4 This directory contains a few sets of files that are used for
5 configuration in diverse ways:
7 *.conf Target platform configurations, please read
8 'Configurations of OpenSSL target platforms' for more
10 *.tmpl Build file templates, please read 'Build-file
11 programming with the "unified" build system' as well
12 as 'Build info files' for more information.
13 *.pm Helper scripts / modules for the main `Configure`
14 script. See 'Configure helper scripts for more
17 Configurations of OpenSSL target platforms
18 ==========================================
20 Configuration targets are a collection of facts that we know about
21 different platforms and their capabilities. We organise them in a
22 hash table, where each entry represent a specific target.
24 Note that configuration target names must be unique across all config
25 files. The Configure script does check that a config file doesn't
26 have config targets that shadow config targets from other files.
28 In each table entry, the following keys are significant:
30 inherit_from => Other targets to inherit values from.
31 Explained further below. [1]
32 template => Set to 1 if this isn't really a platform
33 target. Instead, this target is a template
34 upon which other targets can be built.
35 Explained further below. [1]
37 sys_id => System identity for systems where that
38 is difficult to determine automatically.
40 enable => Enable specific configuration features.
41 This MUST be an array of words.
42 disable => Disable specific configuration features.
43 This MUST be an array of words.
44 Note: if the same feature is both enabled
45 and disabled, disable wins.
47 as => The assembler command. This is not always
48 used (for example on Unix, where the C
49 compiler is used instead).
50 asflags => Default assembler command flags [4].
51 cpp => The C preprocessor command, normally not
52 given, as the build file defaults are
54 cppflags => Default C preprocessor flags [4].
55 defines => As an alternative, macro definitions may be
56 given here instead of in 'cppflags' [4].
57 If given here, they MUST be as an array of
58 the string such as "MACRO=value", or just
59 "MACRO" for definitions without value.
60 includes => As an alternative, inclusion directories
61 may be given here instead of in 'cppflags'
62 [4]. If given here, the MUST be an array
63 of strings, one directory specification
65 cc => The C compiler command, usually one of "cc",
66 "gcc" or "clang". This command is normally
67 also used to link object files and
68 libraries into the final program.
69 cxx => The C++ compiler command, usually one of
70 "c++", "g++" or "clang++". This command is
71 also used when linking a program where at
72 least one of the object file is made from
74 cflags => Defaults C compiler flags [4].
75 cxxflags => Default C++ compiler flags [4]. If unset,
76 it gets the same value as cflags.
78 (linking is a complex thing, see [3] below)
79 ld => Linker command, usually not defined
80 (meaning the compiler command is used
82 (NOTE: this is here for future use, it's
84 lflags => Default flags used when linking apps,
85 shared libraries or DSOs [4].
86 ex_libs => Extra libraries that are needed when
87 linking shared libraries, DSOs or programs.
88 The value is also assigned to Libs.private
89 in $(libdir)/pkgconfig/libcrypto.pc.
91 shared_cppflags => Extra C preprocessor flags used when
92 processing C files for shared libraries.
93 shared_cflag => Extra C compiler flags used when compiling
94 for shared libraries, typically something
96 shared_ldflag => Extra linking flags used when linking
100 module_ldflags => Has the same function as the corresponding
101 'shared_' attributes, but for building DSOs.
102 When unset, they get the same values as the
103 corresponding 'shared_' attributes.
105 ar => The library archive command, the default is
107 (NOTE: this is here for future use, it's
109 arflags => Flags to be used with the library archive
110 command. On Unix, this includes the
111 command letter, 'r' by default.
113 ranlib => The library archive indexing command, the
114 default is 'ranlib' it it exists.
116 unistd => An alternative header to the typical
117 '<unistd.h>'. This is very rarely needed.
119 shared_extension => File name extension used for shared
121 obj_extension => File name extension used for object files.
122 On unix, this defaults to ".o" (NOTE: this
123 is here for future use, it's not
125 exe_extension => File name extension used for executable
126 files. On unix, this defaults to "" (NOTE:
127 this is here for future use, it's not
129 shlib_variant => A "variant" identifier inserted between the base
130 shared library name and the extension. On "unixy"
131 platforms (BSD, Linux, Solaris, MacOS/X, ...) this
132 supports installation of custom OpenSSL libraries
133 that don't conflict with other builds of OpenSSL
134 installed on the system. The variant identifier
135 becomes part of the SONAME of the library and also
136 any symbol versions (symbol versions are not used or
137 needed with MacOS/X). For example, on a system
138 where a default build would normally create the SSL
139 shared library as 'libssl.so -> libssl.so.1.1' with
140 the value of the symlink as the SONAME, a target
141 definition that sets 'shlib_variant => "-abc"' will
142 create 'libssl.so -> libssl-abc.so.1.1', again with
143 an SONAME equal to the value of the symlink. The
144 symbol versions associated with the variant library
145 would then be 'OPENSSL_ABC_<version>' rather than
146 the default 'OPENSSL_<version>'. The string inserted
147 into symbol versions is obtained by mapping all
148 letters in the "variant" identifier to uppercase
149 and all non-alphanumeric characters to '_'.
151 thread_scheme => The type of threads is used on the
152 configured platform. Currently known
153 values are "(unknown)", "pthreads",
154 "uithreads" (a.k.a solaris threads) and
155 "winthreads". Except for "(unknown)", the
156 actual value is currently ignored but may
157 be used in the future. See further notes
159 dso_scheme => The type of dynamic shared objects to build
160 for. This mostly comes into play with
161 modules, but can be used for other purposes
162 as well. Valid values are "DLFCN"
163 (dlopen() et al), "DLFCN_NO_H" (for systems
164 that use dlopen() et al but do not have
165 fcntl.h), "DL" (shl_load() et al), "WIN32"
167 asm_arch => The architecture to be used for compiling assembly
168 source. This acts as a selector in build.info files.
169 uplink_arch => The architecture to be used for compiling uplink
170 source. This acts as a selector in build.info files.
171 This is separate from asm_arch because it's compiled
172 even when 'no-asm' is given, even though it contains
174 perlasm_scheme => The perlasm method used to create the
175 assembler files used when compiling with
176 assembler implementations.
177 shared_target => The shared library building method used.
178 This serves multiple purposes:
179 - as index for targets found in shared_info.pl.
180 - as linker script generation selector.
181 To serve both purposes, the index for shared_info.pl
182 should end with '-shared', and this suffix will be
183 removed for use as a linker script generation
184 selector. Note that the latter is only used if
185 'shared_defflag' is defined.
186 build_scheme => The scheme used to build up a Makefile.
187 In its simplest form, the value is a string
188 with the name of the build scheme.
189 The value may also take the form of a list
190 of strings, if the build_scheme is to have
191 some options. In this case, the first
192 string in the list is the name of the build
194 Currently recognised build scheme is "unified".
195 For the "unified" build scheme, this item
196 *must* be an array with the first being the
197 word "unified" and the second being a word
198 to identify the platform family.
200 multilib => On systems that support having multiple
201 implementations of a library (typically a
202 32-bit and a 64-bit variant), this is used
203 to have the different variants in different
206 multibin => On systems that support having multiple
207 implementations of a library and binaries
208 (typically a 32-bit and a 64-bit variant),
209 this is used to have the different variants
210 in different binary directories. This setting
211 works in conjunction with multilib.
213 bn_ops => Building options (was just bignum options in
214 the earlier history of this option, hence the
215 name). This is a string of words that describe
216 algorithms' implementation parameters that
217 are optimal for the designated target platform,
218 such as the type of integers used to build up
219 the bignum, different ways to implement certain
220 ciphers and so on. To fully comprehend the
221 meaning, the best is to read the affected
225 THIRTY_TWO_BIT bignum limbs are 32 bits,
226 this is default if no
227 option is specified, it
228 works on any supported
229 system [unless "wider"
230 limb size is implied in
232 BN_LLONG bignum limbs are 32 bits,
233 but 64-bit 'unsigned long
234 long' is used internally
236 SIXTY_FOUR_BIT_LONG bignum limbs are 64 bits
237 and sizeof(long) is 8;
238 SIXTY_FOUR_BIT bignums limbs are 64 bits,
239 but execution environment
241 RC4_CHAR RC4 key schedule is made
242 up of 'unsigned char's;
243 Note: should not be used
244 for new configuration
246 RC4_INT RC4 key schedule is made
247 up of 'unsigned int's;
248 Note: should not be used
249 for new configuration
252 [1] as part of the target configuration, one can have a key called
253 `inherit_from` that indicates what other configurations to inherit
254 data from. These are resolved recursively.
256 Inheritance works as a set of default values that can be overridden
257 by corresponding key values in the inheriting configuration.
259 Note 1: any configuration table can be used as a template.
260 Note 2: pure templates have the attribute `template => 1` and
261 cannot be used as build targets.
263 If several configurations are given in the `inherit_from` array,
264 the values of same attribute are concatenated with space
265 separation. With this, it's possible to have several smaller
266 templates for different configuration aspects that can be combined
267 into a complete configuration.
269 Instead of a scalar value or an array, a value can be a code block
270 of the form `sub { /* your code here */ }`. This code block will
271 be called with the list of inherited values for that key as
272 arguments. In fact, the concatenation of strings is really done
273 by using `sub { join(" ",@_) }` on the list of inherited values.
281 ignored => "This should not appear in the end result",
290 inherit_from => [ "foo", "bar" ],
291 hehe => sub { join(" ",(@_,"!!!")) },
295 The entry for "laughter" will become as follows after processing:
304 [2] OpenSSL is built with threading capabilities unless the user
305 specifies `no-threads`. The value of the key `thread_scheme` may
306 be `(unknown)`, in which case the user MUST give some compilation
307 flags to `Configure`.
309 [3] OpenSSL has three types of things to link from object files or
312 - shared libraries; that would be libcrypto and libssl.
313 - shared objects (sometimes called dynamic libraries); that would
315 - applications; those are apps/openssl and all the test apps.
317 Very roughly speaking, linking is done like this (words in braces
318 represent the configuration settings documented at the beginning
322 {ld} $(CFLAGS) {lflags} {shared_ldflag} -o libfoo.so \
323 foo/something.o foo/somethingelse.o {ex_libs}
326 {ld} $(CFLAGS) {lflags} {module_ldflags} -o libeng.so \
327 blah1.o blah2.o -lcrypto {ex_libs}
330 {ld} $(CFLAGS) {lflags} -o app \
331 app1.o utils.o -lssl -lcrypto {ex_libs}
333 [4] There are variants of these attribute, prefixed with `lib_`,
334 `dso_` or `bin_`. Those variants replace the unprefixed attribute
335 when building library, DSO or program modules specifically.
337 Historically, the target configurations came in form of a string with
338 values separated by colons. This use is deprecated. The string form
341 "target" => "{cc}:{cflags}:{unistd}:{thread_cflag}:{sys_id}:{lflags}:
342 {bn_ops}:{cpuid_obj}:{bn_obj}:{ec_obj}:{des_obj}:{aes_obj}:
343 {bf_obj}:{md5_obj}:{sha1_obj}:{cast_obj}:{rc4_obj}:
344 {rmd160_obj}:{rc5_obj}:{wp_obj}:{cmll_obj}:{modes_obj}:
345 {padlock_obj}:{perlasm_scheme}:{dso_scheme}:{shared_target}:
346 {shared_cflag}:{shared_ldflag}:{shared_extension}:{ranlib}:
347 {arflags}:{multilib}"
352 The `build.info` files that are spread over the source tree contain the
353 minimum information needed to build and distribute OpenSSL. It uses a
354 simple and yet fairly powerful language to determine what needs to be
355 built, from what sources, and other relationships between files.
357 For every `build.info` file, all file references are relative to the
358 directory of the `build.info` file for source files, and the
359 corresponding build directory for built files if the build tree
360 differs from the source tree.
362 When processed, every line is processed with the perl module
363 Text::Template, using the delimiters `{-` and `-}`. The hashes
364 `%config` and `%target` are passed to the perl fragments, along with
365 $sourcedir and $builddir, which are the locations of the source
366 directory for the current `build.info` file and the corresponding build
367 directory, all relative to the top of the build tree.
369 `Configure` only knows inherently about the top `build.info` file. For
370 any other directory that has one, further directories to look into
371 must be indicated like this:
373 SUBDIRS=something someelse
375 On to things to be built; they are declared by setting specific
383 Note that the files mentioned for PROGRAMS, LIBS and MODULES *must* be
384 without extensions. The build file templates will figure them out.
386 For each thing to be built, it is then possible to say what sources
390 SOURCE[foo]=foo.c common.c
391 SOURCE[bar]=bar.c extra.c common.c
393 It's also possible to tell some other dependencies:
395 DEPEND[foo]=libsomething
396 DEPEND[libbar]=libsomethingelse
398 (it could be argued that 'libsomething' and 'libsomethingelse' are
399 source as well. However, the files given through SOURCE are expected
400 to be located in the source tree while files given through DEPEND are
401 expected to be located in the build tree)
403 It's also possible to depend on static libraries explicitly:
405 DEPEND[foo]=libsomething.a
406 DEPEND[libbar]=libsomethingelse.a
408 This should be rarely used, and care should be taken to make sure it's
409 only used when supported. For example, native Windows build doesn't
410 support building static libraries and DLLs at the same time, so using
411 static libraries on Windows can only be done when configured
414 In some cases, it's desirable to include some source files in the
415 shared form of a library only:
417 SHARED_SOURCE[libfoo]=dllmain.c
419 For any file to be built, it's also possible to tell what extra
420 include paths the build of their source files should use:
424 It's also possible to specify C macros that should be defined:
426 DEFINE[foo]=FOO BAR=1
428 In some cases, one might want to generate some source files from
429 others, that's done as follows:
431 GENERATE[foo.s]=asm/something.pl $(CFLAGS)
432 GENERATE[bar.s]=asm/bar.S
434 The value of each GENERATE line is a command line or part of it.
435 Configure places no rules on the command line, except that the first
436 item must be the generator file. It is, however, entirely up to the
437 build file template to define exactly how those command lines should
438 be handled, how the output is captured and so on.
440 Sometimes, the generator file itself depends on other files, for
441 example if it is a perl script that depends on other perl modules.
442 This can be expressed using DEPEND like this:
444 DEPEND[asm/something.pl]=../perlasm/Foo.pm
446 There may also be cases where the exact file isn't easily specified,
447 but an inclusion directory still needs to be specified. INCLUDE can
448 be used in that case:
450 INCLUDE[asm/something.pl]=../perlasm
452 NOTE: GENERATE lines are limited to one command only per GENERATE.
454 Finally, you can have some simple conditional use of the `build.info`
455 information, looking like this:
465 The expression in square brackets is interpreted as a string in perl,
466 and will be seen as true if perl thinks it is, otherwise false. For
467 example, the above would have "something" used, since 1 is true.
469 Together with the use of Text::Template, this can be used as
470 conditions based on something in the passed variables, for example:
472 IF[{- $disabled{shared} -}]
474 SOURCE[libcrypto]=...
480 Build-file programming with the "unified" build system
481 ======================================================
483 "Build files" are called `Makefile` on Unix-like operating systems,
484 `descrip.mms` for MMS on VMS, `makefile` for `nmake` on Windows, etc.
486 To use the "unified" build system, the target configuration needs to
487 set the three items `build_scheme`, `build_file` and `build_command`.
488 In the rest of this section, we will assume that `build_scheme` is set
489 to "unified" (see the configurations documentation above for the
492 For any name given by `build_file`, the "unified" system expects a
493 template file in `Configurations/` named like the build file, with
494 `.tmpl` appended, or in case of possible ambiguity, a combination of
495 the second `build_scheme` list item and the `build_file` name. For
496 example, if `build_file` is set to `Makefile`, the template could be
497 `Configurations/Makefile.tmpl` or `Configurations/unix-Makefile.tmpl`.
498 In case both `Configurations/unix-Makefile.tmpl` and
499 `Configurations/Makefile.tmpl` are present, the former takes precedence.
501 The build-file template is processed with the perl module
502 Text::Template, using `{-` and `-}` as delimiters that enclose the
503 perl code fragments that generate configuration-dependent content.
504 Those perl fragments have access to all the hash variables from
507 The build-file template is expected to define at least the following
508 perl functions in a perl code fragment enclosed with `{-` and `-}`.
509 They are all expected to return a string with the lines they produce.
511 generatesrc - function that produces build file lines to generate
512 a source file from some input.
514 It's called like this:
516 generatesrc(src => "PATH/TO/tobegenerated",
517 generator => [ "generatingfile", ... ]
518 generator_incs => [ "INCL/PATH", ... ]
519 generator_deps => [ "dep1", ... ]
520 generator => [ "generatingfile", ... ]
521 incs => [ "INCL/PATH", ... ],
522 deps => [ "dep1", ... ],
523 intent => one of "libs", "dso", "bin" );
525 'src' has the name of the file to be generated.
526 'generator' is the command or part of command to
527 generate the file, of which the first item is
528 expected to be the file to generate from.
529 generatesrc() is expected to analyse and figure out
530 exactly how to apply that file and how to capture
531 the result. 'generator_incs' and 'generator_deps'
532 are include directories and files that the generator
533 file itself depends on. 'incs' and 'deps' are
534 include directories and files that are used if $(CC)
535 is used as an intermediary step when generating the
536 end product (the file indicated by 'src'). 'intent'
537 indicates what the generated file is going to be
540 src2obj - function that produces build file lines to build an
541 object file from source files and associated data.
543 It's called like this:
545 src2obj(obj => "PATH/TO/objectfile",
546 srcs => [ "PATH/TO/sourcefile", ... ],
547 deps => [ "dep1", ... ],
548 incs => [ "INCL/PATH", ... ]
549 intent => one of "lib", "dso", "bin" );
551 'obj' has the intended object file with '.o'
552 extension, src2obj() is expected to change it to
553 something more suitable for the platform.
554 'srcs' has the list of source files to build the
555 object file, with the first item being the source
556 file that directly corresponds to the object file.
557 'deps' is a list of explicit dependencies. 'incs'
558 is a list of include file directories. Finally,
559 'intent' indicates what this object file is going
562 obj2lib - function that produces build file lines to build a
563 static library file ("libfoo.a" in Unix terms) from
568 obj2lib(lib => "PATH/TO/libfile",
569 objs => [ "PATH/TO/objectfile", ... ]);
571 'lib' has the intended library filename *without*
572 extension, obj2lib is expected to add that. 'objs'
573 has the list of object files to build this library.
575 libobj2shlib - backward compatibility function that's used the
576 same way as obj2shlib (described next), and was
577 expected to build the shared library from the
578 corresponding static library when that was suitable.
579 NOTE: building a shared library from a static
580 library is now DEPRECATED, as they no longer share
581 object files. Attempting to do this will fail.
583 obj2shlib - function that produces build file lines to build a
584 shareable object library file ("libfoo.so" in Unix
585 terms) from the corresponding object files.
589 obj2shlib(shlib => "PATH/TO/shlibfile",
590 lib => "PATH/TO/libfile",
591 objs => [ "PATH/TO/objectfile", ... ],
592 deps => [ "PATH/TO/otherlibfile", ... ]);
594 'lib' has the base (static) library filename
595 *without* extension. This is useful in case
596 supporting files are needed (such as import
597 libraries on Windows).
598 'shlib' has the corresponding shared library name
599 *without* extension. 'deps' has the list of other
600 libraries (also *without* extension) this library
601 needs to be linked with. 'objs' has the list of
602 object files to build this library.
604 obj2dso - function that produces build file lines to build a
605 dynamic shared object file from object files.
609 obj2dso(lib => "PATH/TO/libfile",
610 objs => [ "PATH/TO/objectfile", ... ],
611 deps => [ "PATH/TO/otherlibfile",
614 This is almost the same as obj2shlib, but the
615 intent is to build a shareable library that can be
616 loaded in runtime (a "plugin"...).
618 obj2bin - function that produces build file lines to build an
619 executable file from object files.
623 obj2bin(bin => "PATH/TO/binfile",
624 objs => [ "PATH/TO/objectfile", ... ],
625 deps => [ "PATH/TO/libfile", ... ]);
627 'bin' has the intended executable filename
628 *without* extension, obj2bin is expected to add
629 that. 'objs' has the list of object files to build
630 this library. 'deps' has the list of library files
631 (also *without* extension) that the programs needs
634 in2script - function that produces build file lines to build a
635 script file from some input.
639 in2script(script => "PATH/TO/scriptfile",
640 sources => [ "PATH/TO/infile", ... ]);
642 'script' has the intended script filename.
643 'sources' has the list of source files to build the
644 resulting script from.
646 In all cases, file file paths are relative to the build tree top, and
647 the build file actions run with the build tree top as current working
650 Make sure to end the section with these functions with a string that
651 you thing is appropriate for the resulting build file. If nothing
652 else, end it like this:
654 ""; # Make sure no lingering values end up in the Makefile
657 Configure helper scripts
658 ========================
660 Configure uses helper scripts in this directory:
665 These scripts are per platform family, to check the integrity of the
666 tools used for configuration and building. The checker script used is
667 either `{build_platform}-{build_file}-checker.pm` or
668 `{build_platform}-checker.pm`, where `{build_platform}` is the second
669 `build_scheme` list element from the configuration target data, and
670 `{build_file}` is `build_file` from the same target data.
672 If the check succeeds, the script is expected to end with a non-zero
673 expression. If the check fails, the script can end with a zero, or