Home | History | Annotate | Download | only in openssl
      1 #!/bin/bash
      2 #
      3 # Copyright (C) 2009 The Android Open Source Project
      4 #
      5 # Licensed under the Apache License, Version 2.0 (the "License");
      6 # you may not use this file except in compliance with the License.
      7 # You may obtain a copy of the License at
      8 #
      9 #      http://www.apache.org/licenses/LICENSE-2.0
     10 #
     11 # Unless required by applicable law or agreed to in writing, software
     12 # distributed under the License is distributed on an "AS IS" BASIS,
     13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     14 # See the License for the specific language governing permissions and
     15 # limitations under the License.
     16 #
     17 
     18 #
     19 # This script imports new versions of OpenSSL (http://openssl.org/source) into the
     20 # Android source tree.  To run, (1) fetch the appropriate tarball from the OpenSSL repository,
     21 # (2) check the gpg/pgp signature, and then (3) run:
     22 #   ./import_openssl.sh import openssl-*.tar.gz
     23 #
     24 # IMPORTANT: See README.android for additional details.
     25 
     26 # turn on exit on error as well as a warning when it happens
     27 set -e
     28 trap  "echo WARNING: Exiting on non-zero subprocess exit code" ERR;
     29 
     30 # Make sure we're in the right directory.
     31 cd $(dirname $0)
     32 
     33 # Ensure consistent sorting order / tool output.
     34 export LANG=C
     35 export LC_ALL=C
     36 PERL_EXE="perl -C0"
     37 
     38 function die() {
     39   declare -r message=$1
     40 
     41   echo $message
     42   exit 1
     43 }
     44 
     45 function usage() {
     46   declare -r message=$1
     47 
     48   if [ ! "$message" = "" ]; then
     49     echo $message
     50   fi
     51   echo "Usage:"
     52   echo "  ./import_openssl.sh import </path/to/openssl-*.tar.gz>"
     53   echo "  ./import_openssl.sh regenerate <patch/*.patch>"
     54   echo "  ./import_openssl.sh generate <patch/*.patch> </path/to/openssl-*.tar.gz>"
     55   exit 1
     56 }
     57 
     58 function main() {
     59   if [ ! -d patches ]; then
     60     die "OpenSSL patch directory patches/ not found"
     61   fi
     62 
     63   if [ ! -f openssl.version ]; then
     64     die "openssl.version not found"
     65   fi
     66 
     67   source ./openssl.version
     68   if [ "$OPENSSL_VERSION" == "" ]; then
     69     die "Invalid openssl.version; see README.android for more information"
     70   fi
     71 
     72   OPENSSL_DIR=openssl-$OPENSSL_VERSION
     73   OPENSSL_DIR_ORIG=$OPENSSL_DIR.orig
     74 
     75   if [ ! -f openssl.config ]; then
     76     die "openssl.config not found"
     77   fi
     78 
     79   source ./openssl.config
     80   if [ "$CONFIGURE_ARGS" == "" -o "$UNNEEDED_SOURCES" == "" -o "$NEEDED_SOURCES" == "" ]; then
     81     die "Invalid openssl.config; see README.android for more information"
     82   fi
     83 
     84   declare -r command=$1
     85   shift || usage "No command specified. Try import, regenerate, or generate."
     86   if [ "$command" = "import" ]; then
     87     declare -r tar=$1
     88     shift || usage "No tar file specified."
     89     import $tar
     90   elif [ "$command" = "regenerate" ]; then
     91     declare -r patch=$1
     92     shift || usage "No patch file specified."
     93     [ -d $OPENSSL_DIR ] || usage "$OPENSSL_DIR not found, did you mean to use generate?"
     94     [ -d $OPENSSL_DIR_ORIG ] || usage "$OPENSSL_DIR_ORIG not found, did you mean to use generate?"
     95     regenerate $patch
     96   elif [ "$command" = "generate" ]; then
     97     declare -r patch=$1
     98     shift || usage "No patch file specified."
     99     declare -r tar=$1
    100     shift || usage "No tar file specified."
    101     generate $patch $tar
    102   else
    103     usage "Unknown command specified $command. Try import, regenerate, or generate."
    104   fi
    105 }
    106 
    107 # Compute the name of an assembly source file generated by one of the
    108 # gen_asm_xxxx() functions below. The logic is the following:
    109 # - if "$2" is not empty, output it directly
    110 # - otherwise, change the file extension of $1 from .pl to .S and output
    111 #   it.
    112 # Usage: default_asm_file "$1" "$2"
    113 #     or default_asm_file "$@"
    114 #
    115 # $1: generator path (perl script)
    116 # $2: optional output file name.
    117 function default_asm_file () {
    118   if [ "$2" ]; then
    119     echo "$2"
    120   else
    121     echo "${1%%.pl}.S"
    122   fi
    123 }
    124 
    125 # Generate an ARM assembly file.
    126 # $1: generator (perl script)
    127 # $2: [optional] output file name
    128 function gen_asm_arm () {
    129   local OUT
    130   OUT=$(default_asm_file "$@")
    131   $PERL_EXE "$1" void "$OUT" > "$OUT"
    132 }
    133 
    134 # Generate an ARMv8 64-bit assembly file.
    135 # $1: generator (perl script)
    136 # $2: [optional] output file name
    137 function gen_asm_arm64 () {
    138   local OUT
    139   OUT=$(default_asm_file "$@")
    140   $PERL_EXE "$1" linux64 "$OUT" > "$OUT"
    141 }
    142 
    143 function gen_asm_mips () {
    144   local OUT
    145   OUT=$(default_asm_file "$@")
    146   # The perl scripts expect to run the target compiler as $CC to determine
    147   # the endianess of the target. Setting CC to true is a hack that forces the scripts
    148   # to generate little endian output
    149   CC=true $PERL_EXE "$1" o32 > "$OUT"
    150 }
    151 
    152 function gen_asm_x86 () {
    153   local OUT
    154   OUT=$(default_asm_file "$@")
    155   $PERL_EXE "$1" elf -fPIC $(print_values_with_prefix -D $OPENSSL_CRYPTO_DEFINES_x86) > "$OUT"
    156 }
    157 
    158 function gen_asm_x86_64 () {
    159   local OUT
    160   OUT=$(default_asm_file "$@")
    161   $PERL_EXE "$1" elf "$OUT" > "$OUT"
    162 }
    163 
    164 
    165 # Filter all items in a list that match a given pattern.
    166 # $1: space-separated list
    167 # $2: egrep pattern.
    168 # Out: items in $1 that match $2
    169 function filter_by_egrep() {
    170   declare -r pattern=$1
    171   shift
    172   echo "$@" | tr ' ' '\n' | grep -e "$pattern" | tr '\n' ' '
    173 }
    174 
    175 # Sort and remove duplicates in a space-separated list
    176 # $1: space-separated list
    177 # Out: new space-separated list
    178 function uniq_sort () {
    179   echo "$@" | tr ' ' '\n' | sort -u | tr '\n' ' '
    180 }
    181 
    182 function print_autogenerated_header() {
    183   echo "# Auto-generated - DO NOT EDIT!"
    184   echo "# To regenerate, edit openssl.config, then run:"
    185   echo "#     ./import_openssl.sh import /path/to/openssl-$OPENSSL_VERSION.tar.gz"
    186   echo "#"
    187 }
    188 
    189 function run_verbose() {
    190   echo Running: $@
    191   $@
    192 }
    193 
    194 function scan_opensslconf_for_flags() {
    195   for flag in "$@"; do
    196     awk "/^#define ${flag}$/ { print \$2 }" crypto/opensslconf.h
    197   done
    198 }
    199 
    200 CRYPTO_CONF_FLAGS=(
    201 OPENSSL_CPUID_OBJ
    202 DES_LONG
    203 DES_PTR
    204 DES_RISC1
    205 DES_RISC2
    206 DES_UNROLL
    207 RC4_INT
    208 RC4_CHUNK
    209 RC4_INDEX
    210 )
    211 
    212 function check_asm_flags() {
    213   local arch="$1"
    214   local target="$2"
    215   local unsorted_flags
    216   local expected_flags
    217   local actual_flags
    218   local defines="OPENSSL_CRYPTO_DEFINES_$arch"
    219 
    220   PERL=/usr/bin/perl run_verbose ./Configure $CONFIGURE_ARGS $target
    221 
    222   unsorted_flags="$(awk '/^CFLAG=/ { sub(/^CFLAG= .*-Wall /, ""); gsub(/-D/, ""); print; }' Makefile)"
    223   unsorted_flags="$unsorted_flags $(scan_opensslconf_for_flags "${CRYPTO_CONF_FLAGS[@]}")"
    224 
    225   expected_flags="$(echo $unsorted_flags | tr ' ' '\n' | sort | tr '\n' ' ')"
    226   actual_flags="$(echo ${!defines} | tr ' ' '\n' | sort | tr '\n' ' ')"
    227 
    228   if [[ $actual_flags != $expected_flags ]]; then
    229     echo ${defines} is wrong!
    230     echo "    $actual_flags"
    231     echo Please update to:
    232     echo "    $expected_flags"
    233     exit 1
    234   fi
    235 }
    236 
    237 # Run Configure and generate headers
    238 # $1: 32 for 32-bit arch, 64 for 64-bit arch, trusty for Trusty
    239 # $2: 1 if building for static version
    240 # Out: returns the cflags and depflags in variable $flags
    241 function generate_build_config_headers() {
    242   chmod +x ./Configure
    243   local configure_args_bits=CONFIGURE_ARGS_$1
    244   local configure_args_stat=''
    245   local outname=$1
    246   if [[ $2 == 1 ]] ; then
    247       configure_args_stat=CONFIGURE_ARGS_STATIC
    248       outname="static-$1"
    249   fi
    250 
    251   if [[ $1 == trusty ]] ; then
    252     PERL=/usr/bin/perl run_verbose ./Configure $CONFIGURE_ARGS_TRUSTY
    253   else
    254     PERL=/usr/bin/perl run_verbose ./Configure $CONFIGURE_ARGS ${!configure_args_bits} ${!configure_args_stat}
    255   fi
    256 
    257   rm -f apps/CA.pl.bak crypto/opensslconf.h.bak
    258   mv -f crypto/opensslconf.h crypto/opensslconf-$outname.h
    259   cp -f crypto/opensslconf-$outname.h include/openssl/opensslconf-$outname.h
    260 
    261   local tmpfile=$(mktemp tmp.XXXXXXXXXX)
    262   (grep -e -D Makefile | grep -v CONFIGURE_ARGS= | grep -v OPTIONS= | \
    263       grep -v -e -DOPENSSL_NO_DEPRECATED) > $tmpfile
    264   declare -r cflags=$(filter_by_egrep "^-D" $(grep -e "^CFLAG=" $tmpfile))
    265   declare -r depflags=$(filter_by_egrep "^-D" $(grep -e "^DEPFLAG=" $tmpfile))
    266   rm -f $tmpfile
    267 
    268   flags="$cflags $depflags"
    269 }
    270 
    271 # Run Configure and generate makefiles
    272 function generate_build_config_mk() {
    273   chmod +x ./Configure
    274   for bits in 32 64 trusty; do
    275     # Header flags are output in $flags, first static, then dynamic
    276     generate_build_config_headers $bits 1
    277     local flags_static=$flags
    278     generate_build_config_headers $bits
    279 
    280     echo "Generating build-config-$bits.mk"
    281     (
    282       print_autogenerated_header
    283 
    284       echo "openssl_cflags_$bits := \\"
    285       for flag in $flags ; do echo "  $flag \\" ; done
    286       echo ""
    287 
    288       echo "openssl_cflags_static_$bits := \\"
    289       for flag in $flags_static; do echo "  $flag \\" ; done
    290       echo ""
    291     ) > ../build-config-$bits.mk
    292   done
    293 }
    294 
    295 # Generate crypto/opensslconf.h file including arch-specific files
    296 function generate_opensslconf_h() {
    297   echo "Generating opensslconf.h"
    298   (
    299   echo "// Auto-generated - DO NOT EDIT!"
    300   echo "#ifndef OPENSSL_SYS_TRUSTY"
    301   echo "#if defined(__LP64__)"
    302   echo "#include \"opensslconf-64.h\""
    303   echo "#else"
    304   echo "#include \"opensslconf-32.h\""
    305   echo "#endif"
    306   echo "#else"
    307   echo "#include \"opensslconf-trusty.h\""
    308   echo "#endif"
    309   ) > crypto/opensslconf.h
    310   # Generate a compatible version for the static library builds
    311   echo "Generating opensslconf-static.h"
    312   (
    313   echo "// Auto-generated - DO NOT EDIT!"
    314   echo "#if defined(__LP64__)"
    315   echo "#include \"opensslconf-static-64.h\""
    316   echo "#else"
    317   echo "#include \"opensslconf-static-32.h\""
    318   echo "#endif"
    319   ) > crypto/opensslconf-static.h
    320   # move it to output include files as well
    321   cp -f crypto/opensslconf-static.h include/openssl/opensslconf-static.h
    322 }
    323 
    324 # Return the value of a computed variable name.
    325 # E.g.:
    326 #   FOO=foo
    327 #   BAR=bar
    328 #   echo $(var_value FOO_$BAR)   -> prints the value of ${FOO_bar}
    329 # $1: Variable name
    330 # Out: variable value
    331 var_value() {
    332   # Note: don't use 'echo' here, because it's sensitive to values
    333   #       that begin with an underscore (e.g. "-n")
    334   eval printf \"%s\\n\" \$$1
    335 }
    336 
    337 # Same as var_value, but returns sorted output without duplicates.
    338 # $1: Variable name
    339 # Out: variable value (if space-separated list, sorted with no duplicates)
    340 var_sorted_value() {
    341   uniq_sort $(var_value $1)
    342 }
    343 
    344 # Print the values in a list with a prefix
    345 # $1: prefix to use
    346 # $2+: values of list
    347 print_values_with_prefix() {
    348   declare -r prefix=$1
    349   shift
    350   for src; do
    351     echo -n " $prefix$src "
    352   done
    353 }
    354 
    355 # Print the definition of a given variable in a GNU Make build file.
    356 # $1: Variable name (e.g. common_src_files)
    357 # $2: prefix for each variable contents
    358 # $3+: Variable value (e.g. list of sources)
    359 print_vardef_with_prefix_in_mk() {
    360   declare -r varname=$1
    361   declare -r prefix=$2
    362   shift
    363   shift
    364   if [ -z "$1" ]; then
    365     echo "$varname :="
    366   else
    367     echo "$varname := \\"
    368     for src; do
    369       echo "  $prefix$src \\"
    370     done
    371   fi
    372   echo ""
    373 }
    374 # Print the definition of a given variable in a GNU Make build file.
    375 # $1: Variable name (e.g. common_src_files)
    376 # $2+: Variable value (e.g. list of sources)
    377 print_vardef_in_mk() {
    378   declare -r varname=$1
    379   shift
    380   print_vardef_with_prefix_in_mk $varname "" $@
    381 }
    382 
    383 # Same as print_vardef_in_mk, but print a CFLAGS definition from
    384 # a list of compiler defines.
    385 # $1: Variable name (e.g. common_cflags)
    386 # $2: List of defines (e.g. OPENSSL_NO_CAMELLIA ...)
    387 print_defines_in_mk() {
    388   declare -r varname=$1
    389   shift
    390   if [ -z "$1" ]; then
    391     echo "$varname :="
    392   else
    393     echo "$varname := \\"
    394     for def; do
    395     echo "  -D$def \\"
    396     done
    397   fi
    398   echo ""
    399 }
    400 
    401 # Generate a configuration file like Crypto-config.mk
    402 # This uses variable definitions from openssl.config to build a config
    403 # file that can compute the list of target- and host-specific sources /
    404 # compiler flags for a given component.
    405 #
    406 # $1: Target file name.  (e.g. Crypto-config.mk)
    407 # $2: Variable prefix.   (e.g. CRYPTO)
    408 # $3: "host" or "target"
    409 function generate_config_mk() {
    410   declare -r output="$1"
    411   declare -r prefix="$2"
    412   declare -r all_archs="arm arm64 x86 x86_64 mips"
    413 
    414   echo "Generating $(basename $output)"
    415   (
    416     print_autogenerated_header
    417     echo \
    418 "# This script will append to the following variables:
    419 #
    420 #    LOCAL_CFLAGS
    421 #    LOCAL_C_INCLUDES
    422 #    LOCAL_SRC_FILES_\$(TARGET_ARCH)
    423 #    LOCAL_SRC_FILES_\$(TARGET_2ND_ARCH)
    424 #    LOCAL_CFLAGS_\$(TARGET_ARCH)
    425 #    LOCAL_CFLAGS_\$(TARGET_2ND_ARCH)
    426 #    LOCAL_ADDITIONAL_DEPENDENCIES
    427 
    428 
    429 LOCAL_ADDITIONAL_DEPENDENCIES += \$(LOCAL_PATH)/$(basename $output)
    430 "
    431 
    432     common_defines=$(var_sorted_value OPENSSL_${prefix}_DEFINES)
    433     print_defines_in_mk common_cflags $common_defines
    434 
    435     common_sources=$(var_sorted_value OPENSSL_${prefix}_SOURCES)
    436     print_vardef_in_mk common_src_files $common_sources
    437 
    438     common_includes=$(var_sorted_value OPENSSL_${prefix}_INCLUDES)
    439     print_vardef_with_prefix_in_mk common_c_includes external/openssl/ $common_includes
    440 
    441     for arch in $all_archs; do
    442       arch_defines=$(var_sorted_value OPENSSL_${prefix}_DEFINES_${arch})
    443       print_defines_in_mk ${arch}_cflags $arch_defines
    444 
    445       arch_sources=$(var_sorted_value OPENSSL_${prefix}_SOURCES_${arch})
    446       print_vardef_in_mk ${arch}_src_files $arch_sources
    447 
    448       arch_exclude_sources=$(var_sorted_value OPENSSL_${prefix}_SOURCES_EXCLUDES_${arch})
    449       print_vardef_in_mk ${arch}_exclude_files $arch_exclude_sources
    450 
    451     done
    452 
    453     if [ $3 == "target" ]; then
    454       echo "
    455 LOCAL_CFLAGS += \$(common_cflags)
    456 LOCAL_C_INCLUDES += \$(common_c_includes)"
    457       for arch in $all_archs; do
    458         echo "
    459 LOCAL_SRC_FILES_${arch} += \$(filter-out \$(${arch}_exclude_files),\$(common_src_files) \$(${arch}_src_files))
    460 LOCAL_CFLAGS_${arch} += \$(${arch}_cflags)"
    461       done
    462     else
    463       echo "
    464 LOCAL_CFLAGS += \$(common_cflags)
    465 LOCAL_C_INCLUDES += \$(common_c_includes) \$(local_c_includes)
    466 
    467 ifeq (\$(HOST_OS),linux)
    468 LOCAL_CFLAGS_x86 += \$(x86_cflags)
    469 LOCAL_SRC_FILES_x86 += \$(filter-out \$(x86_exclude_files), \$(common_src_files) \$(x86_src_files))
    470 LOCAL_CFLAGS_x86_64 += \$(x86_64_cflags)
    471 LOCAL_SRC_FILES_x86_64 += \$(filter-out \$(x86_64_exclude_files), \$(common_src_files) \$(x86_64_src_files))
    472 else
    473 \$(warning Unknown host OS \$(HOST_OS))
    474 LOCAL_SRC_FILES += \$(common_src_files)
    475 endif"
    476     fi
    477   ) > "$output"
    478 }
    479 
    480 function import() {
    481   declare -r OPENSSL_SOURCE=$1
    482   untar $OPENSSL_SOURCE readonly
    483   applypatches $OPENSSL_DIR
    484   convert_iso8859_to_utf8 $OPENSSL_DIR
    485 
    486   cd $OPENSSL_DIR
    487 
    488   # Check the ASM flags for each arch
    489   check_asm_flags arm linux-armv4
    490   check_asm_flags arm64 linux-aarch64
    491   check_asm_flags x86 linux-elf
    492   check_asm_flags x86_64 linux-x86_64
    493 
    494   generate_build_config_mk
    495   generate_opensslconf_h
    496 
    497   cp -f LICENSE ../NOTICE
    498   touch ../MODULE_LICENSE_BSD_LIKE
    499 
    500   # Avoid checking in symlinks
    501   for i in `find include/openssl -type l`; do
    502     target=`readlink $i`
    503     rm -f $i
    504     if [ -f include/openssl/$target ]; then
    505       cp include/openssl/$target $i
    506     fi
    507   done
    508 
    509   # Generate arm asm
    510   gen_asm_arm crypto/aes/asm/aes-armv4.pl
    511   gen_asm_arm crypto/aes/asm/aesv8-armx.pl
    512   gen_asm_arm crypto/aes/asm/bsaes-armv7.pl
    513   gen_asm_arm crypto/bn/asm/armv4-gf2m.pl
    514   gen_asm_arm crypto/bn/asm/armv4-mont.pl
    515   gen_asm_arm crypto/modes/asm/ghash-armv4.pl
    516   gen_asm_arm crypto/modes/asm/ghashv8-armx.pl
    517   gen_asm_arm crypto/sha/asm/sha1-armv4-large.pl
    518   gen_asm_arm crypto/sha/asm/sha256-armv4.pl
    519   gen_asm_arm crypto/sha/asm/sha512-armv4.pl
    520 
    521   # Generate armv8 asm
    522   gen_asm_arm64 crypto/aes/asm/aesv8-armx.pl crypto/aes/asm/aesv8-armx-64.S
    523   gen_asm_arm64 crypto/modes/asm/ghashv8-armx.pl crypto/modes/asm/ghashv8-armx-64.S
    524   gen_asm_arm64 crypto/sha/asm/sha1-armv8.pl
    525   gen_asm_arm64 crypto/sha/asm/sha512-armv8.pl crypto/sha/asm/sha256-armv8.S
    526   gen_asm_arm64 crypto/sha/asm/sha512-armv8.pl
    527 
    528   # Generate mips asm
    529   gen_asm_mips crypto/aes/asm/aes-mips.pl
    530   gen_asm_mips crypto/bn/asm/mips.pl crypto/bn/asm/bn-mips.S
    531   gen_asm_mips crypto/bn/asm/mips-mont.pl
    532   gen_asm_mips crypto/sha/asm/sha1-mips.pl
    533   gen_asm_mips crypto/sha/asm/sha512-mips.pl crypto/sha/asm/sha256-mips.S
    534 
    535   # Generate x86 asm
    536   gen_asm_x86 crypto/x86cpuid.pl
    537   gen_asm_x86 crypto/aes/asm/aes-586.pl
    538   gen_asm_x86 crypto/aes/asm/vpaes-x86.pl
    539   gen_asm_x86 crypto/aes/asm/aesni-x86.pl
    540   gen_asm_x86 crypto/bn/asm/bn-586.pl
    541   gen_asm_x86 crypto/bn/asm/co-586.pl
    542   gen_asm_x86 crypto/bn/asm/x86-mont.pl
    543   gen_asm_x86 crypto/bn/asm/x86-gf2m.pl
    544   gen_asm_x86 crypto/modes/asm/ghash-x86.pl
    545   gen_asm_x86 crypto/sha/asm/sha1-586.pl
    546   gen_asm_x86 crypto/sha/asm/sha256-586.pl
    547   gen_asm_x86 crypto/sha/asm/sha512-586.pl
    548   gen_asm_x86 crypto/md5/asm/md5-586.pl
    549   gen_asm_x86 crypto/des/asm/des-586.pl
    550   gen_asm_x86 crypto/des/asm/crypt586.pl
    551   gen_asm_x86 crypto/bf/asm/bf-586.pl
    552 
    553   # Generate x86_64 asm
    554   gen_asm_x86_64 crypto/x86_64cpuid.pl
    555   gen_asm_x86_64 crypto/sha/asm/sha1-x86_64.pl
    556   gen_asm_x86_64 crypto/sha/asm/sha512-x86_64.pl crypto/sha/asm/sha256-x86_64.S
    557   gen_asm_x86_64 crypto/sha/asm/sha512-x86_64.pl
    558   gen_asm_x86_64 crypto/modes/asm/ghash-x86_64.pl
    559   gen_asm_x86_64 crypto/aes/asm/aesni-x86_64.pl
    560   gen_asm_x86_64 crypto/aes/asm/vpaes-x86_64.pl
    561   gen_asm_x86_64 crypto/aes/asm/bsaes-x86_64.pl
    562   gen_asm_x86_64 crypto/aes/asm/aes-x86_64.pl
    563   gen_asm_x86_64 crypto/aes/asm/aesni-sha1-x86_64.pl
    564   gen_asm_x86_64 crypto/md5/asm/md5-x86_64.pl
    565   gen_asm_x86_64 crypto/bn/asm/modexp512-x86_64.pl
    566   gen_asm_x86_64 crypto/bn/asm/x86_64-mont.pl
    567   gen_asm_x86_64 crypto/bn/asm/x86_64-gf2m.pl
    568   gen_asm_x86_64 crypto/bn/asm/x86_64-mont5.pl
    569   gen_asm_x86_64 crypto/rc4/asm/rc4-x86_64.pl
    570   gen_asm_x86_64 crypto/rc4/asm/rc4-md5-x86_64.pl
    571 
    572   # Setup android.testssl directory
    573   mkdir android.testssl
    574   cat test/testssl | \
    575     sed 's#../util/shlib_wrap.sh ./ssltest#adb shell /system/bin/ssltest#' | \
    576     sed 's#../util/shlib_wrap.sh ../apps/openssl#adb shell /system/bin/openssl#' | \
    577     sed 's#adb shell /system/bin/openssl no-dh#[ `adb shell /system/bin/openssl no-dh` = no-dh ]#' | \
    578     sed 's#adb shell /system/bin/openssl no-rsa#[ `adb shell /system/bin/openssl no-rsa` = no-dh ]#' | \
    579     sed 's#../apps/server2.pem#/sdcard/android.testssl/server2.pem#' | \
    580     cat > \
    581     android.testssl/testssl
    582   chmod +x android.testssl/testssl
    583   cat test/Uss.cnf | sed 's#./.rnd#/sdcard/android.testssl/.rnd#' >> android.testssl/Uss.cnf
    584   cat test/CAss.cnf | sed 's#./.rnd#/sdcard/android.testssl/.rnd#' >> android.testssl/CAss.cnf
    585   cp apps/server2.pem android.testssl/
    586   cp ../patches/testssl.sh android.testssl/
    587 
    588   cd ..
    589 
    590   generate_config_mk Crypto-config-target.mk CRYPTO target
    591   generate_config_mk Crypto-config-host.mk CRYPTO host
    592   generate_config_mk Crypto-config-trusty.mk CRYPTO_TRUSTY target
    593   generate_config_mk Ssl-config-target.mk SSL target
    594   generate_config_mk Ssl-config-host.mk SSL host
    595   generate_config_mk Apps-config-target.mk APPS target
    596   generate_config_mk Apps-config-host.mk APPS host
    597 
    598   # Prune unnecessary sources
    599   prune
    600 
    601   NEEDED_SOURCES="$NEEDED_SOURCES android.testssl"
    602   for i in $NEEDED_SOURCES; do
    603     echo "Updating $i"
    604     rm -r $i
    605     mv $OPENSSL_DIR/$i .
    606   done
    607 
    608   cleantar
    609 }
    610 
    611 function regenerate() {
    612   declare -r patch=$1
    613 
    614   generatepatch $patch
    615 }
    616 
    617 function generate() {
    618   declare -r patch=$1
    619   declare -r OPENSSL_SOURCE=$2
    620 
    621   untar $OPENSSL_SOURCE
    622   applypatches $OPENSSL_DIR_ORIG $patch
    623   prune
    624 
    625   for i in $NEEDED_SOURCES; do
    626     echo "Restoring $i"
    627     rm -r $OPENSSL_DIR/$i
    628     cp -rf $i $OPENSSL_DIR/$i
    629   done
    630 
    631   generatepatch $patch
    632   cleantar
    633 }
    634 
    635 # Find all files in a sub-directory that are encoded in ISO-8859
    636 # $1: Directory.
    637 # Out: list of files in $1 that are encoded as ISO-8859.
    638 function find_iso8859_files() {
    639   find $1 -type f -print0 | xargs -0 file --mime-encoding | grep -i "iso-8859" | cut -d: -f1
    640 }
    641 
    642 # Convert all ISO-8859 files in a given subdirectory to UTF-8
    643 # $1: Directory name
    644 function convert_iso8859_to_utf8() {
    645   declare -r iso_files=$(find_iso8859_files "$1")
    646   for iso_file in $iso_files; do
    647     iconv --from-code iso-8859-1 --to-code utf-8 $iso_file > $iso_file.tmp
    648     rm -f $iso_file
    649     mv $iso_file.tmp $iso_file
    650   done
    651 }
    652 
    653 function untar() {
    654   declare -r OPENSSL_SOURCE=$1
    655   declare -r readonly=$2
    656 
    657   # Remove old source
    658   cleantar
    659 
    660   # Process new source
    661   tar -zxf $OPENSSL_SOURCE
    662   cp -RfP $OPENSSL_DIR $OPENSSL_DIR_ORIG
    663   if [ ! -z $readonly ]; then
    664     find $OPENSSL_DIR_ORIG -type f -print0 | xargs -0 chmod a-w
    665   fi
    666 }
    667 
    668 function prune() {
    669   echo "Removing $UNNEEDED_SOURCES"
    670   (cd $OPENSSL_DIR_ORIG && rm -rf $UNNEEDED_SOURCES)
    671   (cd $OPENSSL_DIR      && rm -r  $UNNEEDED_SOURCES)
    672 }
    673 
    674 function cleantar() {
    675   rm -rf $OPENSSL_DIR_ORIG
    676   rm -rf $OPENSSL_DIR
    677 }
    678 
    679 function applypatches () {
    680   declare -r dir=$1
    681   declare -r skip_patch=$2
    682 
    683   cd $dir
    684 
    685   # Apply appropriate patches
    686   patches=(../patches/[0-9][0-9][0-9][0-9]-*.patch)
    687   for i in "${patches[@]}"; do
    688     if [[ $skip_patch != ${i##*/} ]]; then
    689       echo "Applying patch $i"
    690       patch -p1 < $i || die "Could not apply $i. Fix source and run: $0 regenerate patches/${i##*/}"
    691     else
    692       echo "Skiping patch ${i##*/}"
    693     fi
    694 
    695   done
    696 
    697   # Cleanup patch output
    698   find . \( -type f -o -type l \) -name "*.orig" -print0 | xargs -0 rm -f
    699 
    700   cd ..
    701 }
    702 
    703 function generatepatch() {
    704   declare -r patch=$1
    705 
    706   # Cleanup stray files before generating patch
    707   find $OPENSSL_DIR -type f -name "*.orig" -print0 | xargs -0 rm -f
    708   find $OPENSSL_DIR -type f -name "*~" -print0 | xargs -0 rm -f
    709 
    710   # Find the files the patch touches and only keep those in the output patch
    711   declare -r sources=`patch -p1 --dry-run -d $OPENSSL_DIR < $patch  | awk '/^patching file / { print $3 }'`
    712 
    713   rm -f $patch
    714   touch $patch
    715   for i in $sources; do
    716     LC_ALL=C TZ=UTC0 diff -aup $OPENSSL_DIR_ORIG/$i $OPENSSL_DIR/$i >> $patch && die "ERROR: No diff for patch $path in file $i"
    717   done
    718   echo "Generated patch $patch"
    719   echo "NOTE To make sure there are not unwanted changes from conflicting patches, be sure to review the generated patch."
    720 }
    721 
    722 main $@
    723