From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id DC8AB80473 for ; Thu, 23 Mar 2017 06:20:03 -0700 (PDT) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga105.jf.intel.com with ESMTP; 23 Mar 2017 06:20:03 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.36,210,1486454400"; d="scan'208";a="1146042163" Received: from shwde6388.ccr.corp.intel.com ([10.239.9.17]) by fmsmga002.fm.intel.com with ESMTP; 23 Mar 2017 06:20:01 -0700 From: Qin Long To: edk2-devel@lists.01.org Cc: ting.ye@intel.com, jiaxin.wu@intel.com, lersek@redhat.com, ard.biesheuvel@linaro.org, glin@suse.com, ronald.cron@arm.com, Moso.Lee@citrix.com, thomas.palmer@hpe.com, David Woodhouse Date: Thu, 23 Mar 2017 21:19:25 +0800 Message-Id: <20170323131932.6168-5-qin.long@intel.com> X-Mailer: git-send-email 2.11.1.windows.1 In-Reply-To: <20170323131932.6168-1-qin.long@intel.com> References: <20170323131932.6168-1-qin.long@intel.com> Subject: [PATCH v2 04/11] CryptoPkg/OpensslLib: Add new Perl script for file list generation. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Mar 2017 13:20:04 -0000 OpenSSL-1.1.0xx configure mechanism was updated with new configdata. This patch update process_file.sh script to new Perl-based script for auto generation of file list and openssl config file (opensslconf.h). This only needs to be done once by a developer when updating to a new version of OpenSSL (or changing options, etc.). Normal users do not need to do this, since the results are already stored in the EDK2 git repository. Cc: Ting Ye Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Gary Lin Cc: Ronald Cron Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: David Woodhouse Signed-off-by: Qin Long --- CryptoPkg/Library/OpensslLib/process_files.pl | 223 ++++++++++++++++++++++++++ CryptoPkg/Library/OpensslLib/process_files.sh | 110 ------------- 2 files changed, 223 insertions(+), 110 deletions(-) create mode 100644 CryptoPkg/Library/OpensslLib/process_files.pl delete mode 100755 CryptoPkg/Library/OpensslLib/process_files.sh diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl new file mode 100644 index 0000000000..210811b9ed --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/process_files.pl @@ -0,0 +1,223 @@ +#!/usr/bin/perl -w +# +# This script runs the OpenSSL Configure script, then processes the +# resulting file list into our local OpensslLib[Crypto].inf and also +# takes a copy of opensslconf.h. +# +# This only needs to be done once by a developer when updating to a +# new version of OpenSSL (or changing options, etc.). Normal users +# do not need to do this, since the results are stored in the EDK2 +# git repository for them. +# +use strict; +use Cwd; +use File::Copy; + +# +# Find the openssl directory name for use lib. We have to do this +# inside of BEGIN. The variables we create here, however, don't seem +# to be available to the main script, so we have to repeat the +# exercise. +# +my $inf_file; +my $OPENSSL_PATH; +my @inf; + +BEGIN { + $inf_file = "OpensslLib.inf"; + + # Read the contents of the inf file + open( FD, "<" . $inf_file ) || + die "Cannot open \"" . $inf_file . "\"!"; + @inf = (); + close(FD) || + die "Cannot close \"" . $inf_file . "\"!"; + + foreach (@inf) { + if (/DEFINE\s+OPENSSL_PATH\s*=\s*([a-z]+)/) { + + # We need to run Configure before we can include its result... + $OPENSSL_PATH = $1; + + my $basedir = getcwd(); + + chdir($OPENSSL_PATH) || + die "Cannot change to OpenSSL directory \"" . $OPENSSL_PATH . "\""; + + # Configure UEFI + system( + "./Configure", + "UEFI", + "no-afalgeng", + "no-asm", + "no-async", + "no-autoalginit", + "no-autoerrinit", + "no-bf", + "no-blake2", + "no-camellia", + "no-capieng", + "no-cast", + "no-chacha", + "no-cms", + "no-ct", + "no-deprecated", + "no-dgram", + "no-dsa", + "no-dynamic-engine", + "no-ec", + "no-ec2m", + "no-engine", + "no-err", + "no-filenames", + "no-gost", + "no-hw", + "no-idea", + "no-mdc2", + "no-pic", + "no-ocb", + "no-poly1305", + "no-posix-io", + "no-rc2", + "no-rfc3779", + "no-rmd160", + "no-scrypt", + "no-seed", + "no-sock", + "no-srp", + "no-ssl", + "no-stdio", + "no-threads", + "no-ts", + "no-ui", + "no-whirlpool" + ) == 0 || + die "OpenSSL Configure failed!\n"; + + # Generate opensslconf.h per config data + system( + "perl -I. -Mconfigdata util/dofile.pl " . + "include/openssl/opensslconf.h.in " . + "> include/openssl/opensslconf.h" + ) == 0 || + die "Failed to generate opensslconf.h!\n"; + + chdir($basedir) || + die "Cannot change to base directory \"" . $basedir . "\""; + + push @INC, $1; + last; + } + } +} + +# +# Retrieve file lists from OpenSSL configdata +# +use configdata qw/%unified_info/; + +my @cryptofilelist = (); +my @sslfilelist = (); +foreach my $product ((@{$unified_info{libraries}}, + @{$unified_info{engines}})) { + foreach my $o (@{$unified_info{sources}->{$product}}) { + foreach my $s (@{$unified_info{sources}->{$o}}) { + next if ($unified_info{generate}->{$s}); + next if $s =~ "crypto/bio/b_print.c"; + if ($product =~ "libssl") { + push @sslfilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n"; + next; + } + push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n"; + } + } +} + +# +# Update OpensslLib.inf with autogenerated file list +# +my @new_inf = (); +my $subbing = 0; +print "\n--> Updating OpensslLib.inf ... "; +foreach (@inf) { + if ( $_ =~ "# Autogenerated files list starts here" ) { + push @new_inf, $_, @cryptofilelist, @sslfilelist; + $subbing = 1; + next; + } + if ( $_ =~ "# Autogenerated files list ends here" ) { + push @new_inf, $_; + $subbing = 0; + next; + } + + push @new_inf, $_ + unless ($subbing); +} + +my $new_inf_file = $inf_file . ".new"; +open( FD, ">" . $new_inf_file ) || + die $new_inf_file; +print( FD @new_inf ) || + die $new_inf_file; +close(FD) || + die $new_inf_file; +rename( $new_inf_file, $inf_file ) || + die "rename $inf_file"; +print "Done!"; + +# +# Update OpensslLibCrypto.inf with auto-generated file list (no libssl) +# +$inf_file = "OpensslLibCrypto.inf"; + +# Read the contents of the inf file +@inf = (); +@new_inf = (); +open( FD, "<" . $inf_file ) || + die "Cannot open \"" . $inf_file . "\"!"; +@inf = (); +close(FD) || + die "Cannot close \"" . $inf_file . "\"!"; + +$subbing = 0; +print "\n--> Updating OpensslLibCrypto.inf ... "; +foreach (@inf) { + if ( $_ =~ "# Autogenerated files list starts here" ) { + push @new_inf, $_, @cryptofilelist; + $subbing = 1; + next; + } + if ( $_ =~ "# Autogenerated files list ends here" ) { + push @new_inf, $_; + $subbing = 0; + next; + } + + push @new_inf, $_ + unless ($subbing); +} + +$new_inf_file = $inf_file . ".new"; +open( FD, ">" . $new_inf_file ) || + die $new_inf_file; +print( FD @new_inf ) || + die $new_inf_file; +close(FD) || + die $new_inf_file; +rename( $new_inf_file, $inf_file ) || + die "rename $inf_file"; +print "Done!"; + +# +# Copy opensslconf.h generated from OpenSSL Configuration +# +print "\n--> Duplicating opensslconf.h into Include/openssl ... "; +copy($OPENSSL_PATH . "/include/openssl/opensslconf.h", + $OPENSSL_PATH . "/../../../Include/openssl/") || + die "Cannot copy opensslconf.h!"; +print "Done!\n"; + +print "\nProcessing Files Done!\n"; + +exit(0); diff --git a/CryptoPkg/Library/OpensslLib/process_files.sh b/CryptoPkg/Library/OpensslLib/process_files.sh deleted file mode 100755 index 9f10409824..0000000000 --- a/CryptoPkg/Library/OpensslLib/process_files.sh +++ /dev/null @@ -1,110 +0,0 @@ -#!/bin/sh -# -# This script runs the OpenSSL Configure script, then processes the resulting -# file list into our local OpensslLib.inf and OpensslLibCrypto.inf, and also -# takes a copy of opensslconf.h. -# -# This only needs to be done once by a developer when updating to a -# new version of OpenSSL (or changing options, etc.). Normal users -# do not need to do this, since the results are stored in the EDK2 -# git repository for them. - -OPENSSL_PATH=$(sed -n '/DEFINE OPENSSL_PATH/{s/.* \(openssl-[0-9.]*[a-z]*\)[[:space:]]*/\1/ p}' OpensslLib.inf) -OPENSSL_CRYPTO_PATH=$(sed -n '/DEFINE OPENSSL_PATH/{s/.* \(openssl-[0-9.]*[a-z]*\)[[:space:]]*/\1/ p}' OpensslLibCrypto.inf) - -if [ "$OPENSSL_PATH" != "$OPENSSL_CRYPTO_PATH" ]; then - echo "OPENSSL_PATH diverges between OpensslLib.inf and OpensslLibCrypto.inf" - exit 1 -fi - -if ! cd "${OPENSSL_PATH}" ; then - echo "Cannot change to OpenSSL directory \"${OPENSSL_PATH}\"" - exit 1 -fi - -./Configure UEFI \ - no-asm \ - no-bf \ - no-camellia \ - no-capieng \ - no-cast \ - no-cms \ - no-deprecated \ - no-dgram \ - no-dsa \ - no-dynamic-engine \ - no-ec \ - no-ecdh \ - no-ecdsa \ - no-engine \ - no-engines \ - no-err \ - no-filenames \ - no-fp-api \ - no-hw \ - no-idea \ - no-jpake \ - no-krb5 \ - no-locking \ - no-mdc2 \ - no-posix-io \ - no-rc2 \ - no-rcs \ - no-rfc3779 \ - no-ripemd \ - no-scrypt \ - no-sct \ - no-seed \ - no-sha0 \ - no-sock \ - no-srp \ - no-ssl \ - no-stdio \ - no-threads \ - no-ts \ - no-ui \ - no-whirlpool \ - || exit 1 - -make files -cd - - -function filelist () -{ - SSL_SELECT="$1" - - echo '1,/# Autogenerated files list starts here/p' - echo '/# Autogenerated files list ends here/,$p' - echo '/# Autogenerated files list starts here/a\' - - while read LINE; do - case "$LINE" in - RELATIVE_DIRECTORY=*) - eval "$LINE" - ;; - LIBSRC=*) - LIBSRC=$(echo "$LINE" | sed s/^LIBSRC=//) - if [ "$RELATIVE_DIRECTORY" != "ssl" ] || - [ "$SSL_SELECT" = "crypto-and-ssl" ]; then - for FILE in $LIBSRC; do - if [ "$FILE" != "b_print.c" ]; then - echo -e ' $(OPENSSL_PATH)/'$RELATIVE_DIRECTORY/$FILE\\r\\ - fi - done - fi - ;; - esac - done - echo -e \\r -} - -filelist crypto-and-ssl < "${OPENSSL_PATH}/MINFO" \ -| sed -n -f - -i OpensslLib.inf - -filelist crypto-only < "${OPENSSL_PATH}/MINFO" \ -| sed -n -f - -i OpensslLibCrypto.inf - -# We can tell Windows users to put this back manually if they can't run -# Configure. For now, until the git repository is fixed to store things -# sanely, also convert to DOS line-endings -unix2dos -n "${OPENSSL_PATH}/crypto/opensslconf.h" opensslconf.h -- 2.11.1.windows.1