2010/9/22 Dr. Stephen Henson <st...@openssl.org> > On Tue, Sep 21, 2010, Gregory Bellier wrote: > > > Hi all ! > > > > I'm currently playing with openssl-0.9.8o to add a cipher in it (just for > > fun). > > > > I noticed in crypto/objects that 2 files (obj_dat.h and obj_mac.h) are > > automatically generated from scripts which read obj_mac.num and > objects.txt. > > Therefore I did not update manually obj_dat.h and obj_mac.h. > > > > However, when I run "make" I get errors. Those errors are from obj_dat.h > and > > obj_mac.h because they were not updated whereas it was supposed to be > done > > automatically. The scripts didn't run. > > > > For ciphers already included, these errors are not triggered because the > > released tarball contains obj_dat.h and obj_mac.h already up-to-date. > > > > The question is, is this a normal behaviour ? In my opinion, it isn't. > > > > Those files aren't updated because they already exist. To build correctly > > OpenSSL, I have to rm -f obj_dat.h obj_mac.h. Then when I run "make", the > > scripts are executed and those two files are correctly created. > > > > So, if I add a new symetric cipher, to be able to run a correct make test > > what would be the right thing to do : > > - add the cipher, update those 2 files manually and run config/make/make > > test. Therefore, whar's the point of "automatically generated" ? > > - add the cipher, run the scripts manually and config/make/make test > > - add the cipher, delete those files and config/make/make test. > > > > If it's not either one of those 3 possibilities, then I think there is a > > problem. I'd like to have your opinion on this matter. > > > > I hope I made myself clear. > > > > You should only have to modify objects.txt, the others are all updated from > it. > That's the point, the others are not updated if all the files have the same date. That's what I figured out and said in my last email (not the one you replied from)
> That said it isn't a good idea to modify objects.txt locally because the > generated NIDs will clash with future OpenSSL additions in official > releases > resulting in binary incompatibility. Agreed. > A better way is to create a NID dynamically using OBJ_create() and use that > instead. > Could you be more specific and give some more details ? Regards, Gregory.