[openssl-commits] [openssl] master update

Richard Levitte levitte at openssl.org
Tue Feb 6 12:31:43 UTC 2018


The branch master has been updated
       via  54f3b7d2f5a313e5c702f75ee030f8a08e6bf6aa (commit)
      from  f61f62ea13470a00ae8be691d62abec97f94f0ee (commit)


- Log -----------------------------------------------------------------
commit 54f3b7d2f5a313e5c702f75ee030f8a08e6bf6aa
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Jan 24 14:17:39 2018 +0100

    util/mkdef.pl: Trust configdata.pm
    
    This script kept its own database of disablable algorithms, which is a
    maintenance problem, as it's not always perfectly in sync with what
    Configure does.  However, we do have all the data in configdata.pm,
    produced by Configure, so let's use that instead.
    
    Also, make sure to parse the *err.h header files, as they contain
    function declarations that might not be present elsewhere.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5157)

-----------------------------------------------------------------------

Summary of changes:
 util/mkdef.pl | 84 +++++++++--------------------------------------------------
 1 file changed, 13 insertions(+), 71 deletions(-)

diff --git a/util/mkdef.pl b/util/mkdef.pl
index 98cdae5..72d1c8f 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -133,73 +133,23 @@ my @known_platforms = ( "__FreeBSD__", "PERL5",
 			"EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32"
 			);
 my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" );
-my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
-			 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
-			 "SHA256", "SHA512", "RMD160",
-			 "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M",
-			 "HMAC", "AES", "CAMELLIA", "SEED", "GOST", "ARIA", "SM4",
-                         "SCRYPT", "CHACHA", "POLY1305", "BLAKE2",
-			 "SIPHASH", "SM3",
-			 # EC_NISTP_64_GCC_128
-			 "EC_NISTP_64_GCC_128",
-			 # Envelope "algorithms"
-			 "EVP", "X509", "ASN1_TYPEDEFS",
-			 # Helper "algorithms"
-			 "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
-			 "LOCKING",
-			 # External "algorithms"
-			 "FP_API", "STDIO", "SOCK", "DGRAM",
-                         "CRYPTO_MDEBUG",
-			 # Engines
-                         "STATIC_ENGINE", "ENGINE", "HW", "GMP",
-			 # Entropy Gathering
-			 "EGD",
-			 # Certificate Transparency
-			 "CT",
-			 # RFC3779
-			 "RFC3779",
-			 # TLS
-			 "PSK", "SRP", "HEARTBEATS",
-			 # CMS
-			 "CMS",
-                         "OCSP",
-			 # CryptoAPI Engine
-			 "CAPIENG",
-			 # SSL methods
-			 "SSL3_METHOD", "TLS1_METHOD", "TLS1_1_METHOD", "TLS1_2_METHOD", "DTLS1_METHOD", "DTLS1_2_METHOD",
-			 # NEXTPROTONEG
-			 "NEXTPROTONEG",
-			 # Deprecated functions
+my @known_algorithms = ( # These are algorithms we know are guarded in relevant
+			 # header files, but aren't actually disablable.
+			 # Without these, this script will warn a lot.
+			 "RSA", "MD5",
+			 # @disablables comes from configdata.pm
+			 map { (my $x = uc $_) =~ s|-|_|g; $x; } @disablables,
+			 # Deprecated functions.  Not really algorithmss, but
+			 # treated as such here for the sake of simplicity
 			 "DEPRECATEDIN_0_9_8",
 			 "DEPRECATEDIN_1_0_0",
 			 "DEPRECATEDIN_1_1_0",
 			 "DEPRECATEDIN_1_2_0",
-			 # SCTP
-		 	 "SCTP",
-			 # SRTP
-			 "SRTP",
-			 # SSL TRACE
-		 	 "SSL_TRACE",
-			 # Unit testing
-		 	 "UNIT_TEST",
-			 # User Interface
-			 "UI_CONSOLE",
-			 #
-			 "TS",
-			 # OCB mode
-			 "OCB",
-			 "CMAC",
-                         # APPLINK (win build feature?)
-                         "APPLINK"
                      );
 
-my %disabled_algorithms;
-
-foreach (@known_algorithms) {
-    $disabled_algorithms{$_} = 0;
-}
-# disabled by default
-$disabled_algorithms{"STATIC_ENGINE"} = 1;
+# %disabled comes from configdata.pm
+my %disabled_algorithms =
+    map { (my $x = uc $_) =~ s|-|_|g; $x => 1; } keys %disabled;
 
 my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api});
 foreach (keys %disabled_algorithms) {
@@ -240,14 +190,6 @@ foreach (@ARGV, split(/ /, $config{options}))
 	$do_ctest=1 if $_ eq "ctest";
 	$do_ctestall=1 if $_ eq "ctestall";
 	$do_checkexist=1 if $_ eq "exist";
-	if (/^(enable|disable|no)-(.*)$/) {
-		my $alg = uc $2;
-		$alg =~ tr/-/_/;
-		if (exists $disabled_algorithms{$alg}) {
-			$disabled_algorithms{$alg} = $1 eq "enable" ? 0 : 1;
-		}
-	}
-
 	}
 $libname = $unified_info{sharednames}->{libcrypto} if $do_crypto;
 $libname = $unified_info{sharednames}->{libssl} if $do_ssl;
@@ -302,7 +244,7 @@ $crypto.=" include/internal/err.h";
 $crypto.=" include/internal/rand.h";
 foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) {
     my $fn = "include/openssl/" . lc(basename($f));
-    $crypto .= " $fn" if !defined $skipthese{$fn} && $f !~ m@/[a-z]+err\.h$@;
+    $crypto .= " $fn" if !defined $skipthese{$fn};
 }
 
 my $symhacks="include/openssl/symhacks.h";
@@ -1138,7 +1080,7 @@ sub is_valid
 			return 0;
 		} else {
 			# algorithms
-			if ($disabled_algorithms{$keyword} == 1) { return 0;}
+			if ($disabled_algorithms{$keyword}) { return 0;}
 
 			# Nothing recognise as true
 			return 1;


More information about the openssl-commits mailing list