]> git.ipfire.org Git - thirdparty/openssl.git/blob - Configurations/README
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Document how to force linking with static libraries
[thirdparty/openssl.git] / Configurations / README
1 Configurations of OpenSSL target platforms
2 ==========================================
3
4 Target configurations are a collection of facts that we know about
5 different platforms and their capabilities. We organise them in a
6 hash table, where each entry represent a specific target.
7
8 In each table entry, the following keys are significant:
9
10 inherit_from => Other targets to inherit values from.
11 Explained further below. [1]
12 template => Set to 1 if this isn't really a platform
13 target. Instead, this target is a template
14 upon which other targets can be built.
15 Explained further below. [1]
16
17 sys_id => System identity for systems where that
18 is difficult to determine automatically.
19
20 cc => The C compiler command, usually one of "cc",
21 "gcc" or "clang". This command is normally
22 also used to link object files and
23 libraries into the final program.
24 cxx => The C++ compiler command, usually one of
25 "c++", "g++" or "clang++". This command is
26 also used when linking a program where at
27 least one of the object file is made from
28 C++ source.
29 cflags => Flags that are used at all times when
30 compiling C object files.
31 cxxflags => Flags that are used at all times when
32 compiling C++ object files. If unset, it
33 gets the same value as cflags.
34 defines => As an alternative, macro definitions may be
35 present here instead of in `cflags'. If
36 given here, they MUST be as an array of the
37 string such as "MACRO=value", or just
38 "MACRO" for definitions without value.
39 shared_cflag => Extra compilation flags used when
40 compiling for shared libraries, typically
41 something like "-fPIC".
42
43 (linking is a complex thing, see [3] below)
44 ld => Linker command, usually not defined
45 (meaning the compiler command is used
46 instead).
47 (NOTE: this is here for future use, it's
48 not implemented yet)
49 lflags => Flags that are used when linking apps.
50 shared_ldflag => Flags that are used when linking shared
51 or dynamic libraries.
52 plib_lflags => Extra linking flags to appear just before
53 the libraries on the command line.
54 ex_libs => Extra libraries that are needed when
55 linking.
56
57 ar => The library archive command, the default is
58 "ar".
59 (NOTE: this is here for future use, it's
60 not implemented yet)
61 arflags => Flags to be used with the library archive
62 command.
63
64 ranlib => The library archive indexing command, the
65 default is 'ranlib' it it exists.
66
67 unistd => An alternative header to the typical
68 '<unistd.h>'. This is very rarely needed.
69
70 shared_extension => File name extension used for shared
71 libraries.
72 obj_extension => File name extension used for object files.
73 On unix, this defaults to ".o" (NOTE: this
74 is here for future use, it's not
75 implemented yet)
76 exe_extension => File name extension used for executable
77 files. On unix, this defaults to "" (NOTE:
78 this is here for future use, it's not
79 implemented yet)
80
81 thread_scheme => The type of threads is used on the
82 configured platform. Currently known
83 values are "(unknown)", "pthreads",
84 "uithreads" (a.k.a solaris threads) and
85 "winthreads". Except for "(unknown)", the
86 actual value is currently ignored but may
87 be used in the future. See further notes
88 below [2].
89 dso_scheme => The type of dynamic shared objects to build
90 for. This mostly comes into play with
91 engines, but can be used for other purposes
92 as well. Valid values are "DLFCN"
93 (dlopen() et al), "DLFCN_NO_H" (for systems
94 that use dlopen() et al but do not have
95 fcntl.h), "DL" (shl_load() et al), "WIN32"
96 and "VMS".
97 perlasm_scheme => The perlasm method used to created the
98 assembler files used when compiling with
99 assembler implementations.
100 shared_target => The shared library building method used.
101 This is a target found in Makefile.shared.
102 build_scheme => The scheme used to build up a Makefile.
103 In its simplest form, the value is a string
104 with the name of the build scheme.
105 The value may also take the form of a list
106 of strings, if the build_scheme is to have
107 some options. In this case, the first
108 string in the list is the name of the build
109 scheme.
110 Currently recognised build scheme is "unified".
111 For the "unified" build scheme, this item
112 *must* be an array with the first being the
113 word "unified" and the second being a word
114 to identify the platform family.
115
116 multilib => On systems that support having multiple
117 implementations of a library (typically a
118 32-bit and a 64-bit variant), this is used
119 to have the different variants in different
120 directories.
121
122 bn_ops => Building options (was just bignum options
123 in the earlier history of this option,
124 hence the name). This a string of words
125 that describe properties on the designated
126 target platform, such as the type of
127 integers used to build up the bitnum,
128 different ways to implement certain ciphers
129 and so on. To fully comprehend the
130 meaning, the best is to read the affected
131 source.
132 The valid words are:
133
134 BN_LLONG use 'unsigned long long' in
135 some bignum calculations.
136 This has no value when
137 SIXTY_FOUR_BIT or
138 SIXTY_FOUR_BIT_LONG is given.
139 RC4_CHAR makes the basic RC4 unit of
140 calculation an unsigned char.
141 SIXTY_FOUR_BIT processor registers
142 are 64 bits, long is
143 32 bits, long long is
144 64 bits.
145 SIXTY_FOUR_BIT_LONG processor registers
146 are 64 bits, long is
147 64 bits.
148 THIRTY_TWO_BIT processor registers
149 are 32 bits.
150 EXPORT_VAR_AS_FN for shared libraries,
151 export vars as
152 accessor functions.
153
154 apps_extra_src => Extra source to build apps/openssl, as
155 needed by the target.
156 cpuid_asm_src => assembler implementation of cpuid code as
157 well as OPENSSL_cleanse().
158 Default to mem_clr.c
159 bn_asm_src => Assembler implementation of core bignum
160 functions.
161 Defaults to bn_asm.c
162 ec_asm_src => Assembler implementation of core EC
163 functions.
164 des_asm_src => Assembler implementation of core DES
165 encryption functions.
166 Defaults to 'des_enc.c fcrypt_b.c'
167 aes_asm_src => Assembler implementation of core AES
168 functions.
169 Defaults to 'aes_core.c aes_cbc.c'
170 bf_asm_src => Assembler implementation of core BlowFish
171 functions.
172 Defaults to 'bf_enc.c'
173 md5_asm_src => Assembler implementation of core MD5
174 functions.
175 sha1_asm_src => Assembler implementation of core SHA1,
176 functions, and also possibly SHA256 and
177 SHA512 ones.
178 cast_asm_src => Assembler implementation of core CAST
179 functions.
180 Defaults to 'c_enc.c'
181 rc4_asm_src => Assembler implementation of core RC4
182 functions.
183 Defaults to 'rc4_enc.c rc4_skey.c'
184 rmd160_asm_src => Assembler implementation of core RMD160
185 functions.
186 rc5_asm_src => Assembler implementation of core RC5
187 functions.
188 Defaults to 'rc5_enc.c'
189 wp_asm_src => Assembler implementation of core WHIRLPOOL
190 functions.
191 cmll_asm_src => Assembler implementation of core CAMELLIA
192 functions.
193 Defaults to 'camellia.c cmll_misc.c cmll_cbc.c'
194 modes_asm_src => Assembler implementation of cipher modes,
195 currently the functions gcm_gmult_4bit and
196 gcm_ghash_4bit.
197 padlock_asm_src => Assembler implementation of core parts of
198 the padlock engine. This is mandatory on
199 any platform where the padlock engine might
200 actually be built.
201
202
203 [1] as part of the target configuration, one can have a key called
204 'inherit_from' that indicate what other configurations to inherit
205 data from. These are resolved recursively.
206
207 Inheritance works as a set of default values that can be overridden
208 by corresponding key values in the inheriting configuration.
209
210 Note 1: any configuration table can be used as a template.
211 Note 2: pure templates have the attribute 'template => 1' and
212 cannot be used as build targets.
213
214 If several configurations are given in the 'inherit_from' array,
215 the values of same attribute are concatenated with space
216 separation. With this, it's possible to have several smaller
217 templates for different configuration aspects that can be combined
218 into a complete configuration.
219
220 instead of a scalar value or an array, a value can be a code block
221 of the form 'sub { /* your code here */ }'. This code block will
222 be called with the list of inherited values for that key as
223 arguments. In fact, the concatenation of strings is really done
224 by using 'sub { join(" ",@_) }' on the list of inherited values.
225
226 An example:
227
228 "foo" => {
229 template => 1,
230 haha => "ha ha",
231 hoho => "ho",
232 ignored => "This should not appear in the end result",
233 },
234 "bar" => {
235 template => 1,
236 haha => "ah",
237 hoho => "haho",
238 hehe => "hehe"
239 },
240 "laughter" => {
241 inherit_from => [ "foo", "bar" ],
242 hehe => sub { join(" ",(@_,"!!!")) },
243 ignored => "",
244 }
245
246 The entry for "laughter" will become as follows after processing:
247
248 "laughter" => {
249 haha => "ha ha ah",
250 hoho => "ho haho",
251 hehe => "hehe !!!",
252 ignored => ""
253 }
254
255 [2] OpenSSL is built with threading capabilities unless the user
256 specifies 'no-threads'. The value of the key 'thread_scheme' may
257 be "(unknown)", in which case the user MUST give some compilation
258 flags to Configure.
259
260 [3] OpenSSL has three types of things to link from object files or
261 static libraries:
262
263 - shared libraries; that would be libcrypto and libssl.
264 - shared objects (sometimes called dynamic libraries); that would
265 be the engines.
266 - applications; those are apps/openssl and all the test apps.
267
268 Very roughly speaking, linking is done like this (words in braces
269 represent the configuration settings documented at the beginning
270 of this file):
271
272 shared libraries:
273 {ld} $(CFLAGS) {shared_ldflag} -shared -o libfoo.so \
274 -Wl,--whole-archive libfoo.a -Wl,--no-whole-archive \
275 {plib_lflags} -lcrypto {ex_libs}
276
277 shared objects:
278 {ld} $(CFLAGS) {shared_ldflag} -shared -o libeng.so \
279 blah1.o blah2.o {plib_lflags} -lcrypto {ex_libs}
280
281 applications:
282 {ld} $(CFLAGS) {lflags} -o app \
283 app1.o utils.o {plib_lflags} -lssl -lcrypto {ex_libs}
284
285
286 Historically, the target configurations came in form of a string with
287 values separated by colons. This use is deprecated. The string form
288 looked like this:
289
290 "target" => "{cc}:{cflags}:{unistd}:{thread_cflag}:{sys_id}:{lflags}:{bn_ops}:{cpuid_obj}:{bn_obj}:{ec_obj}:{des_obj}:{aes_obj}:{bf_obj}:{md5_obj}:{sha1_obj}:{cast_obj}:{rc4_obj}:{rmd160_obj}:{rc5_obj}:{wp_obj}:{cmll_obj}:{modes_obj}:{padlock_obj}:{perlasm_scheme}:{dso_scheme}:{shared_target}:{shared_cflag}:{shared_ldflag}:{shared_extension}:{ranlib}:{arflags}:{multilib}"
291
292
293 Build info files
294 ================
295
296 The build.info files that are spread over the source tree contain the
297 minimum information needed to build and distribute OpenSSL. It uses a
298 simple and yet fairly powerful language to determine what needs to be
299 built, from what sources, and other relationships between files.
300
301 For every build.info file, all file references are relative to the
302 directory of the build.info file for source files, and the
303 corresponding build directory for built files if the build tree
304 differs from the source tree.
305
306 When processed, every line is processed with the perl module
307 Text::Template, using the delimiters "{-" and "-}". The hashes
308 %config and %target are passed to the perl fragments, along with
309 $sourcedir and $builddir, which are the locations of the source
310 directory for the current build.info file and the corresponding build
311 directory, all relative to the top of the build tree.
312
313 To begin with, things to be built are declared by setting specific
314 variables:
315
316 PROGRAMS=foo bar
317 LIBS=libsomething
318 ENGINES=libeng
319 SCRIPTS=myhack
320 EXTRA=file1 file2
321
322 Note that the files mentioned for PROGRAMS, LIBS and ENGINES *must* be
323 without extensions. The build file templates will figure them out.
324
325 For each thing to be built, it is then possible to say what sources
326 they are built from:
327
328 PROGRAMS=foo bar
329 SOURCE[foo]=foo.c common.c
330 SOURCE[bar]=bar.c extra.c common.c
331
332 It's also possible to tell some other dependencies:
333
334 DEPEND[foo]=libsomething
335 DEPEND[libbar]=libsomethingelse
336
337 (it could be argued that 'libsomething' and 'libsomethingelse' are
338 source as well. However, the files given through SOURCE are expected
339 to be located in the source tree while files given through DEPEND are
340 expected to be located in the build tree)
341
342 It's also possible to depend on static libraries explicitely:
343
344 DEPEND[foo]=libsomething.a
345 DEPEND[libbar]=libsomethingelse.a
346
347 This should be rarely used, and care should be taken to make sure it's
348 only used when supported. For example, native Windows build doesn't
349 support build static libraries and DLLs at the same time, so using
350 static libraries on Windows can only be done when configured
351 'no-shared'.
352
353 For some libraries, we maintain files with public symbols and their
354 slot in a transfer vector (important on some platforms). It can be
355 declared like this:
356
357 ORDINALS[libcrypto]=crypto
358
359 The value is not the name of the file in question, but rather the
360 argument to util/mkdef.pl that indicates which file to use.
361
362 One some platforms, shared libraries come with a name that's different
363 from their static counterpart. That's declared as follows:
364
365 SHARED_NAME[libfoo]=cygfoo-{- $config{shlibver} -}
366
367 The example is from Cygwin, which has a required naming convention.
368
369 Sometimes, it makes sense to rename an output file, for example a
370 library:
371
372 RENAME[libfoo]=libbar
373
374 That lines has "libfoo" get renamed to "libbar". While it makes no
375 sense at all to just have a rename like that (why not just use
376 "libbar" everywhere?), it does make sense when it can be used
377 conditionally. See a little further below for an example.
378
379 In some cases, it's desirable to include some source files in the
380 shared form of a library only:
381
382 SHARED_SOURCE[libfoo]=dllmain.c
383
384 For any file to be built, it's also possible to tell what extra
385 include paths the build of their source files should use:
386
387 INCLUDE[foo]=include
388
389 In some cases, one might want to generate some source files from
390 others, that's done as follows:
391
392 GENERATE[foo.s]=asm/something.pl $(CFLAGS)
393 GENERATE[bar.s]=asm/bar.S
394
395 The value of each GENERATE line is a command line or part of it.
396 Configure places no rules on the command line, except the the first
397 item muct be the generator file. It is, however, entirely up to the
398 build file template to define exactly how those command lines should
399 be handled, how the output is captured and so on.
400
401 Sometimes, the generator file itself depends on other files, for
402 example if it is a perl script that depends on other perl modules.
403 This can be expressed using DEPEND like this:
404
405 DEPEND[asm/something.pl]=../perlasm/Foo.pm
406
407 There may also be cases where the exact file isn't easily specified,
408 but an inclusion directory still needs to be specified. INCLUDE can
409 be used in that case:
410
411 INCLUDE[asm/something.pl]=../perlasm
412
413 NOTE: GENERATE lines are limited to one command only per GENERATE.
414
415 As a last resort, it's possible to have raw build file lines, between
416 BEGINRAW and ENDRAW lines as follows:
417
418 BEGINRAW[Makefile(unix)]
419 haha.h: {- $builddir -}/Makefile
420 echo "/* haha */" > haha.h
421 ENDRAW[Makefile(unix)]
422
423 The word within square brackets is the build_file configuration item
424 or the build_file configuration item followed by the second word in the
425 build_scheme configuration item for the configured target within
426 parenthesis as shown above. For example, with the following relevant
427 configuration items:
428
429 build_file => "build.ninja"
430 build_scheme => [ "unified", "unix" ]
431
432 ... these lines will be considered:
433
434 BEGINRAW[build.ninja]
435 build haha.h: echo "/* haha */" > haha.h
436 ENDRAW[build.ninja]
437
438 BEGINRAW[build.ninja(unix)]
439 build hoho.h: echo "/* hoho */" > hoho.h
440 ENDRAW[build.ninja(unix)]
441
442 Should it be needed because the recipes within a RAW section might
443 clash with those generated by Configure, it's possible to tell it
444 not to generate them with the use of OVERRIDES, for example:
445
446 SOURCE[libfoo]=foo.c bar.c
447
448 OVERRIDES=bar.o
449 BEGINRAW[Makefile(unix)]
450 bar.o: bar.c
451 $(CC) $(CFLAGS) -DSPECIAL -c -o $@ $<
452 ENDRAW[Makefile(unix)]
453
454 See the documentation further up for more information on configuration
455 items.
456
457 Finally, you can have some simple conditional use of the build.info
458 information, looking like this:
459
460 IF[1]
461 something
462 ELSIF[2]
463 something other
464 ELSE
465 something else
466 ENDIF
467
468 The expression in square brackets is interpreted as a string in perl,
469 and will be seen as true if perl thinks it is, otherwise false. For
470 example, the above would have "something" used, since 1 is true.
471
472 Together with the use of Text::Template, this can be used as
473 conditions based on something in the passed variables, for example:
474
475 IF[{- $disabled{shared} -}]
476 LIBS=libcrypto
477 SOURCE[libcrypto]=...
478 ELSE
479 LIBS=libfoo
480 SOURCE[libfoo]=...
481 ENDIF
482
483 or:
484
485 # VMS has a cultural standard where all libraries are prefixed.
486 # For OpenSSL, the choice is 'ossl_'
487 IF[{- $config{target} =~ /^vms/ -}]
488 RENAME[libcrypto]=ossl_libcrypto
489 RENAME[libssl]=ossl_libssl
490 ENDIF
491
492
493 Build-file programming with the "unified" build system
494 ======================================================
495
496 "Build files" are called "Makefile" on Unix-like operating systems,
497 "descrip.mms" for MMS on VMS, "makefile" for nmake on Windows, etc.
498
499 To use the "unified" build system, the target configuration needs to
500 set the three items 'build_scheme', 'build_file' and 'build_command'.
501 In the rest of this section, we will assume that 'build_scheme' is set
502 to "unified" (see the configurations documentation above for the
503 details).
504
505 For any name given by 'build_file', the "unified" system expects a
506 template file in Configurations/ named like the build file, with
507 ".tmpl" appended, or in case of possible ambiguity, a combination of
508 the second 'build_scheme' list item and the 'build_file' name. For
509 example, if 'build_file' is set to "Makefile", the template could be
510 Configurations/Makefile.tmpl or Configurations/unix-Makefile.tmpl.
511 In case both Configurations/unix-Makefile.tmpl and
512 Configurations/Makefile.tmpl are present, the former takes
513 precedence.
514
515 The build-file template is processed with the perl module
516 Text::Template, using "{-" and "-}" as delimiters that enclose the
517 perl code fragments that generate configuration-dependent content.
518 Those perl fragments have access to all the hash variables from
519 configdata.pem.
520
521 The build-file template is expected to define at least the following
522 perl functions in a perl code fragment enclosed with "{-" and "-}".
523 They are all expected to return a string with the lines they produce.
524
525 generatesrc - function that produces build file lines to generate
526 a source file from some input.
527
528 It's called like this:
529
530 generatesrc(src => "PATH/TO/tobegenerated",
531 generator => [ "generatingfile", ... ]
532 generator_incs => [ "INCL/PATH", ... ]
533 generator_deps => [ "dep1", ... ]
534 generator => [ "generatingfile", ... ]
535 incs => [ "INCL/PATH", ... ],
536 deps => [ "dep1", ... ],
537 intent => one of "libs", "dso", "bin" );
538
539 'src' has the name of the file to be generated.
540 'generator' is the command or part of command to
541 generate the file, of which the first item is
542 expected to be the file to generate from.
543 generatesrc() is expected to analyse and figure out
544 exactly how to apply that file and how to capture
545 the result. 'generator_incs' and 'generator_deps'
546 are include directories and files that the generator
547 file itself depends on. 'incs' and 'deps' are
548 include directories and files that are used if $(CC)
549 is used as an intermediary step when generating the
550 end product (the file indicated by 'src'). 'intent'
551 indicates what the generated file is going to be
552 used for.
553
554 src2obj - function that produces build file lines to build an
555 object file from source files and associated data.
556
557 It's called like this:
558
559 src2obj(obj => "PATH/TO/objectfile",
560 srcs => [ "PATH/TO/sourcefile", ... ],
561 deps => [ "dep1", ... ],
562 incs => [ "INCL/PATH", ... ]
563 intent => one of "lib", "dso", "bin" );
564
565 'obj' has the intended object file *without*
566 extension, src2obj() is expected to add that.
567 'srcs' has the list of source files to build the
568 object file, with the first item being the source
569 file that directly corresponds to the object file.
570 'deps' is a list of explicit dependencies. 'incs'
571 is a list of include file directories. Finally,
572 'intent' indicates what this object file is going
573 to be used for.
574
575 obj2lib - function that produces build file lines to build a
576 static library file ("libfoo.a" in Unix terms) from
577 object files.
578
579 called like this:
580
581 obj2lib(lib => "PATH/TO/libfile",
582 objs => [ "PATH/TO/objectfile", ... ]);
583
584 'lib' has the intended library file name *without*
585 extension, obj2lib is expected to add that. 'objs'
586 has the list of object files (also *without*
587 extension) to build this library.
588
589 libobj2shlib - function that produces build file lines to build a
590 shareable object library file ("libfoo.so" in Unix
591 terms) from the corresponding static library file
592 or object files.
593
594 called like this:
595
596 libobj2shlib(shlib => "PATH/TO/shlibfile",
597 lib => "PATH/TO/libfile",
598 objs => [ "PATH/TO/objectfile", ... ],
599 deps => [ "PATH/TO/otherlibfile", ... ],
600 ordinals => [ "word", "/PATH/TO/ordfile" ]);
601
602 'lib' has the intended library file name *without*
603 extension, libobj2shlib is expected to add that.
604 'shlib' has the corresponding shared library name
605 *without* extension. 'deps' has the list of other
606 libraries (also *without* extension) this library
607 needs to be linked with. 'objs' has the list of
608 object files (also *without* extension) to build
609 this library. 'ordinals' MAY be present, and when
610 it is, its value is an array where the word is
611 "crypto" or "ssl" and the file is one of the ordinal
612 files util/libeay.num or util/ssleay.num in the
613 source directory.
614
615 This function has a choice; it can use the
616 corresponding static library as input to make the
617 shared library, or the list of object files.
618
619 obj2dso - function that produces build file lines to build a
620 dynamic shared object file from object files.
621
622 called like this:
623
624 obj2dso(lib => "PATH/TO/libfile",
625 objs => [ "PATH/TO/objectfile", ... ],
626 deps => [ "PATH/TO/otherlibfile",
627 ... ]);
628
629 This is almost the same as libobj2shlib, but the
630 intent is to build a shareable library that can be
631 loaded in runtime (a "plugin"...). The differences
632 are subtle, one of the most visible ones is that the
633 resulting shareable library is produced from object
634 files only.
635
636 obj2bin - function that produces build file lines to build an
637 executable file from object files.
638
639 called like this:
640
641 obj2bin(bin => "PATH/TO/binfile",
642 objs => [ "PATH/TO/objectfile", ... ],
643 deps => [ "PATH/TO/libfile", ... ]);
644
645 'bin' has the intended executable file name
646 *without* extension, obj2bin is expected to add
647 that. 'objs' has the list of object files (also
648 *without* extension) to build this library. 'deps'
649 has the list of library files (also *without*
650 extension) that the programs needs to be linked
651 with.
652
653 in2script - function that produces build file lines to build a
654 script file from some input.
655
656 called like this:
657
658 in2script(script => "PATH/TO/scriptfile",
659 sources => [ "PATH/TO/infile", ... ]);
660
661 'script' has the intended script file name.
662 'sources' has the list of source files to build the
663 resulting script from.
664
665 In all cases, file file paths are relative to the build tree top, and
666 the build file actions run with the build tree top as current working
667 directory.
668
669 Make sure to end the section with these functions with a string that
670 you thing is appropriate for the resulting build file. If nothing
671 else, end it like this:
672
673 ""; # Make sure no lingering values end up in the Makefile
674 -}
A mirror of the official openssl repository