openssl/util/mk1mf.pl
Kurt Roeckx 45f55f6a5b Remove SSLv2 support
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 11:55:03 +01:00

1575 lines
40 KiB
Perl
Executable file

#!/usr/bin/env perl
# A bit of an evil hack but it post processes the file ../MINFO which
# is generated by `make files` in the top directory.
# This script outputs one mega makefile that has no shell stuff or any
# funny stuff (if the target is not "copy").
# If the target is "copy", then it tries to create a makefile that can be
# safely used with the -j flag and that is compatible with the top-level
# Makefile, in the sense that it uses the same options and assembler files etc.
use Cwd;
$INSTALLTOP="/usr/local/ssl";
$OPENSSLDIR="/usr/local/ssl";
$OPTIONS="";
$ssl_version="";
$banner="\t\@echo Building OpenSSL";
my $no_static_engine = 1;
my $engines = "";
my @engines_obj = "";
my $otherlibs = "";
local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic
local $zlib_lib = "";
local $perl_asm = 0; # 1 to autobuild asm files from perl scripts
local $fips_canister_path = "";
my $fips_premain_dso_exe_path = "";
my $fips_premain_c_path = "";
my $fips_sha1_exe_path = "";
local $fipscanisterbuild = 0;
my $fipscanisteronly = 0;
my $fipslibdir = "";
my $baseaddr = "";
my $ex_l_libs = "";
my $build_targets = "lib exe";
my $libs_dep = "\$(O_CRYPTO) \$(O_SSL)";
# Options to import from top level Makefile
my %mf_import = (
VERSION => \$ssl_version,
OPTIONS => \$OPTIONS,
INSTALLTOP => \$INSTALLTOP,
OPENSSLDIR => \$OPENSSLDIR,
PLATFORM => \$mf_platform,
CC => \$mf_cc,
CFLAG => \$mf_cflag,
DEPFLAG => \$mf_depflag,
CPUID_OBJ => \$mf_cpuid_asm,
BN_ASM => \$mf_bn_asm,
DES_ENC => \$mf_des_asm,
AES_ENC => \$mf_aes_asm,
BF_ENC => \$mf_bf_asm,
CAST_ENC => \$mf_cast_asm,
RC4_ENC => \$mf_rc4_asm,
RC5_ENC => \$mf_rc5_asm,
MD5_ASM_OBJ => \$mf_md5_asm,
SHA1_ASM_OBJ => \$mf_sha_asm,
RMD160_ASM_OBJ => \$mf_rmd_asm,
WP_ASM_OBJ => \$mf_wp_asm,
CMLL_ENC => \$mf_cm_asm,
MODES_ASM_OBJ => \$mf_modes_asm,
ENGINES_ASM_OBJ=> \$mf_engines_asm,
PERLASM_SCHEME => \$mf_perlasm_scheme,
FIPSCANISTERONLY => \$mf_fipscanisteronly,
FIPSCANISTERINTERNAL => \$mf_fipscanisterinternal,
EC_ASM => \$mf_ec_asm,
);
open(IN,"<Makefile") || die "unable to open Makefile!\n";
while(<IN>) {
my ($mf_opt, $mf_ref);
while (($mf_opt, $mf_ref) = each %mf_import) {
if (/^$mf_opt\s*=\s*(.*)$/ && !defined($$mfref)) {
$$mf_ref = $1;
}
}
}
close(IN);
$debug = 1 if $mf_platform =~ /^debug-/;
if ($mf_fipscanisterinternal eq "y") {
$fips = 1;
$fipscanisterbuild = 1;
$fipscanisteronly = 1;
}
die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq "";
$infile="MINFO";
%ops=(
"VC-WIN32", "Microsoft Visual C++ [4-6] - Windows NT or 9X",
"VC-WIN64I", "Microsoft C/C++ - Win64/IA-64",
"VC-WIN64A", "Microsoft C/C++ - Win64/x64",
"VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
"VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY",
"Mingw32", "GNU C++ - Windows NT or 9x",
"Mingw32-files", "Create files with DOS copy ...",
"BC-NT", "Borland C++ 4.5 - Windows NT",
"linux-elf","Linux elf",
"ultrix-mips","DEC mips ultrix",
"FreeBSD","FreeBSD distribution",
"OS2-EMX", "EMX GCC OS/2",
"netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets",
"netware-clib-bsdsock", "CodeWarrior for NetWare - CLib - with BSD Sockets",
"netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets",
"netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets",
"default","cc under unix",
"auto", "auto detect from top level Makefile",
"copy", "copy from top level Makefile"
);
$platform="";
my $xcflags="";
foreach (@ARGV)
{
if (!&read_options && !defined($ops{$_}))
{
print STDERR "unknown option - $_\n";
print STDERR "usage: perl mk1mf.pl [options] [system]\n";
print STDERR "\nwhere [system] can be one of the following\n";
foreach $i (sort keys %ops)
{ printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
print STDERR <<"EOF";
and [options] can be one of
no-md2 no-md4 no-md5 no-sha no-mdc2 - Skip this digest
no-ripemd
no-rc2 no-rc4 no-rc5 no-idea no-des - Skip this symetric cipher
no-bf no-cast no-aes no-camellia no-seed
no-rsa no-dsa no-dh - Skip this public key cipher
no-ssl3 - Skip this version of SSL
just-ssl - remove all non-ssl keys/digest
no-asm - No x86 asm
no-krb5 - No KRB5
no-srp - No SRP
no-ec - No EC
no-ecdsa - No ECDSA
no-ecdh - No ECDH
no-engine - No engine
no-hw - No hw
nasm - Use NASM for x86 asm
nw-nasm - Use NASM x86 asm for NetWare
nw-mwasm - Use Metrowerks x86 asm for NetWare
gaswin - Use GNU as with Mingw32
no-socks - No socket code
no-err - No error strings
dll/shlib - Build shared libraries (MS)
debug - Debug build
profile - Profiling build
gcc - Use Gcc (unix)
Values that can be set
TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler
-L<ex_lib_path> -l<ex_lib> - extra library flags (unix)
-<ex_cc_flags> - extra 'cc' flags,
added (MS), or replace (unix)
EOF
exit(1);
}
$platform=$_;
}
foreach (grep(!/^$/, split(/ /, $OPTIONS)))
{
print STDERR "unknown option - $_\n" if !&read_options;
}
$no_static_engine = 0 if (!$shlib);
$no_mdc2=1 if ($no_des);
$no_ssl3=1 if ($no_md5 || $no_sha);
$no_ssl3=1 if ($no_rsa && $no_dh);
$out_def="out";
$inc_def="outinc";
$tmp_def="tmp";
$perl="perl" unless defined $perl;
$mkdir="-mkdir" unless defined $mkdir;
($ssl,$crypto)=("ssl","crypto");
$ranlib="echo ranlib";
$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}: $platform eq 'copy' ? getcwd() : '.';
$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
# $bin_dir.=$o causes a core dump on my sparc :-(
$NT=0;
push(@INC,"util/pl","pl");
if ($platform eq "auto" || $platform eq 'copy') {
$orig_platform = $platform;
$platform = $mf_platform;
print STDERR "Imported platform $mf_platform\n";
}
if (($platform =~ /VC-(.+)/))
{
$FLAVOR=$1;
$NT = 1 if $1 eq "NT";
require 'VC-32.pl';
}
elsif ($platform eq "Mingw32")
{
require 'Mingw32.pl';
}
elsif ($platform eq "Mingw32-files")
{
require 'Mingw32f.pl';
}
elsif ($platform eq "BC-NT")
{
$bc=1;
require 'BC-32.pl';
}
elsif ($platform eq "FreeBSD")
{
require 'unix.pl';
$cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
}
elsif ($platform eq "linux-elf")
{
require "unix.pl";
require "linux.pl";
$unix=1;
}
elsif ($platform eq "ultrix-mips")
{
require "unix.pl";
require "ultrix.pl";
$unix=1;
}
elsif ($platform eq "OS2-EMX")
{
$wc=1;
require 'OS2-EMX.pl';
}
elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") ||
($platform eq "netware-clib-bsdsock") || ($platform eq "netware-libc-bsdsock"))
{
$LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock";
$BSDSOCK=1 if ($platform eq "netware-libc-bsdsock") || ($platform eq "netware-clib-bsdsock");
require 'netware.pl';
}
else
{
require "unix.pl";
$unix=1;
$cflags.=' -DTERMIO';
}
$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
$cflags= "$xcflags$cflags" if $xcflags ne "";
$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
$cflags.=" -DOPENSSL_NO_AES" if $no_aes;
$cflags.=" -DOPENSSL_NO_CAMELLIA" if $no_camellia;
$cflags.=" -DOPENSSL_NO_SEED" if $no_seed;
$cflags.=" -DOPENSSL_NO_RC2" if $no_rc2;
$cflags.=" -DOPENSSL_NO_RC4" if $no_rc4;
$cflags.=" -DOPENSSL_NO_RC5" if $no_rc5;
$cflags.=" -DOPENSSL_NO_MD2" if $no_md2;
$cflags.=" -DOPENSSL_NO_MD4" if $no_md4;
$cflags.=" -DOPENSSL_NO_MD5" if $no_md5;
$cflags.=" -DOPENSSL_NO_SHA" if $no_sha;
$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1;
$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd;
$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2;
$cflags.=" -DOPENSSL_NO_BF" if $no_bf;
$cflags.=" -DOPENSSL_NO_CAST" if $no_cast;
$cflags.=" -DOPENSSL_NO_DES" if $no_des;
$cflags.=" -DOPENSSL_NO_RSA" if $no_rsa;
$cflags.=" -DOPENSSL_NO_DSA" if $no_dsa;
$cflags.=" -DOPENSSL_NO_DH" if $no_dh;
$cflags.=" -DOPENSSL_NO_WHIRLPOOL" if $no_whirlpool;
$cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
$cflags.=" -DOPENSSL_NO_EC" if $no_ec;
$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
$cflags.=" -DOPENSSL_NO_HW" if $no_hw;
$cflags.=" -DOPENSSL_FIPS" if $fips;
$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
$cflags.= " -DZLIB" if $zlib_opt;
$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
if ($no_static_engine)
{
$cflags .= " -DOPENSSL_NO_STATIC_ENGINE";
}
else
{
$cflags .= " -DOPENSSL_NO_DYNAMIC_ENGINE";
}
#$cflags.=" -DRSAref" if $rsaref ne "";
## if ($unix)
## { $cflags="$c_flags" if ($c_flags ne ""); }
##else
{ $cflags="$c_flags$cflags" if ($c_flags ne ""); }
if ($orig_platform eq 'copy') {
$cflags = $mf_cflag;
$cc = $mf_cc;
}
$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
"CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
if ($msdos)
{
$banner ="\t\@echo Make sure you have run 'perl Configure $platform' in the\n";
$banner.="\t\@echo top level directory, if you don't have perl, you will\n";
$banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n";
$banner.="\t\@echo documentation for details.\n";
}
# have to do this to allow $(CC) under unix
$link="$bin_dir$link" if ($link !~ /^\$/);
$INSTALLTOP =~ s|/|$o|g;
$OPENSSLDIR =~ s|/|$o|g;
#############################################
# We parse in input file and 'store' info for later printing.
open(IN,"<$infile") || die "unable to open $infile:$!\n";
$_=<IN>;
for (;;)
{
s/\s*$//; # was chop, didn't work in mixture of perls for Windows...
($key,$val)=/^([^=]+)=(.*)/;
if ($key eq "RELATIVE_DIRECTORY")
{
if ($lib ne "")
{
if ($fips && $dir =~ /^fips/)
{
$uc = "FIPS";
}
else
{
$uc=$lib;
$uc =~ s/^lib(.*)\.a/$1/;
$uc =~ tr/a-z/A-Z/;
}
if (($uc ne "FIPS") || $fipscanisterbuild)
{
$lib_nam{$uc}=$uc;
$lib_obj{$uc}.=$libobj." ";
}
}
last if ($val eq "FINISHED");
$lib="";
$libobj="";
$dir=$val;
}
if ($key eq "KRB5_INCLUDES")
{ $cflags .= " $val";}
if ($key eq "ZLIB_INCLUDE")
{ $cflags .= " $val" if $val ne "";}
if ($key eq "LIBZLIB")
{ $zlib_lib = "$val" if $val ne "";}
if ($key eq "LIBKRB5")
{ $ex_libs .= " $val" if $val ne "";}
if ($key eq "TEST" && (!$fipscanisteronly || $dir =~ /^fips/ ))
{ $test.=&var_add($dir,$val, 0); }
if (($key eq "PROGS") || ($key eq "E_OBJ"))
{ $e_exe.=&var_add($dir,$val, 0); }
if ($key eq "LIB")
{
$lib=$val;
$lib =~ s/^.*\/([^\/]+)$/$1/;
}
if ($key eq "LIBNAME" && $no_static_engine)
{
$lib=$val;
$lib =~ s/^.*\/([^\/]+)$/$1/;
$otherlibs .= " $lib";
}
if ($key eq "EXHEADER")
{ $exheader.=&var_add($dir,$val, 1); }
if ($key eq "HEADER")
{ $header.=&var_add($dir,$val, 1); }
if ($key eq "LIBOBJ")
{
if ($dir ne "engines" || !$no_static_engine)
{ $libobj=&var_add($dir,$val, 0); }
else
{ push(@engines_obj,split(/\s+/,&var_add($dir,$val,0))); }
}
if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine)
{ $engines.=$val }
if ($key eq "FIPS_EX_OBJ")
{
$fips_ex_obj=&var_add("crypto",$val,0);
}
if ($key eq "FIPSLIBDIR")
{
$fipslibdir=$val;
$fipslibdir =~ s/\/$//;
$fipslibdir =~ s/\//$o/g;
}
if ($key eq "BASEADDR")
{ $baseaddr=$val;}
if (!($_=<IN>))
{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
}
close(IN);
if ($orig_platform eq 'copy')
{
# Remove opensslconf.h so it doesn't get updated if we configure a
# different branch.
$exheader =~ s/[^ ]+\/opensslconf.h//;
$header =~ s/[^ ]+\/opensslconf.h//;
}
if ($fips)
{
foreach (split " ", $fips_ex_obj)
{
$fips_exclude_obj{$1} = 1 if (/\/([^\/]*)$/);
}
foreach (split " ",
"$mf_cpuid_asm $mf_aes_asm $mf_sha_asm $mf_bn_asm " .
"$mf_des_asm $mf_modes_asm")
{
s/\.o//;
$fips_exclude_obj{$_} = 1;
}
my @ltmp = split " ", $lib_obj{"CRYPTO"};
$lib_obj{"CRYPTO"} = "";
foreach(@ltmp)
{
if (/\/([^\/]*)$/ && exists $fips_exclude_obj{$1})
{
if ($fipscanisterbuild)
{
$lib_obj{"FIPS"} .= "$_ ";
}
}
elsif (!$fipscanisteronly)
{
$lib_obj{"CRYPTO"} .= "$_ ";
}
}
}
if ($fipscanisterbuild)
{
$fips_canister_path = "\$(LIB_D)${o}fipscanister.lib" if $fips_canister_path eq "";
$fips_premain_c_path = "\$(LIB_D)${o}fips_premain.c";
}
else
{
if ($fips_canister_path eq "")
{
$fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.lib";
}
if ($fips_premain_c_path eq "")
{
$fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c";
}
}
if ($fips)
{
if ($fips_sha1_exe_path eq "")
{
$fips_sha1_exe_path =
"\$(BIN_D)${o}fips_standalone_sha1$exep";
}
}
else
{
$fips_sha1_exe_path = "";
}
if ($fips_premain_dso_exe_path eq "")
{
$fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep";
}
# $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips);
if ($fips)
{
if (!$shlib)
{
$build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
$ex_l_libs .= " \$(O_FIPSCANISTER)";
$ex_libs_dep .= " \$(O_FIPSCANISTER)" if $fipscanisterbuild;
}
if ($fipscanisterbuild)
{
$fipslibdir = "\$(LIB_D)";
}
else
{
if ($fipslibdir eq "")
{
open (IN, "util/fipslib_path.txt") || fipslib_error();
$fipslibdir = <IN>;
chomp $fipslibdir;
close IN;
}
fips_check_files($fipslibdir,
"fipscanister.lib", "fipscanister.lib.sha1",
"fips_premain.c", "fips_premain.c.sha1");
}
}
if ($fipscanisteronly)
{
$build_targets = "\$(O_FIPSCANISTER) \$(T_EXE)";
$libs_dep = "";
}
$cp2 = $cp unless defined $cp2;
$extra_install= <<"EOF";
\$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
\$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
\$(MKDIR) \"\$(OPENSSLDIR)\"
\$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
EOF
if ($fipscanisteronly)
{
$extra_install = <<"EOF";
\$(CP) \"\$(O_FIPSCANISTER)\" \"\$(INSTALLTOP)${o}lib\"
\$(CP) \"\$(O_FIPSCANISTER).sha1\" \"\$(INSTALLTOP)${o}lib\"
\$(CP2) \"fips${o}fips_premain.c\" \"\$(INSTALLTOP)${o}lib\"
\$(CP) \"fips${o}fips_premain.c.sha1\" \"\$(INSTALLTOP)${o}lib\"
\$(CP) \"\$(INCO_D)${o}fips.h\" \"\$(INSTALLTOP)${o}include${o}openssl\"
\$(CP) \"\$(INCO_D)${o}fips_rand.h\" \"\$(INSTALLTOP)${o}include${o}openssl\"
\$(CP) "\$(BIN_D)${o}fips_standalone_sha1$exep" \"\$(INSTALLTOP)${o}bin\"
\$(CP) \"util${o}fipslink.pl\" \"\$(INSTALLTOP)${o}bin\"
EOF
}
elsif ($shlib)
{
$extra_install .= <<"EOF";
\$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\"
\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\"
\$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\"
\$(CP) \"\$(L_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
EOF
if ($no_static_engine)
{
$extra_install .= <<"EOF"
\$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\"
\$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\"
EOF
}
}
else
{
$extra_install .= <<"EOF";
\$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\"
\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
EOF
$ex_libs .= " $zlib_lib" if $zlib_opt == 1;
}
my $asm_def = $orig_platform eq 'copy' ? "" : "ASM=$bin_dir$asm";
$defs= <<"EOF";
# N.B. You MUST use -j on FreeBSD.
# This makefile has been automatically generated from the OpenSSL distribution.
# This single makefile will build the complete OpenSSL distribution and
# by default leave the 'intertesting' output files in .${o}out and the stuff
# that needs deleting in .${o}tmp.
# The file was generated by running 'make makefile.one', which
# does a 'make files', which writes all the environment variables from all
# the makefiles to the file call MINFO. This file is used by
# util${o}mk1mf.pl to generate makefile.one.
# The 'makefile per directory' system suites me when developing this
# library and also so I can 'distribute' indervidual library sections.
# The one monster makefile better suits building in non-unix
# environments.
EOF
$defs .= $preamble if defined $preamble;
$defs.= <<"EOF";
INSTALLTOP=$INSTALLTOP
OPENSSLDIR=$OPENSSLDIR
# Set your compiler options
PLATFORM=$platform
CC=$bin_dir${cc}
CFLAG=$cflags
APP_CFLAG=$app_cflag
LIB_CFLAG=$lib_cflag
SHLIB_CFLAG=$shl_cflag
APP_EX_OBJ=$app_ex_obj
SHLIB_EX_OBJ=$shlib_ex_obj
# add extra libraries to this define, for solaris -lsocket -lnsl would
# be added
EX_LIBS=$ex_libs
# The OpenSSL directory
SRC_D=$src_dir
LINK=$link
LFLAGS=$lflags
RSC=$rsc
FIPSLINK=\$(PERL) util${o}fipslink.pl
# The output directory for everything interesting
OUT_D=$out_dir
# The output directory for all the temporary muck
TMP_D=$tmp_dir
# The output directory for the header files
INC_D=$inc_dir
INCO_D=$inc_dir${o}openssl
PERL=$perl
PERLASM_SCHEME=$mf_perlasm_scheme
CP=$cp
CP2=$cp2
RM=$rm
RANLIB=$ranlib
MKDIR=$mkdir
MKLIB=$bin_dir$mklib
MLFLAGS=$mlflags
$asm_def
# FIPS validated module and support file locations
E_PREMAIN_DSO=fips_premain_dso
FIPSLIB_D=$fipslibdir
BASEADDR=$baseaddr
FIPS_PREMAIN_SRC=$fips_premain_c_path
O_FIPSCANISTER=$fips_canister_path
FIPS_SHA1_EXE=$fips_sha1_exe_path
PREMAIN_DSO_EXE=$fips_premain_dso_exe_path
######################################################
# You should not need to touch anything below this point
######################################################
E_EXE=openssl
SSL=$ssl
CRYPTO=$crypto
# BIN_D - Binary output directory
# TEST_D - Binary test file output directory
# LIB_D - library output directory
# ENG_D - dynamic engine output directory
# Note: if you change these point to different directories then uncomment out
# the lines around the 'NB' comment below.
#
BIN_D=\$(OUT_D)
TEST_D=\$(OUT_D)
LIB_D=\$(OUT_D)
ENG_D=\$(OUT_D)
# INCL_D - local library directory
# OBJ_D - temp object file directory
OBJ_D=\$(TMP_D)
INCL_D=\$(TMP_D)
O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp
O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
SO_SSL= $plib\$(SSL)$so_shlibp
SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
######################################################
# Don't touch anything below this point
######################################################
INC=-I\$(INC_D) -I\$(INCL_D)
APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
LIBS_DEP=$libs_dep
#############################################
EOF
$rules=<<"EOF";
all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) $build_targets
banner:
$banner
\$(TMP_D):
\$(MKDIR) \"\$(TMP_D)\"
# NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different
#\$(BIN_D):
# \$(MKDIR) \$(BIN_D)
#
#\$(TEST_D):
# \$(MKDIR) \$(TEST_D)
\$(LIB_D):
\$(MKDIR) \"\$(LIB_D)\"
\$(INCO_D): \$(INC_D)
\$(MKDIR) \"\$(INCO_D)\"
\$(INC_D):
\$(MKDIR) \"\$(INC_D)\"
# This needs to be invoked once, when the makefile is first constructed, or
# after cleaning.
init: \$(TMP_D) \$(LIB_D) \$(INC_D) \$(INCO_D) \$(BIN_D) \$(TEST_D) headers
\$(PERL) \$(SRC_D)/util/copy-if-different.pl "\$(SRC_D)/crypto/opensslconf.h" "\$(INCO_D)/opensslconf.h"
headers: \$(HEADER) \$(EXHEADER)
lib: \$(LIBS_DEP) \$(E_SHLIB)
exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
install: all
\$(MKDIR) \"\$(INSTALLTOP)\"
\$(MKDIR) \"\$(INSTALLTOP)${o}bin\"
\$(MKDIR) \"\$(INSTALLTOP)${o}include\"
\$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\"
\$(MKDIR) \"\$(INSTALLTOP)${o}lib\"
$extra_install
clean:
\$(RM) \$(TMP_D)$o*.*
vclean:
\$(RM) \$(TMP_D)$o*.*
\$(RM) \$(OUT_D)$o*.*
reallyclean:
\$(RM) -rf \$(TMP_D)
\$(RM) -rf \$(BIN_D)
\$(RM) -rf \$(TEST_D)
\$(RM) -rf \$(LIB_D)
\$(RM) -rf \$(INC_D)
EOF
if ($orig_platform ne 'copy')
{
$rules .= <<"EOF";
test: \$(T_EXE)
cd \$(BIN_D)
..${o}ms${o}test
EOF
}
my $platform_cpp_symbol = "MK1MF_PLATFORM_$platform";
$platform_cpp_symbol =~ s/-/_/g;
if (open(IN,"crypto/buildinf.h"))
{
# Remove entry for this platform in existing file buildinf.h.
my $old_buildinf_h = "";
while (<IN>)
{
if (/^\#ifdef $platform_cpp_symbol$/)
{
while (<IN>) { last if (/^\#endif/); }
}
else
{
$old_buildinf_h .= $_;
}
}
close(IN);
open(OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
print OUT $old_buildinf_h;
close(OUT);
}
open (OUT,">>crypto/buildinf.h") || die "Can't open buildinf.h";
printf OUT <<EOF;
#ifdef $platform_cpp_symbol
/* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
#define CFLAGS "$cc $cflags"
#define PLATFORM "$platform"
EOF
printf OUT " #define DATE \"%s\"\n", scalar gmtime();
printf OUT "#endif\n";
close(OUT);
# Strip off trailing ' '
foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
$test=&clean_up_ws($test);
$e_exe=&clean_up_ws($e_exe);
$exheader=&clean_up_ws($exheader);
$header=&clean_up_ws($header);
# First we strip the exheaders from the headers list
foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; }
chop($h); $header=$h;
$defs.=&do_defs("HEADER",$header,"\$(INCL_D)","");
$rules.=&do_copy_rule("\$(INCL_D)",$header,"");
$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)","");
$rules.=&do_copy_rule("\$(INCO_D)",$exheader,"");
$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
# Special case rules for fips_start and fips_end fips_premain_dso
if ($fips)
{
if ($fipscanisterbuild)
{
$rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj",
"fips${o}fips_canister.c",
"-DFIPS_START \$(SHLIB_CFLAGS)");
$rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj",
"fips${o}fips_canister.c", "\$(SHLIB_CFLAGS)");
}
$rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj",
"fips${o}sha${o}fips_standalone_sha1.c",
"\$(APP_CFLAGS)");
$rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
"fips${o}fips_premain.c",
"-DFINGERPRINT_PREMAIN_DSO_LOAD \$(APP_CFLAGS)");
}
sub fix_asm
{
my($asm, $dir) = @_;
$asm = " $asm";
$asm =~ s/\s+/ $dir\//g;
$asm =~ s/\.o//g;
$asm =~ s/^ //;
return $asm . ' ';
}
if ($orig_platform eq 'copy') {
$lib_obj{CRYPTO} .= fix_asm($mf_md5_asm, 'crypto/md5');
$lib_obj{CRYPTO} .= fix_asm($mf_bn_asm, 'crypto/bn');
# cpuid is included by the crypto dir
#$lib_obj{CRYPTO} .= fix_asm($mf_cpuid_asm, 'crypto');
# AES asm files end up included by the aes dir itself
#$lib_obj{CRYPTO} .= fix_asm($mf_aes_asm, 'crypto/aes');
$lib_obj{CRYPTO} .= fix_asm($mf_sha_asm, 'crypto/sha');
$lib_obj{CRYPTO} .= fix_asm($mf_engines_asm, 'engines');
$lib_obj{CRYPTO} .= fix_asm($mf_rc4_asm, 'crypto/rc4');
$lib_obj{CRYPTO} .= fix_asm($mf_modes_asm, 'crypto/modes');
$lib_obj{CRYPTO} .= fix_asm($mf_ec_asm, 'crypto/ec');
}
foreach (values %lib_nam)
{
$lib_obj=$lib_obj{$_};
local($slib)=$shlib;
$defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
$lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
}
# hack to add version info on MSVC
if (($platform eq "VC-WIN32") || ($platform eq "VC-WIN64A")
|| ($platform eq "VC-WIN64I") || ($platform eq "VC-NT")) {
$rules.= <<"EOF";
\$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc
\$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc
\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc
\$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc
EOF
}
$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
foreach (split(/\s+/,$test))
{
my $t_libs;
$t=&bname($_);
my $ltype;
# Check to see if test program is FIPS
if ($fips && /fips/)
{
# If fips perform static link to
# $(O_FIPSCANISTER)
$t_libs = "\$(O_FIPSCANISTER)";
$ltype = 2;
}
else
{
$t_libs = "\$(L_LIBS)";
$ltype = 0;
}
$tt="\$(OBJ_D)${o}$t${obj}";
$rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","$t_libs \$(EX_LIBS)", $ltype);
}
$defs.=&do_defs("E_SHLIB",$engines . $otherlibs,"\$(ENG_D)",$shlibp);
foreach (split(/\s+/,$engines))
{
my $engine = $_;
my @objs = grep {/e_$engine/} @engines_obj;
$rules.=&do_compile_rule("\$(OBJ_D)",join(" ",@objs),$lib);
map {$_=~s/.*\/([^\/]+)$/\$(OBJ_D)${o}$1$obj/} @objs;
$rules.= &do_lib_rule(join(" ",@objs),"\$(ENG_D)$o$engine$shlibp","",$shlib,"");
}
$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
#$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
foreach (split(" ",$otherlibs))
{
my $uc = $_;
$uc =~ tr /a-z/A-Z/;
$rules.= &do_lib_rule("\$(${uc}OBJ)","\$(ENG_D)$o$_$shlibp", "", $shlib, "");
}
if ($fips)
{
if ($shlib)
{
$rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
"\$(O_CRYPTO)", "$crypto",
$shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
}
else
{
$rules.= &do_lib_rule("\$(CRYPTOOBJ)",
"\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
$rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
"\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
}
}
else
{
$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
"\$(SO_CRYPTO)");
}
if ($fips)
{
if ($fipscanisterbuild)
{
$rules.= &do_rlink_rule("\$(O_FIPSCANISTER)",
"\$(OBJ_D)${o}fips_start$obj",
"\$(FIPSOBJ)",
"\$(OBJ_D)${o}fips_end$obj",
"\$(FIPS_SHA1_EXE)", "");
# FIXME
$rules.=&do_link_rule("\$(FIPS_SHA1_EXE)",
"\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj $sha1_asm_obj",
"","\$(EX_LIBS)", 1);
}
else
{
$rules.=&do_link_rule("\$(FIPS_SHA1_EXE)",
"\$(OBJ_D)${o}fips_standalone_sha1$obj \$(O_FIPSCANISTER)",
"","", 1);
}
$rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
}
$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
$rules .= get_tests('test/Makefile') if $orig_platform eq 'copy';
print $defs;
if ($platform eq "linux-elf") {
print <<"EOF";
# Generate perlasm output files
%.cpp:
(cd \$(\@D)/..; PERL=perl make -f Makefile asm/\$(\@F))
EOF
}
print "###################################################################\n";
print $rules;
###############################################
# strip off any trailing .[och] and append the relative directory
# also remembering to do nothing if we are in one of the dropped
# directories
sub var_add
{
local($dir,$val,$keepext)=@_;
local(@a,$_,$ret);
return("") if $no_engine && $dir =~ /\/engine/;
return("") if $no_hw && $dir =~ /\/hw/;
return("") if $no_idea && $dir =~ /\/idea/;
return("") if $no_aes && $dir =~ /\/aes/;
return("") if $no_camellia && $dir =~ /\/camellia/;
return("") if $no_seed && $dir =~ /\/seed/;
return("") if $no_rc2 && $dir =~ /\/rc2/;
return("") if $no_rc4 && $dir =~ /\/rc4/;
return("") if $no_rc5 && $dir =~ /\/rc5/;
return("") if $no_rsa && $dir =~ /\/rsa/;
return("") if $no_rsa && $dir =~ /^rsaref/;
return("") if $no_dsa && $dir =~ /\/dsa/;
return("") if $no_dh && $dir =~ /\/dh/;
return("") if $no_ec && $dir =~ /\/ec/;
return("") if $no_gost && $dir =~ /\/ccgost/;
return("") if $no_cms && $dir =~ /\/cms/;
return("") if $no_jpake && $dir =~ /\/jpake/;
return("") if !$fips && $dir =~ /^fips/;
if ($no_des && $dir =~ /\/des/)
{
if ($val =~ /read_pwd/)
{ return("$dir/read_pwd "); }
else
{ return(""); }
}
return("") if $no_mdc2 && $dir =~ /\/mdc2/;
return("") if $no_sock && $dir =~ /\/proxy/;
return("") if $no_bf && $dir =~ /\/bf/;
return("") if $no_cast && $dir =~ /\/cast/;
return("") if $no_whirlpool && $dir =~ /\/whrlpool/;
$val =~ s/^\s*(.*)\s*$/$1/;
@a=split(/\s+/,$val);
grep(s/\.[och]$//,@a) unless $keepext;
@a=grep(!/^e_.*_3d$/,@a) if $no_des;
@a=grep(!/^e_.*_d$/,@a) if $no_des;
@a=grep(!/^e_.*_ae$/,@a) if $no_idea;
@a=grep(!/^e_.*_i$/,@a) if $no_aes;
@a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
@a=grep(!/^e_.*_r5$/,@a) if $no_rc5;
@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
@a=grep(!/^e_.*_c$/,@a) if $no_cast;
@a=grep(!/^e_rc4$/,@a) if $no_rc4;
@a=grep(!/^e_camellia$/,@a) if $no_camellia;
@a=grep(!/^e_seed$/,@a) if $no_seed;
#@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
@a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
@a=grep(!/(^md4)|(_md4$)/,@a) if $no_md4;
@a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
@a=grep(!/(rmd)|(ripemd)/,@a) if $no_ripemd;
@a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
@a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
@a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
@a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
@a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
@a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
@a=grep(!/_dhp$/,@a) if $no_dh;
@a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
@a=grep(!/(srp)/,@a) if $no_srp;
@a=grep(!/^engine$/,@a) if $no_engine;
@a=grep(!/^hw$/,@a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
@a=grep(!/^gendsa$/,@a) if $no_sha1;
@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
@a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
grep($_="$dir/$_",@a);
@a=grep(!/(^|\/)s_/,@a) if $no_sock;
@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
$ret=join(' ',@a)." ";
return($ret);
}
# change things so that each 'token' is only separated by one space
sub clean_up_ws
{
local($w)=@_;
$w =~ s/^\s*(.*)\s*$/$1/;
$w =~ s/\s+/ /g;
return($w);
}
sub do_defs
{
local($var,$files,$location,$postfix)=@_;
local($_,$ret,$pf);
local(*OUT,$tmp,$t);
$files =~ s/\//$o/g if $o ne '/';
$ret="$var=";
$n=1;
$Vars{$var}.="";
foreach (split(/ /,$files))
{
$orig=$_;
$_=&bname($_) unless /^\$/;
if ($n++ == 2)
{
$n=0;
$ret.="\\\n\t";
}
if (($_ =~ /bss_file/) && ($postfix eq ".h"))
{ $pf=".c"; }
else { $pf=$postfix; }
if ($_ =~ /BN_ASM/) { $t="$_ "; }
elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; }
elsif ($_ =~ /AES_ASM/){ $t="$_ "; }
elsif ($_ =~ /DES_ENC/) { $t="$_ "; }
elsif ($_ =~ /BF_ENC/) { $t="$_ "; }
elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
elsif ($_ =~ /RC4_ENC/) { $t="$_ "; }
elsif ($_ =~ /RC5_ENC/) { $t="$_ "; }
elsif ($_ =~ /MD5_ASM/) { $t="$_ "; }
elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
elsif ($_ =~ /WHIRLPOOL_ASM/){ $t="$_ "; }
elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; }
else { $t="$location${o}$_$pf "; }
$Vars{$var}.="$t ";
$ret.=$t;
}
# hack to add version info on MSVC
if ($shlib && (($platform eq "VC-WIN32") || ($platfrom eq "VC-WIN64I") || ($platform eq "VC-WIN64A") || ($platform eq "VC-NT")))
{
if ($var eq "CRYPTOOBJ")
{ $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; }
elsif ($var eq "SSLOBJ")
{ $ret.="\$(OBJ_D)\\\$(SSL).res "; }
}
chomp($ret);
$ret.="\n\n";
return($ret);
}
# return the name with the leading path removed
sub bname
{
local($ret)=@_;
$ret =~ s/^.*[\\\/]([^\\\/]+)$/$1/;
return($ret);
}
# return the leading path
sub dname
{
my $ret=shift;
$ret =~ s/(^.*)[\\\/][^\\\/]+$/$1/;
return($ret);
}
##############################################################
# do a rule for each file that says 'compile' to new direcory
# compile the files in '$files' into $to
sub do_compile_rule
{
local($to,$files,$ex)=@_;
local($ret,$_,$n,$d,$s);
$files =~ s/\//$o/g if $o ne '/';
foreach (split(/\s+/,$files))
{
$n=&bname($_);
$d=&dname($_);
if (-f "${_}.c")
{
$ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
}
elsif (-f ($s="${d}${o}asm${o}${n}.pl") or
($s=~s/sha256/sha512/ and -f $s) or
-f ($s="${d}${o}${n}.pl"))
{
$ret.=&perlasm_compile_target("$to${o}$n$obj",$s,$n);
}
elsif (-f ($s="${d}${o}asm${o}${n}.S") or
-f ($s="${d}${o}${n}.S"))
{
$ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n);
}
elsif (defined &special_compile_target and
($s=special_compile_target($_)))
{
$ret.=$s;
}
else { die "no rule for $_"; }
}
return($ret);
}
##############################################################
# do a rule for each file that says 'compile' to new direcory
sub perlasm_compile_target
{
my($target,$source,$bname)=@_;
return platform_perlasm_compile_target($target, $source, $bname)
if defined &platform_perlasm_compile_target;
my($ret);
$bname =~ s/(.*)\.[^\.]$/$1/;
$ret ="\$(TMP_D)$o$bname$asm_suffix: $source\n";
$ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n";
if ($fipscanisteronly)
{
$ret .= "\t\$(PERL) util$o.pl . \$@ norunasm \$(CFLAG)\n";
}
$ret .= "\n";
$ret.="$target: \$(TMP_D)$o$bname$asm_suffix\n";
$ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname$asm_suffix\n\n";
return($ret);
}
sub Sasm_compile_target
{
my($target,$source,$bname)=@_;
my($ret);
$bname =~ s/(.*)\.[^\.]$/$1/;
$ret ="\$(TMP_D)$o$bname.asm: $source\n";
$ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n";
$ret.="\t\$(PERL) util\\fipsas.pl . \$@ norunasm \$(CFLAG)\n" if $fipscanisteronly;
$ret.="\n";
$ret.="$target: \$(TMP_D)$o$bname.asm\n";
$ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
return($ret);
}
sub cc_compile_target
{
local($target,$source,$ex_flags)=@_;
local($ret);
$ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
$target =~ s/\//$o/g if $o ne "/";
$source =~ s/\//$o/g if $o ne "/";
$ret ="$target: \$(SRC_D)$o$source\n\t";
$ret.="\$(CC)";
$ret.= " -MMD" if $orig_platform eq "copy";
$ret.= " ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
$target =~ s/\.o$/.d/;
$ret.=".sinclude \"$target\"\n\n" if $orig_platform eq "copy";
return($ret);
}
##############################################################
sub do_asm_rule
{
local($target,$src)=@_;
local($ret,@s,@t,$i);
$target =~ s/\//$o/g if $o ne "/";
$src =~ s/\//$o/g if $o ne "/";
@t=split(/\s+/,$target);
@s=split(/\s+/,$src);
for ($i=0; $i<=$#s; $i++)
{
my $objfile = $t[$i];
my $srcfile = $s[$i];
if ($perl_asm == 1)
{
my $plasm = $objfile;
$plasm =~ s/${obj}/.pl/;
$ret.="$srcfile: $plasm\n";
$ret.="\t\$(PERL) $plasm $asmtype \$(CFLAG) >$srcfile\n\n";
}
$ret.="$objfile: $srcfile\n";
$ret.="\t\$(ASM) $afile$objfile \$(SRC_D)$o$srcfile\n\n";
}
return($ret);
}
sub do_shlib_rule
{
local($n,$def)=@_;
local($ret,$nn);
local($t);
($nn=$n) =~ tr/a-z/A-Z/;
$ret.="$n.dll: \$(${nn}OBJ)\n";
if ($vc && $w32)
{
$ret.="\t\$(MKSHLIB) $efile$n.dll $def @<<\n \$(${nn}OBJ_F)\n<<\n";
}
$ret.="\n";
return($ret);
}
# do a rule for each file that says 'copy' to new direcory on change
sub do_copy_rule
{
local($to,$files,$p)=@_;
local($ret,$_,$n,$pp);
$files =~ s/\//$o/g if $o ne '/';
foreach (split(/\s+/,$files))
{
$n=&bname($_);
if ($n =~ /bss_file/)
{ $pp=".c"; }
else { $pp=$p; }
$ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(PERL) \$(SRC_D)${o}util${o}copy-if-different.pl \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
}
return($ret);
}
# Options picked up from the OPTIONS line in the top level Makefile
# generated by Configure.
sub read_options
{
# Many options are handled in a similar way. In particular
# no-xxx sets zero or more scalars to 1.
# Process these using the %valid_options hash containing the option
# name and reference to the scalars to set. In some cases the option
# needs no special handling and can be ignored: this is done by
# setting the value to 0.
my %valid_options = (
"no-rc2" => \$no_rc2,
"no-rc4" => \$no_rc4,
"no-rc5" => \$no_rc5,
"no-idea" => \$no_idea,
"no-aes" => \$no_aes,
"no-camellia" => \$no_camellia,
"no-seed" => \$no_seed,
"no-des" => \$no_des,
"no-bf" => \$no_bf,
"no-cast" => \$no_cast,
"no-md2" => \$no_md2,
"no-md4" => \$no_md4,
"no-md5" => \$no_md5,
"no-sha" => \$no_sha,
"no-sha1" => \$no_sha1,
"no-ripemd" => \$no_ripemd,
"no-mdc2" => \$no_mdc2,
"no-whirlpool" => \$no_whirlpool,
"no-patents" =>
[\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa],
"no-rsa" => \$no_rsa,
"no-dsa" => \$no_dsa,
"no-dh" => \$no_dh,
"no-hmac" => \$no_hmac,
"no-asm" => \$no_asm,
"nasm" => \$nasm,
"nw-nasm" => \$nw_nasm,
"nw-mwasm" => \$nw_mwasm,
"gaswin" => \$gaswin,
"no-ssl3" => \$no_ssl3,
"no-ssl3-method" => 0,
"no-tlsext" => \$no_tlsext,
"no-srp" => \$no_srp,
"no-cms" => \$no_cms,
"no-jpake" => \$no_jpake,
"no-ec2m" => \$no_ec2m,
"no-ec_nistp_64_gcc_128" => 0,
"no-err" => \$no_err,
"no-sock" => \$no_sock,
"no-krb5" => \$no_krb5,
"no-ec" => \$no_ec,
"no-ecdsa" => \$no_ecdsa,
"no-ecdh" => \$no_ecdh,
"no-gost" => \$no_gost,
"no-engine" => \$no_engine,
"no-hw" => \$no_hw,
"just-ssl" =>
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_err, \$no_ripemd, \$no_rc5,
\$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,
"profile" => \$profile,
"shlib" => \$shlib,
"dll" => \$shlib,
"shared" => 0,
"no-sctp" => 0,
"no-srtp" => 0,
"no-gmp" => 0,
"no-rfc3779" => 0,
"no-montasm" => 0,
"no-shared" => 0,
"no-store" => 0,
"no-zlib" => 0,
"no-zlib-dynamic" => 0,
"no-ssl-trace" => 0,
"no-unit-test" => 0,
"fips" => \$fips,
"fipscanisterbuild" => [\$fips, \$fipscanisterbuild],
"fipscanisteronly" => [\$fips, \$fipscanisterbuild, \$fipscanisteronly],
"fipscheck" => [\$fips, \$fipscanisterbuild, \$fipscanisteronly],
);
if (exists $valid_options{$_})
{
my $r = $valid_options{$_};
if ( ref $r eq "SCALAR")
{ $$r = 1;}
elsif ( ref $r eq "ARRAY")
{
my $r2;
foreach $r2 (@$r)
{
$$r2 = 1;
}
}
}
elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; }
elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
elsif (/^enable-zlib-dynamic$/)
{
$zlib_opt = 2;
}
elsif (/^no-static-engine/)
{
$no_static_engine = 1;
}
elsif (/^enable-static-engine/)
{
$no_static_engine = 0;
}
# There are also enable-xxx options which correspond to
# the no-xxx. Since the scalars are enabled by default
# these can be ignored.
elsif (/^enable-/)
{
my $t = $_;
$t =~ s/^enable/no/;
if (exists $valid_options{$t})
{return 1;}
return 0;
}
# experimental-xxx is mostly like enable-xxx, but opensslconf.v
# will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx.
# (No need to fail if we don't know the algorithm -- this is for adventurous users only.)
elsif (/^experimental-/)
{
my $algo, $ALGO;
($algo = $_) =~ s/^experimental-//;
($ALGO = $algo) =~ tr/[a-z]/[A-Z]/;
$xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
}
elsif (/^--with-krb5-flavor=(.*)$/)
{
my $krb5_flavor = $1;
if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
{
$xcflags="-DKRB5_HEIMDAL $xcflags";
}
elsif ($krb5_flavor =~ /^MIT/i)
{
$xcflags="-DKRB5_MIT $xcflags";
if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
{
$xcflags="-DKRB5_MIT_OLD11 $xcflags"
}
}
}
elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
{ $c_flags.="$_ "; }
else { return(0); }
return(1);
}
sub fipslib_error
{
print STDERR "***FIPS module directory sanity check failed***\n";
print STDERR "FIPS module build failed, or was deleted\n";
print STDERR "Please rebuild FIPS module.\n";
exit 1;
}
sub fips_check_files
{
my $dir = shift @_;
my $ret = 1;
if (!-d $dir)
{
print STDERR "FIPS module directory $dir does not exist\n";
fipslib_error();
}
foreach (@_)
{
if (!-f "$dir${o}$_")
{
print STDERR "FIPS module file $_ does not exist!\n";
$ret = 0;
}
}
fipslib_error() if ($ret == 0);
}