll;
print "DES_INT used\n" if $des_int;
print "BN_LLONG mode\n" if $bn_ll;
print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
print "RC4_INDEX mode\n" if $rc4_idx;
print "RC4_CHUNK is undefined\n" if $rc4_chunk==0;
print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1;
print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2;
print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
print "BF_PTR used\n" if $bf_ptr == 1;
print "BF_PTR2 used\n" if $bf_ptr == 2;
# Copy all Makefile.in to Makefile (except top-level)
use File::Find;
use IO::File;
find(sub {
return if ($_ ne "Makefile.in" || $File::Find::dir eq ".");
my $in = IO::File->new($_, "r") or
die sprintf "Error reading Makefile.in in %s: !$\n",
$File::Find::dir;
my $out = IO::File->new("Makefile", "w") or
die sprintf "Error writing Makefile in %s: !$\n",
$File::Find::dir;
print $out "# Generated from $_, do not edit\n";
while (my $line = <$in>) { print $out $line }
$in->close() or
die sprintf "Error reading Makefile.in in %s: !$\n",
$File::Find::dir;
$out->close() or
die sprintf "Error writing Makefile in %s: !$\n",
$File::Find::dir;
}, ".");
{
my $perlguess = $perl =~ m@^/@ ? $perl : '/usr/local/bin/perl';
&dofile("tools/c_rehash",$perlguess,
'^#!/' => '#!%s',
'^my \$dir;$' => 'my $dir = "' . $openssldir . '";',
'^my \$prefix;$' => 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",$perl,
'^#!/' => '#!%s');
}
if($IsMK1MF) {
open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
printf OUT <<EOF;
#ifndef MK1MF_BUILD
/* auto-generated by Configure for crypto/cversion.c:
* for Unix builds, crypto/Makefile.ssl generates functional definitions;
* Windows builds (and other mk1mf builds) compile cversion.c with
* -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */
#error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles"
#endif
EOF
close(OUT);
} else {
my $make_command = "$make PERL=\'$perl\'";
my $make_targets = "";
$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
(system $make_command.$make_targets) == 0 or die "make $make_targets failed"
if $make_targets ne "";
if ($depflags ne $default_depflags && !$make_depend) {
$warn_make_depend++;
}
}
# create the ms/version32.rc file if needed
if ($IsMK1MF && ($target !~ /^netware/)) {
my ($v1, $v2, $v3, $v4);
if ($version_num =~ /^0x([0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{1})L$/i) {
$v1=hex $1;
$v2=hex $2;
$v3=hex $3;
$v4=hex $4;
}
open (OUT,">ms/version32.rc") || die "Can't open ms/version32.rc";
print OUT <<EOF;
#include <winver.h>
LANGUAGE 0x09,0x01
1 VERSIONINFO
FILEVERSION $v1,$v2,$v3,$v4
PRODUCTVERSION $v1,$v2,$v3,$v4
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x01L
#else
FILEFLAGS 0x00L
#endif
FILEOS VOS__WINDOWS32
FILETYPE VFT_DLL
FILESUBTYPE 0x0L
BEGIN
BLOCK "StringFileInfo"
BEGIN
BLOCK "040904b0"
BEGIN
// Required:
VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
VALUE "FileDescription", "OpenSSL Shared Library\\0"
VALUE "FileVersion", "$version\\0"
#if defined(CRYPTO)
VALUE "InternalName", "libeay32\\0"
VALUE "OriginalFilename", "libeay32.dll\\0"
#elif defined(SSL)
VALUE "InternalName", "ssleay32\\0"
VALUE "OriginalFilename", "ssleay32.dll\\0"
#endif
VALUE "ProductName", "The OpenSSL Toolkit\\0"
VALUE "ProductVersion", "$version\\0"
// Optional:
//VALUE "Comments", "\\0"
VALUE "LegalCopyright", "Copyright © 1998-2015 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
//VALUE "LegalTrademarks", "\\0"
//VALUE "PrivateBuild", "\\0"
//VALUE "SpecialBuild", "\\0"
END
END
BLOCK "VarFileInfo"
BEGIN
VALUE "Translation", 0x409, 0x4b0
END
END
EOF
close(OUT);
}
print <<EOF;
Configured for $target.
EOF
print <<\EOF if (!$no_threads && !$threads);
The library could not be configured for supporting multi-threaded
applications as the compiler options required on this system are not known.
See file INSTALL for details if you need multi-threading.
EOF
print <<\EOF if ($no_shared_warn);
You gave the option 'shared', which is not supported on this platform, so
we will pretend you gave the option 'no-shared'. If you know how to implement
shared libraries, please let us know (but please first make sure you have
tried with a current version of OpenSSL).
EOF
print <<EOF if ($warn_make_depend);
*** Because of configuration changes, you MUST do the following before
*** building:
make depend
EOF
exit(0);
sub usage
{
print STDERR $usage;
print STDERR "\npick os/compiler from:\n";
my $j=0;
my $i;
my $k=0;
foreach $i (sort keys %table)
{
next if $i =~ /^debug/;
$k += length($i) + 1;
if ($k > 78)
{
print STDERR "\n";
$k=length($i);
}
print STDERR $i . " ";
}
foreach $i (sort keys %table)
{
next if $i !~ /^debug/;
$k += length($i) + 1;
if ($k > 78)
{
print STDERR "\n";
$k=length($i);
}
print STDERR $i . " ";
}
print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n";
exit(1);
}
sub which
{
my($name)=@_;
my $path;
foreach $path (split /:/, $ENV{PATH})
{
if (-f "$path/$name$exe_ext" and -x _)
{
return "$path/$name$exe_ext" unless ($name eq "perl" and
system("$path/$name$exe_ext -e " . '\'exit($]<5.0);\''));
}
}
}
sub dofile
{
my $f; my $p; my %m; my @a; my $k; my $ff;
($f,$p,%m)=@_;
open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n";
@a=<IN>;
close(IN);
foreach $k (keys %m)
{
grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a);
}
open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
print OUT @a;
close(OUT);
rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
rename("$f.new",$f) || die "unable to rename $f.new\n";
}
sub print_table_entry
{
my $target = shift;
my $type = shift;
# Don't print the templates
return if $table{$target}->{template};
if ($type eq "TABLE") {
print <<EOF
*** $target
\$cc = $table{$target}->{cc}
\$cflags = $table{$target}->{cflags}
\$debug_cflags = $table{$target}->{debug_cflags}
\$release_cflags = $table{$target}->{release_cflags}
\$unistd = $table{$target}->{unistd}
\$thread_cflag = $table{$target}->{thread_cflag}
\$sys_id = $table{$target}->{sys_id}
\$lflags = $table{$target}->{lflags}
\$debug_lflags = $table{$target}->{debug_lflags}
\$release_lflags = $table{$target}->{release_lflags}
\$bn_ops = $table{$target}->{bn_ops}
\$cpuid_obj = $table{$target}->{cpuid_obj}
\$bn_obj = $table{$target}->{bn_obj}
\$ec_obj = $table{$target}->{ec_obj}
\$des_obj = $table{$target}->{des_obj}
\$aes_obj = $table{$target}->{aes_obj}
\$bf_obj = $table{$target}->{bf_obj}
\$md5_obj = $table{$target}->{md5_obj}
\$sha1_obj = $table{$target}->{sha1_obj}
\$cast_obj = $table{$target}->{cast_obj}
\$rc4_obj = $table{$target}->{rc4_obj}
\$rmd160_obj = $table{$target}->{rmd160_obj}
\$rc5_obj = $table{$target}->{rc5_obj}
\$wp_obj = $table{$target}->{wp_obj}
\$cmll_obj = $table{$target}->{cmll_obj}
\$modes_obj = $table{$target}->{modes_obj}
\$engines_obj = $table{$target}->{engines_obj}
\$chacha_obj = $table{$target}->{chacha_obj}
\$poly1305_obj = $table{$target}->{poly1305_obj}
\$perlasm_scheme = $table{$target}->{perlasm_scheme}
\$dso_scheme = $table{$target}->{dso_scheme}
\$shared_target= $table{$target}->{shared_target}
\$shared_cflag = $table{$target}->{shared_cflag}
\$shared_ldflag = $table{$target}->{shared_ldflag}
\$shared_extension = $table{$target}->{shared_extension}
\$ranlib = $table{$target}->{ranlib}
\$arflags = $table{$target}->{arflags}
\$multilib = $table{$target}->{multilib}
EOF
} elsif ($type eq "HASH") {
my @sequence = (
"cc",
"cflags",
"debug_cflags",
"release_cflags",
"unistd",
"thread_cflag",
"sys_id",
"lflags",
"debug_lflags",
"release_lflags",
"bn_ops",
"cpuid_obj",
"bn_obj",
"ec_obj",
"des_obj",
"aes_obj",
"bf_obj",
"md5_obj",
"sha1_obj",
"cast_obj",
"rc4_obj",
"rmd160_obj",
"rc5_obj",
"wp_obj",
"cmll_obj",
"modes_obj",
"engines_obj",
"chacha_obj",
"poly1305_obj",
"perlasm_scheme",
"dso_scheme",
"shared_target",
"shared_cflag",
"shared_ldflag",
"shared_extension",
"ranlib",
"arflags",
"multilib",
);
my $largest =
length((sort { length($a) <=> length($b) } @sequence)[-1]);
print " '$target' => {\n";
foreach (@sequence) {
if ($table{$target}->{$_}) {
print " '",$_,"'"," " x ($largest - length($_))," => '",$table{$target}->{$_},"',\n";
}
}
print " },\n";
}
}
sub test_sanity
{
my $errorcnt = 0;
print STDERR "=" x 70, "\n";
print STDERR "=== SANITY TESTING!\n";
print STDERR "=== No configuration will be done, all other arguments will be ignored!\n";
print STDERR "=" x 70, "\n";
foreach $target (sort keys %table)
{
my $pre_dso_scheme = "perlasm_scheme";
my $dso_scheme = "dso_scheme";
my $post_dso_scheme = "shared_target";
if ($table{$target}->{$pre_dso_scheme} =~ /^(beos|dl|dlfcn|win32|vms)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme values\n";
print STDERR " in the previous field\n";
}
elsif ($table{$target}->{$post_dso_scheme} =~ /^(beos|dl|dlfcn|win32|vms)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme values\n";
print STDERR " in the following field\n";
}
elsif ($table{$target}->{$dso_scheme} !~ /^(beos|dl|dlfcn|win32|vms|)$/)
{
$errorcnt++;
print STDERR "SANITY ERROR: '$target' has the dso_scheme field = ",$table{$target}->{$dso_scheme},"\n";
print STDERR " valid values are 'beos', 'dl', 'dlfcn', 'win32' and 'vms'\n";
}
}
print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
return $errorcnt;
}