2009-06-28 21:50:27 +00:00
|
|
|
cmake_minimum_required(VERSION 2.6)
|
2018-03-15 09:16:24 +00:00
|
|
|
if(TEST_CPP)
|
2018-06-26 10:57:55 +00:00
|
|
|
project("mbed TLS" C CXX)
|
2018-03-15 09:16:24 +00:00
|
|
|
else()
|
2018-06-26 10:57:55 +00:00
|
|
|
project("mbed TLS" C)
|
2018-03-15 09:16:24 +00:00
|
|
|
endif()
|
2009-06-28 21:50:27 +00:00
|
|
|
|
2019-04-29 08:35:06 +00:00
|
|
|
# Set the project root directory.
|
|
|
|
set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR})
|
|
|
|
|
2020-02-26 18:13:28 +00:00
|
|
|
option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF)
|
2020-02-26 18:11:43 +00:00
|
|
|
option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF)
|
|
|
|
|
2015-07-08 21:10:38 +00:00
|
|
|
option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
|
2015-07-09 08:19:47 +00:00
|
|
|
|
2016-06-21 09:14:00 +00:00
|
|
|
option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
|
2015-07-09 08:19:47 +00:00
|
|
|
|
2018-05-23 15:55:16 +00:00
|
|
|
string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
|
|
|
|
string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${CMAKE_C_COMPILER_ID}")
|
|
|
|
string(REGEX MATCH "IAR" CMAKE_COMPILER_IS_IAR "${CMAKE_C_COMPILER_ID}")
|
|
|
|
string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${CMAKE_C_COMPILER_ID}")
|
|
|
|
|
2015-07-09 08:19:47 +00:00
|
|
|
# the test suites currently have compile errors with MSVC
|
2018-05-23 15:55:16 +00:00
|
|
|
if(CMAKE_COMPILER_IS_MSVC)
|
2015-07-09 08:19:47 +00:00
|
|
|
option(ENABLE_TESTING "Build mbed TLS tests." OFF)
|
|
|
|
else()
|
|
|
|
option(ENABLE_TESTING "Build mbed TLS tests." ON)
|
|
|
|
endif()
|
2015-07-08 21:10:38 +00:00
|
|
|
|
2016-06-21 13:47:11 +00:00
|
|
|
# Warning string - created as a list for compatibility with CMake 2.8
|
|
|
|
set(WARNING_BORDER "*******************************************************\n")
|
|
|
|
set(NULL_ENTROPY_WARN_L1 "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined!\n")
|
|
|
|
set(NULL_ENTROPY_WARN_L2 "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES\n")
|
|
|
|
set(NULL_ENTROPY_WARN_L3 "**** AND IS *NOT* SUITABLE FOR PRODUCTION USE\n")
|
|
|
|
|
|
|
|
set(NULL_ENTROPY_WARNING "${WARNING_BORDER}"
|
|
|
|
"${NULL_ENTROPY_WARN_L1}"
|
|
|
|
"${NULL_ENTROPY_WARN_L2}"
|
|
|
|
"${NULL_ENTROPY_WARN_L3}"
|
|
|
|
"${WARNING_BORDER}")
|
|
|
|
|
2018-08-29 07:20:12 +00:00
|
|
|
set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n")
|
|
|
|
set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n")
|
|
|
|
set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n")
|
|
|
|
|
|
|
|
set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}"
|
|
|
|
"${CTR_DRBG_128_BIT_KEY_WARN_L1}"
|
|
|
|
"${CTR_DRBG_128_BIT_KEY_WARN_L2}"
|
|
|
|
"${CTR_DRBG_128_BIT_KEY_WARN_L3}"
|
|
|
|
"${WARNING_BORDER}")
|
|
|
|
|
2019-09-04 20:10:34 +00:00
|
|
|
# Python 3 is only needed here to check for configuration warnings.
|
|
|
|
find_package(PythonInterp 3)
|
|
|
|
if(PYTHONINTERP_FOUND)
|
2016-06-21 09:14:00 +00:00
|
|
|
|
2018-08-29 07:20:12 +00:00
|
|
|
# If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
|
2019-07-27 21:52:53 +00:00
|
|
|
execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
|
2018-08-29 07:20:12 +00:00
|
|
|
RESULT_VARIABLE result)
|
|
|
|
if(${result} EQUAL 0)
|
|
|
|
message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
|
|
|
|
endif()
|
|
|
|
|
2016-06-21 09:14:00 +00:00
|
|
|
# If NULL Entropy is configured, display an appropriate warning
|
2019-07-27 21:52:53 +00:00
|
|
|
execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY
|
2016-06-21 09:14:00 +00:00
|
|
|
RESULT_VARIABLE result)
|
|
|
|
if(${result} EQUAL 0)
|
2016-06-21 13:47:11 +00:00
|
|
|
message(WARNING ${NULL_ENTROPY_WARNING})
|
|
|
|
|
2016-06-21 09:14:00 +00:00
|
|
|
if(NOT UNSAFE_BUILD)
|
|
|
|
message(FATAL_ERROR "\
|
|
|
|
\n\
|
|
|
|
Warning! You have enabled MBEDTLS_TEST_NULL_ENTROPY. \
|
|
|
|
This option is not safe for production use and negates all security \
|
|
|
|
It is intended for development use only. \
|
|
|
|
\n\
|
|
|
|
To confirm you want to build with this option, re-run cmake with the \
|
|
|
|
option: \n\
|
|
|
|
cmake -DUNSAFE_BUILD=ON ")
|
|
|
|
|
|
|
|
return()
|
|
|
|
endif()
|
|
|
|
endif()
|
|
|
|
endif()
|
|
|
|
|
2015-07-08 21:10:38 +00:00
|
|
|
set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
|
|
|
|
CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull"
|
|
|
|
FORCE)
|
|
|
|
|
2018-03-21 11:12:47 +00:00
|
|
|
# Create a symbolic link from ${base_name} in the binary directory
|
|
|
|
# to the corresponding path in the source directory.
|
|
|
|
function(link_to_source base_name)
|
|
|
|
# Get OS dependent path to use in `execute_process`
|
2019-02-21 06:55:13 +00:00
|
|
|
if (CMAKE_HOST_WIN32)
|
|
|
|
#mklink is an internal command of cmd.exe it can only work with \
|
|
|
|
string(REPLACE "/" "\\" link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
|
|
|
|
string(REPLACE "/" "\\" target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
|
|
|
|
else()
|
|
|
|
set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}")
|
|
|
|
set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}")
|
|
|
|
endif()
|
2018-03-21 11:12:47 +00:00
|
|
|
|
|
|
|
if (NOT EXISTS ${link})
|
|
|
|
if (CMAKE_HOST_UNIX)
|
|
|
|
set(command ln -s ${target} ${link})
|
|
|
|
else()
|
2018-06-07 10:55:50 +00:00
|
|
|
if (IS_DIRECTORY ${target})
|
|
|
|
set(command cmd.exe /c mklink /j ${link} ${target})
|
|
|
|
else()
|
2018-06-08 09:07:32 +00:00
|
|
|
set(command cmd.exe /c mklink /h ${link} ${target})
|
2018-06-07 10:55:50 +00:00
|
|
|
endif()
|
2018-03-21 11:12:47 +00:00
|
|
|
endif()
|
|
|
|
|
|
|
|
execute_process(COMMAND ${command}
|
|
|
|
RESULT_VARIABLE result
|
|
|
|
ERROR_VARIABLE output)
|
|
|
|
|
|
|
|
if (NOT ${result} EQUAL 0)
|
|
|
|
message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}")
|
|
|
|
endif()
|
|
|
|
endif()
|
|
|
|
endfunction(link_to_source)
|
|
|
|
|
2014-04-24 00:40:25 +00:00
|
|
|
string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
|
2013-12-30 16:56:23 +00:00
|
|
|
|
2018-05-23 15:55:16 +00:00
|
|
|
if(CMAKE_COMPILER_IS_GNU)
|
2015-07-19 14:00:04 +00:00
|
|
|
# some warnings we want are not available with old GCC versions
|
|
|
|
# note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
|
|
|
|
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
|
|
|
|
OUTPUT_VARIABLE GCC_VERSION)
|
2019-07-02 18:03:01 +00:00
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings")
|
2019-07-02 18:22:11 +00:00
|
|
|
if (GCC_VERSION VERSION_GREATER 4.3 OR GCC_VERSION VERSION_EQUAL 4.3)
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wvla")
|
|
|
|
endif()
|
2015-07-19 14:00:04 +00:00
|
|
|
if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5)
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op")
|
|
|
|
endif()
|
2015-08-27 21:00:49 +00:00
|
|
|
if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
|
|
|
|
endif()
|
2015-06-25 07:20:03 +00:00
|
|
|
set(CMAKE_C_FLAGS_RELEASE "-O2")
|
|
|
|
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
|
|
|
|
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
|
2019-08-28 06:29:20 +00:00
|
|
|
set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
|
|
|
|
set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
|
2015-06-25 07:20:03 +00:00
|
|
|
set(CMAKE_C_FLAGS_CHECK "-Werror -Os")
|
|
|
|
set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
|
2018-05-23 15:55:16 +00:00
|
|
|
endif(CMAKE_COMPILER_IS_GNU)
|
2013-11-28 16:20:04 +00:00
|
|
|
|
2013-12-30 16:56:23 +00:00
|
|
|
if(CMAKE_COMPILER_IS_CLANG)
|
2019-07-02 18:22:11 +00:00
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla")
|
2015-06-25 07:20:03 +00:00
|
|
|
set(CMAKE_C_FLAGS_RELEASE "-O2")
|
|
|
|
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
|
|
|
|
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
|
2018-05-24 07:15:13 +00:00
|
|
|
set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3")
|
2019-08-28 06:29:20 +00:00
|
|
|
set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls")
|
2015-06-25 07:20:03 +00:00
|
|
|
set(CMAKE_C_FLAGS_MEMSAN "-Werror -fsanitize=memory -O3")
|
|
|
|
set(CMAKE_C_FLAGS_MEMSANDBG "-Werror -fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2")
|
|
|
|
set(CMAKE_C_FLAGS_CHECK "-Werror -Os")
|
2013-12-30 16:56:23 +00:00
|
|
|
endif(CMAKE_COMPILER_IS_CLANG)
|
|
|
|
|
2018-05-23 15:55:16 +00:00
|
|
|
if(CMAKE_COMPILER_IS_IAR)
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts --warnings_are_errors -Ohz")
|
|
|
|
endif(CMAKE_COMPILER_IS_IAR)
|
|
|
|
|
|
|
|
if(CMAKE_COMPILER_IS_MSVC)
|
2016-11-03 01:12:50 +00:00
|
|
|
# Strictest warnings, and treat as errors
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3")
|
|
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
|
2018-05-23 15:55:16 +00:00
|
|
|
endif(CMAKE_COMPILER_IS_MSVC)
|
2015-07-01 15:06:28 +00:00
|
|
|
|
2009-07-11 19:54:40 +00:00
|
|
|
if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
|
2018-05-23 15:55:16 +00:00
|
|
|
if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
|
2015-06-25 07:20:03 +00:00
|
|
|
set(CMAKE_SHARED_LINKER_FLAGS "--coverage")
|
2018-05-23 15:55:16 +00:00
|
|
|
endif(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
|
2009-07-11 19:54:40 +00:00
|
|
|
endif(CMAKE_BUILD_TYPE STREQUAL "Coverage")
|
2009-06-28 21:50:27 +00:00
|
|
|
|
2011-07-13 11:45:58 +00:00
|
|
|
if(LIB_INSTALL_DIR)
|
|
|
|
else()
|
2015-06-25 07:20:03 +00:00
|
|
|
set(LIB_INSTALL_DIR lib)
|
2011-07-13 11:45:58 +00:00
|
|
|
endif()
|
|
|
|
|
2019-01-21 17:26:19 +00:00
|
|
|
include_directories(include/)
|
2018-11-02 10:45:36 +00:00
|
|
|
include_directories(library/)
|
2009-06-28 21:50:27 +00:00
|
|
|
|
2020-02-26 18:11:43 +00:00
|
|
|
if(ENABLE_ZLIB_SUPPORT)
|
|
|
|
find_package(ZLIB)
|
|
|
|
|
|
|
|
if(ZLIB_FOUND)
|
|
|
|
include_directories(${ZLIB_INCLUDE_DIR})
|
|
|
|
endif(ZLIB_FOUND)
|
|
|
|
endif(ENABLE_ZLIB_SUPPORT)
|
|
|
|
|
2019-04-08 16:00:34 +00:00
|
|
|
add_subdirectory(include)
|
|
|
|
|
2018-12-14 13:07:50 +00:00
|
|
|
add_subdirectory(3rdparty)
|
2019-01-21 17:26:19 +00:00
|
|
|
include_directories(${thirdparty_inc})
|
|
|
|
list(APPEND libs ${thirdparty_lib})
|
|
|
|
add_definitions(${thirdparty_def})
|
|
|
|
|
2009-06-28 21:50:27 +00:00
|
|
|
add_subdirectory(library)
|
2011-07-27 16:52:28 +00:00
|
|
|
|
2014-03-26 12:27:51 +00:00
|
|
|
if(ENABLE_PROGRAMS)
|
2015-06-25 07:20:03 +00:00
|
|
|
add_subdirectory(programs)
|
2014-03-26 12:27:51 +00:00
|
|
|
endif()
|
2011-01-05 15:30:32 +00:00
|
|
|
|
Revert changes done to 'make apidoc' target
This partially reverts 1989caf71c1d4 (only the changes to Makefile and
CMakeLists, the addition to scripts/config.pl is kept).
Modifying config.h in the apidoc target creates a race condition with
make -j4 all apidoc
where some parts of the library, tests or programs could be built with the
wrong config.h, resulting in all kinds of (semi-random) errors. Recent
versions of CMake mitigate this by adding a .NOTPARALLEL target to the
generated Makefile, but people would still get errors with older CMake
versions that are still in use (eg in RHEL 5), and with plain make.
An additional issue is that, by failing to use cp -p, the apidoc target was
updating the timestamp on config.h, which seems to cause further build issues.
Let's get back to the previous, safe, situation. The improved apidoc building
will be resurrected in a script in the next commit.
fixes #390
fixes #391
2016-01-12 13:59:39 +00:00
|
|
|
ADD_CUSTOM_TARGET(apidoc
|
2018-01-19 15:21:11 +00:00
|
|
|
COMMAND doxygen mbedtls.doxyfile
|
|
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
|
2013-09-07 14:52:42 +00:00
|
|
|
|
2014-04-30 14:31:54 +00:00
|
|
|
if(ENABLE_TESTING)
|
2015-07-01 14:59:56 +00:00
|
|
|
enable_testing()
|
|
|
|
|
|
|
|
add_subdirectory(tests)
|
|
|
|
|
|
|
|
# additional convenience targets for Unix only
|
|
|
|
if(UNIX)
|
|
|
|
|
|
|
|
ADD_CUSTOM_TARGET(covtest
|
|
|
|
COMMAND make test
|
|
|
|
COMMAND programs/test/selftest
|
2020-02-26 18:48:43 +00:00
|
|
|
COMMAND tests/compat.sh
|
|
|
|
COMMAND tests/ssl-opt.sh
|
2015-07-01 14:59:56 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
ADD_CUSTOM_TARGET(lcov
|
|
|
|
COMMAND rm -rf Coverage
|
|
|
|
COMMAND lcov --capture --initial --directory library/CMakeFiles/mbedtls.dir -o files.info
|
|
|
|
COMMAND lcov --capture --directory library/CMakeFiles/mbedtls.dir -o tests.info
|
|
|
|
COMMAND lcov --add-tracefile files.info --add-tracefile tests.info -o all.info
|
|
|
|
COMMAND lcov --remove all.info -o final.info '*.h'
|
|
|
|
COMMAND gendesc tests/Descriptions.txt -o descriptions
|
|
|
|
COMMAND genhtml --title "mbed TLS" --description-file descriptions --keep-descriptions --legend --no-branch-coverage -o Coverage final.info
|
|
|
|
COMMAND rm -f files.info tests.info all.info final.info descriptions
|
|
|
|
)
|
|
|
|
|
|
|
|
ADD_CUSTOM_TARGET(memcheck
|
|
|
|
COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl
|
|
|
|
COMMAND ctest -O memcheck.log -D ExperimentalMemCheck
|
|
|
|
COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null
|
|
|
|
COMMAND rm -f memcheck.log
|
|
|
|
COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
|
|
|
|
)
|
|
|
|
endif(UNIX)
|
2018-03-21 11:12:47 +00:00
|
|
|
|
2019-04-28 05:51:37 +00:00
|
|
|
# Make scripts needed for testing available in an out-of-source build.
|
|
|
|
if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR})
|
|
|
|
link_to_source(scripts)
|
|
|
|
# Copy (don't link) DartConfiguration.tcl, needed for memcheck, to
|
|
|
|
# keep things simple with the sed commands in the memcheck target.
|
|
|
|
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/DartConfiguration.tcl
|
|
|
|
${CMAKE_CURRENT_BINARY_DIR}/DartConfiguration.tcl COPYONLY)
|
|
|
|
endif()
|
2018-03-21 11:12:47 +00:00
|
|
|
endif()
|