# SHA512_ASM sha512_block is implemented in assembler
# AES_ASM AES_[en|de]crypt is implemented in assembler
-# Minimum warning options... any contributions to OpenSSL should at least get
-# past these.
+# Minimum warning options... any contributions to OpenSSL should at least
+# get past these. Note that we only use these with C compilers, not with
+# C++ compilers.
# DEBUG_UNUSED enables __owur (warn unused result) checks.
# -DPEDANTIC complements -pedantic and is meant to mask code that
# code, so we just tell compiler to be pedantic about everything
# but 'long long' type.
-my %gcc_devteam_warn = ();
-{
- my @common = qw( -DDEBUG_UNUSED
- -DPEDANTIC -pedantic -Wno-long-long
- -Wall
- -Wextra
- -Wno-unused-parameter
- -Wno-missing-field-initializers
- -Wswitch
- -Wsign-compare
- -Wshadow
- -Wformat
- -Wtype-limits
- -Wundef
- -Werror );
- %gcc_devteam_warn = (
- CFLAGS => [ @common, qw( -Wmissing-prototypes
- -Wstrict-prototypes ) ],
- CXXFLAGS => [ @common ]
- );
-}
+my @gcc_devteam_warn = qw(
+ -DDEBUG_UNUSED
+ -DPEDANTIC -pedantic -Wno-long-long
+ -Wall
+ -Wextra
+ -Wno-unused-parameter
+ -Wno-missing-field-initializers
+ -Wswitch
+ -Wsign-compare
+ -Wshadow
+ -Wformat
+ -Wtype-limits
+ -Wundef
+ -Werror
+ -Wmissing-prototypes
+ -Wstrict-prototypes
+);
# These are used in addition to $gcc_devteam_warn when the compiler is clang.
# TODO(openssl-team): fix problems and investigate if (at least) the
# -Wlanguage-extension-token -- no, we use asm()
# -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc
# -Wextended-offsetof -- no, needed in CMS ASN1 code
-my %clang_devteam_warn = ();
-{
- my @common = qw( -Wswitch-default
- -Wno-parentheses-equality
- -Wno-language-extension-token
- -Wno-extended-offsetof
- -Wconditional-uninitialized
- -Wincompatible-pointer-types-discards-qualifiers
- -Wno-unknown-warning-option );
- %clang_devteam_warn = (
- CFLAGS => [ @common, qw( -Wmissing-variable-declarations ) ],
- CXXFLAGS => [ @common ]
- );
-}
+my @clang_devteam_warn = qw(
+ -Wswitch-default
+ -Wno-parentheses-equality
+ -Wno-language-extension-token
+ -Wno-extended-offsetof
+ -Wconditional-uninitialized
+ -Wincompatible-pointer-types-discards-qualifiers
+ -Wno-unknown-warning-option
+ -Wmissing-variable-declarations
+);
# This adds backtrace information to the memory leak info. Is only used
# when crypto-mdebug-backtrace is enabled.
"cast",
"chacha",
"cmac",
+ "cmp",
"cms",
"comp",
- "crmf",
"crypto-mdebug",
"crypto-mdebug-backtrace",
"ct",
push(@disablables, "$proto-method") unless $proto eq "tls1_3";
}
+# Internal disablables, for aliasing purposes. They serve no special
+# purpose here, but allow scripts to get to know them through configdata.pm,
+# where these are merged with @disablables.
+# The actual aliasing mechanism is done via %disable_cascades
+my @disablables_int = qw(
+ crmf
+ );
+
my %deprecated_disablables = (
"ssl2" => undef,
"buf-freelists" => undef,
sub { $disabled{cmac}; } => [ "siv" ],
"legacy" => [ "md2" ],
+
+ "cmp" => [ "crmf" ],
);
# Avoid protocol support holes. Also disable all versions below N, if version
PERL => env('PERL') || ($^O ne "VMS" ? $^X : "perl"),
RANLIB => env('RANLIB'),
RC => env('RC') || env('WINDRES'),
- RCFLAGS => [],
+ RCFLAGS => [ env('RCFLAGS') || () ],
RM => undef,
);
# Info about what "make variables" may be prefixed with the cross compiler
CXXFLAGS => [],
LDFLAGS => [],
LDLIBS => [],
+ RCFLAGS => [],
);
my %user_synonyms = (
# Pretend that our strict flags is a C flag, and replace it
# with the proper flags later on
push @{$useradd{CFLAGS}}, '--ossl-strict-warnings';
- push @{$useradd{CXXFLAGS}}, '--ossl-strict-warnings';
$strict_warnings=1;
}
elsif (/^--debug$/)
"***** any of asan, msan or ubsan\n";
}
-my @tocheckfor = (keys %disabled);
-while (@tocheckfor) {
- my %new_tocheckfor = ();
- my @cascade_copy = (@disable_cascades);
- while (@cascade_copy) {
- my ($test, $descendents) = (shift @cascade_copy, shift @cascade_copy);
- if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) {
- foreach(grep { !defined($disabled{$_}) } @$descendents) {
- $new_tocheckfor{$_} = 1; $disabled{$_} = "forced";
+sub disable {
+ my $disable_type = shift;
+
+ for (@_) {
+ $disabled{$_} = $disable_type;
+ }
+
+ my @tocheckfor = (@_ ? @_ : keys %disabled);
+ while (@tocheckfor) {
+ my %new_tocheckfor = ();
+ my @cascade_copy = (@disable_cascades);
+ while (@cascade_copy) {
+ my ($test, $descendents) =
+ (shift @cascade_copy, shift @cascade_copy);
+ if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) {
+ foreach (grep { !defined($disabled{$_}) } @$descendents) {
+ $new_tocheckfor{$_} = 1; $disabled{$_} = "cascade";
+ }
}
}
+ @tocheckfor = (keys %new_tocheckfor);
}
- @tocheckfor = (keys %new_tocheckfor);
}
+disable(); # First cascade run
our $die = sub { die @_; };
if ($target eq "TABLE") {
%target = ( %{$table{DEFAULTS}}, %target );
-# Make the flags to build DSOs the same as for shared libraries unless they
-# are already defined
-$target{module_cflags} = $target{shared_cflag} unless defined $target{module_cflags};
-$target{module_cxxflags} = $target{shared_cxxflag} unless defined $target{module_cxxflags};
-$target{module_ldflags} = $target{shared_ldflag} unless defined $target{module_ldflags};
-{
- my $shared_info_pl =
- catfile(dirname($0), "Configurations", "shared-info.pl");
- my %shared_info = read_eval_file($shared_info_pl);
- push @{$target{_conf_fname_int}}, $shared_info_pl;
- my $si = $target{shared_target};
- while (ref $si ne "HASH") {
- last if ! defined $si;
- if (ref $si eq "CODE") {
- $si = $si->();
- } else {
- $si = $shared_info{$si};
- }
- }
-
- # Some of the 'shared_target' values don't have any entried in
- # %shared_info. That's perfectly fine, AS LONG AS the build file
- # template knows how to handle this. That is currently the case for
- # Windows and VMS.
- if (defined $si) {
- # Just as above, copy certain shared_* attributes to the corresponding
- # module_ attribute unless the latter is already defined
- $si->{module_cflags} = $si->{shared_cflag} unless defined $si->{module_cflags};
- $si->{module_cxxflags} = $si->{shared_cxxflag} unless defined $si->{module_cxxflags};
- $si->{module_ldflags} = $si->{shared_ldflag} unless defined $si->{module_ldflags};
- foreach (sort keys %$si) {
- $target{$_} = defined $target{$_}
- ? add($si->{$_})->($target{$_})
- : $si->{$_};
- }
- }
-}
-
my %conf_files = map { $_ => 1 } (@{$target{_conf_fname_int}});
$config{conf_files} = [ sort keys %conf_files ];
+# Using sub disable within these loops may prove fragile, so we run
+# a cascade afterwards
foreach my $feature (@{$target{disable}}) {
if (exists $deprecated_disablables{$feature}) {
warn "***** config $target disables deprecated feature $feature\n";
delete $disabled{$feature};
}
}
+disable(); # Run a cascade now
$target{CXXFLAGS}//=$target{CFLAGS} if $target{CXX};
$target{cxxflags}//=$target{cflags} if $target{CXX};
if ($auto_threads) {
# Enabled by default, disable it forcibly if unavailable
if ($target{thread_scheme} eq "(unknown)") {
- $disabled{threads} = "unavailable";
+ disable("unavailable", 'threads');
}
} else {
# The user chose to enable threads explicitly, let's see
}
}
+# Find out if clang's sanitizers have been enabled with -fsanitize
+# flags and ensure that the corresponding %disabled elements area
+# removed to reflect that the sanitizers are indeed enabled.
+my %detected_sanitizers = ();
+foreach (grep /^-fsanitize=/, @{$config{CFLAGS} || []}) {
+ (my $checks = $_) =~ s/^-fsanitize=//;
+ foreach (split /,/, $checks) {
+ my $d = { address => 'asan',
+ undefined => 'ubsan',
+ memory => 'msan' } -> {$_};
+ next unless defined $d;
+
+ $detected_sanitizers{$d} = 1;
+ if (defined $disabled{$d}) {
+ die "***** Conflict between disabling $d and enabling $_ sanitizer"
+ if $disabled{$d} ne "default";
+ delete $disabled{$d};
+ }
+ }
+}
+
# If threads still aren't disabled, add a C macro to ensure the source
# code knows about it. Any other flag is taken care of by the configs.
unless($disabled{threads}) {
{
$no_shared_warn = 1
if (!$disabled{shared} || !$disabled{"dynamic-engine"});
- $disabled{pic} = $disabled{shared} = $disabled{"dynamic-engine"} =
- $disabled{module} = "no-shared-target";
+ disable('no-shared-target', 'pic');
}
if ($disabled{"dynamic-engine"}) {
$config{dynamic_engines} = 1;
}
-unless ($disabled{asan}) {
+unless ($disabled{asan} || defined $detected_sanitizers{asan}) {
push @{$config{cflags}}, "-fsanitize=address";
- push @{$config{cxxflags}}, "-fsanitize=address" if $config{CXX};
}
-unless ($disabled{ubsan}) {
+unless ($disabled{ubsan} || defined $detected_sanitizers{ubsan}) {
# -DPEDANTIC or -fnosanitize=alignment may also be required on some
# platforms.
push @{$config{cflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all";
- push @{$config{cxxflags}}, "-fsanitize=undefined", "-fno-sanitize-recover=all"
- if $config{CXX};
}
-unless ($disabled{msan}) {
+unless ($disabled{msan} || defined $detected_sanitizers{msan}) {
push @{$config{cflags}}, "-fsanitize=memory";
- push @{$config{cxxflags}}, "-fsanitize=memory" if $config{CXX};
}
unless ($disabled{"fuzz-libfuzzer"} && $disabled{"fuzz-afl"}
# In all other cases, we look for 'makedepend', and disable the
# capability if not found.
$config{makedepprog} = which('makedepend');
- $disabled{makedepend} = "unavailable" unless $config{makedepprog};
+ disable('unavailable', 'makedepend') unless $config{makedepprog};
}
}
"OPENSSL_MIN_API=".($apitable->{$config{api} // ""} // -1)
];
-my %strict_warnings_collection=( CFLAGS => [], CXXFLAGS => []);
+my @strict_warnings_collection=();
if ($strict_warnings)
{
my $wopt;
my $gccver = $predefined_C{__GNUC__} // -1;
- my $gxxver = $predefined_CXX{__GNUC__} // -1;
warn "WARNING --strict-warnings requires gcc[>=4] or gcc-alike"
unless $gccver >= 4;
- warn "WARNING --strict-warnings requires g++[>=4] or g++-alike"
- unless $gxxver >= 4;
- foreach (qw(CFLAGS CXXFLAGS))
- {
- push @{$strict_warnings_collection{$_}},
- @{$gcc_devteam_warn{$_}};
- }
- push @{$strict_warnings_collection{CFLAGS}},
- @{$clang_devteam_warn{CFLAGS}}
- if (defined($predefined_C{__clang__}));
- push @{$strict_warnings_collection{CXXFLAGS}},
- @{$clang_devteam_warn{CXXFLAGS}}
- if (defined($predefined_CXX{__clang__}));
+ push @strict_warnings_collection, @gcc_devteam_warn;
+ push @strict_warnings_collection, @clang_devteam_warn
+ if (defined($predefined_C{__clang__}));
}
if (grep { $_ eq '-static' } @{$config{LDFLAGS}}) {
- $disabled{"pic"} = "forced";
- $disabled{"shared"} = "forced";
- $disabled{"threads"} = "forced";
+ disable('static', 'pic', 'threads');
}
-foreach my $idx (qw(CFLAGS CXXFLAGS))
- {
- $config{$idx} = [ map { $_ eq '--ossl-strict-warnings'
- ? @{$strict_warnings_collection{$idx}}
- : ( $_ ) }
- @{$config{$idx}} ];
- }
+$config{CFLAGS} = [ map { $_ eq '--ossl-strict-warnings'
+ ? @strict_warnings_collection
+ : ( $_ ) }
+ @{$config{CFLAGS}} ];
unless ($disabled{"crypto-mdebug-backtrace"})
{
{
push @{$config{cflags}}, $wopt
unless grep { $_ eq $wopt } @{$config{cflags}};
- push @{$config{cxxflags}}, $wopt
- if ($config{CXX}
- && !grep { $_ eq $wopt } @{$config{cxxflags}});
}
if ($target =~ /^BSD-/)
{
($mi2) = $mi2 =~ /(\d+)/;
my $ver = $ma*10000 + $mi1*100 + $mi2;
if ($ver < $minver) {
- $disabled{afalgeng} = "too-old-kernel";
+ disable('too-old-kernel', 'afalgeng');
} else {
push @{$config{engdirs}}, "afalg";
}
} else {
- $disabled{afalgeng} = "cross-compiling";
+ disable('cross-compiling', 'afalgeng');
}
} else {
- $disabled{afalgeng} = "not-linux";
+ disable('not-linux', 'afalgeng');
}
}
my @verstr = split(" ",`cat $usr/include/linux/version.h | grep LINUX_VERSION_CODE`);
if ($verstr[2] < $minver) {
- $disabled{ktls} = "too-old-kernel";
+ disable('too-old-kernel', 'ktls');
}
} else {
- $disabled{ktls} = "not-linux";
+ disable('not-linux', 'ktls');
}
}
push @{$config{openssl_other_defines}}, "OPENSSL_NO_KTLS" if ($disabled{ktls});
-# ALL MODIFICATIONS TO %config and %target MUST BE DONE FROM HERE ON
+# Get the extra flags used when building shared libraries and modules. We
+# do this late because some of them depend on %disabled.
+
+# Make the flags to build DSOs the same as for shared libraries unless they
+# are already defined
+$target{module_cflags} = $target{shared_cflag} unless defined $target{module_cflags};
+$target{module_cxxflags} = $target{shared_cxxflag} unless defined $target{module_cxxflags};
+$target{module_ldflags} = $target{shared_ldflag} unless defined $target{module_ldflags};
+{
+ my $shared_info_pl =
+ catfile(dirname($0), "Configurations", "shared-info.pl");
+ my %shared_info = read_eval_file($shared_info_pl);
+ push @{$target{_conf_fname_int}}, $shared_info_pl;
+ my $si = $target{shared_target};
+ while (ref $si ne "HASH") {
+ last if ! defined $si;
+ if (ref $si eq "CODE") {
+ $si = $si->();
+ } else {
+ $si = $shared_info{$si};
+ }
+ }
+
+ # Some of the 'shared_target' values don't have any entries in
+ # %shared_info. That's perfectly fine, AS LONG AS the build file
+ # template knows how to handle this. That is currently the case for
+ # Windows and VMS.
+ if (defined $si) {
+ # Just as above, copy certain shared_* attributes to the corresponding
+ # module_ attribute unless the latter is already defined
+ $si->{module_cflags} = $si->{shared_cflag} unless defined $si->{module_cflags};
+ $si->{module_cxxflags} = $si->{shared_cxxflag} unless defined $si->{module_cxxflags};
+ $si->{module_ldflags} = $si->{shared_ldflag} unless defined $si->{module_ldflags};
+ foreach (sort keys %$si) {
+ $target{$_} = defined $target{$_}
+ ? add($si->{$_})->($target{$_})
+ : $si->{$_};
+ }
+ }
+}
+
+# ALL MODIFICATIONS TO %disabled, %config and %target MUST BE DONE FROM HERE ON
# If we use the unified build, collect information from build.info files
my %unified_info = ();
use Exporter;
#use vars qw(\@ISA \@EXPORT);
our \@ISA = qw(Exporter);
-our \@EXPORT = qw(\%config \%target \%disabled \%withargs \%unified_info \@disablables);
+our \@EXPORT = qw(\%config \%target \%disabled \%withargs \%unified_info \@disablables \@disablables_int);
EOF
print OUT "our %config = (\n";
print OUT <<"EOF";
);
+EOF
+print OUT "# The following come from Configure's @disablables_int\n";
+print OUT "our \@disablables_int = (\n";
+foreach (@disablables_int) {
+ print OUT " ", quotify("perl", $_), ",\n";
+}
+print OUT <<"EOF";
+);
+
EOF
print OUT "our \%disabled = (\n";
foreach (sort keys %disabled) {