Replace config.pl by config.py

3rdparty/everest/CMakeLists.txt

@@ -10,7 +10,7 @@ set(everest_src
 
 list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib)
 
-execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result)
+execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result)
 
 if(${result} EQUAL 0)
 

CMakeLists.txt

@@ -46,19 +46,19 @@ set(CTR_DRBG_128_BIT_KEY_WARNING "${WARNING_BORDER}"
                          "${CTR_DRBG_128_BIT_KEY_WARN_L3}"
                          "${WARNING_BORDER}")
 
-find_package(PythonInterp)
-find_package(Perl)
-if(PERL_FOUND)
+# Python 3 is only needed here to check for configuration warnings.
+find_package(PythonInterp 3)
+if(PYTHONINTERP_FOUND)
 
     # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
-    execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
+    execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
                         RESULT_VARIABLE result)
     if(${result} EQUAL 0)
         message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
     endif()
 
     # If NULL Entropy is configured, display an appropriate warning
-    execute_process(COMMAND ${PERL_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.pl -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY
+    execute_process(COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY
                         RESULT_VARIABLE result)
     if(${result} EQUAL 0)
         message(WARNING ${NULL_ENTROPY_WARNING})

Makefile

@@ -70,11 +70,11 @@ post_build:
 ifndef WINDOWS
 
 	# If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
-	-scripts/config.pl get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \
+	-scripts/config.py get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \
 	    echo '$(CTR_DRBG_128_BIT_KEY_WARNING)'
 
 	# If NULL Entropy is configured, display an appropriate warning
-	-scripts/config.pl get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \
+	-scripts/config.py get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \
 	    echo '$(NULL_ENTROPY_WARNING)'
 endif
 

include/mbedtls/check_config.h

@@ -45,7 +45,7 @@
 #endif
 
 /* Fix the config here. Not convenient to put an #ifdef _WIN32 in config.h as
- * it would confuse config.pl. */
+ * it would confuse config.py. */
 #if !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && \
     !defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
 #define MBEDTLS_PLATFORM_SNPRINTF_ALT

scripts/apidoc_full.sh

@@ -19,7 +19,7 @@ fi
 CONFIG_BAK=${CONFIG_H}.bak
 cp -p $CONFIG_H $CONFIG_BAK
 
-scripts/config.pl realfull
+scripts/config.py realfull
 make apidoc
 
 mv $CONFIG_BAK $CONFIG_H

scripts/config.pl

@@ -1,296 +1,27 @@
 #!/usr/bin/env perl
-#
-# This file is part of mbed TLS (https://tls.mbed.org)
-#
-# Copyright (c) 2014-2016, ARM Limited, All Rights Reserved
-#
-# Purpose
-#
-# Comments and uncomments #define lines in the given header file and optionally
-# sets their value or can get the value. This is to provide scripting control of
-# what preprocessor symbols, and therefore what build time configuration flags
-# are set in the 'config.h' file.
-#
-# Usage: config.pl [-f <file> | --file <file>] [-o | --force]
-#                   [set <symbol> <value> | unset <symbol> | get <symbol> |
-#                       full | realfull]
-#
-# Full usage description provided below.
-#
-# The following options are disabled instead of enabled with "full".
-#
-#   MBEDTLS_TEST_NULL_ENTROPY
-#   MBEDTLS_DEPRECATED_REMOVED
-#   MBEDTLS_HAVE_SSE2
-#   MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
-#   MBEDTLS_ECP_DP_M221_ENABLED
-#   MBEDTLS_ECP_DP_M383_ENABLED
-#   MBEDTLS_ECP_DP_M511_ENABLED
-#   MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
-#   MBEDTLS_NO_PLATFORM_ENTROPY
-#   MBEDTLS_RSA_NO_CRT
-#   MBEDTLS_PSA_CRYPTO_SPM
-#   MBEDTLS_PSA_INJECT_ENTROPY
-#   MBEDTLS_ECP_RESTARTABLE
-#   and any symbol beginning _ALT
-#
-
-use warnings;
-use strict;
-
-my $config_file = "include/mbedtls/config.h";
-my $usage = <<EOU;
-$0 [-f <file> | --file <file>] [-o | --force]
-                   [set <symbol> <value> | unset <symbol> | get <symbol> |
-                        full | realfull | baremetal]
-
-Commands
-    set <symbol> [<value>]  - Uncomments or adds a #define for the <symbol> to
-                              the configuration file, and optionally making it
-                              of <value>.
-                              If the symbol isn't present in the file an error
-                              is returned.
-    unset <symbol>          - Comments out the #define for the given symbol if
-                              present in the configuration file.
-    get <symbol>            - Finds the #define for the given symbol, returning
-                              an exitcode of 0 if the symbol is found, and 1 if
-                              not. The value of the symbol is output if one is
-                              specified in the configuration file.
-    full                    - Uncomments all #define's in the configuration file
-                              excluding some reserved symbols, until the
-                              'Module configuration options' section
-    realfull                - Uncomments all #define's with no exclusions
-    baremetal               - Sets full configuration suitable for baremetal build.
-
-Options
-    -f | --file <filename>  - The file or file path for the configuration file
-                              to edit. When omitted, the following default is
-                              used:
-                                $config_file
-    -o | --force            - If the symbol isn't present in the configuration
-                              file when setting its value, a #define is
-                              appended to the end of the file.
-
-EOU
-
-my @excluded = qw(
-MBEDTLS_TEST_NULL_ENTROPY
-MBEDTLS_DEPRECATED_REMOVED
-MBEDTLS_HAVE_SSE2
-MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
-MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
-MBEDTLS_ECP_DP_M221_ENABLED
-MBEDTLS_ECP_DP_M383_ENABLED
-MBEDTLS_ECP_DP_M511_ENABLED
-MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
-MBEDTLS_NO_PLATFORM_ENTROPY
-MBEDTLS_RSA_NO_CRT
-MBEDTLS_NO_UDBL_DIVISION
-MBEDTLS_NO_64BIT_MULTIPLICATION
-MBEDTLS_PSA_CRYPTO_SE_C
-MBEDTLS_PSA_CRYPTO_SPM
-MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
-MBEDTLS_PSA_INJECT_ENTROPY
-MBEDTLS_ECP_RESTARTABLE
-MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
-_ALT\s*$
-);
-
-# Things that should be disabled in "baremetal"
-my @excluded_baremetal = qw(
-MBEDTLS_TIMING_C
-MBEDTLS_FS_IO
-MBEDTLS_ENTROPY_NV_SEED
-MBEDTLS_HAVE_TIME
-MBEDTLS_HAVE_TIME_DATE
-MBEDTLS_DEPRECATED_WARNING
-MBEDTLS_HAVEGE_C
-MBEDTLS_THREADING_C
-MBEDTLS_THREADING_PTHREAD
-MBEDTLS_MEMORY_BACKTRACE
-MBEDTLS_MEMORY_BUFFER_ALLOC_C
-MBEDTLS_PLATFORM_TIME_ALT
-MBEDTLS_PLATFORM_FPRINTF_ALT
-MBEDTLS_PSA_ITS_FILE_C
-MBEDTLS_PSA_CRYPTO_SE_C
-MBEDTLS_PSA_CRYPTO_STORAGE_C
-);
-
-# Things that should be enabled in "full" even if they match @excluded
-my @non_excluded = qw(
-PLATFORM_[A-Z0-9]+_ALT
-);
-
-# Things that should be enabled in "baremetal"
-my @non_excluded_baremetal = qw(
-MBEDTLS_NO_PLATFORM_ENTROPY
-);
-
-# Process the command line arguments
-
-my $force_option = 0;
-
-my ($arg, $name, $value, $action);
-
-while ($arg = shift) {
-
-    # Check if the argument is an option
-    if ($arg eq "-f" || $arg eq "--file") {
-        $config_file = shift;
-
-        -f $config_file or die "No such file: $config_file\n";
-
-    }
-    elsif ($arg eq "-o" || $arg eq "--force") {
-        $force_option = 1;
-
-    }
-    else
-    {
-        # ...else assume it's a command
-        $action = $arg;
-
-        if ($action eq "full" || $action eq "realfull" || $action eq "baremetal" ) {
-            # No additional parameters
-            die $usage if @ARGV;
-
-        }
-        elsif ($action eq "unset" || $action eq "get") {
-            die $usage unless @ARGV;
-            $name = shift;
-
-        }
-        elsif ($action eq "set") {
-            die $usage unless @ARGV;
-            $name = shift;
-            $value = shift if @ARGV;
-
-        }
-        else {
-            die "Command '$action' not recognised.\n\n".$usage;
-        }
-    }
-}
-
-# If no command was specified, exit...
-if ( not defined($action) ){ die $usage; }
-
-# Check the config file is present
-if (! -f $config_file)  {
-
-    chdir '..' or die;
-
-    # Confirm this is the project root directory and try again
-    if ( !(-d 'scripts' && -d 'include' && -d 'library' && -f $config_file) ) {
-        die "If no file specified, must be run from the project root or scripts directory.\n";
-    }
-}
-
-
-# Now read the file and process the contents
-
-open my $config_read, '<', $config_file or die "read $config_file: $!\n";
-my @config_lines = <$config_read>;
-close $config_read;
-
-# Add required baremetal symbols to the list that is included.
-if ( $action eq "baremetal" ) {
-    @non_excluded = ( @non_excluded, @non_excluded_baremetal );
-}
-
-my ($exclude_re, $no_exclude_re, $exclude_baremetal_re);
-if ($action eq "realfull") {
-    $exclude_re = qr/^$/;
-    $no_exclude_re = qr/./;
-} else {
-    $exclude_re = join '|', @excluded;
-    $no_exclude_re = join '|', @non_excluded;
-}
-if ( $action eq "baremetal" ) {
-    $exclude_baremetal_re = join '|', @excluded_baremetal;
-}
-
-my $config_write = undef;
-if ($action ne "get") {
-    open $config_write, '>', $config_file or die "write $config_file: $!\n";
-}
-
-my $done;
-for my $line (@config_lines) {
-    if ($action eq "full" || $action eq "realfull" || $action eq "baremetal" ) {
-        if ($line =~ /name SECTION: Module configuration options/) {
-            $done = 1;
-        }
-
-        if (!$done && $line =~ m!^//\s?#define! &&
-                ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) &&
-                ( $action ne "baremetal" || ( $line !~ /$exclude_baremetal_re/ ) ) ) {
-            $line =~ s!^//\s?!!;
-        }
-        if (!$done && $line =~ m!^\s?#define! &&
-                ! ( ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) &&
-                    ( $action ne "baremetal" || ( $line !~ /$exclude_baremetal_re/ ) ) ) ) {
-            $line =~ s!^!//!;
-        }
-    } elsif ($action eq "unset") {
-        if (!$done && $line =~ /^\s*#define\s*$name\b/) {
-            $line = '//' . $line;
-            $done = 1;
-        }
-    } elsif (!$done && $action eq "set") {
-        if ($line =~ m!^(?://)?\s*#define\s*$name\b!) {
-            $line = "#define $name";
-            $line .= " $value" if defined $value && $value ne "";
-            $line .= "\n";
-            $done = 1;
-        }
-    } elsif (!$done && $action eq "get") {
-        if ($line =~ /^\s*#define\s*$name(?:\s+(.*?))\s*(?:$|\/\*|\/\/)/) {
-            $value = $1;
-            $done = 1;
-        }
-    }
-
-    if (defined $config_write) {
-        print $config_write $line or die "write $config_file: $!\n";
-    }
-}
-
-# Did the set command work?
-if ($action eq "set" && $force_option && !$done) {
-
-    # If the force option was set, append the symbol to the end of the file
-    my $line = "#define $name";
-    $line .= " $value" if defined $value && $value ne "";
-    $line .= "\n";
-    $done = 1;
-
-    print $config_write $line or die "write $config_file: $!\n";
-}
-
-if (defined $config_write) {
-    close $config_write or die "close $config_file: $!\n";
-}
-
-if ($action eq "get") {
-    if ($done) {
-        if ($value ne '') {
-            print "$value\n";
-        }
-        exit 0;
-    } else {
-        # If the symbol was not found, return an error
-        exit 1;
-    }
-}
-
-if ($action eq "full" && !$done) {
-    die "Configuration section was not found in $config_file\n";
-
-}
-
-if ($action ne "full" && $action ne "unset" && !$done) {
-    die "A #define for the symbol $name was not found in $config_file\n";
-}
-
-__END__
+# Backward compatibility redirection
+
+## Copyright (C) 2019, ARM Limited, All Rights Reserved
+## SPDX-License-Identifier: Apache-2.0
+##
+## Licensed under the Apache License, Version 2.0 (the "License"); you may
+## not use this file except in compliance with the License.
+## You may obtain a copy of the License at
+##
+## http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+##
+## This file is part of Mbed TLS (https://tls.mbed.org)
+
+my $py = $0;
+$py =~ s/\.pl$/.py/;
+exec 'python3', $py, @ARGV;
+print STDERR "$0: python3: $!\n";
+exec 'python', $py, @ARGV;
+print STDERR "$0: python: $!\n";
+exit 127;