1ceab6e43a
If the option MBEDTLS_TEST_NULL_ENTROPY is enabled, the cmake generated makefile will generate an error unless a UNSAFE_BUILD switch is also enabled. Equally, a similar warning will always be generated if the Makefile is built, and another warning is generated on every compilation of entropy.c. This is to ensure the user is aware of what they're doing when they enable the null entropy option.
156 lines
6.1 KiB
CMake
156 lines
6.1 KiB
CMake
cmake_minimum_required(VERSION 2.6)
|
|
project("mbed TLS" C)
|
|
|
|
option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF)
|
|
option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF)
|
|
|
|
option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
|
|
|
|
option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF)
|
|
|
|
# the test suites currently have compile errors with MSVC
|
|
if(MSVC)
|
|
option(ENABLE_TESTING "Build mbed TLS tests." OFF)
|
|
else()
|
|
option(ENABLE_TESTING "Build mbed TLS tests." ON)
|
|
endif()
|
|
|
|
find_package(Perl)
|
|
if(PERL_FOUND)
|
|
|
|
# If NULL Entropy is configured, display an appropriate warning
|
|
execute_process(COMMAND ${PERL_EXECUTABLE} scripts/config.pl get MBEDTLS_TEST_NULL_ENTROPY
|
|
RESULT_VARIABLE result)
|
|
if(${result} EQUAL 0)
|
|
message(WARNING "\
|
|
*******************************************************
|
|
**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined!
|
|
**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES
|
|
**** AND IS *NOT* SUITABLE FOR PRODUCTION USE
|
|
*******************************************************")
|
|
if(NOT UNSAFE_BUILD)
|
|
message(FATAL_ERROR "\
|
|
\n\
|
|
Warning! You have enabled MBEDTLS_TEST_NULL_ENTROPY. \
|
|
This option is not safe for production use and negates all security \
|
|
It is intended for development use only. \
|
|
\n\
|
|
To confirm you want to build with this option, re-run cmake with the \
|
|
option: \n\
|
|
cmake -DUNSAFE_BUILD=ON ")
|
|
|
|
return()
|
|
endif()
|
|
endif()
|
|
endif()
|
|
|
|
set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
|
|
CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull"
|
|
FORCE)
|
|
|
|
string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
|
|
|
|
if(CMAKE_COMPILER_IS_GNUCC)
|
|
# some warnings we want are not available with old GCC versions
|
|
# note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
|
|
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
|
|
OUTPUT_VARIABLE GCC_VERSION)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wwrite-strings")
|
|
if (GCC_VERSION VERSION_GREATER 4.5 OR GCC_VERSION VERSION_EQUAL 4.5)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op")
|
|
endif()
|
|
if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
|
|
endif()
|
|
set(CMAKE_C_FLAGS_RELEASE "-O2")
|
|
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
|
|
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
|
|
set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -O3")
|
|
set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls ")
|
|
set(CMAKE_C_FLAGS_CHECK "-Werror -Os")
|
|
set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
|
|
endif(CMAKE_COMPILER_IS_GNUCC)
|
|
|
|
if(CMAKE_COMPILER_IS_CLANG)
|
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow")
|
|
set(CMAKE_C_FLAGS_RELEASE "-O2")
|
|
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
|
|
set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage")
|
|
set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover -O3")
|
|
set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls ")
|
|
set(CMAKE_C_FLAGS_MEMSAN "-Werror -fsanitize=memory -O3")
|
|
set(CMAKE_C_FLAGS_MEMSANDBG "-Werror -fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2")
|
|
set(CMAKE_C_FLAGS_CHECK "-Werror -Os")
|
|
endif(CMAKE_COMPILER_IS_CLANG)
|
|
|
|
if(MSVC)
|
|
set(CMAKE_C_FLAGS_CHECK "/WX")
|
|
endif(MSVC)
|
|
|
|
if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
|
|
if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
|
|
set(CMAKE_SHARED_LINKER_FLAGS "--coverage")
|
|
endif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
|
|
endif(CMAKE_BUILD_TYPE STREQUAL "Coverage")
|
|
|
|
if(LIB_INSTALL_DIR)
|
|
else()
|
|
set(LIB_INSTALL_DIR lib)
|
|
endif()
|
|
|
|
include_directories(include/)
|
|
|
|
if(ENABLE_ZLIB_SUPPORT)
|
|
find_package(ZLIB)
|
|
|
|
if(ZLIB_FOUND)
|
|
include_directories(${ZLIB_INCLUDE_DIR})
|
|
endif(ZLIB_FOUND)
|
|
endif(ENABLE_ZLIB_SUPPORT)
|
|
|
|
add_subdirectory(library)
|
|
add_subdirectory(include)
|
|
|
|
if(ENABLE_PROGRAMS)
|
|
add_subdirectory(programs)
|
|
endif()
|
|
|
|
ADD_CUSTOM_TARGET(apidoc
|
|
COMMAND doxygen doxygen/mbedtls.doxyfile
|
|
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
|
|
|
|
if(ENABLE_TESTING)
|
|
enable_testing()
|
|
|
|
add_subdirectory(tests)
|
|
|
|
# additional convenience targets for Unix only
|
|
if(UNIX)
|
|
|
|
ADD_CUSTOM_TARGET(covtest
|
|
COMMAND make test
|
|
COMMAND programs/test/selftest
|
|
COMMAND tests/compat.sh
|
|
COMMAND tests/ssl-opt.sh
|
|
)
|
|
|
|
ADD_CUSTOM_TARGET(lcov
|
|
COMMAND rm -rf Coverage
|
|
COMMAND lcov --capture --initial --directory library/CMakeFiles/mbedtls.dir -o files.info
|
|
COMMAND lcov --capture --directory library/CMakeFiles/mbedtls.dir -o tests.info
|
|
COMMAND lcov --add-tracefile files.info --add-tracefile tests.info -o all.info
|
|
COMMAND lcov --remove all.info -o final.info '*.h'
|
|
COMMAND gendesc tests/Descriptions.txt -o descriptions
|
|
COMMAND genhtml --title "mbed TLS" --description-file descriptions --keep-descriptions --legend --no-branch-coverage -o Coverage final.info
|
|
COMMAND rm -f files.info tests.info all.info final.info descriptions
|
|
)
|
|
|
|
ADD_CUSTOM_TARGET(memcheck
|
|
COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl
|
|
COMMAND ctest -O memcheck.log -D ExperimentalMemCheck
|
|
COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null
|
|
COMMAND rm -f memcheck.log
|
|
COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl
|
|
)
|
|
endif(UNIX)
|
|
endif()
|