Commit graph

1328 commits

Author SHA1 Message Date
Richard Levitte
b1fafff631 Make configdata.pm runnable and move all display of information there
The "make variable" information displayed by Configure was selective
and incomplete, and possibly undesirable (too verbose).

Instead, we make configdata.pm and have the user run it to get the
information they desire, and also make it possible to have it perform
a reconfiguration.

Possibilities so far:

perl configdata.pm --dump               Displays everything (i.e. the
                                        combined output from
                                        --command-line, --environment,
                                        --make-variables and
                                        --build-parameters.
perl configdata.pm --command-line       Displays the config command
                                        line.
perl configdata.pm --envirnoment        Displays the recorded
                                        environment variables.
perl configdata.pm --make-variables     Displays the configured "make
                                        variables".
perl configdata.pm --build-parameters   Displays the build file and
                                        the template files to create
                                        it.
perl configdata.pm --reconfigure        Re-runs the configuration with
                                        the recorded environment
                                        variables.

--verbose can be used to have --reconfigure be a bit more verbose.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5185)
2018-01-29 21:56:47 +01:00
Richard Levitte
711a8b999e Don't define OPENSSL_NO_ERR for the command line
It's already in opensslconf.h, which is included where this is relevant.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5188)
2018-01-29 15:26:04 +01:00
Richard Levitte
0d59958c49 Remove $no_sse2, as it's just a 'copy' of $disabled{sse2}
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5188)
2018-01-29 15:26:04 +01:00
Richard Levitte
fa153b57a3 Treat C++ flags more like C flags, and only if C++ compiler specified
C++ flags got the same config target value as C flags, but then
nothing else happened while C flags get all kinds of stuff added to
them (especially when --strict-warnings is used).

Now, C++ flags get the exact same treatment as C flags.  However, this
only happens when a C++ compiler is specified, to avoid confusing
messages about added C++ flags.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5181)
2018-01-28 16:22:40 +01:00
Richard Levitte
085ed4f15a Stop having Unix defaults in Configure (partial)
Default values belong in the DEFAULT config target template, in
Configurations/00-base-templates.conf.

This isn't a complete move, but takes care of the most blatant
examples.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)
2018-01-28 07:26:11 +01:00
Richard Levitte
5b18235a18 Processing GNU-style "make variables" - implementation
Support the following "make variables":

AR              (GNU compatible)
ARFLAGS         (GNU Compatible)
AS              (GNU Compatible)
ASFLAGS         (GNU Compatible)
CC              (GNU Compatible)
CFLAGS          (GNU Compatible)
CXX             (GNU Compatible)
CXXFLAGS        (GNU Compatible)
CPP             (GNU Compatible)
CPPFLAGS        (GNU Compatible)
CPPDEFINES      List of CPP macro definitions.  Alternative for -D
CPPINCLUDES     List of CPP inclusion directories.  Alternative for -I
HASHBANGPERL    Perl invocation to be inserted after '#!' in public
                perl scripts.
LDFLAGS         (GNU Compatible)
LDLIBS          (GNU Compatible)
RANLIB          Program to generate library archive index
RC              Program to manipulate Windows resources
RCFLAGS         Flags for $(RC)
RM              (GNU Compatible)

Setting one of these overrides the corresponding data from our config
targets.  However, flags given directly on the configuration command
line are additional, and are therefore added to the flags coming from
one of the variables above or the config target.

Fixes #2420

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)
2018-01-28 07:26:11 +01:00
Richard Levitte
8c3bc594e0 Processing GNU-style "make variables" - separate CPP flags from C flags
C preprocessor flags get separated from C flags, which has the
advantage that we don't get loads of macro definitions and inclusion
directory specs when linking shared libraries, DSOs and programs.

This is a step to add support for "make variables" when configuring.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5177)
2018-01-28 07:26:10 +01:00
Richard Levitte
e431bcfabd Configure: ensure that a DEPEND generates the correct inclusion directory
We incorrectly assumed that explicit dependencies meant that the
source directory would be added for inclusion.  However, if the
dependent file is generated, it's stored in the build directory, and
that should be used for inclusion rather than the source directory.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5153)
2018-01-24 15:54:01 +01:00
Richard Levitte
1b5ad51fc9 Configure: let INCLUDEs set on binaries "trickle down" to the objects
This ensures that only one set of includes is associated with each
object file, reagardless of where it's used.

For example, if apps/build.info has this:

    SOURCE[openssl]=foo.c
    INCLUDE[openssl]=.. ../include

and test/build.info has this:

    SOURCE[footest]=../apps/foo.c
    INCLUDE[footest]=../include

The inclusion directories used for apps/foo.o would differ depending
on which program's dependencies get generated first in the build file.

With this change, all those INCLUDEs get combined into one set of
inclusion directories tied to the object file.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5153)
2018-01-24 15:54:01 +01:00
Richard Levitte
48e5119a6b Copyright update of more files that have changed this year
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/5110)
2018-01-19 13:34:03 +01:00
Richard Levitte
225f980d22 Configure: try to make sure every config target name is unique
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5047)
2018-01-09 19:51:19 +01:00
Richard Levitte
47eeaf45b5 Separate general linking flags from extra libraries
So far, we've placed all extra library related flags together, ending
up in the make variable EX_LIBS.  This turns out to be problematic, as
for example, some compilers don't quite agree with something like
this:

    cc -o foo foo.o -L/whatever -lsomething

They prefer this:

    cc -L/whatever -o foo foo.o -lsomething

IBM's compiler on OS/390 is such a compiler that we know of, and we
have previously handled that as a previous case.

The answer here is to make a more general solution, where linking
options are divided in two parts, where one ends up in LDFLAGS and
the other in EX_LIBS (they corresponds to what is called LDFLAGS and
LDLIBS in the GNU world)

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5033)
2018-01-08 14:38:29 +01:00
Richard Levitte
d201dbc9a4 Ignore ORDINALS in build.info files, and remove its documentation
Following the changes that removed Makefile.shared, we also changed
the generation of .def / .map / .opt files from ordinals more
explicit, removing the need to the "magic" ORDINALS declaration.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4993)
2017-12-28 22:52:02 +01:00
Pauli
a93ccf9158 Enable the ARIA ciphers by default.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4950)
2017-12-18 08:49:53 +10:00
Richard Levitte
fe191b49b3 Restore makedepend capabilities for Windows and VMS
This got lost somehow.  The methods to do makedepend on Windows and
VMS are hard coded for cl (Windows) and CC/DECC (VMS), because that's
what we currently support natively.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4907)
2017-12-12 17:21:46 +01:00
Richard Levitte
ccce3e1db5 Configure: Recognise .rc and .def / .map / .opt as source files
This makes it possible to add build.info statements for using resource
files as well as linker scripts (.def for Windows, .map for Unix, and
.opt for VMS) is if they were source files.  This requires changes in
the build file templates.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4840)
2017-12-12 17:18:07 +01:00
Richard Levitte
793077d0be Configure: Read in extra information to help create shared libraries
This will replace the use of Makefile.shared

This also means a small adjustment on how the attributes dso_cflags,
dso_cxxflags and dso_lflags are treated.  They were previously treated
as an extension to shared_cflag, shared_cxxflag and shared_ldflag, but
they should really be regarded as alternatives instead, for example
for darwin, where -dynamiclib is used for shared libraries and -bundle
for DSOs.

We take the opportunity to clean out things that are redundant or
otherwise superfluous (for example the check of GNU ld on platforms
where it never existed).

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4840)
2017-12-12 17:18:07 +01:00
Richard Levitte
3b6c4b0736 Configure: Add read_eval_file, a general purpose perl file reader/evaluator
It will return the last expression from the input file.

We also use this in read_config, which slightly changes what's
expected of Configurations/*.conf.  They do not have to assign
%targets specifically.  On the other hand, the table of configs MUST
be the last expression in each of those files.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4840)
2017-12-12 17:18:07 +01:00
Richard Levitte
6d75a83c07 Configure: move the processing of predefined macros to a function
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4899)
2017-12-11 15:51:02 +01:00
Richard Levitte
99aeeecb9f Configure: die if there are other arguments with 'reconf'
It's better to inform the user about this than silently ignoring
something that the user might expect to work, somehow.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Richard Levitte
89bea0830d Make it possible to add env var assignments as Configure options
In other words, make the following possible:

    ./config CC=clang

or

    ./Configure CC=clang linux-x86_64

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Richard Levitte
7ecdf18d80 Save away the environment variables we rely on
There are cases when we overwrite %ENV values, and while this is
perfectly fine on some platforms, it isn't on others, because the
Configure script isn't necessarely run in a separate process, and
thus, changing %ENV may very well change the environment of the
calling shell.  VMS is such a platform.

Furthermore, saving away values that we use also allow us to save them
in configdata.pm in an effective way, and recall those values just as
effectively when reconfiguring.  Also, this makes sure that we do use
the saved away values when reconfiguring, when the actual environment
variables might otherwise affect us.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4818)
2017-12-08 00:36:21 +01:00
Josh Soref
46f4e1bec5 Many spelling fixes/typo's corrected.
Around 138 distinct errors found and fixed; thanks!

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3459)
2017-11-11 19:03:10 -05:00
Richard Levitte
89635075d8 Configure: cleanup @disable_cascade
'rsa', 'sha' and 'tlsext' can't be disabled, not even as a consequence
of other conditions, so having cascading disables that depend on them
is futile.  Clean up!

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4693)
2017-11-07 16:29:09 +01:00
Jack Lloyd
a0c3e4fa90 SM3: Add SM3 hash function
SM3 is a secure hash function which is part of the Chinese
"Commercial Cryptography" suite of algorithms which use is
required for certain commercial applications in China.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4616)
2017-11-06 07:21:11 +08:00
Ronald Tse
f19a5ff9ab SM4: Add SM4 block cipher to EVP
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4552)
2017-10-31 15:19:14 +10:00
Andy Polyakov
6d50589c04 Configure: add -Wmisleading-indentation to strict warnings flags.
The warning flag in question was added in GCC version 6, hence
addition has to be conditional.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4401)
2017-09-22 22:08:35 +02:00
Andy Polyakov
3a1548643f Configure: unify clang's -Qunused-arguments option treatment.
Detect clang even if it's disguised, e.g. cross-compiler or invoked by
explicit path name, and add the option based on that.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4383)
2017-09-21 22:33:46 +02:00
Richard Levitte
15a1bd0ab2 Disable the EGD seeding meachanism when stdio is disabled
crypto/rand/rand_egd.c makes extensive use of stdio functions.  When
they are disabled, it makes sense to disable egd as well.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4358)
2017-09-12 08:03:32 +02:00
Andy Polyakov
54cf3b981a Configure: base compiler-specific decisions on pre-defines.
The commit subject is a bit misleading in sense that decisions affect
only gcc and gcc-alikes, like clang, recent icc...

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4281)
2017-08-30 15:03:47 +02:00
Andy Polyakov
e295d046dc Revert "Allow --strict-warnings with the icc compiler as well"
This reverts commit a610934c3b.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4281)
2017-08-30 15:02:39 +02:00
Richard Levitte
302eba3f6d If 'tests' is disabled, then so should 'external-tests'
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4274)
2017-08-28 16:48:47 +02:00
Meena Vyas
a610934c3b Allow --strict-warnings with the icc compiler as well
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4250)
2017-08-25 08:05:13 +02:00
Richard Levitte
8d2214c0a4 File::Glob option ':bsd_glob' doesn't work everywhere, replace w/ a wrapper
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4069)
2017-08-15 11:31:18 +02:00
Richard Levitte
cb6afcd6ee Consolidate the locations where we have our internal perl modules
Instead of having perl modules under test/testlib, util and util/perl,
consolidate them all to be inside util/perl.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4069)
2017-08-15 11:30:47 +02:00
Richard Levitte
102c9e1296 Perl: Use File::Glob::bsd_glob rather than File::Glob::glob
File::Glob::glob is deprecated, it's use generates this kind of
message:

    File::Glob::glob() will disappear in perl 5.30. Use File::Glob::bsd_glob() instead. at ../master/Configure line 277.

So instead, use a construction that makes the caller glob() use
File::Glob::bsd_glob().

Note that we're still excluding VMS, as it's directory specs use '['
and ']', which have a different meaning with bsd_glob and would need
some extra quoting.  This might change, but later.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4040)
2017-07-28 14:45:17 +02:00
Richard Levitte
d445302418 Simplify the handling of shared library version numbers
$(SHLIB_MAJOR).$(SHLIB_MINOR) is really a synonym for
$(SHLIB_VERSION_NUMBER), and is therefore an added complexity,
so better to use $(SHLIB_VERSION_NUMBER) directly.  SHLIB_MAJOR and
SHLIB_MINOR are now unused, but are kept around purely as information
in case someone relies on their existence.

At the same time, add support for custom shared library extensions
with the three new Makefile variables SHLIB_EXT, SHLIB_EXT_SIMPLE and
SHLIB_EXT_IMPORT.  By default, they hold the variants of shared
library extensions we support.  On mingw and cygwin, SHLIB_EXT_IMPORT
is defined; on all other Unix platforms, it's empty.

An example to get shared libraries with a slightly different SOVER name:

    $ make SHLIB_EXT='.$(SHLIB_VERSION_NUMBER).so'

Fixes #3902

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3964)
2017-07-26 22:53:03 +02:00
Rich Salz
8389ec4b49 Add --with-rand-seed
Add a new config param to specify how the CSPRNG should be seeded.
Illegal values or nonsensical combinations (e.g., anything other
than "os" on VMS or HP VOS etc) result in build failures.
Add RDSEED support.
Add RDTSC but leave it disabled for now pending more investigation.

Refactor and reorganization all seeding files (rand_unix/win/vms) so
that they are simpler.

Only require 128 bits of seeding material.

Many document improvements, including why to not use RAND_add() and the
limitations around using load_file/write_file.
Document RAND_poll().

Cleanup Windows RAND_poll and return correct status

More completely initialize the default DRBG.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3965)
2017-07-22 14:00:07 -04:00
Richard Levitte
48feaceb53 Remove the possibility to disable the UI module entirely
Instead, make it possible to disable the console reader that's part of
the UI module.  This makes it possible to use the UI API and other UI
methods in environments where the console reader isn't useful.

To disable the console reader, configure with 'no-ui-console' /
'disable-ui-console'.

'no-ui' / 'disable-ui' is now an alias for  'no-ui-console' /
'disable-ui-console'.

Fixes #3806

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3820)
2017-07-03 07:51:04 +02:00
Matt Caswell
d8c66f5e09 Drop support for OPENSSL_NO_TLS1_3_METHOD
There are no public TLSv1_3_*method() functions so
OPENSSL_NO_TLS1_3_METHOD doesn't make any sense and should be removed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3800)
2017-06-30 09:41:46 +01:00
Richard Levitte
71a5516dcc Add the STORE module
This STORE module adds the following functionality:

- A function OSSL_STORE_open(), OSSL_STORE_load() and OSSL_STORE_close()
  that accesses a URI and helps loading the supported objects (PKEYs,
  CERTs and CRLs for the moment) from it.
- An opaque type OSSL_STORE_INFO that holds information on each loaded
  object.
- A few functions to retrieve desired data from a OSSL_STORE_INFO
  reference.
- Functions to register and unregister loaders for different URI
  schemes.  This enables dynamic addition of loaders from applications
  or from engines.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3542)
2017-06-29 11:55:31 +02:00
Richard Levitte
619eb33a0c Add new /dev/crypto engine
Based on cryptodev-linux

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3744)
2017-06-28 12:54:33 +02:00
Richard Levitte
906eb3d031 Configure: give config targets the possibility to enable or disable features
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3745)
2017-06-22 01:24:54 +02:00
Paul Yang
edcdf38bd0 Remove non-accurate description in Configure script
For DES and 3DES based ciphers are also enabled by this option.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3707)
2017-06-17 22:22:40 +08:00
Richard Levitte
6411927172 Reorder Configure output
"Configuring..." was displayed with './Configure LIST'.  This reorders
the display of that line to happen after the "targets" LIST, TABLE and
HASH have been checked.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3702)
2017-06-16 23:18:41 +02:00
Benjamin Kaduk
96db26919d Remove duplicates from clang_devteam_warnings
Since the clang_devteam_warnings are appended to the gcc_devteam_warnings
when strict-warnings are requested, any items present in both the gcc
and clang variables will be duplicated in the cflags used for clang builds.
Remove the extra copy from the clang-specific flags in favor of the
gcc_devteam_warnings that are used for all strict-warnings builds.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3239)
2017-05-01 14:23:28 -04:00
Benjamin Kaduk
560ad13c74 Add -Wextra to gcc devteam warnings
clang already has it; let's flip the switch and deal with the fallout.
Exclude -Wunused-parameter, as we have many places where we keep unused
parameters to conform to a uniform vtable-like interface.
Also exclude -Wmissing-field-initializers; it's okay to rely on
the standard-mandated behavior of filling out with 0/NULL.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3239)
2017-05-01 14:23:28 -04:00
Richard Levitte
331058180a Make it possible to build static-only libraries
The trick is to use the .a extension explicitely in the build.info files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3243)
2017-04-24 18:09:01 +02:00
Andy Polyakov
b7438b430b Configure: recognize -framework as linker option [on Apple OSes].
This is handy for internal iOS tests, when you have to make it work
in sandbox.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-04-04 23:13:17 +02:00
Andy Polyakov
d83112b7fd Configure: use 5.10.0, don't require...
Configure started with 'require 5.10.0', but if executed by older perl
it failed with "might be runaway multi-line // string" instead of
naturally expected "Perl v5.10.0 required--this is only v5.x.y".

Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-04-01 15:50:12 +02:00
FdaSilvaYY
69687aa829 More typo fixes
Fix some comments too
[skip ci]

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3069)
2017-03-29 07:14:29 +02:00
Matt Caswell
3556b83ea2 Make the TLSv1.3 downgrade mechanism a configurable option
Make it disabled by default. When TLSv1.3 is out of draft we can remove
this option and have it enabled all the time.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022)
2017-03-24 14:07:11 +00:00
Richard Levitte
d192a3aaeb Add a platform specific configuration checker
For each platform, we may need to perform some basic checks to see
that available tools perform as we expect them.

For the moment, the added checkers test that Perl gives the expected
path format.  This should help MingW users to see if they run an
appropriate Perl implementation, for example.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2851)
2017-03-06 16:42:46 +01:00
Emilia Kasper
8a05d6bb26 More Configure cleanup. Remove
- util/incore
- util/fipslink.pl
- the unused "baseaddr" configure switch

Reviewed-by: Stephen Henson <steve@openssl.org>
2017-02-28 15:26:56 +01:00
Emilia Kasper
b53338cbf8 Clean up references to FIPS
This removes the fips configure option. This option is broken as the
required FIPS code is not available.

FIPS_mode() and FIPS_mode_set() are retained for compatibility, but
FIPS_mode() always returns 0, and FIPS_mode_set() can only be used to
turn FIPS mode off.

Reviewed-by: Stephen Henson <steve@openssl.org>
2017-02-28 15:26:25 +01:00
Bernd Edlinger
01b76c2c5d Add -Wundef to --strict-warnings options.
Avoid a -Wundef warning in refcount.h
Avoid a -Wundef warning in o_str.c
Avoid a -Wundef warning in testutil.h
Include internal/cryptlib.h before openssl/stack.h
to avoid use of undefined symbol OPENSSL_API_COMPAT.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2712)
2017-02-24 09:21:59 +01:00
Bernd Edlinger
7c6335a6c7 Remove -Wno-parentheses-equality from gcc --strict-warnings options.
There has never been any gcc option of that kind.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2705)
2017-02-22 14:21:18 -05:00
Pauli
d42d0a4dc7 Implementation of the ARIA cipher as described in RFC 5794.
This implementation is written in endian agnostic C code. No attempt
at providing machine specific assembly code has been made. This
implementation expands the evptests by including the test cases from
RFC 5794 and ARIA official site rather than providing an individual
test case. Support for ARIA has been integrated into the command line
applications, but not TLS. Implemented modes are CBC, CFB1, CFB8,
CFB128, CTR, ECB and OFB128.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2337)
2017-02-21 11:51:45 +01:00
Richard Levitte
343a7467c2 If all versions of a proto are disabled, disabled the proto as well
For example, 'no-dtls1 no-dtls1_2' will imply 'no-dtls'

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2670)
2017-02-17 21:28:41 +01:00
Todd Short
3f5616d734 Add support for parameterized SipHash
The core SipHash supports either 8 or 16-byte output and a configurable
number of rounds.
The default behavior, as added to EVP, is to use 16-byte output and
2,4 rounds, which matches the behavior of most implementations.
There is an EVP_PKEY_CTRL that can control the output size.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2216)
2017-02-01 14:14:36 -05:00
Rich Salz
7730533866 Add -Wno-parentheses-equality to dev-warnings.
Also fix a block comment formatting glitch.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2327)
2017-01-31 16:35:11 -05:00
Matt Caswell
3cf96e88b7 Fix compilation with no-ec
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
2016-12-29 13:32:54 +00:00
Kurt Roeckx
7cb58c0ffa Also set the CXXFLAG to the user supplied flags
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #2025
2016-12-05 21:12:07 +01:00
Kurt Roeckx
0282aeb690 Move libfuzzer sanitizer options to README
This is something you might want to change depending on the version to
use, there is no point in us fixing this to something.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
2016-12-03 00:14:15 +01:00
Kurt Roeckx
3a85d05fb3 Use 8bit-counters when using libfuzzer
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
2016-12-03 00:14:14 +01:00
Andy Polyakov
5ae5dc9661 INSTALL: clarify 386 and no-sse2 options.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-25 17:34:28 +01:00
Richard Levitte
7b176a549e Only build the body of e_padlock when there are lower level routines
engines/e_padlock.c assumes that for all x86 and x86_64 platforms, the
lower level routines will be present.  However, that's not always
true, for example for solaris-x86-cc, and that leads to build errors.

The better solution is to have configure detect if the lower level
padlock routines are being built, and define the macro PADLOCK_ASM if
they are, and use that macro in our C code.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1510)
2016-11-15 15:14:15 +01:00
Richard Levitte
93880ce133 Make it possible to disable building and running tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1514)
2016-11-15 15:00:56 +01:00
Richard Levitte
b612799a80 Revert "Remove heartbeats completely"
Done too soon, this is for future OpenSSL 1.2.0

This reverts commit 6c62f9e163.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-15 14:53:33 +01:00
Richard Levitte
6c62f9e163 Remove heartbeats completely
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1669)
2016-11-15 10:45:21 +01:00
Richard Levitte
186a31e510 Building: make it possible to force linking with static OpenSSL libs
Very simply, support having the .a extension to denote depending on
static libraries.  Note that this is not supported on native Windows
when building shared libraries, as there is not static library then,
just an import library with the same name.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1889)
2016-11-10 15:51:42 +01:00
Matt Caswell
ce2596d404 Control building of ossl_shim through Configure
Don't build ossl_shim by default. Switch it on through
enable-external-tests.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-04 10:38:54 +00:00
Richard Levitte
cfa7697986 Integrate ossl_shim into the build
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-11-04 10:38:54 +00:00
Richard Levitte
ab6e147c49 Allow indented comments in build.info
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:13:31 +01:00
Matt Caswell
84a6833658 Update Configure to know about tls1_3
Also we disable TLS1.3 by default (use enable-tls1_3 to re-enable). This is
because this is a WIP and will not be interoperable with any other TLS1.3
implementation.

Finally, we fix some tests that started failing when TLS1.3 was disabled by
default.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-02 13:08:21 +00:00
Rich Salz
42e22c7c4f Revert "Disable MDC2 by default."
This reverts commit ca1574cec2.
Not suitabled for a minor release as it breaks the ABI.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-01 10:43:05 -04:00
Rich Salz
ca1574cec2 Disable MDC2 by default.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-10-31 15:06:06 -04:00
Richard Levitte
83bd048e9d Fix C++ support: set $target{cxx} correctly
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-10-14 17:52:22 +02:00
Vitezslav Cizek
35a498e431 Configure: remove superfluous 0x
The number is taken from the OPENSSL_VERSION_NUMBER which is already
in the hex form.

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1706)
2016-10-13 15:36:03 -04:00
Richard Levitte
fad599f7f1 Remove automatic RPATH - add user rpath support
Make Configure recognise -rpath and -R to support user added rpaths
for OSF1 and Solaris.  For convenience, add a variable LIBRPATH in the
Unix Makefile, which the users can use as follows:

    ./config [options] -Wl,-rpath,\$(LIBRPATH)

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-10-13 02:21:51 +02:00
Richard Levitte
ea24195850 Add support for C++ in Configure
A note: this will form object file names by changing '.cc' to
'_cc.o'.  This will permit other configuration code to recognise these
object files were built for C++ rather than C.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-10-12 16:37:54 +02:00
Rich Salz
f3b3d7f003 Add -Wswitch-enum
Change code so when switching on an enumeration, have case's for all
enumeration values.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-09-22 08:36:26 -04:00
Richard Levitte
66fe388aa4 Have the configuration options 'no-err' and 'no-async' work again
In an earlier attempt to simplify the processing of disabled options,
'no-err' and 'no-async' stopped working properly.  'err' and 'async'
are directories under 'crypto/', but they are special insofar that
they can't be simply skipped, like all the algorithm directories can,
so they need special treatment among the disablable things.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-09-17 21:57:29 +02:00
Richard Levitte
1967a42eb5 Rearrange the storage of build file template names in %config
They are now relative paths as well

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-09-16 11:52:50 +02:00
Richard Levitte
ee9b0bbb4c Register the name of the config file each config target was found in
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-09-16 11:52:50 +02:00
Andy Polyakov
35c11bfc69 Configure: detect gcc's dependency generation capability more accurately.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-13 14:03:36 +02:00
Andy Polyakov
758baa3dc2 Configure: impose ^X on whole build procedure.
Traditionally Configure passed $ENV{PERL} to Makefile. But this
resulted in ambiguilty as Configure script could be executed by
interpreter different from one executing remaining scripts. Since
we separate compile- and run-time interpreters with HASHBANGPERL
variable, there is no reason to segment the build procedure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-13 13:22:28 +02:00
Rich Salz
141d7325e7 Trim config output
With extensive help and feedback from Richard and Andy.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-09-09 10:07:11 -04:00
Richard Levitte
342a1a2379 Allow asan, msan and ubsan to be configured with shared libraries
The background story is that util/shlib_wrap.sh was setting LD_PRELOAD
or similar platform dependent variables, just in case the shared
libraries were built with -rpath.  Unfortunately, this doesn't work
too well with asan, msan or ubsan.

So, the solution is to forbid the combination of shared libraries,
-rpath and any of the sanity analyzers we can configure.

This changes util/shlib_wrap.sh so it only contains the code that sets
LD_PRELOAD when -rpath has been used when configuring.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-07 21:53:45 +02:00
Richard Levitte
3e2dd30d66 Configure: Reorganise the checking of disabled options
The way we figured out what options are crypto algorithms and what are
something other was somewhat sketchy.  This change bases the
distinction on available sdirs instead.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-07 17:27:33 +02:00
Andy Polyakov
047d97afd9 Configure: clarify and refine -static.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-09-03 10:27:32 +02:00
Richard Levitte
a5e1f1230e Revert "Make it possible to disable fuzz testing"
This reverts commit eb40eaed72.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-09-01 20:58:40 +02:00
Richard Levitte
d63c12c697 Have Configure's HASH or TABLE produce complete lists
Because some targets execute perl code that might die, we risk
incomplete lists.  Make it so dying doesn't happen when we're listing
targets.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-31 19:47:35 +02:00
Richard Levitte
0c0d78b88d Configure's print_table_entry printed incorrect information
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-31 19:47:08 +02:00
Richard Levitte
eb40eaed72 Make it possible to disable fuzz testing
These tests take a very long time on some platforms, and arent't
always strictly necessary.  This makes it possible to turn them
off.  The necessary binaries are still built, though, in case
someone still wants to do a manual run.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-08-31 17:43:51 +02:00
Richard Levitte
f879d5ff38 The Perl interpreter might be in a path with spaces, so maybe quote it
Note: some shells do not like the command verb to be quoted, so we avoid
it unless it's actually necessary.

RT#4665

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-31 16:43:26 +02:00
Richard Levitte
ee4cdb7fdb Configure: save away the value of OPENSSL_LOCAL_CONFIG_DIR for reconf
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-30 05:13:11 +02:00
Richard Levitte
79822c3cd5 Configure: Redo the logic for finding build file templates
Build file templates would be looked up like this if the user gave us
an additional directory to look for configuration files and build file
templates:

    $OPENSSL_LOCAL_CONFIG_DIR/$OSTYPE-Makefile.tmpl
    $SOURCEDIR/Configurations/$OSTYPE-Makefile.tmpl
    $OPENSSL_LOCAL_CONFIG_DIR/Makefile.tmpl
    $SOURCEDIR/Configurations/Makefile.tmpl

So for example, if the user created his own Makefile.tmpl and tried to
use it with a unixly config, it would never be user because we have a
unix-Makefile.tmpl in our Configurations directory.  This is clearly
wrong, and this change makes it look in this order instead:

    $OPENSSL_LOCAL_CONFIG_DIR/$OSTYPE-Makefile.tmpl
    $OPENSSL_LOCAL_CONFIG_DIR/Makefile.tmpl
    $SOURCEDIR/Configurations/$OSTYPE-Makefile.tmpl
    $SOURCEDIR/Configurations/Makefile.tmpl

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-30 05:13:11 +02:00
Richard Levitte
acc63c7d6d Configure: clean away temporary section of code
We've done away with Makefile as source of information and now use
configdata.pm exclusively.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-30 05:13:11 +02:00
Richard Levitte
8b5156d188 Make it possible for the user to specify a different default build file
Make sure the information is kept for reconfiguration too.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-30 05:13:11 +02:00
Richard Levitte
216e8d9103 Improve the definition of STITCHED_CALL in e_rc4_hmac_md5.c
The definition of STITCHED_CALL relies on OPENSSL_NO_ASM.  However,
when a configuration simply lacks the assembler implementation for RC4
(which is where we have implemented the stitched call), OPENSSL_NO_ASM
isn't implemented.  Better, then, to rely on specific macros that
indicated that RC4 (and MD5) are implemented in assembler.

For this to work properly, we must also make sure Configure adds the
definition of RC4_ASM among the C flags.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-08-26 12:41:07 +02:00
Richard Levitte
a66234bc86 Configure: Properly cache the configured compiler command
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-22 16:12:42 +02:00
Benjamin Kaduk
a9c27fe19f Sort %disabled in Configure
@disablables is sorted, but these were just added at the end of
%disabled in commits c2e27310 and 22e3dcb7.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-19 10:51:21 +01:00
Andy Polyakov
9d46752dfe Configure: recognize -static as link option and disable incompatible options.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 12:45:51 +02:00
Richard Levitte
25d498c176 The capi engine uses stdio, so don't build it when configuring 'no-stdio'
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-05 21:18:15 +02:00
Emilia Kasper
29df3061b3 Add memory sanitizer config, and run on travis.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-28 21:43:27 +02:00
Richard Levitte
7f5af79728 build.info: implement PROGRAM_NO_INST, and dito for ENGINES, SCRIPTS, LIBS
PROGRAM_NO_INST, ENGINES_NO_INST, SCRIPTS_NO_INST and LIBS_NO_INST are
to be used to specify program, engines, scripts and libraries that are
not to be installed in the system.  Fuzzers, test programs, that sort
of things are of the _NO_INST type, for example.

For the benefit of build file templates and other templates that use
data from configdata.pm, a new hash table $unified_info{install} is
created.  It contains a set of subhashes, one for each type of
installable, each having an array of file names as values.  For
example, it can look like this:

    "install" =>
        {
            "engines" =>
                [
                    "engines/afalg/afalg",
                    "engines/capi",
                    "engines/dasync",
                    "engines/padlock",
                ],
            "libraries" =>
                [
                    "libcrypto",
                    "libssl",
                ],
            "programs" =>
                [
                    "apps/openssl",
                ],
            "scripts" =>
                [
                    "apps/CA.pl",
                    "apps/tsget",
                    "tools/c_rehash",
                ],
        },

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-18 20:49:54 +02:00
Richard Levitte
878f42251b Make fuzzer and fuzz tester builds less magic
Instead of having fuzz/build.info.fuzz magically and conditionally
included along with the other build.info files, incorporate it in
fuzz/build.info and add the conditions there instead.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-16 19:37:50 +02:00
Richard Levitte
d513369bfa perl: Separate compile-time environment from runtime environment
Make it possible to have a separate and different perl command string
for installable scripts than we use when building, with the
environment variable HASHBANGPERL.  Its value default to the same as
the environment PERL if it's defined, otherwise '/usr/bin/env perl'.

Note: this is only relevant for Unix-like environments.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-07-04 15:40:31 +02:00
Richard Levitte
4748f89022 Make build.info INCLUDE stmts be both source and build tree relative
INCLUDE statements in build.info files were source tree centric.  That
meant that to get include directory specs in the build tree, we had to
resort to perl fragments that specified the build tree include paths
as absolute ones.

This change has the INCLUDE statement consider both the source and
build tree for any include directory.  It means that there may be some
extra unnecessary include paths, but it also makes life simpler for
anyone who makes changes in the build.info files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 18:34:21 +02:00
Ben Laurie
90d28f0519 Run the fuzzing corpora as tests.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 13:45:45 +01:00
FdaSilvaYY
f430ba31ac Spelling... and more spelling
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1245)
2016-06-22 00:26:10 +02:00
Petr Vaněk
28bd8e945f Fix typo
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1241)
2016-06-21 14:40:06 -04:00
Matt Caswell
2b1343b914 no-ripemd is an alias for no-rmd160
mkdef.pl was failing to understand no-ripemd. This is a deprecated option
which should act as an alias for no-rmd160.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 20:05:37 +01:00
Richard Levitte
27ffb86c20 Move the Configure generated header files to the top build.info
This turns these headers into build file generated ones.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:11:38 +02:00
Richard Levitte
4f858293a9 Configure: Make it possible to generate mandatory header files
'DEPEND[]=file.h' becomes a special way to say that 'file.h' must be
generated before anything else is built.  It's likely that a number
of source files depend on these header files, this provides a simple
way to make sure they are always generated even it the dependency data
hasn't been added to the build file yet.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 22:11:38 +02:00
Richard Levitte
65cc6d5c0a Configure: complete the changed fuzz option checks
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-05 21:38:59 +02:00
Richard Levitte
a9936b5a12 Clean away the last unixmake vestiges
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-04 23:21:43 +02:00
Kurt Roeckx
f59d0131cb Add support for fuzzing with AFL
Reviewed-by: Ben Laurie <ben@links.org>

MR: #2740
2016-06-04 14:39:24 +02:00
Rich Salz
44c8a5e2b9 Add final(?) set of copyrights.
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:27:25 -04:00
Richard Levitte
23049aa52e perl: use the 'if' module to conditionally load File::Glob
Trying to use normal perl conditions to conditionally 'use' a perl
module didn't quite work.  Using the 'if' module to do so does work.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-05-30 11:55:46 +02:00
Andy Polyakov
9785555616 Configure,test/recipes: "pin" glob to File::Glob::glob.
As it turns out default glob's behaviour for quoted argument varies
from version to version, making it impossible to Configure or run
tests in some cases. The reason for quoting globs was to accommodate
source path with spaces in its name, which was treated by default glob
as multiple paths. File::Glob::glob on the other hand doesn't consider
spaces as delimiters and therefore works with unquoted patterns.

[Unfortunaltely File::Glob::glob, being too csh-ly, doesn't work
on VMS, hence the "pinning" is conditional.]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-29 14:12:35 +02:00
Richard Levitte
a3a08f8125 Configure: handle spaces in source directory spec
RT#4486

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-27 17:41:32 +02:00
Andy Polyakov
656bbdc68c Configure: pull 'which' back.
At earlier point 'which' was replaced with IPC::Cmd::can_run call.
Unfortunately on RPM-based systems it is a separate package and it's
not given that it's installed. Resurrected 'which' provides
poor-man fallback for IPC::Cmd::can_run.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-25 23:50:40 +02:00
Richard Levitte
223516eadc Don't clean away headers generated by Configure
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-25 21:18:57 +02:00
Richard Levitte
4639c68b97 Make sure crypto-mdebug-backtrace must be enabled explicitely
As it was until now, crypto-mdebug-backtrace was enabled by default
and only disabled if crypto-mdebug was disabled.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-25 15:42:15 +02:00
Richard Levitte
ce9598124e Configure: To allow file names with spaces, tokenize with respect for quotes
For parsing build.info files.

RT#4492

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-25 11:50:23 +02:00
Richard Levitte
05a7aee0e2 Communicate Configure generated header files to build files
Add Configure generated header files to $unified_info{generate}.  This
makes sure the build files will pick them up with the rest for the
GENERATED macro, and thereby make sure they get cleaned away by 'make
clean'

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-25 00:46:00 +02:00
Todd Short
050a36a9a1 Add buf-freelists to deprecated options
The buf-freelists option was removed in master. There may be some
things that try to disable it, so don't error out.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 20:07:41 +01:00
Richard Levitte
8f41ff2d53 Add support for RC / WINDRES env variables
RT#2558

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-16 18:03:40 +02:00
Andy Polyakov
6646f69f31 Configure: replace which() with IPC::Cmd::can_run.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-10 20:22:39 +02:00
Andy Polyakov
f58a0acb79 Configure: adhere to $(CROSS_COMPILE)ranlib.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-10 09:15:10 +02:00
Andy Polyakov
c145d19771 Configure: make it work with Perl 5.10.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-10 09:13:05 +02:00
Ben Laurie
c38bb72797 Add fuzzing!
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-07 18:13:54 +01:00
Richard Levitte
38add2300f Add the possibility for local build file templates
Use the environment variable OPENSSL_LOCAL_CONFIG_DIR to find build
file templates as well.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-05-02 20:19:41 +02:00
Richard Levitte
b5293d4c8d Add the possibility to have an extra local OpenSSL configs directory
The environment variable OPENSSL_LOCAL_CONFIG_DIR is used to indicate
that there's a local directory with extra configuration files.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-05-02 20:19:41 +02:00
FdaSilvaYY
8483a003bf various spelling fixes
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/952)
2016-04-28 14:22:26 -04:00
Benjamin Kaduk
42a9f38613 Remove the never-functional no-sct
It was added as part of 2df84dd329
but has never actually been used for anything; presumably it was
a typo for one of SCTP or CT.

This removes the last '??' entry from INSTALL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-26 08:32:10 -04:00
Richard Levitte
8d34daf0ce Build system: add include directories and dependencies for generators
In the case of generating a file like this:

    GENERATE[foo.S]=mkfoo.pl arg1 arg2

the 'mkfoo.pl' generator itself might need to include other files,
such as perl modules within our source tree.  We can reuse already
existing syntax for it, like this:

    INCLUDE[mkfoo.pl]=module/path

or:

    DEPEND[mkfoo.pl]=modules/mymodule.pm

This change implements the support for such constructs, and for the
DEPEND statement, for any value that indicates a perl module (.pm
file), it will automatically infer an INCLUDE statement for its
directory, just like it does for C header files, so you won't have do
write this:

    DEPEND[mkfoo.pl]=modules/mymodule.pm
    INCLUDE[mkfoo.pl]=modules

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-25 18:06:06 +02:00
Richard Levitte
ddc606c914 Warn when doing an out-of-source build and finding in-source build artifacts
The reason to warn is that configuration *may* pick up on
configuration header files that are in the source tree, that might be
for a wildly different configuration than what is expected in the
current out-of-source configuration.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-22 18:20:47 +02:00
Rich Salz
ac3d0e1377 Copyright consolidation; .pm and Configure
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-20 10:40:05 -04:00
Richard Levitte
45c6e23c97 Remove --classic build entirely
The Unix build was the last to retain the classic build scheme.  The
new unified scheme has matured enough, even though some details may
need polishing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 16:04:56 +02:00
Matt Caswell
505f74ca34 Cascade no-dgram from no-sock in Configure not e_os.h
e_os.h was defining OPENSSL_NO_DGRAM if OPENSSL_NO_SOCK was defined.
This causes link problems on Windows because the generated .def files
still contain the DGRAM symbols even though they have not been compiled.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 14:52:46 +01:00
Matt Caswell
ce942199db Make "shared" builds the default
In most cases we expect that people will be using shared libraries not
static ones, therefore we make that the default.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 22:23:12 +01:00
Matt Caswell
d90a6beb0e Fix no-stdio and no-autoalginit
no-stdio does not work with the apps. Since the tests also need the apps
it doesn't support that either. Therefore we disable building of both.

no-autoalginit is not compatible with the apps because it requires explicit
loading of the algorithms, and the apps don't do that. Therefore we disable
building the apps for this option. Similarly the tests depend on the apps
so we also disable the tests. Finally the whole point about no-autoalginit
is to avoid excessive executable sizes when doing static linking. Therefore
we disable "shared" if this option is selected.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 16:41:03 +01:00
Matt Caswell
7ec8de16fe Remove no-aes, no-rsa, no-sha, no-md5 and no-hmac
These algorithms are fundamental and extensively used. The "no-" options
do not work either in 1.1.0 or in other released branches. Therefore the
ability to disable them should be removed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 21:25:24 +01:00
Richard Levitte
da430a5555 Fix the handling of --with-zlib-include
The handling was Unix centric, already in Configure.  Change that to
just collect the value and let the build file templates figure out
what to do with it.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-13 11:36:46 +02:00
Andy Polyakov
463a7b8cb0 Clean-up *_DEBUG options.
Since NDEBUG is defined unconditionally on command line for release
builds, we can omit *_DEBUG options in favour of effective "all-on"
in debug builds exercised though CI.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 21:18:00 +02:00
Richard Levitte
2110febb11 Perl cleanup: don't create lists unnecessarily
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 15:21:27 +02:00
Andy Polyakov
ad7c9c9faf Configure: add BLAKE_DEBUG to --strict-warnings set.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 12:29:02 +02:00