]> git.ipfire.org Git - thirdparty/openssl.git/blob - Configurations/README.md
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Added an explicit yield (OP_SLEEP) to QUIC testing for cooperative threading.
[thirdparty/openssl.git] / Configurations / README.md
1 Intro
2 =====
3
4 This directory contains a few sets of files that are used for
5 configuration in diverse ways:
6
7 *.conf Target platform configurations, please read
8 'Configurations of OpenSSL target platforms' for more
9 information.
10 *.tmpl Build file templates, please read 'Build-file
11 programming with the "unified" build system' as well
12 as 'Build info files' for more information.
13 *.pm Helper scripts / modules for the main `Configure`
14 script. See 'Configure helper scripts for more
15 information.
16
17 Configurations of OpenSSL target platforms
18 ==========================================
19
20 Configuration targets are a collection of facts that we know about
21 different platforms and their capabilities. We organise them in a
22 hash table, where each entry represent a specific target.
23
24 Note that configuration target names must be unique across all config
25 files. The Configure script does check that a config file doesn't
26 have config targets that shadow config targets from other files.
27
28 In each table entry, the following keys are significant:
29
30 inherit_from => Other targets to inherit values from.
31 Explained further below. [1]
32 template => Set to 1 if this isn't really a platform
33 target. Instead, this target is a template
34 upon which other targets can be built.
35 Explained further below. [1]
36
37 sys_id => System identity for systems where that
38 is difficult to determine automatically.
39
40 enable => Enable specific configuration features.
41 This MUST be an array of words.
42 disable => Disable specific configuration features.
43 This MUST be an array of words.
44 Note: if the same feature is both enabled
45 and disabled, disable wins.
46
47 as => The assembler command. This is not always
48 used (for example on Unix, where the C
49 compiler is used instead).
50 asflags => Default assembler command flags [4].
51 cpp => The C preprocessor command, normally not
52 given, as the build file defaults are
53 usually good enough.
54 cppflags => Default C preprocessor flags [4].
55 defines => As an alternative, macro definitions may be
56 given here instead of in 'cppflags' [4].
57 If given here, they MUST be as an array of
58 the string such as "MACRO=value", or just
59 "MACRO" for definitions without value.
60 includes => As an alternative, inclusion directories
61 may be given here instead of in 'cppflags'
62 [4]. If given here, the MUST be an array
63 of strings, one directory specification
64 each.
65 cc => The C compiler command, usually one of "cc",
66 "gcc" or "clang". This command is normally
67 also used to link object files and
68 libraries into the final program.
69 cxx => The C++ compiler command, usually one of
70 "c++", "g++" or "clang++". This command is
71 also used when linking a program where at
72 least one of the object file is made from
73 C++ source.
74 cflags => Defaults C compiler flags [4].
75 cxxflags => Default C++ compiler flags [4]. If unset,
76 it gets the same value as cflags.
77
78 (linking is a complex thing, see [3] below)
79 ld => Linker command, usually not defined
80 (meaning the compiler command is used
81 instead).
82 (NOTE: this is here for future use, it's
83 not implemented yet)
84 lflags => Default flags used when linking apps,
85 shared libraries or DSOs [4].
86 ex_libs => Extra libraries that are needed when
87 linking shared libraries, DSOs or programs.
88 The value is also assigned to Libs.private
89 in $(libdir)/pkgconfig/libcrypto.pc.
90
91 shared_cppflags => Extra C preprocessor flags used when
92 processing C files for shared libraries.
93 shared_cflag => Extra C compiler flags used when compiling
94 for shared libraries, typically something
95 like "-fPIC".
96 shared_ldflag => Extra linking flags used when linking
97 shared libraries.
98 module_cppflags
99 module_cflags
100 module_ldflags => Has the same function as the corresponding
101 'shared_' attributes, but for building DSOs.
102 When unset, they get the same values as the
103 corresponding 'shared_' attributes.
104
105 ar => The library archive command, the default is
106 "ar".
107 (NOTE: this is here for future use, it's
108 not implemented yet)
109 arflags => Flags to be used with the library archive
110 command. On Unix, this includes the
111 command letter, 'r' by default.
112
113 ranlib => The library archive indexing command, the
114 default is 'ranlib' it it exists.
115
116 unistd => An alternative header to the typical
117 '<unistd.h>'. This is very rarely needed.
118
119 shared_extension => File name extension used for shared
120 libraries.
121 obj_extension => File name extension used for object files.
122 On unix, this defaults to ".o" (NOTE: this
123 is here for future use, it's not
124 implemented yet)
125 exe_extension => File name extension used for executable
126 files. On unix, this defaults to "" (NOTE:
127 this is here for future use, it's not
128 implemented yet)
129 shlib_variant => A "variant" identifier inserted between the base
130 shared library name and the extension. On "unixy"
131 platforms (BSD, Linux, Solaris, MacOS/X, ...) this
132 supports installation of custom OpenSSL libraries
133 that don't conflict with other builds of OpenSSL
134 installed on the system. The variant identifier
135 becomes part of the SONAME of the library and also
136 any symbol versions (symbol versions are not used or
137 needed with MacOS/X). For example, on a system
138 where a default build would normally create the SSL
139 shared library as 'libssl.so -> libssl.so.1.1' with
140 the value of the symlink as the SONAME, a target
141 definition that sets 'shlib_variant => "-abc"' will
142 create 'libssl.so -> libssl-abc.so.1.1', again with
143 an SONAME equal to the value of the symlink. The
144 symbol versions associated with the variant library
145 would then be 'OPENSSL_ABC_<version>' rather than
146 the default 'OPENSSL_<version>'. The string inserted
147 into symbol versions is obtained by mapping all
148 letters in the "variant" identifier to uppercase
149 and all non-alphanumeric characters to '_'.
150
151 thread_scheme => The type of threads is used on the
152 configured platform. Currently known
153 values are "(unknown)", "pthreads",
154 "uithreads" (a.k.a solaris threads) and
155 "winthreads". Except for "(unknown)", the
156 actual value is currently ignored but may
157 be used in the future. See further notes
158 below [2].
159 dso_scheme => The type of dynamic shared objects to build
160 for. This mostly comes into play with
161 modules, but can be used for other purposes
162 as well. Valid values are "DLFCN"
163 (dlopen() et al), "DLFCN_NO_H" (for systems
164 that use dlopen() et al but do not have
165 fcntl.h), "DL" (shl_load() et al), "WIN32"
166 and "VMS".
167 asm_arch => The architecture to be used for compiling assembly
168 source. This acts as a selector in build.info files.
169 uplink_arch => The architecture to be used for compiling uplink
170 source. This acts as a selector in build.info files.
171 This is separate from asm_arch because it's compiled
172 even when 'no-asm' is given, even though it contains
173 assembler source.
174 perlasm_scheme => The perlasm method used to create the
175 assembler files used when compiling with
176 assembler implementations.
177 shared_target => The shared library building method used.
178 This serves multiple purposes:
179 - as index for targets found in shared_info.pl.
180 - as linker script generation selector.
181 To serve both purposes, the index for shared_info.pl
182 should end with '-shared', and this suffix will be
183 removed for use as a linker script generation
184 selector. Note that the latter is only used if
185 'shared_defflag' is defined.
186 build_scheme => The scheme used to build up a Makefile.
187 In its simplest form, the value is a string
188 with the name of the build scheme.
189 The value may also take the form of a list
190 of strings, if the build_scheme is to have
191 some options. In this case, the first
192 string in the list is the name of the build
193 scheme.
194 Currently recognised build scheme is "unified".
195 For the "unified" build scheme, this item
196 *must* be an array with the first being the
197 word "unified" and the second being a word
198 to identify the platform family.
199
200 multilib => On systems that support having multiple
201 implementations of a library (typically a
202 32-bit and a 64-bit variant), this is used
203 to have the different variants in different
204 directories.
205
206 multibin => On systems that support having multiple
207 implementations of a library and binaries
208 (typically a 32-bit and a 64-bit variant),
209 this is used to have the different variants
210 in different binary directories. This setting
211 works in conjunction with multilib.
212
213 bn_ops => Building options (was just bignum options in
214 the earlier history of this option, hence the
215 name). This is a string of words that describe
216 algorithms' implementation parameters that
217 are optimal for the designated target platform,
218 such as the type of integers used to build up
219 the bignum, different ways to implement certain
220 ciphers and so on. To fully comprehend the
221 meaning, the best is to read the affected
222 source.
223 The valid words are:
224
225 THIRTY_TWO_BIT bignum limbs are 32 bits,
226 this is default if no
227 option is specified, it
228 works on any supported
229 system [unless "wider"
230 limb size is implied in
231 assembly code];
232 BN_LLONG bignum limbs are 32 bits,
233 but 64-bit 'unsigned long
234 long' is used internally
235 in calculations;
236 SIXTY_FOUR_BIT_LONG bignum limbs are 64 bits
237 and sizeof(long) is 8;
238 SIXTY_FOUR_BIT bignums limbs are 64 bits,
239 but execution environment
240 is ILP32;
241 RC4_CHAR RC4 key schedule is made
242 up of 'unsigned char's;
243 Note: should not be used
244 for new configuration
245 targets
246 RC4_INT RC4 key schedule is made
247 up of 'unsigned int's;
248 Note: should not be used
249 for new configuration
250 targets
251
252 [1] as part of the target configuration, one can have a key called
253 `inherit_from` that indicates what other configurations to inherit
254 data from. These are resolved recursively.
255
256 Inheritance works as a set of default values that can be overridden
257 by corresponding key values in the inheriting configuration.
258
259 Note 1: any configuration table can be used as a template.
260 Note 2: pure templates have the attribute `template => 1` and
261 cannot be used as build targets.
262
263 If several configurations are given in the `inherit_from` array,
264 the values of same attribute are concatenated with space
265 separation. With this, it's possible to have several smaller
266 templates for different configuration aspects that can be combined
267 into a complete configuration.
268
269 Instead of a scalar value or an array, a value can be a code block
270 of the form `sub { /* your code here */ }`. This code block will
271 be called with the list of inherited values for that key as
272 arguments. In fact, the concatenation of strings is really done
273 by using `sub { join(" ",@_) }` on the list of inherited values.
274
275 An example:
276
277 "foo" => {
278 template => 1,
279 haha => "ha ha",
280 hoho => "ho",
281 ignored => "This should not appear in the end result",
282 },
283 "bar" => {
284 template => 1,
285 haha => "ah",
286 hoho => "haho",
287 hehe => "hehe"
288 },
289 "laughter" => {
290 inherit_from => [ "foo", "bar" ],
291 hehe => sub { join(" ",(@_,"!!!")) },
292 ignored => "",
293 }
294
295 The entry for "laughter" will become as follows after processing:
296
297 "laughter" => {
298 haha => "ha ha ah",
299 hoho => "ho haho",
300 hehe => "hehe !!!",
301 ignored => ""
302 }
303
304 [2] OpenSSL is built with threading capabilities unless the user
305 specifies `no-threads`. The value of the key `thread_scheme` may
306 be `(unknown)`, in which case the user MUST give some compilation
307 flags to `Configure`.
308
309 [3] OpenSSL has three types of things to link from object files or
310 static libraries:
311
312 - shared libraries; that would be libcrypto and libssl.
313 - shared objects (sometimes called dynamic libraries); that would
314 be the modules.
315 - applications; those are apps/openssl and all the test apps.
316
317 Very roughly speaking, linking is done like this (words in braces
318 represent the configuration settings documented at the beginning
319 of this file):
320
321 shared libraries:
322 {ld} $(CFLAGS) {lflags} {shared_ldflag} -o libfoo.so \
323 foo/something.o foo/somethingelse.o {ex_libs}
324
325 shared objects:
326 {ld} $(CFLAGS) {lflags} {module_ldflags} -o libeng.so \
327 blah1.o blah2.o -lcrypto {ex_libs}
328
329 applications:
330 {ld} $(CFLAGS) {lflags} -o app \
331 app1.o utils.o -lssl -lcrypto {ex_libs}
332
333 [4] There are variants of these attribute, prefixed with `lib_`,
334 `dso_` or `bin_`. Those variants replace the unprefixed attribute
335 when building library, DSO or program modules specifically.
336
337 Historically, the target configurations came in form of a string with
338 values separated by colons. This use is deprecated. The string form
339 looked like this:
340
341 "target" => "{cc}:{cflags}:{unistd}:{thread_cflag}:{sys_id}:{lflags}:
342 {bn_ops}:{cpuid_obj}:{bn_obj}:{ec_obj}:{des_obj}:{aes_obj}:
343 {bf_obj}:{md5_obj}:{sha1_obj}:{cast_obj}:{rc4_obj}:
344 {rmd160_obj}:{rc5_obj}:{wp_obj}:{cmll_obj}:{modes_obj}:
345 {padlock_obj}:{perlasm_scheme}:{dso_scheme}:{shared_target}:
346 {shared_cflag}:{shared_ldflag}:{shared_extension}:{ranlib}:
347 {arflags}:{multilib}"
348
349 Build info files
350 ================
351
352 The `build.info` files that are spread over the source tree contain the
353 minimum information needed to build and distribute OpenSSL. It uses a
354 simple and yet fairly powerful language to determine what needs to be
355 built, from what sources, and other relationships between files.
356
357 For every `build.info` file, all file references are relative to the
358 directory of the `build.info` file for source files, and the
359 corresponding build directory for built files if the build tree
360 differs from the source tree.
361
362 When processed, every line is processed with the perl module
363 Text::Template, using the delimiters `{-` and `-}`. The hashes
364 `%config` and `%target` are passed to the perl fragments, along with
365 $sourcedir and $builddir, which are the locations of the source
366 directory for the current `build.info` file and the corresponding build
367 directory, all relative to the top of the build tree.
368
369 `Configure` only knows inherently about the top `build.info` file. For
370 any other directory that has one, further directories to look into
371 must be indicated like this:
372
373 SUBDIRS=something someelse
374
375 On to things to be built; they are declared by setting specific
376 variables:
377
378 PROGRAMS=foo bar
379 LIBS=libsomething
380 MODULES=libeng
381 SCRIPTS=myhack
382
383 Note that the files mentioned for PROGRAMS, LIBS and MODULES *must* be
384 without extensions. The build file templates will figure them out.
385
386 For each thing to be built, it is then possible to say what sources
387 they are built from:
388
389 PROGRAMS=foo bar
390 SOURCE[foo]=foo.c common.c
391 SOURCE[bar]=bar.c extra.c common.c
392
393 It's also possible to tell some other dependencies:
394
395 DEPEND[foo]=libsomething
396 DEPEND[libbar]=libsomethingelse
397
398 (it could be argued that 'libsomething' and 'libsomethingelse' are
399 source as well. However, the files given through SOURCE are expected
400 to be located in the source tree while files given through DEPEND are
401 expected to be located in the build tree)
402
403 It's also possible to depend on static libraries explicitly:
404
405 DEPEND[foo]=libsomething.a
406 DEPEND[libbar]=libsomethingelse.a
407
408 This should be rarely used, and care should be taken to make sure it's
409 only used when supported. For example, native Windows build doesn't
410 support building static libraries and DLLs at the same time, so using
411 static libraries on Windows can only be done when configured
412 `no-shared`.
413
414 In some cases, it's desirable to include some source files in the
415 shared form of a library only:
416
417 SHARED_SOURCE[libfoo]=dllmain.c
418
419 For any file to be built, it's also possible to tell what extra
420 include paths the build of their source files should use:
421
422 INCLUDE[foo]=include
423
424 It's also possible to specify C macros that should be defined:
425
426 DEFINE[foo]=FOO BAR=1
427
428 In some cases, one might want to generate some source files from
429 others, that's done as follows:
430
431 GENERATE[foo.s]=asm/something.pl $(CFLAGS)
432 GENERATE[bar.s]=asm/bar.S
433
434 The value of each GENERATE line is a command line or part of it.
435 Configure places no rules on the command line, except that the first
436 item must be the generator file. It is, however, entirely up to the
437 build file template to define exactly how those command lines should
438 be handled, how the output is captured and so on.
439
440 Sometimes, the generator file itself depends on other files, for
441 example if it is a perl script that depends on other perl modules.
442 This can be expressed using DEPEND like this:
443
444 DEPEND[asm/something.pl]=../perlasm/Foo.pm
445
446 There may also be cases where the exact file isn't easily specified,
447 but an inclusion directory still needs to be specified. INCLUDE can
448 be used in that case:
449
450 INCLUDE[asm/something.pl]=../perlasm
451
452 NOTE: GENERATE lines are limited to one command only per GENERATE.
453
454 Finally, you can have some simple conditional use of the `build.info`
455 information, looking like this:
456
457 IF[1]
458 something
459 ELSIF[2]
460 something other
461 ELSE
462 something else
463 ENDIF
464
465 The expression in square brackets is interpreted as a string in perl,
466 and will be seen as true if perl thinks it is, otherwise false. For
467 example, the above would have "something" used, since 1 is true.
468
469 Together with the use of Text::Template, this can be used as
470 conditions based on something in the passed variables, for example:
471
472 IF[{- $disabled{shared} -}]
473 LIBS=libcrypto
474 SOURCE[libcrypto]=...
475 ELSE
476 LIBS=libfoo
477 SOURCE[libfoo]=...
478 ENDIF
479
480 Build-file programming with the "unified" build system
481 ======================================================
482
483 "Build files" are called `Makefile` on Unix-like operating systems,
484 `descrip.mms` for MMS on VMS, `makefile` for `nmake` on Windows, etc.
485
486 To use the "unified" build system, the target configuration needs to
487 set the three items `build_scheme`, `build_file` and `build_command`.
488 In the rest of this section, we will assume that `build_scheme` is set
489 to "unified" (see the configurations documentation above for the
490 details).
491
492 For any name given by `build_file`, the "unified" system expects a
493 template file in `Configurations/` named like the build file, with
494 `.tmpl` appended, or in case of possible ambiguity, a combination of
495 the second `build_scheme` list item and the `build_file` name. For
496 example, if `build_file` is set to `Makefile`, the template could be
497 `Configurations/Makefile.tmpl` or `Configurations/unix-Makefile.tmpl`.
498 In case both `Configurations/unix-Makefile.tmpl` and
499 `Configurations/Makefile.tmpl` are present, the former takes precedence.
500
501 The build-file template is processed with the perl module
502 Text::Template, using `{-` and `-}` as delimiters that enclose the
503 perl code fragments that generate configuration-dependent content.
504 Those perl fragments have access to all the hash variables from
505 configdata.pem.
506
507 The build-file template is expected to define at least the following
508 perl functions in a perl code fragment enclosed with `{-` and `-}`.
509 They are all expected to return a string with the lines they produce.
510
511 generatesrc - function that produces build file lines to generate
512 a source file from some input.
513
514 It's called like this:
515
516 generatesrc(src => "PATH/TO/tobegenerated",
517 generator => [ "generatingfile", ... ]
518 generator_incs => [ "INCL/PATH", ... ]
519 generator_deps => [ "dep1", ... ]
520 generator => [ "generatingfile", ... ]
521 incs => [ "INCL/PATH", ... ],
522 deps => [ "dep1", ... ],
523 intent => one of "libs", "dso", "bin" );
524
525 'src' has the name of the file to be generated.
526 'generator' is the command or part of command to
527 generate the file, of which the first item is
528 expected to be the file to generate from.
529 generatesrc() is expected to analyse and figure out
530 exactly how to apply that file and how to capture
531 the result. 'generator_incs' and 'generator_deps'
532 are include directories and files that the generator
533 file itself depends on. 'incs' and 'deps' are
534 include directories and files that are used if $(CC)
535 is used as an intermediary step when generating the
536 end product (the file indicated by 'src'). 'intent'
537 indicates what the generated file is going to be
538 used for.
539
540 src2obj - function that produces build file lines to build an
541 object file from source files and associated data.
542
543 It's called like this:
544
545 src2obj(obj => "PATH/TO/objectfile",
546 srcs => [ "PATH/TO/sourcefile", ... ],
547 deps => [ "dep1", ... ],
548 incs => [ "INCL/PATH", ... ]
549 intent => one of "lib", "dso", "bin" );
550
551 'obj' has the intended object file with '.o'
552 extension, src2obj() is expected to change it to
553 something more suitable for the platform.
554 'srcs' has the list of source files to build the
555 object file, with the first item being the source
556 file that directly corresponds to the object file.
557 'deps' is a list of explicit dependencies. 'incs'
558 is a list of include file directories. Finally,
559 'intent' indicates what this object file is going
560 to be used for.
561
562 obj2lib - function that produces build file lines to build a
563 static library file ("libfoo.a" in Unix terms) from
564 object files.
565
566 called like this:
567
568 obj2lib(lib => "PATH/TO/libfile",
569 objs => [ "PATH/TO/objectfile", ... ]);
570
571 'lib' has the intended library filename *without*
572 extension, obj2lib is expected to add that. 'objs'
573 has the list of object files to build this library.
574
575 libobj2shlib - backward compatibility function that's used the
576 same way as obj2shlib (described next), and was
577 expected to build the shared library from the
578 corresponding static library when that was suitable.
579 NOTE: building a shared library from a static
580 library is now DEPRECATED, as they no longer share
581 object files. Attempting to do this will fail.
582
583 obj2shlib - function that produces build file lines to build a
584 shareable object library file ("libfoo.so" in Unix
585 terms) from the corresponding object files.
586
587 called like this:
588
589 obj2shlib(shlib => "PATH/TO/shlibfile",
590 lib => "PATH/TO/libfile",
591 objs => [ "PATH/TO/objectfile", ... ],
592 deps => [ "PATH/TO/otherlibfile", ... ]);
593
594 'lib' has the base (static) library filename
595 *without* extension. This is useful in case
596 supporting files are needed (such as import
597 libraries on Windows).
598 'shlib' has the corresponding shared library name
599 *without* extension. 'deps' has the list of other
600 libraries (also *without* extension) this library
601 needs to be linked with. 'objs' has the list of
602 object files to build this library.
603
604 obj2dso - function that produces build file lines to build a
605 dynamic shared object file from object files.
606
607 called like this:
608
609 obj2dso(lib => "PATH/TO/libfile",
610 objs => [ "PATH/TO/objectfile", ... ],
611 deps => [ "PATH/TO/otherlibfile",
612 ... ]);
613
614 This is almost the same as obj2shlib, but the
615 intent is to build a shareable library that can be
616 loaded in runtime (a "plugin"...).
617
618 obj2bin - function that produces build file lines to build an
619 executable file from object files.
620
621 called like this:
622
623 obj2bin(bin => "PATH/TO/binfile",
624 objs => [ "PATH/TO/objectfile", ... ],
625 deps => [ "PATH/TO/libfile", ... ]);
626
627 'bin' has the intended executable filename
628 *without* extension, obj2bin is expected to add
629 that. 'objs' has the list of object files to build
630 this library. 'deps' has the list of library files
631 (also *without* extension) that the programs needs
632 to be linked with.
633
634 in2script - function that produces build file lines to build a
635 script file from some input.
636
637 called like this:
638
639 in2script(script => "PATH/TO/scriptfile",
640 sources => [ "PATH/TO/infile", ... ]);
641
642 'script' has the intended script filename.
643 'sources' has the list of source files to build the
644 resulting script from.
645
646 In all cases, file file paths are relative to the build tree top, and
647 the build file actions run with the build tree top as current working
648 directory.
649
650 Make sure to end the section with these functions with a string that
651 you thing is appropriate for the resulting build file. If nothing
652 else, end it like this:
653
654 ""; # Make sure no lingering values end up in the Makefile
655 -}
656
657 Configure helper scripts
658 ========================
659
660 Configure uses helper scripts in this directory:
661
662 Checker scripts
663 ---------------
664
665 These scripts are per platform family, to check the integrity of the
666 tools used for configuration and building. The checker script used is
667 either `{build_platform}-{build_file}-checker.pm` or
668 `{build_platform}-checker.pm`, where `{build_platform}` is the second
669 `build_scheme` list element from the configuration target data, and
670 `{build_file}` is `build_file` from the same target data.
671
672 If the check succeeds, the script is expected to end with a non-zero
673 expression. If the check fails, the script can end with a zero, or
674 with a `die`.
A mirror of the official openssl repository