diff options
| author | Richard Levitte <levitte@openssl.org> | 2018-01-24 14:17:39 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2018-02-06 13:31:35 +0100 |
| commit | 54f3b7d2f5a313e5c702f75ee030f8a08e6bf6aa (patch) | |
| tree | 157ca682ca0538dc20768c1f88064c3d2aaa540d | |
| parent | f61f62ea13470a00ae8be691d62abec97f94f0ee (diff) | |
util/mkdef.pl: Trust configdata.pm
This script kept its own database of disablable algorithms, which is a
maintenance problem, as it's not always perfectly in sync with what
Configure does. However, we do have all the data in configdata.pm,
produced by Configure, so let's use that instead.
Also, make sure to parse the *err.h header files, as they contain
function declarations that might not be present elsewhere.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5157)
| -rwxr-xr-x | util/mkdef.pl | 84 |
1 files changed, 13 insertions, 71 deletions
diff --git a/util/mkdef.pl b/util/mkdef.pl index 98cdae537c..72d1c8f467 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -133,73 +133,23 @@ my @known_platforms = ( "__FreeBSD__", "PERL5", "EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32" ); my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" ); -my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", - "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", - "SHA256", "SHA512", "RMD160", - "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M", - "HMAC", "AES", "CAMELLIA", "SEED", "GOST", "ARIA", "SM4", - "SCRYPT", "CHACHA", "POLY1305", "BLAKE2", - "SIPHASH", "SM3", - # EC_NISTP_64_GCC_128 - "EC_NISTP_64_GCC_128", - # Envelope "algorithms" - "EVP", "X509", "ASN1_TYPEDEFS", - # Helper "algorithms" - "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR", - "LOCKING", - # External "algorithms" - "FP_API", "STDIO", "SOCK", "DGRAM", - "CRYPTO_MDEBUG", - # Engines - "STATIC_ENGINE", "ENGINE", "HW", "GMP", - # Entropy Gathering - "EGD", - # Certificate Transparency - "CT", - # RFC3779 - "RFC3779", - # TLS - "PSK", "SRP", "HEARTBEATS", - # CMS - "CMS", - "OCSP", - # CryptoAPI Engine - "CAPIENG", - # SSL methods - "SSL3_METHOD", "TLS1_METHOD", "TLS1_1_METHOD", "TLS1_2_METHOD", "DTLS1_METHOD", "DTLS1_2_METHOD", - # NEXTPROTONEG - "NEXTPROTONEG", - # Deprecated functions +my @known_algorithms = ( # These are algorithms we know are guarded in relevant + # header files, but aren't actually disablable. + # Without these, this script will warn a lot. + "RSA", "MD5", + # @disablables comes from configdata.pm + map { (my $x = uc $_) =~ s|-|_|g; $x; } @disablables, + # Deprecated functions. Not really algorithmss, but + # treated as such here for the sake of simplicity "DEPRECATEDIN_0_9_8", "DEPRECATEDIN_1_0_0", "DEPRECATEDIN_1_1_0", "DEPRECATEDIN_1_2_0", - # SCTP - "SCTP", - # SRTP - "SRTP", - # SSL TRACE - "SSL_TRACE", - # Unit testing - "UNIT_TEST", - # User Interface - "UI_CONSOLE", - # - "TS", - # OCB mode - "OCB", - "CMAC", - # APPLINK (win build feature?) - "APPLINK" ); -my %disabled_algorithms; - -foreach (@known_algorithms) { - $disabled_algorithms{$_} = 0; -} -# disabled by default -$disabled_algorithms{"STATIC_ENGINE"} = 1; +# %disabled comes from configdata.pm +my %disabled_algorithms = + map { (my $x = uc $_) =~ s|-|_|g; $x => 1; } keys %disabled; my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api}); foreach (keys %disabled_algorithms) { @@ -240,14 +190,6 @@ foreach (@ARGV, split(/ /, $config{options})) $do_ctest=1 if $_ eq "ctest"; $do_ctestall=1 if $_ eq "ctestall"; $do_checkexist=1 if $_ eq "exist"; - if (/^(enable|disable|no)-(.*)$/) { - my $alg = uc $2; - $alg =~ tr/-/_/; - if (exists $disabled_algorithms{$alg}) { - $disabled_algorithms{$alg} = $1 eq "enable" ? 0 : 1; - } - } - } $libname = $unified_info{sharednames}->{libcrypto} if $do_crypto; $libname = $unified_info{sharednames}->{libssl} if $do_ssl; @@ -302,7 +244,7 @@ $crypto.=" include/internal/err.h"; $crypto.=" include/internal/rand.h"; foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) { my $fn = "include/openssl/" . lc(basename($f)); - $crypto .= " $fn" if !defined $skipthese{$fn} && $f !~ m@/[a-z]+err\.h$@; + $crypto .= " $fn" if !defined $skipthese{$fn}; } my $symhacks="include/openssl/symhacks.h"; @@ -1138,7 +1080,7 @@ sub is_valid return 0; } else { # algorithms - if ($disabled_algorithms{$keyword} == 1) { return 0;} + if ($disabled_algorithms{$keyword}) { return 0;} # Nothing recognise as true return 1; |