Commit 54f3b7d2 authored by Richard Levitte's avatar Richard Levitte
Browse files

util/mkdef.pl: Trust configdata.pm 



This script kept its own database of disablable algorithms, which is a
maintenance problem, as it's not always perfectly in sync with what
Configure does.  However, we do have all the data in configdata.pm,
produced by Configure, so let's use that instead.

Also, make sure to parse the *err.h header files, as they contain
function declarations that might not be present elsewhere.

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5157)
parent f61f62ea

util/mkdef.pl

+13 −71
Original line number Diff line number Diff line
@@ -133,73 +133,23 @@ my @known_platforms = ( "__FreeBSD__", "PERL5", 
			"EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32"

			);

my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" );

my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",

			 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",

			 "SHA256", "SHA512", "RMD160",

			 "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M",

			 "HMAC", "AES", "CAMELLIA", "SEED", "GOST", "ARIA", "SM4",

                         "SCRYPT", "CHACHA", "POLY1305", "BLAKE2",

			 "SIPHASH", "SM3",

			 # EC_NISTP_64_GCC_128

			 "EC_NISTP_64_GCC_128",

			 # Envelope "algorithms"

			 "EVP", "X509", "ASN1_TYPEDEFS",

			 # Helper "algorithms"

			 "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",

			 "LOCKING",

			 # External "algorithms"

			 "FP_API", "STDIO", "SOCK", "DGRAM",

                         "CRYPTO_MDEBUG",

			 # Engines

                         "STATIC_ENGINE", "ENGINE", "HW", "GMP",

			 # Entropy Gathering

			 "EGD",

			 # Certificate Transparency

			 "CT",

			 # RFC3779

			 "RFC3779",

			 # TLS

			 "PSK", "SRP", "HEARTBEATS",

			 # CMS

			 "CMS",

                         "OCSP",

			 # CryptoAPI Engine

			 "CAPIENG",

			 # SSL methods

			 "SSL3_METHOD", "TLS1_METHOD", "TLS1_1_METHOD", "TLS1_2_METHOD", "DTLS1_METHOD", "DTLS1_2_METHOD",

			 # NEXTPROTONEG

			 "NEXTPROTONEG",

			 # Deprecated functions

my @known_algorithms = ( # These are algorithms we know are guarded in relevant

			 # header files, but aren't actually disablable.

			 # Without these, this script will warn a lot.

			 "RSA", "MD5",

			 # @disablables comes from configdata.pm

			 map { (my $x = uc $_) =~ s|-|_|g; $x; } @disablables,

			 # Deprecated functions.  Not really algorithmss, but

			 # treated as such here for the sake of simplicity

			 "DEPRECATEDIN_0_9_8",

			 "DEPRECATEDIN_1_0_0",

			 "DEPRECATEDIN_1_1_0",

			 "DEPRECATEDIN_1_2_0",

			 # SCTP

		 	 "SCTP",

			 # SRTP

			 "SRTP",

			 # SSL TRACE

		 	 "SSL_TRACE",

			 # Unit testing

		 	 "UNIT_TEST",

			 # User Interface

			 "UI_CONSOLE",

			 #

			 "TS",

			 # OCB mode

			 "OCB",

			 "CMAC",

                         # APPLINK (win build feature?)

                         "APPLINK"

                     );



my %disabled_algorithms;



foreach (@known_algorithms) {

    $disabled_algorithms{$_} = 0;

}

# disabled by default

$disabled_algorithms{"STATIC_ENGINE"} = 1;

# %disabled comes from configdata.pm

my %disabled_algorithms =

    map { (my $x = uc $_) =~ s|-|_|g; $x => 1; } keys %disabled;



my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api});

foreach (keys %disabled_algorithms) {
@@ -240,14 +190,6 @@ foreach (@ARGV, split(/ /, $config{options})) 
	$do_ctest=1 if $_ eq "ctest";

	$do_ctestall=1 if $_ eq "ctestall";

	$do_checkexist=1 if $_ eq "exist";

	if (/^(enable|disable|no)-(.*)$/) {

		my $alg = uc $2;

		$alg =~ tr/-/_/;

		if (exists $disabled_algorithms{$alg}) {

			$disabled_algorithms{$alg} = $1 eq "enable" ? 0 : 1;

		}

	}



	}

$libname = $unified_info{sharednames}->{libcrypto} if $do_crypto;

$libname = $unified_info{sharednames}->{libssl} if $do_ssl;
@@ -302,7 +244,7 @@ $crypto.=" include/internal/err.h"; 
$crypto.=" include/internal/rand.h";

foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) {

    my $fn = "include/openssl/" . lc(basename($f));

    $crypto .= " $fn" if !defined $skipthese{$fn} && $f !~ m@/[a-z]+err\.h$@;

    $crypto .= " $fn" if !defined $skipthese{$fn};

}



my $symhacks="include/openssl/symhacks.h";
@@ -1138,7 +1080,7 @@ sub is_valid 
			return 0;

		} else {

			# algorithms

			if ($disabled_algorithms{$keyword} == 1) { return 0;}

			if ($disabled_algorithms{$keyword}) { return 0;}



			# Nothing recognise as true

			return 1;