Configure

:
eval 'exec perl -S $0 ${1+"$@"}'
    if $running_under_some_shell;
##
##  Configure -- OpenSSL source tree configuration script
##  If editing this file, run this command before committing
##	make -f Makefile.org TABLE
##

require 5.000;
use strict;
use File::Basename;
use File::Spec::Functions;

# see INSTALL for instructions.

my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] [--config=FILE] os/compiler[:flags]\n";

# Options:
#
# --config      add the given configuration file, which will be read after
#               any "Configurations*" files that are found in the same
#               directory as this script.
# --openssldir  install OpenSSL in OPENSSLDIR (Default: DIR/ssl if the
#               --prefix option is given; /usr/local/ssl otherwise)
# --prefix      prefix for the OpenSSL include, lib and bin directories
#               (Default: the OPENSSLDIR directory)
#
# --install_prefix  Additional prefix for package builders (empty by
#               default).  This needn't be set in advance, you can
#               just as well use "make INSTALL_PREFIX=/whatever install".
#
# --with-krb5-dir  Declare where Kerberos 5 lives.  The libraries are expected
#		to live in the subdirectory lib/ and the header files in
#		include/.  A value is required.
# --with-krb5-lib  Declare where the Kerberos 5 libraries live.  A value is
#		required.
#		(Default: KRB5_DIR/lib)
# --with-krb5-include  Declare where the Kerberos 5 header files live.  A
#		value is required.
#		(Default: KRB5_DIR/include)
# --with-krb5-flavor  Declare what flavor of Kerberos 5 is used.  Currently
#		supported values are "MIT" and "Heimdal".  A value is required.
#
# --test-sanity Make a number of sanity checks on the data in this file.
#               This is a debugging tool for OpenSSL developers.
#
# --cross-compile-prefix Add specified prefix to binutils components.
#
# no-hw-xxx     do not compile support for specific crypto hardware.
#               Generic OpenSSL-style methods relating to this support
#               are always compiled but return NULL if the hardware
#               support isn't compiled.
# no-hw         do not compile support for any crypto hardware.
# [no-]threads  [don't] try to create a library that is suitable for
#               multithreaded applications (default is "threads" if we
#               know how to do it)
# [no-]shared	[don't] try to create shared libraries when supported.
# no-asm        do not use assembler
# no-dso        do not compile in any native shared-library methods. This
#               will ensure that all methods just return NULL.
# no-krb5       do not compile in any KRB5 library or code.
# [no-]zlib     [don't] compile support for zlib compression.
# zlib-dynamic	Like "zlib", but the zlib library is expected to be a shared
#		library and will be loaded in run-time by the OpenSSL library.
# sctp          include SCTP support
# 386           generate 80386 code
# no-sse2	disables IA-32 SSE2 code, above option implies no-sse2
# no-<cipher>   build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
#
# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
#		provided to stack calls. Generates unique stack functions for
#		each possible stack type.
# DES_PTR	use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
# DES_RISC1	use different DES_ENCRYPT macro that helps reduce register
#		dependancies but needs to more registers, good for RISC CPU's
# DES_RISC2	A different RISC variant.
# DES_UNROLL	unroll the inner DES loop, sometimes helps, somtimes hinders.
# DES_INT	use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
#		This is used on the DEC Alpha where long is 8 bytes
#		and int is 4
# BN_LLONG	use the type 'long long' in crypto/bn/bn.h
# MD2_CHAR	use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
# MD2_LONG	use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
# IDEA_SHORT	use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
# IDEA_LONG	use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
# RC2_SHORT	use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
# RC2_LONG	use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
# RC4_CHAR	use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# RC4_LONG	use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# RC4_INDEX	define RC4_INDEX in crypto/rc4/rc4_locl.h.  This turns on
#		array lookups instead of pointer use.
# RC4_CHUNK	enables code that handles data aligned at long (natural CPU
#		word) boundary.
# RC4_CHUNK_LL	enables code that handles data aligned at long long boundary
#		(intended for 64-bit CPUs running 32-bit OS).
# BF_PTR	use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
# BF_PTR2	intel specific version (generic version is more efficient).
#
# Following are set automatically by this script
#
# MD5_ASM	use some extra md5 assember,
# SHA1_ASM	use some extra sha1 assember, must define L_ENDIAN for x86
# RMD160_ASM	use some extra ripemd160 assember,
# SHA256_ASM	sha256_block is implemented in assembler
# SHA512_ASM	sha512_block is implemented in assembler
# AES_ASM	ASE_[en|de]crypt is implemented in assembler

# Minimum warning options... any contributions to OpenSSL should at least get
# past these.

my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK";

my $clang_disabled_warnings = "-Wno-language-extension-token -Wno-extended-offsetof -Wno-padded -Wno-shorten-64-to-32 -Wno-format-nonliteral -Wno-missing-noreturn -Wno-unused-parameter -Wno-sign-conversion -Wno-unreachable-code -Wno-conversion -Wno-documentation -Wno-missing-variable-declarations -Wno-cast-align -Wno-incompatible-pointer-types-discards-qualifiers -Wno-missing-variable-declarations -Wno-missing-field-initializers -Wno-unused-macros -Wno-disabled-macro-expansion -Wno-conditional-uninitialized -Wno-switch-enum";

my $strict_warnings = 0;

my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";

# MD2_CHAR slags pentium pros
my $x86_gcc_opts="RC4_INDEX MD2_INT";

# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
# Don't worry about these normally

my $tcc="cc";
my $tflags="-fast -Xa";
my $tbn_mul="";
my $tlib="-lnsl -lsocket";
#$bits1="SIXTEEN_BIT ";
#$bits2="THIRTY_TWO_BIT ";
my $bits1="THIRTY_TWO_BIT ";
my $bits2="SIXTY_FOUR_BIT ";

my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o:ecp_nistz256.o ecp_nistz256-x86.o:des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o:e_padlock-x86.o";

my $x86_elf_asm="$x86_asm:elf";

my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o:ecp_nistz256.o ecp_nistz256-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o aesni-gcm-x86_64.o:e_padlock-x86_64.o";
my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o:::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o::des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o:aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o::md5-sparcv9.o:sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o::::::camellia.o cmll_misc.o cmll_cbc.o cmllt4-sparcv9.o:ghash-sparcv9.o::void";
my $sparcv8_asm=":sparcv8.o::des_enc-sparc.o fcrypt_b.o:::::::::::::void";
my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::sha1-alpha.o:::::::ghash-alpha.o::void";
my $mips64_asm=":bn-mips.o mips-mont.o:::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o::::::::";
my $mips32_asm=$mips64_asm; $mips32_asm =~ s/\s*sha512\-mips\.o//;
my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o:::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:";
my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o:ecp_nistz256.o ecp_nistz256-armv4.o::aes_cbc.o aes-armv4.o bsaes-armv7.o aesv8-armx.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o ghashv8-armx.o::void";
my $aarch64_asm="armcap.o arm64cpuid.o mem_clr.o::::aes_core.o aes_cbc.o aesv8-armx.o:::sha1-armv8.o sha256-armv8.o sha512-armv8.o:::::::ghashv8-armx.o:";
my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::32";
my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::64";
my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o:::aes_core.o aes_cbc.o aes-ppc.o vpaes-ppc.o aesp8-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o sha256p8-ppc.o sha512p8-ppc.o:::::::ghashp8-ppc.o:";
my $ppc32_asm=$ppc64_asm;

# As for $BSDthreads. Idea is to maintain "collective" set of flags,
# which would cover all BSD flavors. -pthread applies to them all,
# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r,
# which has to be accompanied by explicit -D_THREAD_SAFE and
# sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which
# seems to be sufficient?
my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";

#config-string	$cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $ec_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $modes_obj : $engines_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib

# table of known configurations, read in from files
my %table=(
);

# Read configuration target stanzas from a file, so that people can have
# local files with their own definitions
sub read_config {
	my $fname = shift;
	open(CONFFILE, "< $fname")
		or die "Can't open configuration file '$fname'!\n";
        my $x = $/;
        undef $/;
	my $content = <CONFFILE>;
        $/ = $x;
	close(CONFFILE);
	my %targets = ();
	eval $content;
	%table = (%table, %targets);
}

my ($vol, $dir, $dummy) = File::Spec->splitpath($0);
my $pattern = File::Spec->catpath($vol, $dir, "Configurations*");
foreach ( glob($pattern) ) {
    &read_config($_);
}

my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
		    debug-VC-WIN64I debug-VC-WIN64A
		    VC-NT VC-CE VC-WIN32 debug-VC-WIN32
		    BC-32
		    netware-clib netware-clib-bsdsock
		    netware-libc netware-libc-bsdsock);

my $idx = 0;
my $idx_cc = $idx++;
my $idx_cflags = $idx++;
my $idx_unistd = $idx++;
my $idx_thread_cflag = $idx++;
my $idx_sys_id = $idx++;
my $idx_lflags = $idx++;
my $idx_bn_ops = $idx++;
my $idx_cpuid_obj = $idx++;
my $idx_bn_obj = $idx++;
my $idx_ec_obj = $idx++;
my $idx_des_obj = $idx++;
my $idx_aes_obj = $idx++;
my $idx_bf_obj = $idx++;
my $idx_md5_obj = $idx++;
my $idx_sha1_obj = $idx++;
my $idx_cast_obj = $idx++;
my $idx_rc4_obj = $idx++;
my $idx_rmd160_obj = $idx++;
my $idx_rc5_obj = $idx++;
my $idx_wp_obj = $idx++;
my $idx_cmll_obj = $idx++;
my $idx_modes_obj = $idx++;
my $idx_engines_obj = $idx++;
my $idx_perlasm_scheme = $idx++;
my $idx_dso_scheme = $idx++;
my $idx_shared_target = $idx++;
my $idx_shared_cflag = $idx++;
my $idx_shared_ldflag = $idx++;
my $idx_shared_extension = $idx++;
my $idx_ranlib = $idx++;
my $idx_arflags = $idx++;
my $idx_multilib = $idx++;

my $prefix="";
my $libdir="";
my $openssldir="";
my $exe_ext="";
my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
my $cross_compile_prefix="";
my $fipslibdir="/usr/local/ssl/fips-2.0/lib/";
my $nofipscanistercheck=0;
my $baseaddr="0xFB00000";
my $no_threads=0;
my $threads=0;
my $no_shared=0; # but "no-shared" is default
my $zlib=1;      # but "no-zlib" is default
my $no_krb5=0;   # but "no-krb5" is implied unless "--with-krb5-..." is used
my $no_rfc3779=1; # but "no-rfc3779" is default
my $no_asm=0;
my $no_dso=0;
my $no_gmp=0;
my @skip=();
my $Makefile="Makefile";
my $des_locl="crypto/des/des_locl.h";
my $des	="crypto/des/des.h";
my $bn	="crypto/bn/bn.h";
my $md2	="crypto/md2/md2.h";
my $rc4	="crypto/rc4/rc4.h";
my $rc4_locl="crypto/rc4/rc4_locl.h";
my $idea	="crypto/idea/idea.h";
my $rc2	="crypto/rc2/rc2.h";
my $bf	="crypto/bf/bf_locl.h";
my $bn_asm	="bn_asm.o";
my $des_enc="des_enc.o fcrypt_b.o";
my $aes_enc="aes_core.o aes_cbc.o";
my $bf_enc	="bf_enc.o";
my $cast_enc="c_enc.o";
my $rc4_enc="rc4_enc.o rc4_skey.o";
my $rc5_enc="rc5_enc.o";
my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
my $processor="";
my $default_ranlib;
my $perl;
my $fips=0;

# All of the following is disabled by default (RC5 was enabled before 0.9.8):

my %disabled = ( # "what"         => "comment" [or special keyword "experimental"]
		 "deprecated" => "default",
		 "ec_nistp_64_gcc_128" => "default",
		 "gmp"		  => "default",
		 "jpake"          => "experimental",
		 "md2"            => "default",
		 "rc5"            => "default",
		 "rfc3779"	  => "default",
		 "sctp"       => "default",
		 "shared"         => "default",
		 "ssl-trace"	  => "default",
		 "store"	  => "experimental",
		 "unit-test"	  => "default",
		 "zlib"           => "default",
		 "zlib-dynamic"   => "default"
	       );
my @experimental = ();

# This is what $depflags will look like with the above defaults
# (we need this to see if we should advise the user to run "make depend"):
my $default_depflags = " -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST";

# Explicit "no-..." options will be collected in %disabled along with the defaults.
# To remove something from %disabled, use "enable-foo" (unless it's experimental).
# For symmetry, "disable-foo" is a synonym for "no-foo".

# For features called "experimental" here, a more explicit "experimental-foo" is needed to enable.
# We will collect such requests in @experimental.
# To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO.


my $no_sse2=0;

&usage if ($#ARGV < 0);

my $flags;
my $depflags;
my $openssl_experimental_defines;
my $openssl_algorithm_defines;
my $openssl_thread_defines;
my $openssl_sys_defines="";
my $openssl_other_defines;
my $libs;
my $libkrb5="";
my $target;
my $options;
my $symlink;
my $make_depend=0;
my %withargs=();

my @argvcopy=@ARGV;
my $argvstring="";
my $argv_unprocessed=1;

while($argv_unprocessed)
	{
	$flags="";
	$depflags="";
	$openssl_experimental_defines="";
	$openssl_algorithm_defines="";
	$openssl_thread_defines="";
	$openssl_sys_defines="";
	$openssl_other_defines="";
	$libs="";
	$target="";
	$options="";
	$symlink=1;

	$argv_unprocessed=0;
	$argvstring=join(' ',@argvcopy);

PROCESS_ARGS:
	foreach (@argvcopy)
		{
		s /^-no-/no-/; # some people just can't read the instructions

		# rewrite some options in "enable-..." form
		s /^-?-?shared$/enable-shared/;
		s /^sctp$/enable-sctp/;
		s /^threads$/enable-threads/;
		s /^zlib$/enable-zlib/;
		s /^zlib-dynamic$/enable-zlib-dynamic/;

		if (/^no-(.+)$/ || /^disable-(.+)$/)
			{
			if (!($disabled{$1} eq "experimental"))
				{
				if ($1 eq "ssl")
					{
					$disabled{"ssl3"} = "option(ssl)";
					}
				elsif ($1 eq "tls")
					{
					$disabled{"tls1"} = "option(tls)"
					}
				elsif ($1 eq "ssl3-method")
					{
					$disabled{"ssl3-method"} = "option(ssl)";
					$disabled{"ssl3"} = "option(ssl)";
					}
				else
					{
					$disabled{$1} = "option";
					}
				}
			}
		elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
			{
			my $algo = $1;
			if ($disabled{$algo} eq "experimental")
				{
				die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
					unless (/^experimental-/);
				push @experimental, $algo;
				}
			delete $disabled{$algo};

			$threads = 1 if ($algo eq "threads");
			}
		elsif (/^--test-sanity$/)
			{
			exit(&test_sanity());
			}
		elsif (/^--strict-warnings/)
			{
			$strict_warnings = 1;
			}
		elsif (/^reconfigure/ || /^reconf/)
			{
			if (open(IN,"<$Makefile"))
				{
				while (<IN>)
					{
					chomp;
					if (/^CONFIGURE_ARGS=(.*)/)
						{
						$argvstring=$1;
						@argvcopy=split(' ',$argvstring);
						die "Incorrect data to reconfigure, please do a normal configuration\n"
							if (grep(/^reconf/,@argvcopy));
						print "Reconfiguring with: $argvstring\n";
						$argv_unprocessed=1;
						close(IN);
						last PROCESS_ARGS;
						}
					}
				close(IN);
				}
			die "Insufficient data to reconfigure, please do a normal configuration\n";
			}
		elsif (/^386$/)
			{ $processor=386; }
		elsif (/^fips$/)
			{
			$fips=1;
			}
		elsif (/^rsaref$/)
			{
			# No RSAref support any more since it's not needed.
			# The check for the option is there so scripts aren't
			# broken
			}
		elsif (/^nofipscanistercheck$/)
			{
			$fips = 1;
			$nofipscanistercheck = 1;
			}
		elsif (/^[-+]/)
			{
			if (/^--prefix=(.*)$/)
				{
				$prefix=$1;
				}
			elsif (/^--libdir=(.*)$/)
				{
				$libdir=$1;
				}
			elsif (/^--openssldir=(.*)$/)
				{
				$openssldir=$1;
				}
			elsif (/^--install.prefix=(.*)$/)
				{
				$install_prefix=$1;
				}
			elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/)
				{
				$withargs{"krb5-".$1}=$2;
				}
			elsif (/^--with-zlib-lib=(.*)$/)
				{
				$withargs{"zlib-lib"}=$1;
				}
			elsif (/^--with-zlib-include=(.*)$/)
				{
				$withargs{"zlib-include"}="-I$1";
				}
			elsif (/^--with-fipslibdir=(.*)$/)
				{
				$fipslibdir="$1/";
				}
			elsif (/^--with-baseaddr=(.*)$/)
				{
				$baseaddr="$1";
				}
			elsif (/^--cross-compile-prefix=(.*)$/)
				{
				$cross_compile_prefix=$1;
				}
			elsif (/^--config=(.*)$/)
				{
				read_config $1;
				}
			elsif (/^-[lL](.*)$/ or /^-Wl,/)
				{
				$libs.=$_." ";
				}
			else	# common if (/^[-+]/), just pass down...
				{
				$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
				$flags.=$_." ";
				}
			}
		elsif ($_ =~ /^([^:]+):(.+)$/)
			{
			eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
			$target=$1;
			}
		else
			{
			die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
			$target=$_;
			}

		unless ($_ eq $target || /^no-/ || /^disable-/)
			{
			# "no-..." follows later after implied disactivations
			# have been derived.  (Don't take this too seroiusly,
			# we really only write OPTIONS to the Makefile out of
			# nostalgia.)

			if ($options eq "")
				{ $options = $_; }
			else
				{ $options .= " ".$_; }
			}
		}
	}



if ($processor eq "386")
	{
	$disabled{"sse2"} = "forced";
	}

if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "")
	{
	$disabled{"krb5"} = "krb5-flavor not specified";
	}

if (!defined($disabled{"zlib-dynamic"}))
	{
	# "zlib-dynamic" was specifically enabled, so enable "zlib"
	delete $disabled{"zlib"};
	}

if (defined($disabled{"rijndael"}))
	{
	$disabled{"aes"} = "forced";
	}
if (defined($disabled{"des"}))
	{
	$disabled{"mdc2"} = "forced";
	}
if (defined($disabled{"ec"}))
	{
	$disabled{"ecdsa"} = "forced";
	$disabled{"ecdh"} = "forced";
	}

# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
if (defined($disabled{"md5"}) || defined($disabled{"sha"})
    || (defined($disabled{"rsa"})
        && (defined($disabled{"dsa"}) || defined($disabled{"dh"}))))
	{
	$disabled{"ssl3"} = "forced";
	$disabled{"tls1"} = "forced";
	}

if (defined($disabled{"tls1"}))
	{
	$disabled{"tlsext"} = "forced";
	}

if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
    || defined($disabled{"dh"}))
	{
	$disabled{"gost"} = "forced";
	}

# SRP and HEARTBEATS require TLSEXT
if (defined($disabled{"tlsext"}))
	{
	$disabled{"srp"} = "forced";
	$disabled{"heartbeats"} = "forced";
	}

if ($target eq "TABLE") {
	foreach $target (sort keys %table) {
		print_table_entry($target);
	}
	exit 0;
}

if ($target eq "LIST") {
	foreach (sort keys %table) {
		print;
		print "\n";
	}
	exit 0;
}

if ($target =~ m/^CygWin32(-.*)$/) {
	$target = "Cygwin".$1;
}

print "Configuring for $target\n";

&usage if (!defined($table{$target}));

if ($fips)
	{
	delete $disabled{"shared"} if ($disabled{"shared"} eq "default");
	}

foreach (sort (keys %disabled))
	{
	$options .= " no-$_";

	printf "    no-%-12s %-10s", $_, "[$disabled{$_}]";

	if (/^dso$/)
		{ $no_dso = 1; }
	elsif (/^threads$/)
		{ $no_threads = 1; }
	elsif (/^shared$/)
		{ $no_shared = 1; }
	elsif (/^zlib$/)
		{ $zlib = 0; }
	elsif (/^static-engine$/)
		{ }
	elsif (/^zlib-dynamic$/)
		{ }
	elsif (/^symlinks$/)
		{ $symlink = 0; }
	elsif (/^sse2$/)
		{ $no_sse2 = 1; }
	else
		{
		my ($ALGO, $algo);
		($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;

		if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
			{
			$openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n";
			print " OPENSSL_NO_$ALGO";

			if (/^err$/)	{ $flags .= "-DOPENSSL_NO_ERR "; }
			elsif (/^asm$/)	{ $no_asm = 1; }
			}
		else
			{
			($ALGO,$algo) = ("RMD160","rmd160") if ($algo eq "ripemd");

			$openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n";
			print " OPENSSL_NO_$ALGO";

			if (/^krb5$/)
				{ $no_krb5 = 1; }
			else
				{
				push @skip, $algo;
				# fix-up crypto/directory name(s)
				$skip[$#skip]="whrlpool" if $algo eq "whirlpool";
				$skip[$#skip]="ripemd" if $algo eq "rmd160";

				print " (skip dir)";

				$depflags .= " -DOPENSSL_NO_$ALGO";
				}
			}
		}

	print "\n";
	}

my $exp_cflags = "";

foreach (sort @experimental)
	{
	my $ALGO;
	($ALGO = $_) =~ tr/[a-z]/[A-Z]/;

	# opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
	$openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
	$exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
	}

my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds;

$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/);
$exe_ext=".nlm" if ($target =~ /netware/);
$exe_ext=".pm"  if ($target =~ /vos/);
$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
$prefix=$openssldir if $prefix eq "";

$default_ranlib= &which("ranlib") or $default_ranlib="true";
$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
  or $perl="perl";
my $make = $ENV{'MAKE'} || "make";

$cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq "";

chop $openssldir if $openssldir =~ /\/$/;
chop $prefix if $prefix =~ /.\/$/;

$openssldir=$prefix . "/ssl" if $openssldir eq "";
$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;


print "IsMK1MF=$IsMK1MF\n";

my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
my $cc = $fields[$idx_cc];
# Allow environment CC to override compiler...
if($ENV{CC}) {
    $cc = $ENV{CC};
}
my $cflags = $fields[$idx_cflags];
my $unistd = $fields[$idx_unistd];
my $thread_cflag = $fields[$idx_thread_cflag];
my $sys_id = $fields[$idx_sys_id];
my $lflags = $fields[$idx_lflags];
my $bn_ops = $fields[$idx_bn_ops];
my $cpuid_obj = $fields[$idx_cpuid_obj];
my $bn_obj = $fields[$idx_bn_obj];
my $ec_obj = $fields[$idx_ec_obj];
my $des_obj = $fields[$idx_des_obj];
my $aes_obj = $fields[$idx_aes_obj];
my $bf_obj = $fields[$idx_bf_obj];
my $md5_obj = $fields[$idx_md5_obj];
my $sha1_obj = $fields[$idx_sha1_obj];
my $cast_obj = $fields[$idx_cast_obj];
my $rc4_obj = $fields[$idx_rc4_obj];
my $rmd160_obj = $fields[$idx_rmd160_obj];
my $rc5_obj = $fields[$idx_rc5_obj];
my $wp_obj = $fields[$idx_wp_obj];
my $cmll_obj = $fields[$idx_cmll_obj];
my $modes_obj = $fields[$idx_modes_obj];
my $engines_obj = $fields[$idx_engines_obj];
my $perlasm_scheme = $fields[$idx_perlasm_scheme];
my $dso_scheme = $fields[$idx_dso_scheme];
my $shared_target = $fields[$idx_shared_target];
my $shared_cflag = $fields[$idx_shared_cflag];
my $shared_ldflag = $fields[$idx_shared_ldflag];
my $shared_extension = $fields[$idx_shared_extension];
my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
my $ar = $ENV{'AR'} || "ar";
my $arflags = $fields[$idx_arflags];
my $multilib = $fields[$idx_multilib];

# if $prefix/lib$multilib is not an existing directory, then
# assume that it's not searched by linker automatically, in
# which case adding $multilib suffix causes more grief than
# we're ready to tolerate, so don't...
$multilib="" if !-d "$prefix/lib$multilib";

$libdir="lib$multilib" if $libdir eq "";

$cflags = "$cflags$exp_cflags";

# '%' in $lflags is used to split flags to "pre-" and post-flags
my ($prelflags,$postlflags)=split('%',$lflags);
if (defined($postlflags))	{ $lflags=$postlflags;	}
else				{ $lflags=$prelflags; undef $prelflags;	}

if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
	{
	$cflags =~ s/\-mno\-cygwin\s*//;
	$shared_ldflag =~ s/\-mno\-cygwin\s*//;
	}

if ($target =~ /linux.*\-mips/ && !$no_asm && $flags !~ /\-m(ips|arch=)/) {
	# minimally required architecture flags for assembly modules
	$cflags="-mips2 $cflags" if ($target =~ /mips32/);
	$cflags="-mips3 $cflags" if ($target =~ /mips64/);
}

my $no_shared_warn=0;
my $no_user_cflags=0;

if ($flags ne "")	{ $cflags="$flags$cflags"; }
else			{ $no_user_cflags=1;       }

# Kerberos settings.  The flavor must be provided from outside, either through
# the script "config" or manually.
if (!$no_krb5)
	{
	my ($lresolv, $lpath, $lext);
	if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
		{
		die "Sorry, Heimdal is currently not supported\n";
		}
	##### HACK to force use of Heimdal.
	##### WARNING: Since we don't really have adequate support for Heimdal,
	#####          using this will break the build.  You'll have to make
	#####          changes to the source, and if you do, please send
	#####          patches to openssl-dev@openssl.org
	if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/)
		{
		warn "Heimdal isn't really supported.  Your build WILL break\n";
		warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n";
		$withargs{"krb5-dir"} = "/usr/heimdal"
			if $withargs{"krb5-dir"} eq "";
		$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
			"/lib -lgssapi -lkrb5 -lcom_err"
			if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
		$cflags="-DKRB5_HEIMDAL $cflags";
		}
	if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
		{
		$withargs{"krb5-dir"} = "/usr/kerberos"
			if $withargs{"krb5-dir"} eq "";
		$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
			"/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
			if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
		$cflags="-DKRB5_MIT $cflags";
		$withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
		if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
			{
			$cflags="-DKRB5_MIT_OLD11 $cflags";
			}
		}
	LRESOLV:
	foreach $lpath ("/lib", "/usr/lib")
		{
		foreach $lext ("a", "so")
			{
			$lresolv = "$lpath/libresolv.$lext";
			last LRESOLV	if (-r "$lresolv");
			$lresolv = "";
			}
		}
	$withargs{"krb5-lib"} .= " -lresolv"
		if ("$lresolv" ne "");
	$withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
		if $withargs{"krb5-include"} eq "" &&
		   $withargs{"krb5-dir"} ne "";
	}

# The DSO code currently always implements all functions so that no
# applications will have to worry about that from a compilation point
# of view. However, the "method"s may return zero unless that platform
# has support compiled in for them. Currently each method is enabled
# by a define "DSO_<name>" ... we translate the "dso_scheme" config
# string entry into using the following logic;
my $dso_cflags;
if (!$no_dso && $dso_scheme ne "")
	{
	$dso_scheme =~ tr/[a-z]/[A-Z]/;
	if ($dso_scheme eq "DLFCN")
		{
		$dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H";
		}
	elsif ($dso_scheme eq "DLFCN_NO_H")
		{
		$dso_cflags = "-DDSO_DLFCN";
		}
	else
		{
		$dso_cflags = "-DDSO_$dso_scheme";
		}
	$cflags = "$dso_cflags $cflags";
	}

my $thread_cflags;
my $thread_defines;
if ($thread_cflag ne "(unknown)" && !$no_threads)
	{
	# If we know how to do it, support threads by default.
	$threads = 1;
	}
if ($thread_cflag eq "(unknown)" && $threads)
	{
	# If the user asked for "threads", [s]he is also expected to
	# provide any system-dependent compiler options that are
	# necessary.
	if ($no_user_cflags)
		{
		print "You asked for multi-threading support, but didn't\n";
		print "provide any system-specific compiler options\n";
		exit(1);
		}
	$thread_cflags="-DOPENSSL_THREADS $cflags" ;
	$thread_defines .= "#define OPENSSL_THREADS\n";
	}
else
	{
	$thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags";
	$thread_defines .= "#define OPENSSL_THREADS\n";
#	my $def;
#	foreach $def (split ' ',$thread_cflag)
#		{
#		if ($def =~ s/^-D// && $def !~ /^_/)
#			{
#			$thread_defines .= "#define $def\n";
#			}
#		}
	}

$lflags="$libs$lflags" if ($libs ne "");

if ($no_asm)
	{
	$cpuid_obj=$bn_obj=$ec_obj=
	$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
	$modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj="";
	$cflags=~s/\-D[BL]_ENDIAN//		if ($fips);
	$thread_cflags=~s/\-D[BL]_ENDIAN//	if ($fips);
	}
elsif (defined($disabled{ec2m}))
	{
	$bn_obj =~ s/\w+-gf2m.o//;
	}

if (!$no_shared)
	{
	$cast_obj="";	# CAST assembler is not PIC
	}

if ($threads)
	{
	$cflags=$thread_cflags;
	$openssl_thread_defines .= $thread_defines;
	}

if ($zlib)
	{
	$cflags = "-DZLIB $cflags";
	if (defined($disabled{"zlib-dynamic"}))
		{
		if (defined($withargs{"zlib-lib"}))
			{
			$lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz";
			}
		else
			{
			$lflags = "$lflags -lz";
			}
		}
	else
		{
		$cflags = "-DZLIB_SHARED $cflags";
		}
	}

#Build the library with OPENSSL_USE_DEPRECATED if deprecation is not disabled
if(!defined($disabled{"deprecated"}))
	{
	$cflags = "-DOPENSSL_USE_DEPRECATED $cflags";
	}

# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
my $shared_mark = "";
if ($shared_target eq "")
	{
	$no_shared_warn = 1 if !$no_shared && !$fips;
	$no_shared = 1;
	}
if (!$no_shared)
	{
	if ($shared_cflag ne "")
		{
		$cflags = "$shared_cflag -DOPENSSL_PIC $cflags";
		}
	}

if (!$IsMK1MF)
	{
	# add {no-}static-engine to options to allow mkdef.pl to work without extra arguments
	if ($no_shared)
		{
		$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
		$options.=" static-engine";
		}
	else
		{
		$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
		$options.=" no-static-engine";
		}
	}

$cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);

#
# Platform fix-ups
#
if ($target =~ /\-icc$/)	# Intel C compiler
	{
	my $iccver=0;
	if (open(FD,"$cc -V 2>&1 |"))
		{
		while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
		close(FD);
		}
	if ($iccver>=8)
		{
		$cflags=~s/\-KPIC/-fPIC/;
		# Eliminate unnecessary dependency from libirc.a. This is
		# essential for shared library support, as otherwise
		# apps/openssl can end up in endless loop upon startup...
		$cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
		}
	if ($iccver>=9)
		{
		$lflags.=" -i-static";
		$lflags=~s/\-no_cpprt/-no-cpprt/;
		}
	if ($iccver>=10)
		{
		$lflags=~s/\-i\-static/-static-intel/;
		}
	if ($iccver>=11)
		{
		$cflags.=" -no-intel-extensions";	# disable Cilk
		$lflags=~s/\-no\-cpprt/-no-cxxlib/;
		}
	}

# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on
# .so objects. Apparently application RPATH is not global and does
# not apply to .so linked with other .so. Problem manifests itself
# when libssl.so fails to load libcrypto.so. One can argue that we
# should engrave this into Makefile.shared rules or into BSD-* config
# lines above. Meanwhile let's try to be cautious and pass -rpath to
# linker only when --prefix is not /usr.
if ($target =~ /^BSD\-/)
	{
	$shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
	}

if ($sys_id ne "")
	{
	#$cflags="-DOPENSSL_SYS_$sys_id $cflags";
	$openssl_sys_defines="#define OPENSSL_SYS_$sys_id\n";
	}

if ($ranlib eq "")
	{
	$ranlib = $default_ranlib;
	}

#my ($bn1)=split(/\s+/,$bn_obj);
#$bn1 = "" unless defined $bn1;
#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
#$bn_obj="$bn1";

$cpuid_obj="" if ($processor eq "386");

$bn_obj = $bn_asm unless $bn_obj ne "";
# bn-586 is the only one implementing bn_*_part_words
$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);

$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
$cflags.=" -DOPENSSL_BN_ASM_MONT5" if ($bn_obj =~ /-mont5/);
$cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($bn_obj =~ /-gf2m/);

if ($fips)
	{
	$openssl_other_defines.="#define OPENSSL_FIPS\n";
	}

$cpuid_obj="mem_clr.o"	unless ($cpuid_obj =~ /\.o$/);
$des_obj=$des_enc	unless ($des_obj =~ /\.o$/);
$bf_obj=$bf_enc		unless ($bf_obj =~ /\.o$/);
$cast_obj=$cast_enc	unless ($cast_obj =~ /\.o$/);
$rc4_obj=$rc4_enc	unless ($rc4_obj =~ /\.o$/);
$rc5_obj=$rc5_enc	unless ($rc5_obj =~ /\.o$/);
if ($sha1_obj =~ /\.o$/)
	{
#	$sha1_obj=$sha1_enc;
	$cflags.=" -DSHA1_ASM"   if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
	$cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
	$cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
	if ($sha1_obj =~ /sse2/)
	    {	if ($no_sse2)
		{   $sha1_obj =~ s/\S*sse2\S+//;        }
		elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
		{   $cflags.=" -DOPENSSL_IA32_SSE2";    }
	    }
	}
if ($md5_obj =~ /\.o$/)
	{
#	$md5_obj=$md5_enc;
	$cflags.=" -DMD5_ASM";
	}
if ($rmd160_obj =~ /\.o$/)
	{
#	$rmd160_obj=$rmd160_enc;
	$cflags.=" -DRMD160_ASM";
	}
if ($aes_obj =~ /\.o$/)
	{
	$cflags.=" -DAES_ASM" if ($aes_obj =~ m/\baes\-/);;
	# aes-ctr.o is not a real file, only indication that assembler
	# module implements AES_ctr32_encrypt...
	$cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//);
	# aes-xts.o indicates presence of AES_xts_[en|de]crypt...
	$cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//);
	$aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2);
	$cflags.=" -DVPAES_ASM" if ($aes_obj =~ m/vpaes/);
	$cflags.=" -DBSAES_ASM" if ($aes_obj =~ m/bsaes/);
	}
else	{
	$aes_obj=$aes_enc;
	}
$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
if ($wp_obj =~ /\.o$/ && !$disabled{"whirlpool"})
	{
	$cflags.=" -DWHIRLPOOL_ASM";
	}
else	{
	$wp_obj="wp_block.o";
	}
$cmll_obj=$cmll_enc	unless ($cmll_obj =~ /.o$/);
if ($modes_obj =~ /ghash\-/)
	{
	$cflags.=" -DGHASH_ASM";
	}
if ($ec_obj =~ /ecp_nistz256/)
	{
	$cflags.=" -DECP_NISTZ256_ASM";
	}

# "Stringify" the C flags string.  This permits it to be made part of a string
# and works as well on command lines.
$cflags =~ s/([\\\"])/\\\1/g;

my $version = "unknown";
my $version_num = "unknown";
my $major = "unknown";
my $minor = "unknown";
my $shlib_version_number = "unknown";
my $shlib_version_history = "unknown";
my $shlib_major = "unknown";
my $shlib_minor = "unknown";

open(IN,'<crypto/opensslv.h') || die "unable to read opensslv.h:$!\n";
while (<IN>)
	{
	$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
	$version_num=$1 if /OPENSSL.VERSION.NUMBER.*0x(\S+)/;
	$shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;
	$shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;
	}
close(IN);
if ($shlib_version_history ne "") { $shlib_version_history .= ":"; }

if ($version =~ /(^[0-9]*)\.([0-9\.]*)/)
	{
	$major=$1;
	$minor=$2;
	}

if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
	{
	$shlib_major=$1;
	$shlib_minor=$2;
	}

if ($strict_warnings)
	{
	my $wopt;
	die "ERROR --strict-warnings requires gcc or clang" unless ($cc =~ /gcc$/ or $cc =~ /clang$/);
	foreach $wopt (split /\s+/, $gcc_devteam_warn)
		{
		$cflags .= " $wopt" unless ($cflags =~ /$wopt/)
		}
	}

open(IN,"<Makefile.org") || die "unable to read Makefile.org:$!\n";
unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
my $sdirs=0;

while (<IN>)
	{
	chomp;
	$sdirs = 1 if /^SDIRS=/;
	if ($sdirs) {
		my $dir;
		foreach $dir (@skip) {
			s/(\s)$dir /$1/;
			s/\s$dir$//;
			}
		}
	$sdirs = 0 unless /\\$/;
        s/fips // if (/^DIRS=/ && !$fips);
        s/engines // if (/^DIRS=/ && $disabled{"engine"});
	s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"});
	s/^VERSION=.*/VERSION=$version/;
	s/^MAJOR=.*/MAJOR=$major/;
	s/^MINOR=.*/MINOR=$minor/;
	s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
	s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
	s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
	s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
	s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
	s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
	s/^MULTILIB=.*$/MULTILIB=$multilib/;
	s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
	s/^LIBDIR=.*$/LIBDIR=$libdir/;
	s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
	s/^PLATFORM=.*$/PLATFORM=$target/;
	s/^OPTIONS=.*$/OPTIONS=$options/;
	s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
	if ($cross_compile_prefix)
		{
		s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/;
		s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
		s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
		s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
		}
	else	{
		s/^CC=.*$/CC= $cc/;
		s/^AR=\s*ar/AR= $ar/;
		s/^RANLIB=.*/RANLIB= $ranlib/;
		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc" || ($cc eq 'cc' && $target =~ /darwin/);
		}
	s/^CFLAG=.*$/CFLAG= $cflags/;
	s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
	s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
	s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
	s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
	s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
	s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
	s/^EC_ASM=.*$/EC_ASM= $ec_obj/;
	s/^DES_ENC=.*$/DES_ENC= $des_obj/;
	s/^AES_ENC=.*$/AES_ENC= $aes_obj/;
	s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
	s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
	s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
	s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
	s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
	s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
	s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
	s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
	s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
	s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
	s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
	s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
	s/^PROCESSOR=.*/PROCESSOR= $processor/;
	s/^ARFLAGS=.*/ARFLAGS= $arflags/;
	s/^PERL=.*/PERL= $perl/;
	s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
	s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
	s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
	s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
	s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
	s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
	s/^SHARED_FIPS=.*/SHARED_FIPS=/;
	s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl/;
	s/^BASEADDR=.*/BASEADDR=$baseaddr/;
	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
	if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
		{
		my $sotmp = $1;
		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
		}
	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
		{
		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
		}
	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
		{
		my $sotmp = $1;
		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
		}
	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
		{
		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
		}
	s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
	print OUT $_."\n";
	}
close(IN);
close(OUT);
rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";

print "CC            =$cc\n";
print "CFLAG         =$cflags\n";
print "EX_LIBS       =$lflags\n";
print "CPUID_OBJ     =$cpuid_obj\n";
print "BN_ASM        =$bn_obj\n";
print "EC_ASM        =$ec_obj\n";
print "DES_ENC       =$des_obj\n";
print "AES_ENC       =$aes_obj\n";
print "BF_ENC        =$bf_obj\n";
print "CAST_ENC      =$cast_obj\n";
print "RC4_ENC       =$rc4_obj\n";
print "RC5_ENC       =$rc5_obj\n";
print "MD5_OBJ_ASM   =$md5_obj\n";
print "SHA1_OBJ_ASM  =$sha1_obj\n";
print "RMD160_OBJ_ASM=$rmd160_obj\n";
print "CMLL_ENC      =$cmll_obj\n";
print "MODES_OBJ     =$modes_obj\n";
print "ENGINES_OBJ   =$engines_obj\n";
print "PROCESSOR     =$processor\n";
print "RANLIB        =$ranlib\n";
print "ARFLAGS       =$arflags\n";
print "PERL          =$perl\n";
print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
	if $withargs{"krb5-include"} ne "";

my $des_ptr=0;
my $des_risc1=0;
my $des_risc2=0;
my $des_unroll=0;
my $bn_ll=0;
my $def_int=2;
my $rc4_int=$def_int;
my $md2_int=$def_int;
my $idea_int=$def_int;
my $rc2_int=$def_int;
my $rc4_idx=0;
my $rc4_chunk=0;
my $bf_ptr=0;
my @type=("char","short","int","long");
my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
my $export_var_as_fn=0;

my $des_int;

foreach (sort split(/\s+/,$bn_ops))
	{
	$des_ptr=1 if /DES_PTR/;
	$des_risc1=1 if /DES_RISC1/;
	$des_risc2=1 if /DES_RISC2/;
	$des_unroll=1 if /DES_UNROLL/;
	$des_int=1 if /DES_INT/;
	$bn_ll=1 if /BN_LLONG/;
	$rc4_int=0 if /RC4_CHAR/;
	$rc4_int=3 if /RC4_LONG/;
	$rc4_idx=1 if /RC4_INDEX/;
	$rc4_chunk=1 if /RC4_CHUNK/;
	$rc4_chunk=2 if /RC4_CHUNK_LL/;
	$md2_int=0 if /MD2_CHAR/;
	$md2_int=3 if /MD2_LONG/;
	$idea_int=1 if /IDEA_SHORT/;
	$idea_int=3 if /IDEA_LONG/;
	$rc2_int=1 if /RC2_SHORT/;
	$rc2_int=3 if /RC2_LONG/;
	$bf_ptr=1 if $_ eq "BF_PTR";
	$bf_ptr=2 if $_ eq "BF_PTR2";
	($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
	($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
	($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
	$export_var_as_fn=1 if /EXPORT_VAR_AS_FN/;
	}

open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
print OUT "/* opensslconf.h */\n";
print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";

print OUT "#ifdef  __cplusplus\n";
print OUT "extern \"C\" {\n";
print OUT "#endif\n";
print OUT "/* OpenSSL was configured with the following options: */\n";
my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n#  define OPENSSL_NO_$1\n# endif\n#endif/mg;
$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n#  define $1\n# endif/mg;
$openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_algorithm_defines = "   /* no ciphers excluded */\n" if $openssl_algorithm_defines eq "";
$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
print OUT $openssl_sys_defines;
print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
print OUT $openssl_experimental_defines;
print OUT "\n";
print OUT $openssl_algorithm_defines;
print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";
print OUT $openssl_thread_defines;
print OUT $openssl_other_defines,"\n";

print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n";
print OUT "   asks for it.  This is a transient feature that is provided for those\n";
print OUT "   who haven't had the time to do the appropriate changes in their\n";
print OUT "   applications.  */\n";
print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
print OUT $openssl_algorithm_defines_trans;
print OUT "#endif\n\n";

print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o");

while (<IN>)
	{
	if	(/^#define\s+OPENSSLDIR/)
		{
		my $foo = $openssldir;
		$foo =~ s/\\/\\\\/g;
		print OUT "#define OPENSSLDIR \"$foo\"\n";
		}
	elsif	(/^#define\s+ENGINESDIR/)
		{
		my $foo = "$prefix/$libdir/engines";
		$foo =~ s/\\/\\\\/g;
		print OUT "#define ENGINESDIR \"$foo\"\n";
		}
	elsif	(/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
		{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
			if $export_var_as_fn;
		  printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n",
			($export_var_as_fn)?"define":"undef"; }
	elsif	(/^#define\s+OPENSSL_UNISTD/)
		{
		$unistd = "<unistd.h>" if $unistd eq "";
		print OUT "#define OPENSSL_UNISTD $unistd\n";
		}
	elsif	(/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
		{ printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
	elsif	(/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
		{ printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
	elsif	(/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
		{ printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
	elsif	(/^#((define)|(undef))\s+SIXTEEN_BIT/)
		{ printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
	elsif	(/^#((define)|(undef))\s+EIGHT_BIT/)
		{ printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
	elsif	(/^#((define)|(undef))\s+BN_LLONG\s*$/)
		{ printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
	elsif	(/^\#define\s+DES_LONG\s+.*/)
		{ printf OUT "#define DES_LONG unsigned %s\n",
			($des_int)?'int':'long'; }
	elsif	(/^\#(define|undef)\s+DES_PTR/)
		{ printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
	elsif	(/^\#(define|undef)\s+DES_RISC1/)
		{ printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
	elsif	(/^\#(define|undef)\s+DES_RISC2/)
		{ printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
	elsif	(/^\#(define|undef)\s+DES_UNROLL/)
		{ printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
	elsif	(/^#define\s+RC4_INT\s/)
		{ printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
	elsif	(/^#undef\s+RC4_CHUNK/)
		{
		printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0;
		printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1;
		printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2;
		}
	elsif	(/^#((define)|(undef))\s+RC4_INDEX/)
		{ printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
	elsif (/^#(define|undef)\s+I386_ONLY/)
		{ printf OUT "#%s I386_ONLY\n", ($processor eq "386")?
			"define":"undef"; }
	elsif	(/^#define\s+MD2_INT\s/)
		{ printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
	elsif	(/^#define\s+IDEA_INT\s/)
		{printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
	elsif	(/^#define\s+RC2_INT\s/)
		{printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
	elsif (/^#(define|undef)\s+BF_PTR/)
		{
		printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
		printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
		printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
	        }
	else
		{ print OUT $_; }
	}
close(IN);
print OUT "#ifdef  __cplusplus\n";
print OUT "}\n";
print OUT "#endif\n";
close(OUT);
rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";


# Fix the date

print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
print "SIXTY_FOUR_BIT mode\n" if $b64;
print "THIRTY_TWO_BIT mode\n" if $b32;
print "SIXTEEN_BIT mode\n" if $b16;
print "EIGHT_BIT mode\n" if $b8;
print "DES_PTR used\n" if $des_ptr;
print "DES_RISC1 used\n" if $des_risc1;
print "DES_RISC2 used\n" if $des_risc2;
print "DES_UNROLL used\n" if $des_unroll;
print "DES_INT used\n" if $des_int;
print "BN_LLONG mode\n" if $bn_ll;
print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
print "RC4_INDEX mode\n" if $rc4_idx;
print "RC4_CHUNK is undefined\n" if $rc4_chunk==0;
print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1;
print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2;
print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
print "BF_PTR used\n" if $bf_ptr == 1;
print "BF_PTR2 used\n" if $bf_ptr == 2;

if($IsMK1MF) {
	open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
	printf OUT <<EOF;
#ifndef MK1MF_BUILD
  /* auto-generated by Configure for crypto/cversion.c:
   * for Unix builds, crypto/Makefile.ssl generates functional definitions;
   * Windows builds (and other mk1mf builds) compile cversion.c with
   * -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */
  #error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles"
#endif
EOF
	close(OUT);
} else {
	my $make_command = "$make PERL=\'$perl\'";
	my $make_targets = "";
	$make_targets .= " links" if $symlink;
	$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
	$make_targets .= " gentests" if $symlink;
	(system $make_command.$make_targets) == 0 or die "make $make_targets failed"
		if $make_targets ne "";
	if ( $perl =~ m@^/@) {
	    &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
	    &dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
	} else {
	    # No path for Perl known ...
	    &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";',  '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
	    &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
	}
	if ($depflags ne $default_depflags && !$make_depend) {
		print <<EOF;

Since you've disabled or enabled at least one algorithm, you need to do
the following before building:

	make depend
EOF
	}
}

# create the ms/version32.rc file if needed
if ($IsMK1MF && ($target !~ /^netware/)) {
	my ($v1, $v2, $v3, $v4);
	if ($version_num =~ /(^[0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i) {
		$v1=hex $1;
		$v2=hex $2;
		$v3=hex $3;
		$v4=hex $4;
	}
	open (OUT,">ms/version32.rc") || die "Can't open ms/version32.rc";
	print OUT <<EOF;
#include <winver.h>

LANGUAGE 0x09,0x01

1 VERSIONINFO
  FILEVERSION $v1,$v2,$v3,$v4
  PRODUCTVERSION $v1,$v2,$v3,$v4
  FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
  FILEFLAGS 0x01L
#else
  FILEFLAGS 0x00L
#endif
  FILEOS VOS__WINDOWS32
  FILETYPE VFT_DLL
  FILESUBTYPE 0x0L
BEGIN
    BLOCK "StringFileInfo"
    BEGIN
	BLOCK "040904b0"
	BEGIN
	    // Required:
	    VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
	    VALUE "FileDescription", "OpenSSL Shared Library\\0"
	    VALUE "FileVersion", "$version\\0"
#if defined(CRYPTO)
	    VALUE "InternalName", "libeay32\\0"
	    VALUE "OriginalFilename", "libeay32.dll\\0"
#elif defined(SSL)
	    VALUE "InternalName", "ssleay32\\0"
	    VALUE "OriginalFilename", "ssleay32.dll\\0"
#endif
	    VALUE "ProductName", "The OpenSSL Toolkit\\0"
	    VALUE "ProductVersion", "$version\\0"
	    // Optional:
	    //VALUE "Comments", "\\0"
	    VALUE "LegalCopyright", "Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
	    //VALUE "LegalTrademarks", "\\0"
	    //VALUE "PrivateBuild", "\\0"
	    //VALUE "SpecialBuild", "\\0"
	END
    END
    BLOCK "VarFileInfo"
    BEGIN
        VALUE "Translation", 0x409, 0x4b0
    END
END
EOF
	close(OUT);
  }

print <<EOF;

Configured for $target.
EOF

print <<\EOF if (!$no_threads && !$threads);

The library could not be configured for supporting multi-threaded
applications as the compiler options required on this system are not known.
See file INSTALL for details if you need multi-threading.
EOF

print <<\EOF if ($no_shared_warn);

You gave the option 'shared'.  Normally, that would give you shared libraries.
Unfortunately, the OpenSSL configuration doesn't include shared library support
for this platform yet, so it will pretend you gave the option 'no-shared'.  If
you can inform the developpers (openssl-dev\@openssl.org) how to support shared
libraries on this platform, they will at least look at it and try their best
(but please first make sure you have tried with a current version of OpenSSL).
EOF

exit(0);

sub usage
	{
	print STDERR $usage;
	print STDERR "\npick os/compiler from:\n";
	my $j=0;
	my $i;
        my $k=0;
	foreach $i (sort keys %table)
		{
		next if $i =~ /^debug/;
		$k += length($i) + 1;
		if ($k > 78)
			{
			print STDERR "\n";
			$k=length($i);
			}
		print STDERR $i . " ";
		}
	foreach $i (sort keys %table)
		{
		next if $i !~ /^debug/;
		$k += length($i) + 1;
		if ($k > 78)
			{
			print STDERR "\n";
			$k=length($i);
			}
		print STDERR $i . " ";
		}
	print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n";
	exit(1);
	}

sub which
	{
	my($name)=@_;
	my $path;
	foreach $path (split /:/, $ENV{PATH})
		{
		if (-f "$path/$name$exe_ext" and -x _)
			{
			return "$path/$name$exe_ext" unless ($name eq "perl" and
			 system("$path/$name$exe_ext -e " . '\'exit($]<5.0);\''));
			}
		}
	}

sub dofile
	{
	my $f; my $p; my %m; my @a; my $k; my $ff;
	($f,$p,%m)=@_;

	open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n";
	@a=<IN>;
	close(IN);
	foreach $k (keys %m)
		{
		grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a);
		}
	open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
	print OUT @a;
	close(OUT);
	rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
	rename("$f.new",$f) || die "unable to rename $f.new\n";
	}

sub print_table_entry
	{
	my $target = shift;

	my ($cc, $cflags, $unistd, $thread_cflag, $sys_id, $lflags,
	    $bn_ops, $cpuid_obj, $bn_obj, $ec_obj, $des_obj, $aes_obj, $bf_obj,
	    $md5_obj, $sha1_obj, $cast_obj, $rc4_obj, $rmd160_obj,
	    $rc5_obj, $wp_obj, $cmll_obj, $modes_obj, $engines_obj,
	    $perlasm_scheme, $dso_scheme, $shared_target, $shared_cflag,
	    $shared_ldflag, $shared_extension, $ranlib, $arflags, $multilib)=
	split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);

	print <<EOF

*** $target
\$cc           = $cc
\$cflags       = $cflags
\$unistd       = $unistd
\$thread_cflag = $thread_cflag
\$sys_id       = $sys_id
\$lflags       = $lflags
\$bn_ops       = $bn_ops
\$cpuid_obj    = $cpuid_obj
\$bn_obj       = $bn_obj
\$ec_obj       = $ec_obj
\$des_obj      = $des_obj
\$aes_obj      = $aes_obj
\$bf_obj       = $bf_obj
\$md5_obj      = $md5_obj
\$sha1_obj     = $sha1_obj
\$cast_obj     = $cast_obj
\$rc4_obj      = $rc4_obj
\$rmd160_obj   = $rmd160_obj
\$rc5_obj      = $rc5_obj
\$wp_obj       = $wp_obj
\$cmll_obj     = $cmll_obj
\$modes_obj    = $modes_obj
\$engines_obj  = $engines_obj
\$perlasm_scheme = $perlasm_scheme
\$dso_scheme   = $dso_scheme
\$shared_target= $shared_target
\$shared_cflag = $shared_cflag
\$shared_ldflag = $shared_ldflag
\$shared_extension = $shared_extension
\$ranlib       = $ranlib
\$arflags      = $arflags
\$multilib     = $multilib
EOF
	}

sub test_sanity
	{
	my $errorcnt = 0;

	print STDERR "=" x 70, "\n";
	print STDERR "=== SANITY TESTING!\n";
	print STDERR "=== No configuration will be done, all other arguments will be ignored!\n";
	print STDERR "=" x 70, "\n";

	foreach $target (sort keys %table)
		{
		@fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);

		if ($fields[$idx_dso_scheme-1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
			{
			$errorcnt++;
			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
			print STDERR "              in the previous field\n";
			}
		elsif ($fields[$idx_dso_scheme+1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
			{
			$errorcnt++;
			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
			print STDERR "              in the following field\n";
			}
		elsif ($fields[$idx_dso_scheme] !~ /^(beos|dl|dlfcn|win32|vms|)$/)
			{
			$errorcnt++;
			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
			print STDERR "              valid values are 'beos', 'dl', 'dlfcn', 'win32' and 'vms'\n";
			}
		}
	print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
	return $errorcnt;
	}