util/mkdef.pl: Trust configdata.pm
This script kept its own database of disablable algorithms, which is a maintenance problem, as it's not always perfectly in sync with what Configure does. However, we do have all the data in configdata.pm, produced by Configure, so let's use that instead. Also, make sure to parse the *err.h header files, as they contain function declarations that might not be present elsewhere. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5157)
This commit is contained in:
Richard Levitte
parent
f61f62ea13
commit
54f3b7d2f5
1 changed files with 13 additions and 71 deletions
|
|
@ -133,73 +133,23 @@ my @known_platforms = ( "__FreeBSD__", "PERL5",
|
|||
"EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32"
|
||||
);
|
||||
my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" );
|
||||
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
|
||||
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
|
||||
"SHA256", "SHA512", "RMD160",
|
||||
"MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M",
|
||||
"HMAC", "AES", "CAMELLIA", "SEED", "GOST", "ARIA", "SM4",
|
||||
"SCRYPT", "CHACHA", "POLY1305", "BLAKE2",
|
||||
"SIPHASH", "SM3",
|
||||
# EC_NISTP_64_GCC_128
|
||||
"EC_NISTP_64_GCC_128",
|
||||
# Envelope "algorithms"
|
||||
"EVP", "X509", "ASN1_TYPEDEFS",
|
||||
# Helper "algorithms"
|
||||
"BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
|
||||
"LOCKING",
|
||||
# External "algorithms"
|
||||
"FP_API", "STDIO", "SOCK", "DGRAM",
|
||||
"CRYPTO_MDEBUG",
|
||||
# Engines
|
||||
"STATIC_ENGINE", "ENGINE", "HW", "GMP",
|
||||
# Entropy Gathering
|
||||
"EGD",
|
||||
# Certificate Transparency
|
||||
"CT",
|
||||
# RFC3779
|
||||
"RFC3779",
|
||||
# TLS
|
||||
"PSK", "SRP", "HEARTBEATS",
|
||||
# CMS
|
||||
"CMS",
|
||||
"OCSP",
|
||||
# CryptoAPI Engine
|
||||
"CAPIENG",
|
||||
# SSL methods
|
||||
"SSL3_METHOD", "TLS1_METHOD", "TLS1_1_METHOD", "TLS1_2_METHOD", "DTLS1_METHOD", "DTLS1_2_METHOD",
|
||||
# NEXTPROTONEG
|
||||
"NEXTPROTONEG",
|
||||
# Deprecated functions
|
||||
my @known_algorithms = ( # These are algorithms we know are guarded in relevant
|
||||
# header files, but aren't actually disablable.
|
||||
# Without these, this script will warn a lot.
|
||||
"RSA", "MD5",
|
||||
# @disablables comes from configdata.pm
|
||||
map { (my $x = uc $_) =~ s|-|_|g; $x; } @disablables,
|
||||
# Deprecated functions. Not really algorithmss, but
|
||||
# treated as such here for the sake of simplicity
|
||||
"DEPRECATEDIN_0_9_8",
|
||||
"DEPRECATEDIN_1_0_0",
|
||||
"DEPRECATEDIN_1_1_0",
|
||||
"DEPRECATEDIN_1_2_0",
|
||||
# SCTP
|
||||
"SCTP",
|
||||
# SRTP
|
||||
"SRTP",
|
||||
# SSL TRACE
|
||||
"SSL_TRACE",
|
||||
# Unit testing
|
||||
"UNIT_TEST",
|
||||
# User Interface
|
||||
"UI_CONSOLE",
|
||||
#
|
||||
"TS",
|
||||
# OCB mode
|
||||
"OCB",
|
||||
"CMAC",
|
||||
# APPLINK (win build feature?)
|
||||
"APPLINK"
|
||||
);
|
||||
|
||||
my %disabled_algorithms;
|
||||
|
||||
foreach (@known_algorithms) {
|
||||
$disabled_algorithms{$_} = 0;
|
||||
}
|
||||
# disabled by default
|
||||
$disabled_algorithms{"STATIC_ENGINE"} = 1;
|
||||
# %disabled comes from configdata.pm
|
||||
my %disabled_algorithms =
|
||||
map { (my $x = uc $_) =~ s|-|_|g; $x => 1; } keys %disabled;
|
||||
|
||||
my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api});
|
||||
foreach (keys %disabled_algorithms) {
|
||||
|
|
@ -240,14 +190,6 @@ foreach (@ARGV, split(/ /, $config{options}))
|
|||
$do_ctest=1 if $_ eq "ctest";
|
||||
$do_ctestall=1 if $_ eq "ctestall";
|
||||
$do_checkexist=1 if $_ eq "exist";
|
||||
if (/^(enable|disable|no)-(.*)$/) {
|
||||
my $alg = uc $2;
|
||||
$alg =~ tr/-/_/;
|
||||
if (exists $disabled_algorithms{$alg}) {
|
||||
$disabled_algorithms{$alg} = $1 eq "enable" ? 0 : 1;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
$libname = $unified_info{sharednames}->{libcrypto} if $do_crypto;
|
||||
$libname = $unified_info{sharednames}->{libssl} if $do_ssl;
|
||||
|
|
@ -302,7 +244,7 @@ $crypto.=" include/internal/err.h";
|
|||
$crypto.=" include/internal/rand.h";
|
||||
foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) {
|
||||
my $fn = "include/openssl/" . lc(basename($f));
|
||||
$crypto .= " $fn" if !defined $skipthese{$fn} && $f !~ m@/[a-z]+err\.h$@;
|
||||
$crypto .= " $fn" if !defined $skipthese{$fn};
|
||||
}
|
||||
|
||||
my $symhacks="include/openssl/symhacks.h";
|
||||
|
|
@ -1138,7 +1080,7 @@ sub is_valid
|
|||
return 0;
|
||||
} else {
|
||||
# algorithms
|
||||
if ($disabled_algorithms{$keyword} == 1) { return 0;}
|
||||
if ($disabled_algorithms{$keyword}) { return 0;}
|
||||
|
||||
# Nothing recognise as true
|
||||
return 1;
|
||||
|
|
|
|||
Loading…
Reference in a new issue