[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Thu Jan 21 06:04:50 UTC 2016
The branch master has been updated
via 7fccf05d26ff3831a6d936fe09e733fcffc6901b (commit)
via c569e206d2abd186db400240a5746fa52b7f5198 (commit)
via fe05264e32327e33f0b0c091479affeecbf55e89 (commit)
from feb2f53edc7e9b96cfe9c0ab611461edabdd2b34 (commit)
- Log -----------------------------------------------------------------
commit 7fccf05d26ff3831a6d936fe09e733fcffc6901b
Author: Richard Levitte <levitte at openssl.org>
Date: Thu Jan 21 01:23:43 2016 +0100
Refactor config - throw away the last remains of '--test-sanity'
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
commit c569e206d2abd186db400240a5746fa52b7f5198
Author: Richard Levitte <levitte at openssl.org>
Date: Mon May 18 11:03:47 2015 +0200
Refactor config - consolidate handling of disabled stuff
It's time to refactor the handling of %disabled so that all
information of value is in the same place. We have so far had a few
cascading disable rules in form of code, far away from %disabled.
Instead, bring that information to the array @disable_cascade, which
is a list of pairs of the form 'test => descendents'. The test part
can be a string, and it's simply checked if that string is a key in
%disabled, or it can be a CODEref to do a more complex test. If the
test comes true, then all descendents are disabled. This check is
performed until there are no more things that need to be disabled.
Also, $default_depflags is constructed from the information in
%disabled instead of being a separate string. While a string of its
own is visually appealing, it's much too easy to forget to update it
when something is changed in %disabled.
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
commit fe05264e32327e33f0b0c091479affeecbf55e89
Author: Richard Levitte <levitte at openssl.org>
Date: Mon May 18 03:33:55 2015 +0200
Refactor config - rewrite handling of "reconf"
The way the "reconf"/"reconfigure" argument is handled is overly
complicated. Just grep for it first, and if it is there in the
current arguments, get the old command line arguments from Makefile.
While we're at it, make the Makefile variable CONFIGURE_ARGS hold the
value as a perl list of strings. This makes things much safer in case
one of the arguments would contain a space. Since CONFIGURE_ARGS is
used for nothing else, there's no harm in this.
Reviewed-by: Viktor Dukhovni <viktor at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
Configure | 603 ++++++++++++++++++++++++++++----------------------------------
1 file changed, 276 insertions(+), 327 deletions(-)
diff --git a/Configure b/Configure
index 594d917..5189fcb 100755
--- a/Configure
+++ b/Configure
@@ -14,7 +14,7 @@ use File::Spec::Functions;
# see INSTALL for instructions.
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n";
# Options:
#
@@ -30,9 +30,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# default). This needn't be set in advance, you can
# just as well use "make INSTALL_PREFIX=/whatever install".
#
-# --test-sanity Make a number of sanity checks on the data in this file.
-# This is a debugging tool for OpenSSL developers.
-#
# --cross-compile-prefix Add specified prefix to binutils components.
#
# --api One of 0.9.8, 1.0.0 or 1.1.0. Do not compile support for
@@ -602,9 +599,72 @@ my %disabled = ( # "what" => "comment" [or special keyword "experimental
);
my @experimental = ();
-# This is what $depflags will look like with the above defaults
-# (we need this to see if we should advise the user to run "make depend"):
-my $default_depflags = " -DOPENSSL_NO_CRYPTO_MDEBUG -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST";
+# Note: => pair form used for aesthetics, not to truly make a hash table
+my @disable_cascades = (
+ # "what" => [ "cascade", ... ]
+ sub { $processor eq "386" }
+ => [ "sse2" ],
+ "ssl" => [ "ssl3" ],
+ "ssl3-method" => [ "ssl3" ],
+ "zlib" => [ "zlib-dynamic" ],
+ "rijndael" => [ "aes" ],
+ "des" => [ "mdc2" ],
+ "ec" => [ "ecdsa", "ecdh", "gost" ],
+ "dsa" => [ "gost" ],
+ "dh" => [ "gost" ],
+
+ "dgram" => [ "dtls" ],
+ "dtls" => [ @dtls ],
+
+ # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA
+ "md5" => [ "ssl", "tls1", "tls1_1", "dtls1" ],
+ "sha" => [ "ssl", "tls1", "tls1_1", "dtls1" ],
+
+ # Additionally, SSL 3.0 requires either RSA or DSA+DH
+ sub { $disabled{rsa}
+ && ($disabled{dsa} || $disabled{dh}); }
+ => [ "ssl" ],
+
+ # (D)TLS 1.0 and TLS 1.1 also require either RSA or DSA+DH
+ # or ECDSA + ECDH. (D)TLS 1.2 has this requirement as well.
+ # (XXX: We don't support PSK-only builds).
+ sub { $disabled{rsa}
+ && ($disabled{dsa} || $disabled{dh})
+ && ($disabled{ecdsa} || $disabled{ecdh}); }
+ => [ "tls1", "tls1_1", "tls1_2",
+ "dtls1", "dtls1_2" ],
+
+ "tls" => [ @tls ],
+
+ # SRP and HEARTBEATS require TLSEXT
+ "tlsext" => [ "srp", "heartbeats" ],
+ );
+
+# Avoid protocol support holes. Also disable all versions below N, if version
+# N is disabled while N+1 is enabled.
+#
+my @list = (reverse @tls);
+while ((my $first, my $second) = (shift @list, shift @list)) {
+ last unless @list;
+ push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} }
+ => [ @list ] );
+ unshift @list, $second;
+}
+my @list = (reverse @dtls);
+while ((my $first, my $second) = (shift @list, shift @list)) {
+ last unless @list;
+ push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} }
+ => [ @list ] );
+ unshift @list, $second;
+}
+
+# Construct the string of what $depflags should look like with the defaults
+# from %disabled above. (we need this to see if we should advise the user
+# to run "make depend"):
+my $default_depflags = " ".join(" ",
+ map { my $x = $_; $x =~ tr{[a-z]-}{[A-Z]_}; "-DOPENSSL_NO_$x"; }
+ grep { $disabled{$_} !~ /\(no-depflags\)$/ }
+ sort keys %disabled);
# Explicit "no-..." options will be collected in %disabled along with the defaults.
# To remove something from %disabled, use "enable-foo" (unless it's experimental).
@@ -619,257 +679,235 @@ my $no_sse2=0;
&usage if ($#ARGV < 0);
-my $flags;
-my $depflags;
-my $openssl_experimental_defines;
-my $openssl_algorithm_defines;
-my $openssl_thread_defines;
+my $flags="";
+my $depflags="";
+my $openssl_experimental_defines="";
+my $openssl_algorithm_defines="";
+my $openssl_thread_defines="";
my $openssl_sys_defines="";
-my $openssl_other_defines;
-my $libs;
-my $target;
-my $options;
+my $openssl_other_defines="";
+my $libs="";
+my $target="";
+my $options="";
my $api;
my $make_depend=0;
my %withargs=();
my $build_prefix = "release_";
my @argvcopy=@ARGV;
-my $argvstring="";
-my $argv_unprocessed=1;
-while($argv_unprocessed)
- {
- $flags="";
- $depflags="";
- $openssl_experimental_defines="";
- $openssl_algorithm_defines="";
- $openssl_thread_defines="";
- $openssl_sys_defines="";
- $openssl_other_defines="";
- $libs="";
- $target="";
- $options="";
-
- $argv_unprocessed=0;
- $argvstring=join(' ', at argvcopy);
-
-PROCESS_ARGS:
+if (grep /^reconf(igure)?$/, @argvcopy) {
+ if (open IN, "<$Makefile") {
+ while (<IN>) {
+ chomp;
+ if (/^CONFIGURE_ARGS=\s*(.*)\s*/) {
+ my $line = $1;
+ if ($line =~ /^\s*\(/) {
+ # New form perl expression saved in Makefile, eval it
+ @argvcopy = eval $line;
+ } else {
+ # Older form, we split the string and hope for the best
+ @argvcopy = split /\s+/, $line;
+ }
+ die "Incorrect data to reconfigure, please do a normal configuration\n"
+ if (grep(/^reconf/, at argvcopy));
+ } elsif (/^CROSS_COMPILE=\s*(.*)/) {
+ $ENV{CROSS_COMPILE}=$1;
+ } elsif (/^CC=\s*(?:\$\(CROSS_COMPILE\))?(.*?)$/) {
+ $ENV{CC}=$1;
+ }
+ }
+ print "Reconfiguring with: ", join(" ", at argvcopy), "\n";
+ print " CROSS_COMPILE = ",$ENV{CROSS_COMPILE},"\n"
+ if $ENV{CROSS_COMPILE};
+ print " CC = ",$ENV{CC},"\n" if $ENV{CC};
+ close IN;
+ } else {
+ die "Insufficient data to reconfigure, please do a normal configuration\n";
+ }
+}
+
+
+my %unsupported_options = ();
+foreach (@argvcopy)
{
- my %unsupported_options = ();
- foreach (@argvcopy)
- {
- s /^-no-/no-/; # some people just can't read the instructions
+ s /^-no-/no-/; # some people just can't read the instructions
- # rewrite some options in "enable-..." form
- s /^-?-?shared$/enable-shared/;
- s /^sctp$/enable-sctp/;
- s /^threads$/enable-threads/;
- s /^zlib$/enable-zlib/;
- s /^zlib-dynamic$/enable-zlib-dynamic/;
+ # rewrite some options in "enable-..." form
+ s /^-?-?shared$/enable-shared/;
+ s /^sctp$/enable-sctp/;
+ s /^threads$/enable-threads/;
+ s /^zlib$/enable-zlib/;
+ s /^zlib-dynamic$/enable-zlib-dynamic/;
- if (/^(no|disable|enable|experimental)-(.+)$/)
+ if (/^(no|disable|enable|experimental)-(.+)$/)
+ {
+ my $word = $2;
+ if (!grep { $word =~ /^${_}$/ } @disablables)
{
- my $word = $2;
- if (!grep { $word =~ /^${_}$/ } @disablables)
- {
- $unsupported_options{$_} = 1;
- next;
- }
+ $unsupported_options{$_} = 1;
+ next;
}
- if (/^no-(.+)$/ || /^disable-(.+)$/)
+ }
+ if (/^no-(.+)$/ || /^disable-(.+)$/)
+ {
+ if (!($disabled{$1} eq "experimental"))
{
- if (!($disabled{$1} eq "experimental"))
+ foreach my $proto ((@tls, @dtls))
{
- foreach my $proto ((@tls, @dtls))
- {
- if ($1 eq "$proto-method")
- {
- $disabled{"$proto"} = "option($proto-method)";
- last;
- }
- }
- if ($1 eq "dtls")
- {
- foreach my $proto (@dtls)
- {
- $disabled{$proto} = "option(dtls)";
- }
- }
- elsif ($1 eq "ssl")
+ if ($1 eq "$proto-method")
{
- # Last one of its kind
- $disabled{"ssl3"} = "option(ssl)";
+ $disabled{"$proto"} = "option($proto-method)";
+ last;
}
- elsif ($1 eq "tls")
+ }
+ if ($1 eq "dtls")
+ {
+ foreach my $proto (@dtls)
{
- # XXX: Tests will fail if all SSL/TLS
- # protocols are disabled.
- foreach my $proto (@tls)
- {
- $disabled{$proto} = "option(tls)";
- }
+ $disabled{$proto} = "option(dtls)";
}
- else
+ }
+ elsif ($1 eq "ssl")
+ {
+ # Last one of its kind
+ $disabled{"ssl3"} = "option(ssl)";
+ }
+ elsif ($1 eq "tls")
+ {
+ # XXX: Tests will fail if all SSL/TLS
+ # protocols are disabled.
+ foreach my $proto (@tls)
{
- $disabled{$1} = "option";
+ $disabled{$proto} = "option(tls)";
}
}
- }
- elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
- {
- my $algo = $1;
- if ($disabled{$algo} eq "experimental")
+ else
{
- die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
- unless (/^experimental-/);
- push @experimental, $algo;
+ $disabled{$1} = "option";
}
- delete $disabled{$algo};
+ }
+ }
+ elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
+ {
+ my $algo = $1;
+ if ($disabled{$algo} eq "experimental")
+ {
+ die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
+ unless (/^experimental-/);
+ push @experimental, $algo;
+ }
+ delete $disabled{$algo};
- $threads = 1 if ($algo eq "threads");
+ $threads = 1 if ($algo eq "threads");
+ }
+ elsif (/^--strict-warnings$/)
+ {
+ $strict_warnings = 1;
+ }
+ elsif (/^--debug$/)
+ {
+ $build_prefix = "debug_";
+ }
+ elsif (/^--release$/)
+ {
+ $build_prefix = "release_";
+ }
+ elsif (/^386$/)
+ { $processor=386; }
+ elsif (/^fips$/)
+ {
+ $fips=1;
+ }
+ elsif (/^rsaref$/)
+ {
+ # No RSAref support any more since it's not needed.
+ # The check for the option is there so scripts aren't
+ # broken
+ }
+ elsif (/^nofipscanistercheck$/)
+ {
+ $fips = 1;
+ $nofipscanistercheck = 1;
+ }
+ elsif (/^[-+]/)
+ {
+ if (/^--prefix=(.*)$/)
+ {
+ $prefix=$1;
}
- elsif (/^--strict-warnings$/)
+ elsif (/^--api=(.*)$/)
{
- $strict_warnings = 1;
+ $api=$1;
}
- elsif (/^--debug$/)
+ elsif (/^--libdir=(.*)$/)
{
- $build_prefix = "debug_";
+ $libdir=$1;
}
- elsif (/^--release$/)
+ elsif (/^--openssldir=(.*)$/)
{
- $build_prefix = "release_";
+ $openssldir=$1;
}
- elsif (/^reconfigure/ || /^reconf/)
+ elsif (/^--install.prefix=(.*)$/)
{
- if (open(IN,"<$Makefile"))
- {
- my $config_args_found=0;
- while (<IN>)
- {
- chomp;
- if (/^CONFIGURE_ARGS=(.*)/)
- {
- $argvstring=$1;
- @argvcopy=split(' ',$argvstring);
- die "Incorrect data to reconfigure, please do a normal configuration\n"
- if (grep(/^reconf/, at argvcopy));
- print "Reconfiguring with: $argvstring\n";
- $argv_unprocessed=1;
- $config_args_found=1;
- }
- elsif (/^CROSS_COMPILE=\s*(.*)/)
- {
- $ENV{CROSS_COMPILE}=$1;
- }
- elsif (/^CC=\s*(?:\$\(CROSS_COMPILE\))?(.*?)$/)
- {
- $ENV{CC}=$1;
- }
- }
- close(IN);
- last PROCESS_ARGS if ($config_args_found);
- }
- die "Insufficient data to reconfigure, please do a normal configuration\n";
+ $install_prefix=$1;
}
- elsif (/^386$/)
- { $processor=386; }
- elsif (/^fips$/)
+ elsif (/^--with-zlib-lib=(.*)$/)
{
- $fips=1;
+ $withargs{"zlib-lib"}=$1;
}
- elsif (/^rsaref$/)
+ elsif (/^--with-zlib-include=(.*)$/)
{
- # No RSAref support any more since it's not needed.
- # The check for the option is there so scripts aren't
- # broken
+ $withargs{"zlib-include"}="-I$1";
}
- elsif (/^nofipscanistercheck$/)
+ elsif (/^--with-fipslibdir=(.*)$/)
{
- $fips = 1;
- $nofipscanistercheck = 1;
+ $fipslibdir="$1/";
}
- elsif (/^[-+]/)
+ elsif (/^--with-baseaddr=(.*)$/)
{
- if (/^--prefix=(.*)$/)
- {
- $prefix=$1;
- }
- elsif (/^--api=(.*)$/)
- {
- $api=$1;
- }
- elsif (/^--libdir=(.*)$/)
- {
- $libdir=$1;
- }
- elsif (/^--openssldir=(.*)$/)
- {
- $openssldir=$1;
- }
- elsif (/^--install.prefix=(.*)$/)
- {
- $install_prefix=$1;
- }
- elsif (/^--with-zlib-lib=(.*)$/)
- {
- $withargs{"zlib-lib"}=$1;
- }
- elsif (/^--with-zlib-include=(.*)$/)
- {
- $withargs{"zlib-include"}="-I$1";
- }
- elsif (/^--with-fipslibdir=(.*)$/)
- {
- $fipslibdir="$1/";
- }
- elsif (/^--with-baseaddr=(.*)$/)
- {
- $baseaddr="$1";
- }
- elsif (/^--cross-compile-prefix=(.*)$/)
- {
- $cross_compile_prefix=$1;
- }
- elsif (/^--config=(.*)$/)
- {
- read_config $1;
- }
- elsif (/^-[lL](.*)$/ or /^-Wl,/)
- {
- $libs.=$_." ";
- }
- else # common if (/^[-+]/), just pass down...
- {
- $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
- $flags.=$_." ";
- }
+ $baseaddr="$1";
}
- elsif ($_ =~ /^([^:]+):(.+)$/)
+ elsif (/^--cross-compile-prefix=(.*)$/)
{
- eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
- $target=$1;
+ $cross_compile_prefix=$1;
}
- else
+ elsif (/^--config=(.*)$/)
{
- die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
- $target=$_;
+ read_config $1;
}
-
- unless ($_ eq $target || /^no-/ || /^disable-/)
+ elsif (/^-[lL](.*)$/ or /^-Wl,/)
{
- # "no-..." follows later after implied disactivations
- # have been derived. (Don't take this too seroiusly,
- # we really only write OPTIONS to the Makefile out of
- # nostalgia.)
-
- if ($options eq "")
- { $options = $_; }
- else
- { $options .= " ".$_; }
+ $libs.=$_." ";
+ }
+ else # common if (/^[-+]/), just pass down...
+ {
+ $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
+ $flags.=$_." ";
}
}
+ elsif ($_ =~ /^([^:]+):(.+)$/)
+ {
+ eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
+ $target=$1;
+ }
+ else
+ {
+ die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
+ $target=$_;
+ }
+ unless ($_ eq $target || /^no-/ || /^disable-/)
+ {
+ # "no-..." follows later after implied disactivations
+ # have been derived. (Don't take this too seroiusly,
+ # we really only write OPTIONS to the Makefile out of
+ # nostalgia.)
+
+ if ($options eq "")
+ { $options = $_; }
+ else
+ { $options .= " ".$_; }
+ }
if (defined($api) && !exists $apitable->{$api}) {
die "***** Unsupported api compatibility level: $api\n",
@@ -881,124 +919,26 @@ PROCESS_ARGS:
join(", ", keys %unsupported_options), "\n";
}
}
- }
-
-
-if ($processor eq "386")
- {
- $disabled{"sse2"} = "forced";
- }
-
-if (!defined($disabled{"zlib-dynamic"}))
- {
- # "zlib-dynamic" was specifically enabled, so enable "zlib"
- delete $disabled{"zlib"};
- }
-
-if (defined($disabled{"rijndael"}))
- {
- $disabled{"aes"} = "forced";
- }
-if (defined($disabled{"des"}))
- {
- $disabled{"mdc2"} = "forced";
- }
-if (defined($disabled{"ec"}))
- {
- $disabled{"ecdsa"} = "forced";
- $disabled{"ecdh"} = "forced";
- }
-
-# SSL 3.0 requires MD5 and SHA and either RSA or DSA+DH
-if (defined($disabled{"md5"}) || defined($disabled{"sha"})
- || (defined($disabled{"rsa"})
- && (defined($disabled{"dsa"}) || defined($disabled{"dh"}))))
- {
- $disabled{"ssl3"} = "forced";
- $disabled{"ssl"} = "forced";
- }
-
-# (D)TLS 1.0 and TLS 1.1 require MD5 and SHA and either RSA or DSA+DH
-# or ECDSA + ECDH. (XXX: We don't support PSK-only builds).
-#
-if (defined($disabled{"md5"}) || defined($disabled{"sha"})
- || (defined($disabled{"rsa"})
- && (defined($disabled{"dsa"}) || defined($disabled{"dh"}))
- && (defined($disabled{"ecdsa"}) || defined($disabled{"ecdh"}))))
- {
- $disabled{"tls1"} = "forced";
- $disabled{"dtls1"} = "forced";
- $disabled{"tls1_1"} = "forced";
- }
-# (D)TLS 1.2 requires either RSA or DSA+DH or ECDSA + ECDH
-# So if all are missing, we can't do either TLS or DTLS.
-# (XXX: We don't support PSK-only builds).
-#
-if (defined($disabled{"rsa"})
- && (defined($disabled{"dsa"}) || defined($disabled{"dh"}))
- && (defined($disabled{"ecdsa"}) || defined($disabled{"ecdh"})))
- {
- $disabled{"tls"} = "forced";
- $disabled{"dtls"} = "forced";
- foreach my $proto ((@tls, @dtls))
- {
- $disabled{"$proto"} = "forced";
- }
- }
-
-
-# Avoid protocol support holes. Also disable all versions below N, if version
-# N is disabled while N+1 is enabled.
-#
-my $prev_disabled = 1;
-my $force_disable = 0;
-foreach my $proto (reverse(@tls))
- {
- if ($force_disable)
- {
- $disabled{$proto} = 1;
- }
- elsif (! defined($disabled{$proto}))
- {
- $prev_disabled = 0;
- }
- elsif (! $prev_disabled)
- {
- $force_disable = 1;
- }
- }
-my $prev_disabled = 1;
-my $force_disable = 0;
-foreach my $proto (reverse(@dtls))
- {
- if ($force_disable)
- {
- $disabled{$proto} = 1;
- }
- elsif (! defined($disabled{$proto}))
- {
- $prev_disabled = 0;
- }
- elsif (! $prev_disabled)
- {
- $force_disable = 1;
- }
- }
-
-if (defined($disabled{"dgram"}))
+if ($fips)
{
- $disabled{"dtls"} = "forced";
- $disabled{"dtls1"} = "forced";
- $disabled{"dtls1_2"} = "forced";
+ delete $disabled{"shared"} if ($disabled{"shared"} =~ /^default/);
}
-if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
- || defined($disabled{"dh"}) || defined($disabled{"stdio"}))
- {
- $disabled{"gost"} = "forced";
+my @tocheckfor = (keys %disabled);
+while (@tocheckfor) {
+ my %new_tocheckfor = ();
+ my @cascade_copy = (@disable_cascades);
+ while (@cascade_copy) {
+ my ($test, $descendents) = (shift @cascade_copy, shift @cascade_copy);
+ if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) {
+ map {
+ $new_tocheckfor{$_} => 1; $disabled{$_} = "forced";
+ } grep { !defined($disabled{$_}) } @$descendents;
}
-
+ }
+ @tocheckfor = (keys %new_tocheckfor);
+}
if ($target eq "TABLE") {
foreach $target (sort keys %table) {
@@ -1045,11 +985,6 @@ my %target = resolve_config($target);
&usage if (!%target || $target{template});
-if ($fips)
- {
- delete $disabled{"shared"} if ($disabled{"shared"} eq "default");
- }
-
foreach (sort (keys %disabled))
{
$options .= " no-$_";
@@ -1617,6 +1552,7 @@ while (<IN>)
s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
s/^PLATFORM=.*$/PLATFORM=$target/;
s/^OPTIONS=.*$/OPTIONS=$options/;
+ my $argvstring = "(".join(", ", map { quotify("perl", $_) } @argvcopy).")";
s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
if ($cross_compile_prefix)
{
@@ -2384,3 +2320,16 @@ EOF
print " },\n";
}
}
+
+sub quotify {
+ my %processors = (
+ perl => sub { my $x = shift;
+ $x =~ s/([\\\$\@"])/\\$1/g;
+ return '"'.$x.'"'; },
+ );
+ my $for = shift;
+ my $processor =
+ defined($processors{$for}) ? $processors{$for} : sub { shift; };
+
+ map { $processor->($_); } @_;
+}
More information about the openssl-commits
mailing list