# see INSTALL for instructions.
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n";
# Options:
#
# default). This needn't be set in advance, you can
# just as well use "make INSTALL_PREFIX=/whatever install".
#
-# --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected
-# to live in the subdirectory lib/ and the header files in
-# include/. A value is required.
-# --with-krb5-lib Declare where the Kerberos 5 libraries live. A value is
-# required.
-# (Default: KRB5_DIR/lib)
-# --with-krb5-include Declare where the Kerberos 5 header files live. A
-# value is required.
-# (Default: KRB5_DIR/include)
-# --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently
-# supported values are "MIT" and "Heimdal". A value is required.
-#
# --test-sanity Make a number of sanity checks on the data in this file.
# This is a debugging tool for OpenSSL developers.
#
# no-asm do not use assembler
# no-dso do not compile in any native shared-library methods. This
# will ensure that all methods just return NULL.
-# no-krb5 do not compile in any KRB5 library or code.
# [no-]zlib [don't] compile support for zlib compression.
# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared
# library and will be loaded in run-time by the OpenSSL library.
# Minimum warning options... any contributions to OpenSSL should at least get
# past these.
-my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DDEBUG_UNUSED";
+my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DDEBUG_UNUSED";
-my $clang_disabled_warnings = "-Wno-language-extension-token -Wno-extended-offsetof -Wno-padded -Wno-shorten-64-to-32 -Wno-format-nonliteral -Wno-missing-noreturn -Wno-unused-parameter -Wno-sign-conversion -Wno-unreachable-code -Wno-conversion -Wno-documentation -Wno-missing-variable-declarations -Wno-cast-align -Wno-incompatible-pointer-types-discards-qualifiers -Wno-missing-variable-declarations -Wno-missing-field-initializers -Wno-unused-macros -Wno-disabled-macro-expansion -Wno-conditional-uninitialized -Wno-switch-enum";
+# These are used in addition to $gcc_devteam_warn when the compiler is clang.
+# TODO(openssl-team): fix problems and investigate if (at least) the
+# following warnings can also be enabled: -Wconditional-uninitialized,
+# -Wswitch-enum, -Wunused-macros, -Wmissing-field-initializers,
+# -Wmissing-variable-declarations,
+# -Wincompatible-pointer-types-discards-qualifiers, -Wcast-align,
+# -Wunreachable-code -Wunused-parameter -Wlanguage-extension-token
+# -Wextended-offsetof
+my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof";
my $strict_warnings = 0;
template => 1,
cpuid_obj => "sparcv9cap.o sparccpuid.o",
bn_obj => "bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o",
+ ec_obj => "ecp_nistz256.o ecp_nistz256-sparcv9.o",
des_obj => "des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o",
aes_obj => "aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o",
md5_obj => "md5-sparcv9.o",
aarch64_asm => {
template => 1,
cpuid_obj => "armcap.o arm64cpuid.o mem_clr.o",
+ ec_obj => "ecp_nistz256.o ecp_nistz256-armv8.o",
+ bn_obj => "bn_asm.o armv8-mont.o",
aes_obj => "aes_core.o aes_cbc.o aesv8-armx.o vpaes-armv8.o",
sha1_obj => "sha1-armv8.o sha256-armv8.o sha512-armv8.o",
modes_obj => "ghashv8-armx.o",
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1; # but "no-zlib" is default
-my $no_krb5=0; # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
my $no_asm=0;
my $no_dso=0;
my @skip=();
my $Makefile="Makefile";
my $des_locl="crypto/des/des_locl.h";
-my $des ="crypto/des/des.h";
-my $bn ="crypto/bn/bn.h";
-my $md2 ="crypto/md2/md2.h";
-my $rc4 ="crypto/rc4/rc4.h";
+my $des ="include/openssl/des.h";
+my $bn ="include/openssl/bn.h";
+my $md2 ="include/openssl/md2.h";
+my $rc4 ="include/openssl/rc4.h";
my $rc4_locl="crypto/rc4/rc4_locl.h";
-my $idea ="crypto/idea/idea.h";
-my $rc2 ="crypto/rc2/rc2.h";
+my $idea ="include/openssl/idea.h";
+my $rc2 ="include/openssl/rc2.h";
my $bf ="crypto/bf/bf_locl.h";
my $bn_asm ="bn_asm.o";
my $des_enc="des_enc.o fcrypt_b.o";
my $openssl_sys_defines="";
my $openssl_other_defines;
my $libs;
-my $libkrb5="";
my $target;
my $options;
-my $symlink;
my $make_depend=0;
my %withargs=();
my $build_prefix = "release_";
$libs="";
$target="";
$options="";
- $symlink=1;
$argv_unprocessed=0;
$argvstring=join(' ',@argvcopy);
{
$install_prefix=$1;
}
- elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/)
- {
- $withargs{"krb5-".$1}=$2;
- }
elsif (/^--with-zlib-lib=(.*)$/)
{
$withargs{"zlib-lib"}=$1;
$disabled{"sse2"} = "forced";
}
-if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "")
- {
- $disabled{"krb5"} = "krb5-flavor not specified";
- }
-
if (!defined($disabled{"zlib-dynamic"}))
{
# "zlib-dynamic" was specifically enabled, so enable "zlib"
{ }
elsif (/^zlib-dynamic$/)
{ }
- elsif (/^symlinks$/)
- { $symlink = 0; }
elsif (/^sse2$/)
{ $no_sse2 = 1; }
else
$openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n";
print " OPENSSL_NO_$ALGO";
- if (/^krb5$/)
- { $no_krb5 = 1; }
- else
- {
- push @skip, $algo;
- # fix-up crypto/directory name(s)
- $skip[$#skip]="whrlpool" if $algo eq "whirlpool";
- $skip[$#skip]="ripemd" if $algo eq "rmd160";
+ push @skip, $algo;
+ # fix-up crypto/directory name(s)
+ $skip[$#skip]="whrlpool" if $algo eq "whirlpool";
+ $skip[$#skip]="ripemd" if $algo eq "rmd160";
- print " (skip dir)";
+ print " (skip dir)";
- $depflags .= " -DOPENSSL_NO_$ALGO";
- }
+ $depflags .= " -DOPENSSL_NO_$ALGO";
}
}
if ($flags ne "") { $cflags="$flags$cflags"; }
else { $no_user_cflags=1; }
-# Kerberos settings. The flavor must be provided from outside, either through
-# the script "config" or manually.
-if (!$no_krb5)
- {
- my ($lresolv, $lpath, $lext);
- if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
- {
- die "Sorry, Heimdal is currently not supported\n";
- }
- ##### HACK to force use of Heimdal.
- ##### WARNING: Since we don't really have adequate support for Heimdal,
- ##### using this will break the build. You'll have to make
- ##### changes to the source, and if you do, please send
- ##### patches to openssl-dev@openssl.org
- if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/)
- {
- warn "Heimdal isn't really supported. Your build WILL break\n";
- warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n";
- $withargs{"krb5-dir"} = "/usr/heimdal"
- if $withargs{"krb5-dir"} eq "";
- $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
- "/lib -lgssapi -lkrb5 -lcom_err"
- if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
- $cflags="-DKRB5_HEIMDAL $cflags";
- }
- if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
- {
- $withargs{"krb5-dir"} = "/usr/kerberos"
- if $withargs{"krb5-dir"} eq "";
- $withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
- "/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
- if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
- $cflags="-DKRB5_MIT $cflags";
- $withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
- if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
- {
- $cflags="-DKRB5_MIT_OLD11 $cflags";
- }
- }
- LRESOLV:
- foreach $lpath ("/lib", "/usr/lib")
- {
- foreach $lext ("a", "so")
- {
- $lresolv = "$lpath/libresolv.$lext";
- last LRESOLV if (-r "$lresolv");
- $lresolv = "";
- }
- }
- $withargs{"krb5-lib"} .= " -lresolv"
- if ("$lresolv" ne "");
- $withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
- if $withargs{"krb5-include"} eq "" &&
- $withargs{"krb5-dir"} ne "";
- }
-
# The DSO code currently always implements all functions so that no
# applications will have to worry about that from a compilation point
# of view. However, the "method"s may return zero unless that platform
my $shlib_major = "unknown";
my $shlib_minor = "unknown";
-open(IN,'<crypto/opensslv.h') || die "unable to read opensslv.h:$!\n";
+open(IN,'<include/openssl/opensslv.h') || die "unable to read opensslv.h:$!\n";
while (<IN>)
{
$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
if ($strict_warnings)
{
+ my $ecc = $cc;
+ $ecc = "clang" if `$cc --version 2>&1` =~ /clang/;
my $wopt;
- die "ERROR --strict-warnings requires gcc or clang" unless ($cc =~ /gcc$/ or $cc =~ /clang$/);
+ die "ERROR --strict-warnings requires gcc or clang" unless ($ecc =~ /gcc$/ or $ecc =~ /clang$/);
foreach $wopt (split /\s+/, $gcc_devteam_warn)
{
$cflags .= " $wopt" unless ($cflags =~ /$wopt/)
}
+ if ($ecc eq "clang")
+ {
+ foreach $wopt (split /\s+/, $clang_devteam_warn)
+ {
+ $cflags .= " $wopt" unless ($cflags =~ /$wopt/)
+ }
+ }
}
open(IN,"<Makefile.org") || die "unable to read Makefile.org:$!\n";
s/^PROCESSOR=.*/PROCESSOR= $processor/;
s/^ARFLAGS=.*/ARFLAGS= $arflags/;
s/^PERL=.*/PERL= $perl/;
- s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
- s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
print "RANLIB =$ranlib\n";
print "ARFLAGS =$arflags\n";
print "PERL =$perl\n";
-print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
- if $withargs{"krb5-include"} ne "";
my $des_ptr=0;
my $des_risc1=0;
}
open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
-unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
-open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
+unlink("include/openssl/opensslconf.h.new") || die "unable to remove old include/openssl/opensslconf.h.new:$!\n" if -e "include/openssl/opensslconf.h.new";
+open(OUT,'>include/openssl/opensslconf.h.new') || die "unable to create include/openssl/opensslconf.h.new:$!\n";
print OUT "/* opensslconf.h */\n";
print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
print OUT "}\n";
print OUT "#endif\n";
close(OUT);
-rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
-rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
+rename("include/openssl/opensslconf.h","include/openssl/opensslconf.h.bak") || die "unable to rename include/openssl/opensslconf.h\n" if -e "include/openssl/opensslconf.h";
+rename("include/openssl/opensslconf.h.new","include/openssl/opensslconf.h") || die "unable to rename include/openssl/opensslconf.h.new\n";
# Fix the date
} else {
my $make_command = "$make PERL=\'$perl\'";
my $make_targets = "";
- $make_targets .= " links" if $symlink;
$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
- $make_targets .= " gentests" if $symlink;
(system $make_command.$make_targets) == 0 or die "make $make_targets failed"
if $make_targets ne "";
if ( $perl =~ m@^/@) {