#!/usr/bin/perl # Tune the configuration file use warnings; use strict; my $config_file = "include/mbedtls/config.h"; my $usage = <] [set | unset | full | realfull] Commands set [] - Uncomments or adds a #define for the to the configuration file, and optionally making it of . If the symbol isn't present in the file an error is returned. unset - Comments out the #define for the given symbol if present in the configuration file. full - Uncomments all #define's in the configuration file excluding some reserved symbols, until the 'Module configuration options' section realfull - Uncomments all #define's with no exclusions Options -f - The file or file path for the configuration file to edit. When omitted, the following default is used: $config_file EOU # for our eyes only: # $0 [-f ] full|realfull # Things that shouldn't be enabled with "full". # Notes: # - MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 and # MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION could be enabled if the # respective tests were adapted my @excluded = qw( MBEDTLS_DEPRECATED_REMOVED MBEDTLS_HAVE_SSE2 MBEDTLS_PLATFORM_NO_STD_FUNCTIONS MBEDTLS_ECP_DP_M221_ENABLED MBEDTLS_ECP_DP_M383_ENABLED MBEDTLS_ECP_DP_M511_ENABLED MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES MBEDTLS_NO_PLATFORM_ENTROPY MBEDTLS_REMOVE_ARC4_CIPHERSUITES MBEDTLS_SSL_HW_RECORD_ACCEL MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION MBEDTLS_ZLIB_SUPPORT MBEDTLS_PKCS11_C _ALT\s*$ ); # Things that should be enabled in "full" even if they match @excluded my @non_excluded = qw( PLATFORM_[A-Z0-9]+_ALT ); # get -f option if (@ARGV >= 2 && $ARGV[0] eq "-f") { shift; # -f $config_file = shift; -f $config_file or die "No such file: $config_file\n"; } else { if (! -f $config_file) { chdir '..' or die; -f $config_file or die "Without -f, must be run from root or scripts\n" } } # get action die $usage unless @ARGV; my $action = shift; my ($name, $value); if ($action eq "full" || $action eq "realfull") { # nothing to do } elsif ($action eq "unset") { die $usage unless @ARGV; $name = shift; } elsif ($action eq "set") { die $usage unless @ARGV; $name = shift; $value = shift if @ARGV; } else { die $usage; } die $usage if @ARGV; open my $config_read, '<', $config_file or die "read $config_file: $!\n"; my @config_lines = <$config_read>; close $config_read; my ($exclude_re, $no_exclude_re); if ($action eq "realfull") { $exclude_re = qr/^$/; $no_exclude_re = qr/./; } else { $exclude_re = join '|', @excluded; $no_exclude_re = join '|', @non_excluded; } open my $config_write, '>', $config_file or die "write $config_file: $!\n"; my $done; for my $line (@config_lines) { if ($action eq "full" || $action eq "realfull") { if ($line =~ /name SECTION: Module configuration options/) { $done = 1; } if (!$done && $line =~ m!^//\s?#define! && ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) ) { $line =~ s!^//\s?!!; } if (!$done && $line =~ m!^\s?#define! && ! ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) ) { $line =~ s!^!//!; } } elsif ($action eq "unset") { if (!$done && $line =~ /^\s*#define\s*$name\b/) { $line = '//' . $line; $done = 1; } } elsif (!$done && $action eq "set") { if ($line =~ m!^(?://)?\s*#define\s*$name\b!) { $line = "#define $name"; $line .= " $value" if defined $value && $value ne ""; $line .= "\n"; $done = 1; } } print $config_write $line; } close $config_write; die "configuration section not found" if ($action eq "full" && !$done); die "$name not found" if ($action ne "full" && !$done); __END__