From owner-svn-src-vendor@freebsd.org Tue May 28 20:08:19 2019 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D0B2E15AAAD5; Tue, 28 May 2019 20:08:18 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 698AE8F690; Tue, 28 May 2019 20:08:18 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3CA701F2FB; Tue, 28 May 2019 20:08:18 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4SK8Ixo057440; Tue, 28 May 2019 20:08:18 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4SK8H1h057437; Tue, 28 May 2019 20:08:17 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201905282008.x4SK8H1h057437@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 28 May 2019 20:08:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r348333 - in vendor-crypto/openssl/dist: . apps crypto crypto/aes/asm crypto/bio crypto/blake2 crypto/bn crypto/bn/asm crypto/chacha crypto/conf crypto/dh crypto/dsa crypto/dso crypto/e... X-SVN-Group: vendor-crypto X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: in vendor-crypto/openssl/dist: . apps crypto crypto/aes/asm crypto/bio crypto/blake2 crypto/bn crypto/bn/asm crypto/chacha crypto/conf crypto/dh crypto/dsa crypto/dso crypto/ec crypto/ec/curve448 cryp... X-SVN-Commit-Revision: 348333 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 698AE8F690 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.96)[-0.964,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 May 2019 20:08:19 -0000 Author: jkim Date: Tue May 28 20:08:17 2019 New Revision: 348333 URL: https://svnweb.freebsd.org/changeset/base/348333 Log: Import OpenSSL 1.1.1c. Modified: vendor-crypto/openssl/dist/CHANGES vendor-crypto/openssl/dist/Configure vendor-crypto/openssl/dist/INSTALL vendor-crypto/openssl/dist/NEWS vendor-crypto/openssl/dist/NOTES.PERL vendor-crypto/openssl/dist/README vendor-crypto/openssl/dist/apps/asn1pars.c vendor-crypto/openssl/dist/apps/cms.c vendor-crypto/openssl/dist/apps/enc.c vendor-crypto/openssl/dist/apps/ocsp.c vendor-crypto/openssl/dist/apps/s_cb.c vendor-crypto/openssl/dist/apps/s_client.c vendor-crypto/openssl/dist/apps/speed.c vendor-crypto/openssl/dist/crypto/aes/asm/aesp8-ppc.pl vendor-crypto/openssl/dist/crypto/bio/b_addr.c vendor-crypto/openssl/dist/crypto/bio/bss_mem.c vendor-crypto/openssl/dist/crypto/blake2/blake2b.c vendor-crypto/openssl/dist/crypto/bn/asm/mips.pl vendor-crypto/openssl/dist/crypto/bn/asm/ppc.pl vendor-crypto/openssl/dist/crypto/bn/bn_ctx.c vendor-crypto/openssl/dist/crypto/bn/bn_lib.c vendor-crypto/openssl/dist/crypto/bn/bn_prime.c vendor-crypto/openssl/dist/crypto/chacha/build.info vendor-crypto/openssl/dist/crypto/conf/conf_sap.c vendor-crypto/openssl/dist/crypto/dh/dh_check.c vendor-crypto/openssl/dist/crypto/dh/dh_gen.c vendor-crypto/openssl/dist/crypto/dh/dh_key.c vendor-crypto/openssl/dist/crypto/dh/dh_pmeth.c vendor-crypto/openssl/dist/crypto/dsa/dsa_gen.c vendor-crypto/openssl/dist/crypto/dsa/dsa_ossl.c vendor-crypto/openssl/dist/crypto/dsa/dsa_pmeth.c vendor-crypto/openssl/dist/crypto/dso/dso_openssl.c vendor-crypto/openssl/dist/crypto/ec/curve25519.c vendor-crypto/openssl/dist/crypto/ec/curve448/curve448.c vendor-crypto/openssl/dist/crypto/ec/curve448/curve448_tables.c vendor-crypto/openssl/dist/crypto/ec/curve448/curve448utils.h vendor-crypto/openssl/dist/crypto/ec/curve448/f_generic.c vendor-crypto/openssl/dist/crypto/ec/curve448/scalar.c vendor-crypto/openssl/dist/crypto/ec/ec2_oct.c vendor-crypto/openssl/dist/crypto/ec/ec2_smpl.c vendor-crypto/openssl/dist/crypto/ec/ec_ameth.c vendor-crypto/openssl/dist/crypto/ec/ec_lib.c vendor-crypto/openssl/dist/crypto/ec/ec_mult.c vendor-crypto/openssl/dist/crypto/ec/ec_pmeth.c vendor-crypto/openssl/dist/crypto/ec/ecdh_ossl.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistp521.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistz256.c vendor-crypto/openssl/dist/crypto/ec/ecp_smpl.c vendor-crypto/openssl/dist/crypto/err/err.c vendor-crypto/openssl/dist/crypto/evp/digest.c vendor-crypto/openssl/dist/crypto/evp/e_aes.c vendor-crypto/openssl/dist/crypto/evp/e_aria.c vendor-crypto/openssl/dist/crypto/evp/e_chacha20_poly1305.c vendor-crypto/openssl/dist/crypto/evp/p_lib.c vendor-crypto/openssl/dist/crypto/evp/p_open.c vendor-crypto/openssl/dist/crypto/hmac/hmac.c vendor-crypto/openssl/dist/crypto/include/internal/dso_conf.h.in vendor-crypto/openssl/dist/crypto/init.c vendor-crypto/openssl/dist/crypto/mips_arch.h vendor-crypto/openssl/dist/crypto/modes/asm/ghash-x86_64.pl vendor-crypto/openssl/dist/crypto/modes/ccm128.c vendor-crypto/openssl/dist/crypto/o_str.c vendor-crypto/openssl/dist/crypto/objects/obj_dat.h vendor-crypto/openssl/dist/crypto/objects/objects.txt vendor-crypto/openssl/dist/crypto/ocsp/ocsp_ext.c vendor-crypto/openssl/dist/crypto/ocsp/ocsp_lib.c vendor-crypto/openssl/dist/crypto/pem/pem_sign.c vendor-crypto/openssl/dist/crypto/poly1305/build.info vendor-crypto/openssl/dist/crypto/ppccap.c vendor-crypto/openssl/dist/crypto/rand/drbg_lib.c vendor-crypto/openssl/dist/crypto/rand/rand_lib.c vendor-crypto/openssl/dist/crypto/rand/rand_unix.c vendor-crypto/openssl/dist/crypto/rand/randfile.c vendor-crypto/openssl/dist/crypto/rc4/build.info vendor-crypto/openssl/dist/crypto/rsa/rsa_ameth.c vendor-crypto/openssl/dist/crypto/rsa/rsa_gen.c vendor-crypto/openssl/dist/crypto/rsa/rsa_oaep.c vendor-crypto/openssl/dist/crypto/rsa/rsa_ossl.c vendor-crypto/openssl/dist/crypto/rsa/rsa_pk1.c vendor-crypto/openssl/dist/crypto/rsa/rsa_pmeth.c vendor-crypto/openssl/dist/crypto/rsa/rsa_ssl.c vendor-crypto/openssl/dist/crypto/rsa/rsa_x931g.c vendor-crypto/openssl/dist/crypto/sha/keccak1600.c vendor-crypto/openssl/dist/crypto/x509/x509_lu.c vendor-crypto/openssl/dist/crypto/x509v3/v3_genn.c vendor-crypto/openssl/dist/doc/man1/genpkey.pod vendor-crypto/openssl/dist/doc/man1/pkeyutl.pod vendor-crypto/openssl/dist/doc/man1/s_client.pod vendor-crypto/openssl/dist/doc/man1/s_server.pod vendor-crypto/openssl/dist/doc/man1/s_time.pod vendor-crypto/openssl/dist/doc/man1/ts.pod vendor-crypto/openssl/dist/doc/man3/ASN1_TIME_set.pod vendor-crypto/openssl/dist/doc/man3/ASN1_generate_nconf.pod vendor-crypto/openssl/dist/doc/man3/BIO_connect.pod vendor-crypto/openssl/dist/doc/man3/BIO_push.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_file.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_mem.pod vendor-crypto/openssl/dist/doc/man3/BN_CTX_start.pod vendor-crypto/openssl/dist/doc/man3/BN_new.pod vendor-crypto/openssl/dist/doc/man3/BN_rand.pod vendor-crypto/openssl/dist/doc/man3/BN_security_bits.pod vendor-crypto/openssl/dist/doc/man3/CMS_verify.pod vendor-crypto/openssl/dist/doc/man3/CONF_modules_load_file.pod vendor-crypto/openssl/dist/doc/man3/DES_random_key.pod vendor-crypto/openssl/dist/doc/man3/ECDSA_SIG_new.pod vendor-crypto/openssl/dist/doc/man3/EVP_DigestVerifyInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_EncryptInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_meth_new.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_set1_RSA.pod vendor-crypto/openssl/dist/doc/man3/EVP_chacha20.pod vendor-crypto/openssl/dist/doc/man3/HMAC.pod vendor-crypto/openssl/dist/doc/man3/OBJ_nid2obj.pod vendor-crypto/openssl/dist/doc/man3/OCSP_cert_to_id.pod vendor-crypto/openssl/dist/doc/man3/PEM_read_bio_PrivateKey.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_generate.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_get0_master.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_new.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_reseed.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_set_callbacks.pod vendor-crypto/openssl/dist/doc/man3/RAND_add.pod vendor-crypto/openssl/dist/doc/man3/RAND_bytes.pod vendor-crypto/openssl/dist/doc/man3/RAND_cleanup.pod vendor-crypto/openssl/dist/doc/man3/RSA_padding_add_PKCS1_type_1.pod vendor-crypto/openssl/dist/doc/man3/RSA_public_encrypt.pod vendor-crypto/openssl/dist/doc/man3/SSL_CIPHER_get_name.pod vendor-crypto/openssl/dist/doc/man3/SSL_CONF_cmd.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_load_verify_locations.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_new.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set1_sigalgs.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_client_hello_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_default_passwd_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_generate_session_id.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_min_proto_version.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_read_ahead.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_split_send_fragment.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_tmp_dh_callback.pod vendor-crypto/openssl/dist/doc/man3/SSL_get_error.pod vendor-crypto/openssl/dist/doc/man3/SSL_load_client_CA_file.pod vendor-crypto/openssl/dist/doc/man3/SSL_read.pod vendor-crypto/openssl/dist/doc/man3/SSL_session_reused.pod vendor-crypto/openssl/dist/doc/man3/SSL_shutdown.pod vendor-crypto/openssl/dist/doc/man3/SSL_write.pod vendor-crypto/openssl/dist/doc/man3/X509_LOOKUP_meth_new.pod vendor-crypto/openssl/dist/doc/man3/X509_NAME_add_entry_by_txt.pod vendor-crypto/openssl/dist/doc/man3/X509_NAME_get_index_by_NID.pod vendor-crypto/openssl/dist/doc/man3/X509_get_subject_name.pod vendor-crypto/openssl/dist/doc/man3/d2i_X509.pod vendor-crypto/openssl/dist/e_os.h vendor-crypto/openssl/dist/engines/e_padlock.c vendor-crypto/openssl/dist/include/internal/dsoerr.h vendor-crypto/openssl/dist/include/internal/refcount.h vendor-crypto/openssl/dist/include/internal/tsan_assist.h vendor-crypto/openssl/dist/include/openssl/err.h vendor-crypto/openssl/dist/include/openssl/evp.h vendor-crypto/openssl/dist/include/openssl/obj_mac.h vendor-crypto/openssl/dist/include/openssl/ocsp.h vendor-crypto/openssl/dist/include/openssl/opensslv.h vendor-crypto/openssl/dist/include/openssl/ssl.h vendor-crypto/openssl/dist/include/openssl/x509v3.h vendor-crypto/openssl/dist/ssl/ssl_lib.c vendor-crypto/openssl/dist/ssl/ssl_locl.h vendor-crypto/openssl/dist/ssl/statem/extensions.c vendor-crypto/openssl/dist/ssl/statem/extensions_clnt.c vendor-crypto/openssl/dist/ssl/statem/extensions_srvr.c vendor-crypto/openssl/dist/ssl/statem/statem_clnt.c vendor-crypto/openssl/dist/ssl/statem/statem_srvr.c Modified: vendor-crypto/openssl/dist/CHANGES ============================================================================== --- vendor-crypto/openssl/dist/CHANGES Tue May 28 18:32:04 2019 (r348332) +++ vendor-crypto/openssl/dist/CHANGES Tue May 28 20:08:17 2019 (r348333) @@ -7,6 +7,77 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1b and 1.1.1c [28 May 2019] + + *) Add build tests for C++. These are generated files that only do one + thing, to include one public OpenSSL head file each. This tests that + the public header files can be usefully included in a C++ application. + + This test isn't enabled by default. It can be enabled with the option + 'enable-buildtest-c++'. + [Richard Levitte] + + *) Enable SHA3 pre-hashing for ECDSA and DSA. + [Patrick Steuer] + + *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024. + This changes the size when using the genpkey app when no size is given. It + fixes an omission in earlier changes that changed all RSA, DSA and DH + generation apps to use 2048 bits by default. + [Kurt Roeckx] + + *) Reorganize the manual pages to consistently have RETURN VALUES, + EXAMPLES, SEE ALSO and HISTORY come in that order, and adjust + util/fix-doc-nits accordingly. + [Paul Yang, Joshua Lock] + + *) Add the missing accessor EVP_PKEY_get0_engine() + [Matt Caswell] + + *) Have apps like 's_client' and 's_server' output the signature scheme + along with other cipher suite parameters when debugging. + [Lorinczy Zsigmond] + + *) Make OPENSSL_config() error agnostic again. + [Richard Levitte] + + *) Do the error handling in RSA decryption constant time. + [Bernd Edlinger] + + *) Prevent over long nonces in ChaCha20-Poly1305. + + ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input + for every encryption operation. RFC 7539 specifies that the nonce value + (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length + and front pads the nonce with 0 bytes if it is less than 12 + bytes. However it also incorrectly allows a nonce to be set of up to 16 + bytes. In this case only the last 12 bytes are significant and any + additional leading bytes are ignored. + + It is a requirement of using this cipher that nonce values are + unique. Messages encrypted using a reused nonce value are susceptible to + serious confidentiality and integrity attacks. If an application changes + the default nonce length to be longer than 12 bytes and then makes a + change to the leading bytes of the nonce expecting the new value to be a + new unique nonce then such an application could inadvertently encrypt + messages with a reused nonce. + + Additionally the ignored bytes in a long nonce are not covered by the + integrity guarantee of this cipher. Any application that relies on the + integrity of these ignored leading bytes of a long nonce may be further + affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, + is safe because no such use sets such a long nonce value. However user + applications that use this cipher directly and set a non-default nonce + length to be longer than 12 bytes may be vulnerable. + + This issue was reported to OpenSSL on 16th of March 2019 by Joran Dirk + Greef of Ronomon. + (CVE-2019-1543) + [Matt Caswell] + + *) Ensure that SM2 only uses SM3 as digest algorithm + [Paul Yang] + Changes between 1.1.1a and 1.1.1b [26 Feb 2019] *) Added SCA hardening for modular field inversion in EC_GROUP through Modified: vendor-crypto/openssl/dist/Configure ============================================================================== --- vendor-crypto/openssl/dist/Configure Tue May 28 18:32:04 2019 (r348332) +++ vendor-crypto/openssl/dist/Configure Tue May 28 20:08:17 2019 (r348333) @@ -24,7 +24,7 @@ use OpenSSL::Glob; my $orig_death_handler = $SIG{__DIE__}; $SIG{__DIE__} = \&death_handler; -my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; +my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; # Options: # @@ -54,16 +54,14 @@ my $usage="Usage: Configure [no- ...] [enable- # [no-]threads [don't] try to create a library that is suitable for # multithreaded applications (default is "threads" if we # know how to do it) -# [no-]shared [don't] try to create shared libraries when supported. +# [no-]shared [don't] try to create shared libraries when supported. # [no-]pic [don't] try to build position independent code when supported. # If disabled, it also disables shared and dynamic-engine. # no-asm do not use assembler -# no-dso do not compile in any native shared-library methods. This -# will ensure that all methods just return NULL. # no-egd do not compile support for the entropy-gathering daemon APIs # [no-]zlib [don't] compile support for zlib compression. -# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared -# library and will be loaded in run-time by the OpenSSL library. +# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared +# library and will be loaded in run-time by the OpenSSL library. # sctp include SCTP support # enable-weak-ssl-ciphers # Enable weak ciphers that are disabled by default. @@ -75,7 +73,7 @@ my $usage="Usage: Configure [no- ...] [enable- # -static while -static is also a pass-through compiler option (and # as such is limited to environments where it's actually # meaningful), it triggers a number configuration options, -# namely no-dso, no-pic, no-shared and no-threads. It is +# namely no-pic, no-shared and no-threads. It is # argued that the only reason to produce statically linked # binaries (and in context it means executables linked with # -static flag, and not just executables linked with static @@ -90,21 +88,22 @@ my $usage="Usage: Configure [no- ...] [enable- # production quality. # # DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items -# provided to stack calls. Generates unique stack functions for -# each possible stack type. -# BN_LLONG use the type 'long long' in crypto/bn/bn.h -# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h +# provided to stack calls. Generates unique stack functions for +# each possible stack type. +# BN_LLONG use the type 'long long' in crypto/bn/bn.h +# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # Following are set automatically by this script # -# MD5_ASM use some extra md5 assembler, -# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86 -# RMD160_ASM use some extra ripemd160 assembler, -# SHA256_ASM sha256_block is implemented in assembler -# SHA512_ASM sha512_block is implemented in assembler -# AES_ASM AES_[en|de]crypt is implemented in assembler +# MD5_ASM use some extra md5 assembler, +# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86 +# RMD160_ASM use some extra ripemd160 assembler, +# SHA256_ASM sha256_block is implemented in assembler +# SHA512_ASM sha512_block is implemented in assembler +# AES_ASM AES_[en|de]crypt is implemented in assembler -# Minimum warning options... any contributions to OpenSSL should at least get -# past these. +# Minimum warning options... any contributions to OpenSSL should at least +# get past these. Note that we only use these with C compilers, not with +# C++ compilers. # DEBUG_UNUSED enables __owur (warn unused result) checks. # -DPEDANTIC complements -pedantic and is meant to mask code that @@ -119,22 +118,23 @@ my $usage="Usage: Configure [no- ...] [enable- # code, so we just tell compiler to be pedantic about everything # but 'long long' type. -my $gcc_devteam_warn = "-DDEBUG_UNUSED" - . " -DPEDANTIC -pedantic -Wno-long-long" - . " -Wall" - . " -Wextra" - . " -Wno-unused-parameter" - . " -Wno-missing-field-initializers" - . " -Wswitch" - . " -Wsign-compare" - . " -Wmissing-prototypes" - . " -Wstrict-prototypes" - . " -Wshadow" - . " -Wformat" - . " -Wtype-limits" - . " -Wundef" - . " -Werror" - ; +my @gcc_devteam_warn = qw( + -DDEBUG_UNUSED + -DPEDANTIC -pedantic -Wno-long-long + -Wall + -Wextra + -Wno-unused-parameter + -Wno-missing-field-initializers + -Wswitch + -Wsign-compare + -Wshadow + -Wformat + -Wtype-limits + -Wundef + -Werror + -Wmissing-prototypes + -Wstrict-prototypes +); # These are used in addition to $gcc_devteam_warn when the compiler is clang. # TODO(openssl-team): fix problems and investigate if (at least) the @@ -144,19 +144,16 @@ my $gcc_devteam_warn = "-DDEBUG_UNUSED" # -Wlanguage-extension-token -- no, we use asm() # -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc # -Wextended-offsetof -- no, needed in CMS ASN1 code -# -Wunused-function -- no, it forces header use of safestack et al -# DEFINE macros -my $clang_devteam_warn = "" - . " -Wswitch-default" - . " -Wno-parentheses-equality" - . " -Wno-language-extension-token" - . " -Wno-extended-offsetof" - . " -Wconditional-uninitialized" - . " -Wincompatible-pointer-types-discards-qualifiers" - . " -Wmissing-variable-declarations" - . " -Wno-unknown-warning-option" - . " -Wno-unused-function" - ; +my @clang_devteam_warn = qw( + -Wswitch-default + -Wno-parentheses-equality + -Wno-language-extension-token + -Wno-extended-offsetof + -Wconditional-uninitialized + -Wincompatible-pointer-types-discards-qualifiers + -Wno-unknown-warning-option + -Wmissing-variable-declarations +); # This adds backtrace information to the memory leak info. Is only used # when crypto-mdebug-backtrace is enabled. @@ -225,20 +222,20 @@ if (grep /^reconf(igure)?$/, @argvcopy) { die "reconfiguring with other arguments present isn't supported" if scalar @argvcopy > 1; if (-f "./configdata.pm") { - my $file = "./configdata.pm"; - unless (my $return = do $file) { - die "couldn't parse $file: $@" if $@; + my $file = "./configdata.pm"; + unless (my $return = do $file) { + die "couldn't parse $file: $@" if $@; die "couldn't do $file: $!" unless defined $return; die "couldn't run $file" unless $return; - } + } - @argvcopy = defined($configdata::config{perlargv}) ? - @{$configdata::config{perlargv}} : (); - die "Incorrect data to reconfigure, please do a normal configuration\n" - if (grep(/^reconf/,@argvcopy)); - $config{perlenv} = $configdata::config{perlenv} // {}; + @argvcopy = defined($configdata::config{perlargv}) ? + @{$configdata::config{perlargv}} : (); + die "Incorrect data to reconfigure, please do a normal configuration\n" + if (grep(/^reconf/,@argvcopy)); + $config{perlenv} = $configdata::config{perlenv} // {}; } else { - die "Insufficient data to reconfigure, please do a normal configuration\n"; + die "Insufficient data to reconfigure, please do a normal configuration\n"; } } @@ -253,8 +250,8 @@ $config{shlib_version_history} = "unknown"; collect_information( collect_from_file(catfile($srcdir,'include/openssl/opensslv.h')), qr/OPENSSL.VERSION.TEXT.*OpenSSL (\S+) / => sub { $config{version} = $1; }, - qr/OPENSSL.VERSION.NUMBER.*(0x\S+)/ => sub { $config{version_num}=$1 }, - qr/SHLIB_VERSION_NUMBER *"([^"]+)"/ => sub { $config{shlib_version_number}=$1 }, + qr/OPENSSL.VERSION.NUMBER.*(0x\S+)/ => sub { $config{version_num}=$1 }, + qr/SHLIB_VERSION_NUMBER *"([^"]+)"/ => sub { $config{shlib_version_number}=$1 }, qr/SHLIB_VERSION_HISTORY *"([^"]*)"/ => sub { $config{shlib_version_history}=$1 } ); if ($config{shlib_version_history} ne "") { $config{shlib_version_history} .= ":"; } @@ -266,7 +263,7 @@ if ($config{shlib_version_history} ne "") { $config{sh die "erroneous version information in opensslv.h: ", "$config{major}, $config{minor}, $config{shlib_major}, $config{shlib_minor}\n" if ($config{major} eq "" || $config{minor} eq "" - || $config{shlib_major} eq "" || $config{shlib_minor} eq ""); + || $config{shlib_major} eq "" || $config{shlib_minor} eq ""); # Collect target configurations @@ -335,6 +332,7 @@ my @disablables = ( "autoload-config", "bf", "blake2", + "buildtest-c\\+\\+", "camellia", "capieng", "cast", @@ -351,7 +349,6 @@ my @disablables = ( "dgram", "dh", "dsa", - "dso", "dtls", "dynamic-engine", "ec", @@ -419,71 +416,70 @@ my @disablables = ( "zlib-dynamic", ); foreach my $proto ((@tls, @dtls)) - { - push(@disablables, $proto); - push(@disablables, "$proto-method") unless $proto eq "tls1_3"; - } + { + push(@disablables, $proto); + push(@disablables, "$proto-method") unless $proto eq "tls1_3"; + } my %deprecated_disablables = ( "ssl2" => undef, "buf-freelists" => undef, "ripemd" => "rmd160", "ui" => "ui-console", + "dso" => "", # Empty string means we're silent about it ); # All of the following are disabled by default: our %disabled = ( # "what" => "comment" - "asan" => "default", - "crypto-mdebug" => "default", - "crypto-mdebug-backtrace" => "default", - "devcryptoeng" => "default", - "ec_nistp_64_gcc_128" => "default", - "egd" => "default", - "external-tests" => "default", - "fuzz-libfuzzer" => "default", - "fuzz-afl" => "default", - "heartbeats" => "default", - "md2" => "default", + "asan" => "default", + "buildtest-c++" => "default", + "crypto-mdebug" => "default", + "crypto-mdebug-backtrace" => "default", + "devcryptoeng" => "default", + "ec_nistp_64_gcc_128" => "default", + "egd" => "default", + "external-tests" => "default", + "fuzz-libfuzzer" => "default", + "fuzz-afl" => "default", + "heartbeats" => "default", + "md2" => "default", "msan" => "default", - "rc5" => "default", - "sctp" => "default", - "ssl-trace" => "default", - "ssl3" => "default", - "ssl3-method" => "default", - "ubsan" => "default", - "unit-test" => "default", - "weak-ssl-ciphers" => "default", - "zlib" => "default", - "zlib-dynamic" => "default", - ); + "rc5" => "default", + "sctp" => "default", + "ssl-trace" => "default", + "ssl3" => "default", + "ssl3-method" => "default", + "ubsan" => "default", + "unit-test" => "default", + "weak-ssl-ciphers" => "default", + "zlib" => "default", + "zlib-dynamic" => "default", + ); # Note: => pair form used for aesthetics, not to truly make a hash table my @disable_cascades = ( - # "what" => [ "cascade", ... ] + # "what" => [ "cascade", ... ] sub { $config{processor} eq "386" } - => [ "sse2" ], - "ssl" => [ "ssl3" ], - "ssl3-method" => [ "ssl3" ], - "zlib" => [ "zlib-dynamic" ], - "des" => [ "mdc2" ], - "ec" => [ "ecdsa", "ecdh" ], + => [ "sse2" ], + "ssl" => [ "ssl3" ], + "ssl3-method" => [ "ssl3" ], + "zlib" => [ "zlib-dynamic" ], + "des" => [ "mdc2" ], + "ec" => [ "ecdsa", "ecdh" ], - "dgram" => [ "dtls", "sctp" ], - "sock" => [ "dgram" ], - "dtls" => [ @dtls ], + "dgram" => [ "dtls", "sctp" ], + "sock" => [ "dgram" ], + "dtls" => [ @dtls ], sub { 0 == scalar grep { !$disabled{$_} } @dtls } - => [ "dtls" ], + => [ "dtls" ], - "tls" => [ @tls ], + "tls" => [ @tls ], sub { 0 == scalar grep { !$disabled{$_} } @tls } - => [ "tls" ], + => [ "tls" ], "crypto-mdebug" => [ "crypto-mdebug-backtrace" ], - # Without DSO, we can't load dynamic engines, so don't build them dynamic - "dso" => [ "dynamic-engine" ], - # Without position independent code, there can be no shared libraries or DSOs "pic" => [ "shared" ], "shared" => [ "dynamic-engine" ], @@ -510,14 +506,14 @@ my @list = (reverse @tls); while ((my $first, my $second) = (shift @list, shift @list)) { last unless @list; push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} } - => [ @list ] ); + => [ @list ] ); unshift @list, $second; } my @list = (reverse @dtls); while ((my $first, my $second) = (shift @list, shift @list)) { last unless @list; push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} } - => [ @list ] ); + => [ @list ] ); unshift @list, $second; } @@ -544,24 +540,24 @@ my %user = ( AS => undef, ASFLAGS => [], CC => env('CC'), - CFLAGS => [], + CFLAGS => [ env('CFLAGS') || () ], CXX => env('CXX'), - CXXFLAGS => [], + CXXFLAGS => [ env('CXXFLAGS') || () ], CPP => undef, - CPPFLAGS => [], # -D, -I, -Wp, + CPPFLAGS => [ env('CPPFLAGS') || () ], # -D, -I, -Wp, CPPDEFINES => [], # Alternative for -D CPPINCLUDES => [], # Alternative for -I CROSS_COMPILE => env('CROSS_COMPILE'), HASHBANGPERL=> env('HASHBANGPERL') || env('PERL'), LD => undef, - LDFLAGS => [], # -L, -Wl, - LDLIBS => [], # -l + LDFLAGS => [ env('LDFLAGS') || () ], # -L, -Wl, + LDLIBS => [ env('LDLIBS') || () ], # -l MT => undef, MTFLAGS => [], PERL => env('PERL') || ($^O ne "VMS" ? $^X : "perl"), RANLIB => env('RANLIB'), RC => env('RC') || env('WINDRES'), - RCFLAGS => [], + RCFLAGS => [ env('RCFLAGS') || () ], RM => undef, ); # Info about what "make variables" may be prefixed with the cross compiler @@ -578,6 +574,7 @@ my %useradd = ( CXXFLAGS => [], LDFLAGS => [], LDLIBS => [], + RCFLAGS => [], ); my %user_synonyms = ( @@ -625,43 +622,43 @@ my %deprecated_options = (); my @known_seed_sources = qw(getrandom devrandom os egd none rdcpu librandom); my @seed_sources = (); while (@argvcopy) - { - $_ = shift @argvcopy; + { + $_ = shift @argvcopy; - # Support env variable assignments among the options - if (m|^(\w+)=(.+)?$|) - { - $cmdvars{$1} = $2; - # Every time a variable is given as a configuration argument, - # it acts as a reset if the variable. - if (exists $user{$1}) - { - $user{$1} = ref $user{$1} eq "ARRAY" ? [] : undef; - } - #if (exists $useradd{$1}) - # { - # $useradd{$1} = []; - # } - next; - } + # Support env variable assignments among the options + if (m|^(\w+)=(.+)?$|) + { + $cmdvars{$1} = $2; + # Every time a variable is given as a configuration argument, + # it acts as a reset if the variable. + if (exists $user{$1}) + { + $user{$1} = ref $user{$1} eq "ARRAY" ? [] : undef; + } + #if (exists $useradd{$1}) + # { + # $useradd{$1} = []; + # } + next; + } - # VMS is a case insensitive environment, and depending on settings - # out of our control, we may receive options uppercased. Let's - # downcase at least the part before any equal sign. - if ($^O eq "VMS") - { - s/^([^=]*)/lc($1)/e; - } + # VMS is a case insensitive environment, and depending on settings + # out of our control, we may receive options uppercased. Let's + # downcase at least the part before any equal sign. + if ($^O eq "VMS") + { + s/^([^=]*)/lc($1)/e; + } - # some people just can't read the instructions, clang people have to... - s/^-no-(?!integrated-as)/no-/; + # some people just can't read the instructions, clang people have to... + s/^-no-(?!integrated-as)/no-/; - # rewrite some options in "enable-..." form - s /^-?-?shared$/enable-shared/; - s /^sctp$/enable-sctp/; - s /^threads$/enable-threads/; - s /^zlib$/enable-zlib/; - s /^zlib-dynamic$/enable-zlib-dynamic/; + # rewrite some options in "enable-..." form + s /^-?-?shared$/enable-shared/; + s /^sctp$/enable-sctp/; + s /^threads$/enable-threads/; + s /^zlib$/enable-zlib/; + s /^zlib-dynamic$/enable-zlib-dynamic/; if (/^(no|disable|enable)-(.+)$/) { @@ -715,21 +712,24 @@ while (@argvcopy) } elsif (exists $deprecated_disablables{$1}) { - $deprecated_options{$_} = 1; - if (defined $deprecated_disablables{$1}) + if ($deprecated_disablables{$1} ne "") { - $disabled{$deprecated_disablables{$1}} = "option"; + $deprecated_options{$_} = 1; + if (defined $deprecated_disablables{$1}) + { + $disabled{$deprecated_disablables{$1}} = "option"; + } } } else { $disabled{$1} = "option"; } - # No longer an automatic choice - $auto_threads = 0 if ($1 eq "threads"); - } - elsif (/^enable-(.+)$/) - { + # No longer an automatic choice + $auto_threads = 0 if ($1 eq "threads"); + } + elsif (/^enable-(.+)$/) + { if ($1 eq "static-engine") { $disabled{"dynamic-engine"} = "option"; @@ -742,173 +742,172 @@ while (@argvcopy) { delete $disabled{"zlib"}; } - my $algo = $1; - delete $disabled{$algo}; + my $algo = $1; + delete $disabled{$algo}; - # No longer an automatic choice - $auto_threads = 0 if ($1 eq "threads"); - } - elsif (/^--strict-warnings$/) - { - $strict_warnings = 1; - } - elsif (/^--debug$/) - { - $config{build_type} = "debug"; - } - elsif (/^--release$/) - { - $config{build_type} = "release"; - } - elsif (/^386$/) - { $config{processor}=386; } - elsif (/^fips$/) - { - die "FIPS mode not supported\n"; - } - elsif (/^rsaref$/) - { - # No RSAref support any more since it's not needed. - # The check for the option is there so scripts aren't - # broken - } - elsif (/^nofipscanistercheck$/) - { - die "FIPS mode not supported\n"; - } - elsif (/^[-+]/) - { - if (/^--prefix=(.*)$/) - { - $config{prefix}=$1; - die "Directory given with --prefix MUST be absolute\n" - unless file_name_is_absolute($config{prefix}); - } - elsif (/^--api=(.*)$/) - { - $config{api}=$1; - } - elsif (/^--libdir=(.*)$/) - { - $config{libdir}=$1; - } - elsif (/^--openssldir=(.*)$/) - { - $config{openssldir}=$1; - } - elsif (/^--with-zlib-lib=(.*)$/) - { - $withargs{zlib_lib}=$1; - } - elsif (/^--with-zlib-include=(.*)$/) - { - $withargs{zlib_include}=$1; - } - elsif (/^--with-fuzzer-lib=(.*)$/) - { - $withargs{fuzzer_lib}=$1; - } - elsif (/^--with-fuzzer-include=(.*)$/) - { - $withargs{fuzzer_include}=$1; - } - elsif (/^--with-rand-seed=(.*)$/) - { - foreach my $x (split(m|,|, $1)) - { - die "Unknown --with-rand-seed choice $x\n" - if ! grep { $x eq $_ } @known_seed_sources; - push @seed_sources, $x; - } + # No longer an automatic choice + $auto_threads = 0 if ($1 eq "threads"); + } + elsif (/^--strict-warnings$/) + { + # Pretend that our strict flags is a C flag, and replace it + # with the proper flags later on + push @{$useradd{CFLAGS}}, '--ossl-strict-warnings'; + $strict_warnings=1; + } + elsif (/^--debug$/) + { + $config{build_type} = "debug"; + } + elsif (/^--release$/) + { + $config{build_type} = "release"; + } + elsif (/^386$/) + { $config{processor}=386; } + elsif (/^fips$/) + { + die "FIPS mode not supported\n"; + } + elsif (/^rsaref$/) + { + # No RSAref support any more since it's not needed. + # The check for the option is there so scripts aren't + # broken + } + elsif (/^nofipscanistercheck$/) + { + die "FIPS mode not supported\n"; + } + elsif (/^[-+]/) + { + if (/^--prefix=(.*)$/) + { + $config{prefix}=$1; + die "Directory given with --prefix MUST be absolute\n" + unless file_name_is_absolute($config{prefix}); } - elsif (/^--cross-compile-prefix=(.*)$/) - { - $user{CROSS_COMPILE}=$1; - } - elsif (/^--config=(.*)$/) - { - read_config $1; - } - elsif (/^-l(.*)$/) - { - push @{$useradd{LDLIBS}}, $_; - } - elsif (/^-framework$/) - { - push @{$useradd{LDLIBS}}, $_, shift(@argvcopy); - } - elsif (/^-L(.*)$/ or /^-Wl,/) - { - push @{$useradd{LDFLAGS}}, $_; - } - elsif (/^-rpath$/ or /^-R$/) - # -rpath is the OSF1 rpath flag - # -R is the old Solaris rpath flag - { - my $rpath = shift(@argvcopy) || ""; - $rpath .= " " if $rpath ne ""; - push @{$useradd{LDFLAGS}}, $_, $rpath; - } - elsif (/^-static$/) - { - push @{$useradd{LDFLAGS}}, $_; - $disabled{"dso"} = "forced"; - $disabled{"pic"} = "forced"; - $disabled{"shared"} = "forced"; - $disabled{"threads"} = "forced"; - } - elsif (/^-D(.*)$/) - { - push @{$useradd{CPPDEFINES}}, $1; - } - elsif (/^-I(.*)$/) - { - push @{$useradd{CPPINCLUDES}}, $1; - } - elsif (/^-Wp,$/) - { - push @{$useradd{CPPFLAGS}}, $1; - } - else # common if (/^[-+]/), just pass down... - { - $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei; - push @{$useradd{CFLAGS}}, $_; - push @{$useradd{CXXFLAGS}}, $_; - } - } - else - { - die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); - $target=$_; - } - unless ($_ eq $target || /^no-/ || /^disable-/) - { - # "no-..." follows later after implied deactivations - # have been derived. (Don't take this too seriously, - # we really only write OPTIONS to the Makefile out of - # nostalgia.) + elsif (/^--api=(.*)$/) + { + $config{api}=$1; + } + elsif (/^--libdir=(.*)$/) + { + $config{libdir}=$1; + } + elsif (/^--openssldir=(.*)$/) + { + $config{openssldir}=$1; + } + elsif (/^--with-zlib-lib=(.*)$/) + { + $withargs{zlib_lib}=$1; + } + elsif (/^--with-zlib-include=(.*)$/) + { + $withargs{zlib_include}=$1; + } + elsif (/^--with-fuzzer-lib=(.*)$/) + { + $withargs{fuzzer_lib}=$1; + } + elsif (/^--with-fuzzer-include=(.*)$/) + { + $withargs{fuzzer_include}=$1; + } + elsif (/^--with-rand-seed=(.*)$/) + { + foreach my $x (split(m|,|, $1)) + { + die "Unknown --with-rand-seed choice $x\n" + if ! grep { $x eq $_ } @known_seed_sources; + push @seed_sources, $x; + } + } + elsif (/^--cross-compile-prefix=(.*)$/) + { + $user{CROSS_COMPILE}=$1; + } + elsif (/^--config=(.*)$/) + { + read_config $1; + } + elsif (/^-l(.*)$/) + { + push @{$useradd{LDLIBS}}, $_; + } + elsif (/^-framework$/) + { + push @{$useradd{LDLIBS}}, $_, shift(@argvcopy); + } + elsif (/^-L(.*)$/ or /^-Wl,/) + { + push @{$useradd{LDFLAGS}}, $_; + } + elsif (/^-rpath$/ or /^-R$/) + # -rpath is the OSF1 rpath flag + # -R is the old Solaris rpath flag + { + my $rpath = shift(@argvcopy) || ""; + $rpath .= " " if $rpath ne ""; + push @{$useradd{LDFLAGS}}, $_, $rpath; + } + elsif (/^-static$/) + { + push @{$useradd{LDFLAGS}}, $_; + } + elsif (/^-D(.*)$/) + { + push @{$useradd{CPPDEFINES}}, $1; + } + elsif (/^-I(.*)$/) + { + push @{$useradd{CPPINCLUDES}}, $1; + } + elsif (/^-Wp,$/) + { + push @{$useradd{CPPFLAGS}}, $1; + } + else # common if (/^[-+]/), just pass down... + { + $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei; + push @{$useradd{CFLAGS}}, $_; + push @{$useradd{CXXFLAGS}}, $_; + } + } + else + { + die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); + $target=$_; + } + unless ($_ eq $target || /^no-/ || /^disable-/) + { + # "no-..." follows later after implied deactivations + # have been derived. (Don't take this too seriously, + # we really only write OPTIONS to the Makefile out of + # nostalgia.) - if ($config{options} eq "") - { $config{options} = $_; } - else - { $config{options} .= " ".$_; } - } - } + if ($config{options} eq "") + { $config{options} = $_; } + else + { $config{options} .= " ".$_; } + } + } if (defined($config{api}) && !exists $apitable->{$config{api}}) { - die "***** Unsupported api compatibility level: $config{api}\n", + die "***** Unsupported api compatibility level: $config{api}\n", } if (keys %deprecated_options) - { - warn "***** Deprecated options: ", - join(", ", keys %deprecated_options), "\n"; - } + { + warn "***** Deprecated options: ", + join(", ", keys %deprecated_options), "\n"; + } if (keys %unsupported_options) - { - die "***** Unsupported options: ", - join(", ", keys %unsupported_options), "\n"; - } + { + die "***** Unsupported options: ", + join(", ", keys %unsupported_options), "\n"; + } # If any %useradd entry has been set, we must check that the "make # variables" haven't been set. We start by checking of any %useradd entry @@ -964,36 +963,46 @@ if (grep { /-rpath\b/ } ($user{LDFLAGS} ? @{$user{LDFL && !$disabled{shared} && !($disabled{asan} && $disabled{msan} && $disabled{ubsan})) { die "***** Cannot simultaneously use -rpath, shared libraries, and\n", - "***** any of asan, msan or ubsan\n"; + "***** any of asan, msan or ubsan\n"; } -my @tocheckfor = (keys %disabled); -while (@tocheckfor) { - my %new_tocheckfor = (); - my @cascade_copy = (@disable_cascades); - while (@cascade_copy) { - my ($test, $descendents) = (shift @cascade_copy, shift @cascade_copy); - if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) { - foreach(grep { !defined($disabled{$_}) } @$descendents) { - $new_tocheckfor{$_} = 1; $disabled{$_} = "forced"; - } - } +sub disable { + my $disable_type = shift; + + for (@_) { + $disabled{$_} = $disable_type; } - @tocheckfor = (keys %new_tocheckfor); + + my @tocheckfor = (@_ ? @_ : keys %disabled); + while (@tocheckfor) { + my %new_tocheckfor = (); + my @cascade_copy = (@disable_cascades); + while (@cascade_copy) { + my ($test, $descendents) = + (shift @cascade_copy, shift @cascade_copy); + if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) { + foreach (grep { !defined($disabled{$_}) } @$descendents) { + $new_tocheckfor{$_} = 1; $disabled{$_} = "cascade"; + } + } + } + @tocheckfor = (keys %new_tocheckfor); + } } +disable(); # First cascade run our $die = sub { die @_; }; if ($target eq "TABLE") { local $die = sub { warn @_; }; foreach (sort keys %table) { - print_table_entry($_, "TABLE"); + print_table_entry($_, "TABLE"); } exit 0; } if ($target eq "LIST") { foreach (sort keys %table) { - print $_,"\n" unless $table{$_}->{template}; + print $_,"\n" unless $table{$_}->{template}; } exit 0; } @@ -1002,7 +1011,7 @@ if ($target eq "HASH") { local $die = sub { warn @_; }; print "%table = (\n"; foreach (sort keys %table) { - print_table_entry($_, "HASH"); + print_table_entry($_, "HASH"); } exit 0; } @@ -1033,7 +1042,7 @@ _____ } push @{$config{openssl_other_defines}}, map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" } - @seed_sources; + @seed_sources; # Backward compatibility? if ($target =~ m/^CygWin32(-.*)$/) { @@ -1047,7 +1056,7 @@ if ($d) { # If we do not find debug-foo in the table, the target is set to foo. if (!$table{$target}) { - $target = $t; + $target = $t; } } @@ -1064,47 +1073,11 @@ foreach (keys %target_attr_translate) { %target = ( %{$table{DEFAULTS}}, %target ); -# Make the flags to build DSOs the same as for shared libraries unless they -# are already defined -$target{module_cflags} = $target{shared_cflag} unless defined $target{module_cflags}; -$target{module_cxxflags} = $target{shared_cxxflag} unless defined $target{module_cxxflags}; -$target{module_ldflags} = $target{shared_ldflag} unless defined $target{module_ldflags}; *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***