]> git.ipfire.org Git - thirdparty/openssl.git/blob - Configurations/README
projects / thirdparty / openssl.git / blob
? search:


5665d24b5473ce3771b18c9ed7f1a33dd30bc030
[thirdparty/openssl.git] / Configurations / README
1 Configurations of OpenSSL target platforms
2 ==========================================
3
4 Target configurations are a collection of facts that we know about
5 different platforms and their capabilities. We organise them in a
6 hash table, where each entry represent a specific target.
7
8 In each table entry, the following keys are significant:
9
10 inherit_from => Other targets to inherit values from.
11 Explained further below. [1]
12 template => Set to 1 if this isn't really a platform
13 target. Instead, this target is a template
14 upon which other targets can be built.
15 Explained further below. [1]
16
17 sys_id => System identity for systems where that
18 is difficult to determine automatically.
19
20 cc => The compiler command, usually one of "cc",
21 "gcc" or "clang". This command is normally
22 also used to link object files and
23 libraries into the final program.
24 cflags => Flags that are used at all times when
25 compiling.
26 defines => As an alternative, macro definitions may be
27 present here instead of in `cflags'. If
28 given here, they MUST be as an array of the
29 string such as "MACRO=value", or just
30 "MACRO" for definitions without value.
31 shared_cflag => Extra compilation flags used when
32 compiling for shared libraries, typically
33 something like "-fPIC".
34
35 (linking is a complex thing, see [3] below)
36 ld => Linker command, usually not defined
37 (meaning the compiler command is used
38 instead).
39 (NOTE: this is here for future use, it's
40 not implemented yet)
41 lflags => Flags that are used when linking apps.
42 shared_ldflag => Flags that are used when linking shared
43 or dynamic libraries.
44 plib_lflags => Extra linking flags to appear just before
45 the libraries on the command line.
46 ex_libs => Extra libraries that are needed when
47 linking.
48
49 ar => The library archive command, the default is
50 "ar".
51 (NOTE: this is here for future use, it's
52 not implemented yet)
53 arflags => Flags to be used with the library archive
54 command.
55
56 ranlib => The library archive indexing command, the
57 default is 'ranlib' it it exists.
58
59 unistd => An alternative header to the typical
60 '<unistd.h>'. This is very rarely needed.
61
62 shared_extension => File name extension used for shared
63 libraries.
64 obj_extension => File name extension used for object files.
65 On unix, this defaults to ".o" (NOTE: this
66 is here for future use, it's not
67 implemented yet)
68 exe_extension => File name extension used for executable
69 files. On unix, this defaults to "" (NOTE:
70 this is here for future use, it's not
71 implemented yet)
72
73 thread_scheme => The type of threads is used on the
74 configured platform. Currently known
75 values are "(unknown)", "pthreads",
76 "uithreads" (a.k.a solaris threads) and
77 "winthreads". Except for "(unknown)", the
78 actual value is currently ignored but may
79 be used in the future. See further notes
80 below [2].
81 dso_scheme => The type of dynamic shared objects to build
82 for. This mostly comes into play with
83 engines, but can be used for other purposes
84 as well. Valid values are "DLFCN"
85 (dlopen() et al), "DLFCN_NO_H" (for systems
86 that use dlopen() et al but do not have
87 fcntl.h), "DL" (shl_load() et al), "WIN32"
88 and "VMS".
89 perlasm_scheme => The perlasm method used to created the
90 assembler files used when compiling with
91 assembler implementations.
92 shared_target => The shared library building method used.
93 This is a target found in Makefile.shared.
94 build_scheme => The scheme used to build up a Makefile.
95 In its simplest form, the value is a string
96 with the name of the build scheme.
97 The value may also take the form of a list
98 of strings, if the build_scheme is to have
99 some options. In this case, the first
100 string in the list is the name of the build
101 scheme.
102 Currently recognised build schemes are
103 "mk1mf" and "unixmake" and "unified".
104 For the "unified" build scheme, this item
105 *must* be an array with the first being the
106 word "unified" and the second being a word
107 to identify the platform family.
108
109 multilib => On systems that support having multiple
110 implementations of a library (typically a
111 32-bit and a 64-bit variant), this is used
112 to have the different variants in different
113 directories.
114
115 bn_ops => Building options (was just bignum options
116 in the earlier history of this option,
117 hence the name). This a string of words
118 that describe properties on the designated
119 target platform, such as the type of
120 integers used to build up the bitnum,
121 different ways to implement certain ciphers
122 and so on. To fully comprehend the
123 meaning, the best is to read the affected
124 source.
125 The valid words are:
126
127 BN_LLONG use 'unsigned long long' in
128 some bignum calculations.
129 This has no value when
130 SIXTY_FOUR_BIT or
131 SIXTY_FOUR_BIT_LONG is given.
132 RC4_CHAR makes the basic RC4 unit of
133 calculation an unsigned char.
134 SIXTY_FOUR_BIT processor registers
135 are 64 bits, long is
136 32 bits, long long is
137 64 bits.
138 SIXTY_FOUR_BIT_LONG processor registers
139 are 64 bits, long is
140 64 bits.
141 THIRTY_TWO_BIT processor registers
142 are 32 bits.
143 EXPORT_VAR_AS_FN for shared libraries,
144 export vars as
145 accessor functions.
146
147 apps_extra_src => Extra source to build apps/openssl, as
148 needed by the target.
149 cpuid_asm_src => assembler implementation of cpuid code as
150 well as OPENSSL_cleanse().
151 Default to mem_clr.c
152 bn_asm_src => Assembler implementation of core bignum
153 functions.
154 Defaults to bn_asm.c
155 ec_asm_src => Assembler implementation of core EC
156 functions.
157 des_asm_src => Assembler implementation of core DES
158 encryption functions.
159 Defaults to 'des_enc.c fcrypt_b.c'
160 aes_asm_src => Assembler implementation of core AES
161 functions.
162 Defaults to 'aes_core.c aes_cbc.c'
163 bf_asm_src => Assembler implementation of core BlowFish
164 functions.
165 Defaults to 'bf_enc.c'
166 md5_asm_src => Assembler implementation of core MD5
167 functions.
168 sha1_asm_src => Assembler implementation of core SHA1,
169 functions, and also possibly SHA256 and
170 SHA512 ones.
171 cast_asm_src => Assembler implementation of core CAST
172 functions.
173 Defaults to 'c_enc.c'
174 rc4_asm_src => Assembler implementation of core RC4
175 functions.
176 Defaults to 'rc4_enc.c rc4_skey.c'
177 rmd160_asm_src => Assembler implementation of core RMD160
178 functions.
179 rc5_asm_src => Assembler implementation of core RC5
180 functions.
181 Defaults to 'rc5_enc.c'
182 wp_asm_src => Assembler implementation of core WHIRLPOOL
183 functions.
184 cmll_asm_src => Assembler implementation of core CAMELLIA
185 functions.
186 Defaults to 'camellia.c cmll_misc.c cmll_cbc.c'
187 modes_asm_src => Assembler implementation of cipher modes,
188 currently the functions gcm_gmult_4bit and
189 gcm_ghash_4bit.
190 padlock_asm_src => Assembler implementation of core parts of
191 the padlock engine. This is mandatory on
192 any platform where the padlock engine might
193 actually be built.
194
195
196 [1] as part of the target configuration, one can have a key called
197 'inherit_from' that indicate what other configurations to inherit
198 data from. These are resolved recursively.
199
200 Inheritance works as a set of default values that can be overridden
201 by corresponding key values in the inheriting configuration.
202
203 Note 1: any configuration table can be used as a template.
204 Note 2: pure templates have the attribute 'template => 1' and
205 cannot be used as build targets.
206
207 If several configurations are given in the 'inherit_from' array,
208 the values of same attribute are concatenated with space
209 separation. With this, it's possible to have several smaller
210 templates for different configuration aspects that can be combined
211 into a complete configuration.
212
213 instead of a scalar value or an array, a value can be a code block
214 of the form 'sub { /* your code here */ }'. This code block will
215 be called with the list of inherited values for that key as
216 arguments. In fact, the concatenation of strings is really done
217 by using 'sub { join(" ",@_) }' on the list of inherited values.
218
219 An example:
220
221 "foo" => {
222 template => 1,
223 haha => "ha ha",
224 hoho => "ho",
225 ignored => "This should not appear in the end result",
226 },
227 "bar" => {
228 template => 1,
229 haha => "ah",
230 hoho => "haho",
231 hehe => "hehe"
232 },
233 "laughter" => {
234 inherit_from => [ "foo", "bar" ],
235 hehe => sub { join(" ",(@_,"!!!")) },
236 ignored => "",
237 }
238
239 The entry for "laughter" will become as follows after processing:
240
241 "laughter" => {
242 haha => "ha ha ah",
243 hoho => "ho haho",
244 hehe => "hehe !!!",
245 ignored => ""
246 }
247
248 [2] OpenSSL is built with threading capabilities unless the user
249 specifies 'no-threads'. The value of the key 'thread_scheme' may
250 be "(unknown)", in which case the user MUST give some compilation
251 flags to Configure.
252
253 [3] OpenSSL has three types of things to link from object files or
254 static libraries:
255
256 - shared libraries; that would be libcrypto and libssl.
257 - shared objects (sometimes called dynamic libraries); that would
258 be the engines.
259 - applications; those are apps/openssl and all the test apps.
260
261 Very roughly speaking, linking is done like this (words in braces
262 represent the configuration settings documented at the beginning
263 of this file):
264
265 shared libraries:
266 {ld} $(CFLAGS) {shared_ldflag} -shared -o libfoo.so \
267 -Wl,--whole-archive libfoo.a -Wl,--no-whole-archive \
268 {plib_lflags} -lcrypto {ex_libs}
269
270 shared objects:
271 {ld} $(CFLAGS) {shared_ldflag} -shared -o libeng.so \
272 blah1.o blah2.o {plib_lflags} -lcrypto {ex_libs}
273
274 applications:
275 {ld} $(CFLAGS) {lflags} -o app \
276 app1.o utils.o {plib_lflags} -lssl -lcrypto {ex_libs}
277
278
279 Historically, the target configurations came in form of a string with
280 values separated by colons. This use is deprecated. The string form
281 looked like this:
282
283 "target" => "{cc}:{cflags}:{unistd}:{thread_cflag}:{sys_id}:{lflags}:{bn_ops}:{cpuid_obj}:{bn_obj}:{ec_obj}:{des_obj}:{aes_obj}:{bf_obj}:{md5_obj}:{sha1_obj}:{cast_obj}:{rc4_obj}:{rmd160_obj}:{rc5_obj}:{wp_obj}:{cmll_obj}:{modes_obj}:{padlock_obj}:{perlasm_scheme}:{dso_scheme}:{shared_target}:{shared_cflag}:{shared_ldflag}:{shared_extension}:{ranlib}:{arflags}:{multilib}"
284
285
286 Build info files
287 ================
288
289 The build.info files that are spread over the source tree contain the
290 minimum information needed to build and distribute OpenSSL. It uses a
291 simple and yet fairly powerful language to determine what needs to be
292 built, from what sources, and other relationships between files.
293
294 For every build.info file, all file references are relative to the
295 directory of the build.info file for source files, and the
296 corresponding build directory for built files if the build tree
297 differs from the source tree.
298
299 When processed, every line is processed with the perl module
300 Text::Template, using the delimiters "{-" and "-}". The hashes
301 %config and %target are passed to the perl fragments, along with
302 $sourcedir and $builddir, which are the locations of the source
303 directory for the current build.info file and the corresponding build
304 directory, all relative to the top of the build tree.
305
306 To begin with, things to be built are declared by setting specific
307 variables:
308
309 PROGRAMS=foo bar
310 LIBS=libsomething
311 ENGINES=libeng
312 SCRIPTS=myhack
313 EXTRA=file1 file2
314
315 Note that the files mentioned for PROGRAMS, LIBS and ENGINES *must* be
316 without extensions. The build file templates will figure them out.
317
318 For each thing to be built, it is then possible to say what sources
319 they are built from:
320
321 PROGRAMS=foo bar
322 SOURCE[foo]=foo.c common.c
323 SOURCE[bar]=bar.c extra.c common.c
324
325 It's also possible to tell some other dependencies:
326
327 DEPEND[foo]=libsomething
328 DEPEND[libbar]=libsomethingelse
329
330 (it could be argued that 'libsomething' and 'libsomethingelse' are
331 source as well. However, the files given through SOURCE are expected
332 to be located in the source tree while files given through DEPEND are
333 expected to be located in the build tree)
334
335 For some libraries, we maintain files with public symbols and their
336 slot in a transfer vector (important on some platforms). It can be
337 declared like this:
338
339 ORDINALS[libcrypto]=crypto
340
341 The value is not the name of the file in question, but rather the
342 argument to util/mkdef.pl that indicates which file to use.
343
344 One some platforms, shared libraries come with a name that's different
345 from their static counterpart. That's declared as follows:
346
347 SHARED_NAME[libfoo]=cygfoo-{- $config{shlibver} -}
348
349 The example is from Cygwin, which has a required naming convention.
350
351 Sometimes, it makes sense to rename an output file, for example a
352 library:
353
354 RENAME[libfoo]=libbar
355
356 That lines has "libfoo" get renamed to "libbar". While it makes no
357 sense at all to just have a rename like that (why not just use
358 "libbar" everywhere?), it does make sense when it can be used
359 conditionally. See a little further below for an example.
360
361 For any file to be built, it's also possible to tell what extra
362 include paths the build of their source files should use:
363
364 INCLUDE[foo]=include
365
366 In some cases, one might want to generate some source files from
367 others, that's done as follows:
368
369 GENERATE[foo.s]=asm/something.pl $(CFLAGS)
370 GENERATE[bar.s]=asm/bar.S
371
372 The value of each GENERATE line is a command line or part of it.
373 Configure places no rules on the command line, except the the first
374 item muct be the generator file. It is, however, entirely up to the
375 build file template to define exactly how those command lines should
376 be handled, how the output is captured and so on.
377
378 NOTE: GENERATE lines are limited to one command only per GENERATE.
379
380 As a last resort, it's possible to have raw build file lines, between
381 BEGINRAW and ENDRAW lines as follows:
382
383 BEGINRAW[Makefile(unix)]
384 haha.h: {- $builddir -}/Makefile
385 echo "/* haha */" > haha.h
386 ENDRAW[Makefile(unix)]
387
388 The word withing square brackets is the build_file configuration item
389 or the build_file configuration item followed by the second word in the
390 build_scheme configuration item for the configured target within
391 parenthesis as shown above. For example, with the following relevant
392 configuration items:
393
394 build_file => "build.ninja"
395 build_scheme => [ "unified", "unix" ]
396
397 ... these lines will be considered:
398
399 BEGINRAW[build.ninja]
400 build haha.h: echo "/* haha */" > haha.h
401 ENDRAW[build.ninja]
402
403 BEGINRAW[build.ninja(unix)]
404 build hoho.h: echo "/* hoho */" > hoho.h
405 ENDRAW[build.ninja(unix)]
406
407 Should it be needed because the recipes within a RAW section might
408 clash with those generated by Configure, it's possible to tell it
409 not to generate them with the use of OVERRIDES, for example:
410
411 SOURCE[libfoo]=foo.c bar.c
412
413 OVERRIDES=bar.o
414 BEGINRAW[Makefile(unix)]
415 bar.o: bar.c
416 $(CC) $(CFLAGS) -DSPECIAL -c -o $@ $<
417 ENDRAW[Makefile(unix)]
418
419 See the documentation further up for more information on configuration
420 items.
421
422 Finally, you can have some simple conditional use of the build.info
423 information, looking like this:
424
425 IF[1]
426 something
427 ELSIF[2]
428 something other
429 ELSE
430 something else
431 ENDIF
432
433 The expression in square brackets is interpreted as a string in perl,
434 and will be seen as true if perl thinks it is, otherwise false. For
435 example, the above would have "something" used, since 1 is true.
436
437 Together with the use of Text::Template, this can be used as
438 conditions based on something in the passed variables, for example:
439
440 IF[{- $disabled{shared} -}]
441 LIBS=libcrypto
442 SOURCE[libcrypto]=...
443 ELSE
444 LIBS=libfoo
445 SOURCE[libfoo]=...
446 ENDIF
447
448 or:
449
450 # VMS has a cultural standard where all libraries are prefixed.
451 # For OpenSSL, the choice is 'ossl_'
452 IF[{- $config{target} =~ /^vms/ -}]
453 RENAME[libcrypto]=ossl_libcrypto
454 RENAME[libssl]=ossl_libssl
455 ENDIF
456
457
458 Build-file programming with the "unified" build system
459 ======================================================
460
461 "Build files" are called "Makefile" on Unix-like operating systems,
462 "descrip.mms" for MMS on VMS, "makefile" for nmake on Windows, etc.
463
464 To use the "unified" build system, the target configuration needs to
465 set the three items 'build_scheme', 'build_file' and 'build_command'.
466 In the rest of this section, we will assume that 'build_scheme' is set
467 to "unified" (see the configurations documentation above for the
468 details).
469
470 For any name given by 'build_file', the "unified" system expects a
471 template file in Configurations/ named like the build file, with
472 ".tmpl" appended, or in case of possible ambiguity, a combination of
473 the second 'build_scheme' list item and the 'build_file' name. For
474 example, if 'build_file' is set to "Makefile", the template could be
475 Configurations/Makefile.tmpl or Configurations/unix-Makefile.tmpl.
476 In case both Configurations/unix-Makefile.tmpl and
477 Configurations/Makefile.tmpl are present, the former takes
478 precedence.
479
480 The build-file template is processed with the perl module
481 Text::Template, using "{-" and "-}" as delimiters that enclose the
482 perl code fragments that generate configuration-dependent content.
483 Those perl fragments have access to all the hash variables from
484 configdata.pem.
485
486 The build-file template is expected to define at least the following
487 perl functions in a perl code fragment enclosed with "{-" and "-}".
488 They are all expected to return a string with the lines they produce.
489
490 generatesrc - function that produces build file lines to generate
491 a source file from some input.
492
493 It's called like this:
494
495 generatesrc(src => "PATH/TO/tobegenerated",
496 generator => [ "generatingfile", ... ]
497 deps => [ "dep1", ... ],
498 intent => one of "libs", "dso", "bin" );
499
500 'src' has the name of the file to be generated.
501 'generator' is the command or part of command to
502 generate the file, of which the first item is
503 expected to be the file to generate from.
504 generatesrc() is expected to analyse and figure out
505 exactly how to apply that file and how to capture
506 the result. 'deps' is a list of explicit
507 dependencies. 'intent' indicates what the generated
508 file is going to be used for.
509
510 src2obj - function that produces build file lines to build an
511 object file from source files and associated data.
512
513 It's called like this:
514
515 src2obj(obj => "PATH/TO/objectfile",
516 srcs => [ "PATH/TO/sourcefile", ... ],
517 deps => [ "dep1", ... ],
518 incs => [ "INCL/PATH", ... ]
519 intent => one of "lib", "dso", "bin" );
520
521 'obj' has the intended object file *without*
522 extension, src2obj() is expected to add that.
523 'srcs' has the list of source files to build the
524 object file, with the first item being the source
525 file that directly corresponds to the object file.
526 'deps' is a list of explicit dependencies. 'incs'
527 is a list of include file directories. Finally,
528 'intent' indicates what this object file is going
529 to be used for.
530
531 obj2lib - function that produces build file lines to build a
532 static library file ("libfoo.a" in Unix terms) from
533 object files.
534
535 called like this:
536
537 obj2lib(lib => "PATH/TO/libfile",
538 objs => [ "PATH/TO/objectfile", ... ]);
539
540 'lib' has the intended library file name *without*
541 extension, obj2lib is expected to add that. 'objs'
542 has the list of object files (also *without*
543 extension) to build this library.
544
545 libobj2shlib - function that produces build file lines to build a
546 shareable object library file ("libfoo.so" in Unix
547 terms) from the corresponding static library file
548 or object files.
549
550 called like this:
551
552 libobj2shlib(shlib => "PATH/TO/shlibfile",
553 lib => "PATH/TO/libfile",
554 objs => [ "PATH/TO/objectfile", ... ],
555 deps => [ "PATH/TO/otherlibfile", ... ],
556 ordinals => [ "word", "/PATH/TO/ordfile" ]);
557
558 'lib' has the intended library file name *without*
559 extension, libobj2shlib is expected to add that.
560 'shlib' has the corresponding shared library name
561 *without* extension. 'deps' has the list of other
562 libraries (also *without* extension) this library
563 needs to be linked with. 'objs' has the list of
564 object files (also *without* extension) to build
565 this library. 'ordinals' MAY be present, and when
566 it is, its value is an array where the word is
567 "crypto" or "ssl" and the file is one of the ordinal
568 files util/libeay.num or util/ssleay.num in the
569 source directory.
570
571 This function has a choice; it can use the
572 corresponding static library as input to make the
573 shared library, or the list of object files.
574
575 obj2dso - function that produces build file lines to build a
576 dynamic shared object file from object files.
577
578 called like this:
579
580 obj2dso(lib => "PATH/TO/libfile",
581 objs => [ "PATH/TO/objectfile", ... ],
582 deps => [ "PATH/TO/otherlibfile",
583 ... ]);
584
585 This is almost the same as libobj2shlib, but the
586 intent is to build a shareable library that can be
587 loaded in runtime (a "plugin"...). The differences
588 are subtle, one of the most visible ones is that the
589 resulting shareable library is produced from object
590 files only.
591
592 obj2bin - function that produces build file lines to build an
593 executable file from object files.
594
595 called like this:
596
597 obj2bin(bin => "PATH/TO/binfile",
598 objs => [ "PATH/TO/objectfile", ... ],
599 deps => [ "PATH/TO/libfile", ... ]);
600
601 'bin' has the intended executable file name
602 *without* extension, obj2bin is expected to add
603 that. 'objs' has the list of object files (also
604 *without* extension) to build this library. 'deps'
605 has the list of library files (also *without*
606 extension) that the programs needs to be linked
607 with.
608
609 in2script - function that produces build file lines to build a
610 script file from some input.
611
612 called like this:
613
614 in2script(script => "PATH/TO/scriptfile",
615 sources => [ "PATH/TO/infile", ... ]);
616
617 'script' has the intended script file name.
618 'sources' has the list of source files to build the
619 resulting script from.
620
621 In all cases, file file paths are relative to the build tree top, and
622 the build file actions run with the build tree top as current working
623 directory.
624
625 Make sure to end the section with these functions with a string that
626 you thing is appropriate for the resulting build file. If nothing
627 else, end it like this:
628
629 ""; # Make sure no lingering values end up in the Makefile
630 -}
A mirror of the official openssl repository