зеркало из https://github.com/microsoft/SCXcore.git
Add support for building with SSL v1.1.0
This commit is contained in:
Saroj Patra
Jeff Coffler
Родитель
38d4949059
Коммит
635bf5e189
|
|
@ -270,7 +270,11 @@ regex-test: $(INTERMEDIATE_DIR)/regex_test$(PF_EXE_FILE_SUFFIX)
|
|||
omi-preexec: $(INTERMEDIATE_DIR)/omi_preexec$(PF_EXE_FILE_SUFFIX)
|
||||
|
||||
ifeq ($(COMBINED_PACKAGES),1)
|
||||
ssl-tool: $(INTERMEDIATE_DIR)/$(OPENSSL098DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX) $(INTERMEDIATE_DIR)/$(OPENSSL100DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX)
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
ssl-tool: $(INTERMEDIATE_DIR)/$(OPENSSL098DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX) $(INTERMEDIATE_DIR)/$(OPENSSL100DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX) $(INTERMEDIATE_DIR)/$(OPENSSL110DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX)
|
||||
else
|
||||
ssl-tool: $(INTERMEDIATE_DIR)/$(OPENSSL098DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX) $(INTERMEDIATE_DIR)/$(OPENSSL100DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX)
|
||||
endif
|
||||
else
|
||||
ssl-tool: $(INTERMEDIATE_DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX)
|
||||
endif
|
||||
|
|
@ -305,6 +309,9 @@ devel-deps: $(COREPROVIDERMODULE_STATICLIB_DEPFILES) $(SCXPAL_TARGET_DIR)/libscx
|
|||
ifeq ($(COMBINED_PACKAGES),1)
|
||||
$(MKPATH) $(INTERMEDIATE_DIR)/scxcore-devel/lib/$(OPENSSL098DIR)
|
||||
$(MKPATH) $(INTERMEDIATE_DIR)/scxcore-devel/lib/$(OPENSSL100DIR)
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
$(MKPATH) $(INTERMEDIATE_DIR)/scxcore-devel/lib/$(OPENSSL110DIR)
|
||||
endif
|
||||
else
|
||||
$(MKPATH) $(INTERMEDIATE_DIR)/scxcore-devel/lib
|
||||
endif
|
||||
|
|
|
|||
|
|
@ -9,6 +9,10 @@ OUTPUT_PACKAGE_PREFIX=
|
|||
OUTPUT_PACKAGE_SPECIFICATION=
|
||||
IS_OPENSSL_100=$(shell openssl version | grep 1.0 | wc -l)
|
||||
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
IS_OPENSSL_110=$(shell openssl version | grep 1.1 | wc -l)
|
||||
endif
|
||||
|
||||
ifneq ($(COMBINED_PACKAGES),1)
|
||||
DATAFILES = Base_SCXCore.data $(PF_DEPENDENT_DATAFILES)
|
||||
ifeq ($(PF_ARCH),ppc)
|
||||
|
|
@ -131,6 +135,29 @@ else
|
|||
--DATAFILE_PATH=$(SCX_BRD)/installer/datafiles \
|
||||
$(OUTPUT_PACKAGE_SPECIFICATION) \
|
||||
$(DATAFILES) $(DATAFILES_R)
|
||||
sudo rm -rf $(STAGING_DIR)
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
rm -rf $(INTERMEDIATE_DIR)/110
|
||||
mkdir -p $(INTERMEDIATE_DIR)/110
|
||||
python $(SCXPAL_DIR)/installer/InstallBuilder/installbuilder.py \
|
||||
--BASE_DIR=$(SCX_BRD) \
|
||||
--TARGET_DIR=$(INTERMEDIATE_DIR)/110 \
|
||||
--INTERMEDIATE_DIR=$(SCX_BRD)/installer/intermediate \
|
||||
--STAGING_DIR=$(STAGING_DIR) \
|
||||
--OMI_DIR=$(SCXOMI_DIR) \
|
||||
--BUILD_TYPE=$(BUILD_TYPE) \
|
||||
--BUILD_CONFIGURATION=$(BUILD_CONFIGURATION) \
|
||||
--PFARCH=$(PF_ARCH) \
|
||||
--PFMAJOR=$(PF_MAJOR) \
|
||||
--PFMINOR=$(PF_MINOR) \
|
||||
--VERSION=$(SCX_BUILDVERSION_MAJOR).$(SCX_BUILDVERSION_MINOR).$(SCX_BUILDVERSION_PATCH) \
|
||||
--RELEASE=$(SCX_BUILDVERSION_BUILDNR) \
|
||||
--ULINUX_POSTFIX=/openssl_1.1.0 $(DISABLE_PORT) \
|
||||
--DATAFILE_PATH=$(SCX_BRD)/installer/datafiles \
|
||||
$(OUTPUT_PACKAGE_SPECIFICATION) \
|
||||
$(DATAFILES) $(DATAFILES_R)
|
||||
endif
|
||||
|
||||
|
||||
# Next comes DEB packages
|
||||
sudo rm -rf $(STAGING_DIR)
|
||||
|
|
@ -171,6 +198,28 @@ else
|
|||
--DATAFILE_PATH=$(SCX_BRD)/installer/datafiles \
|
||||
$(OUTPUT_PACKAGE_SPECIFICATION) \
|
||||
$(DATAFILES) $(DATAFILES_D)
|
||||
sudo rm -rf $(STAGING_DIR)
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
python $(SCXPAL_DIR)/installer/InstallBuilder/installbuilder.py \
|
||||
--BASE_DIR=$(SCX_BRD) \
|
||||
--TARGET_DIR=$(INTERMEDIATE_DIR)/110 \
|
||||
--INTERMEDIATE_DIR=$(SCX_BRD)/installer/intermediate \
|
||||
--STAGING_DIR=$(STAGING_DIR) \
|
||||
--OMI_DIR=$(SCXOMI_DIR) \
|
||||
--BUILD_TYPE=$(BUILD_TYPE) \
|
||||
--BUILD_CONFIGURATION=$(BUILD_CONFIGURATION) \
|
||||
--PFARCH=$(PF_ARCH) \
|
||||
--PFMAJOR=$(PF_MAJOR) \
|
||||
--PFMINOR=$(PF_MINOR) \
|
||||
--VERSION=$(SCX_BUILDVERSION_MAJOR).$(SCX_BUILDVERSION_MINOR).$(SCX_BUILDVERSION_PATCH) \
|
||||
--RELEASE=$(SCX_BUILDVERSION_BUILDNR) \
|
||||
--ULINUX_POSTFIX=/openssl_1.1.0 $(DISABLE_PORT) \
|
||||
$(DPKG_LOCATION) \
|
||||
--DATAFILE_PATH=$(SCX_BRD)/installer/datafiles \
|
||||
$(OUTPUT_PACKAGE_SPECIFICATION) \
|
||||
$(DATAFILES) $(DATAFILES_D)
|
||||
endif
|
||||
|
||||
|
||||
endif
|
||||
|
||||
|
|
@ -208,10 +257,14 @@ ifneq ($(COMBINED_PACKAGES),1)
|
|||
ifeq ($(PF),Linux)
|
||||
ifneq ($(PF_ARCH),ppc)
|
||||
# Copy omi kit depending on openssl version
|
||||
ifeq ($(IS_OPENSSL_100),1)
|
||||
cp `find $(OMIKITS_DIR) -name omi-*ssl_100.ulinux.$(PF_ARCH).$(PACKAGE_SUFFIX)` $(INTERMEDIATE_DIR)/
|
||||
ifeq ($(IS_OPENSSL_110),1)
|
||||
cp `find $(OMIKITS_DIR) -name omi-*ssl_110.ulinux.$(PF_ARCH).$(PACKAGE_SUFFIX)` $(INTERMEDIATE_DIR)/
|
||||
else
|
||||
cp `find $(OMIKITS_DIR) -name omi-*ssl_098.ulinux.$(PF_ARCH).$(PACKAGE_SUFFIX)` $(INTERMEDIATE_DIR)/
|
||||
ifeq ($(IS_OPENSSL_100),1)
|
||||
cp `find $(OMIKITS_DIR) -name omi-*ssl_100.ulinux.$(PF_ARCH).$(PACKAGE_SUFFIX)` $(INTERMEDIATE_DIR)/
|
||||
else
|
||||
cp `find $(OMIKITS_DIR) -name omi-*ssl_098.ulinux.$(PF_ARCH).$(PACKAGE_SUFFIX)` $(INTERMEDIATE_DIR)/
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
|
|
@ -244,14 +297,26 @@ else # ifneq ($(COMBINED_PACKAGES),1)
|
|||
# Grab the OMI bits
|
||||
cd $(INTERMEDIATE_DIR); cp $(OMIKITS_DIR)/omi-*ssl_098*$(PF_ARCH).{rpm,deb} 098
|
||||
cd $(INTERMEDIATE_DIR); cp $(OMIKITS_DIR)/omi-*ssl_100*$(PF_ARCH).{rpm,deb} 100
|
||||
# Remove ssl_098 and ssl_100 from omi filename
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
cd $(INTERMEDIATE_DIR); cp $(OMIKITS_DIR)/omi-*ssl_110*$(PF_ARCH).{rpm,deb} 110
|
||||
endif
|
||||
|
||||
# Remove ssl_098, ssl_100 and ssl_110 from omi filename
|
||||
cd $(INTERMEDIATE_DIR)/098; mv omi-*.deb `ls omi-*.deb | sed "s/\.ssl_098\./\./g"`
|
||||
cd $(INTERMEDIATE_DIR)/098; mv omi-*.rpm `ls omi-*.rpm | sed "s/\.ssl_098\./\./g"`
|
||||
cd $(INTERMEDIATE_DIR)/100; mv omi-*.deb `ls omi-*.deb | sed "s/\.ssl_100\./\./g"`
|
||||
cd $(INTERMEDIATE_DIR)/100; mv omi-*.rpm `ls omi-*.rpm | sed "s/\.ssl_100\./\./g"`
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
cd $(INTERMEDIATE_DIR)/110; mv omi-*.deb `ls omi-*.deb | sed "s/\.ssl_110\./\./g"`
|
||||
cd $(INTERMEDIATE_DIR)/110; mv omi-*.rpm `ls omi-*.rpm | sed "s/\.ssl_110\./\./g"`
|
||||
endif
|
||||
cd $(INTERMEDIATE_DIR)/100; echo `ls omi-*.deb` > omi_package_filename
|
||||
endif
|
||||
cd $(INTERMEDIATE_DIR); tar cvf $(OUTPUT_PACKAGE_PREFIX).tar 098/*.{rpm,deb} 100/*.{rpm,deb} $(OSS_KITS)
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
cd $(INTERMEDIATE_DIR); tar cvf $(OUTPUT_PACKAGE_PREFIX).tar 098/*.{rpm,deb} 100/*.{rpm,deb} 110/*.{rpm,deb} $(OSS_KITS)
|
||||
else
|
||||
cd $(INTERMEDIATE_DIR); tar cvf $(OUTPUT_PACKAGE_PREFIX).tar 098/*.{rpm,deb} 100/*.{rpm,deb}
|
||||
endif
|
||||
../installer/bundle/create_bundle.sh $(DISTRO_TYPE) $(INTERMEDIATE_DIR) $(OUTPUT_PACKAGE_PREFIX).tar $(OUTPUT_PACKAGE_PREFIX) `cat $(INTERMEDIATE_DIR)/100/omi_package_filename` $(DISABLE_LISTENER)
|
||||
cp $(INTERMEDIATE_DIR)/$(OUTPUT_PACKAGE_PREFIX).sh $(TARGET_DIR)
|
||||
|
||||
|
|
|
|||
|
|
@ -28,7 +28,8 @@ include Makefile.gcc4
|
|||
|
||||
#================================================================================
|
||||
# OpenSSL
|
||||
# For ULINUX, we need to build against two versions of OpenSSL, 0.9.8 and 1.0.0.
|
||||
# For ULINUX, on x64 platfomrs we need to build against three versions of OpenSSL: 0.9.8, 1.0.0 and 1.1.0.
|
||||
# on x86 platforms we need to build against two versions of OpenSSL: 0.9.8, 1.0.0.
|
||||
#================================================================================
|
||||
ifeq ($(COMBINED_PACKAGES),1)
|
||||
|
||||
|
|
@ -37,6 +38,7 @@ ifeq ($(COMBINED_PACKAGES),1)
|
|||
OPENSSL_SYSTEM_VERSION_FULL=$(shell openssl version | awk '{print $$2}')
|
||||
OPENSSL_SYSTEM_VERSION_098=$(shell echo $(OPENSSL_SYSTEM_VERSION_FULL) | grep -Eq '^0.9.8'; echo $$?)
|
||||
OPENSSL_SYSTEM_VERSION_100=$(shell echo $(OPENSSL_SYSTEM_VERSION_FULL) | grep -Eq '^1.0.'; echo $$?)
|
||||
OPENSSL_SYSTEM_VERSION_110=$(shell echo $(OPENSSL_SYSTEM_VERSION_FULL) | grep -Eq '^1.1.'; echo $$?)
|
||||
|
||||
ifeq ($(OPENSSL_SYSTEM_VERSION_098), 0)
|
||||
export OPENSSL_SYSTEM_VERSION="0.9.8"
|
||||
|
|
@ -44,28 +46,37 @@ else
|
|||
ifeq ($(OPENSSL_SYSTEM_VERSION_100), 0)
|
||||
export OPENSSL_SYSTEM_VERSION="1.0.0"
|
||||
else
|
||||
ifeq ($(OPENSSL_SYSTEM_VERSION_110), 0)
|
||||
export OPENSSL_SYSTEM_VERSION="1.1.0"
|
||||
else
|
||||
$(error Unable to determine SSL system version installed!)
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
|
||||
displaySSLversion:
|
||||
@echo "OpenSSL system full version: $(OPENSSL_SYSTEM_VERSION_FULL)"
|
||||
@echo "OpenSSL system full version 098: $(OPENSSL_SYSTEM_VERSION_098)"
|
||||
@echo "OpenSSL system full version 100: $(OPENSSL_SYSTEM_VERSION_100)"
|
||||
@echo "OpenSSL system full version 110: $(OPENSSL_SYSTEM_VERSION_110)"
|
||||
@echo "OpenSSL system version: $(OPENSSL_SYSTEM_VERSION)"
|
||||
|
||||
# Now define other SSL variables for expansion/directory purposes
|
||||
|
||||
export OPENSSL098DIR=openssl_0.9.8
|
||||
export OPENSSL100DIR=openssl_1.0.0
|
||||
export OPENSSL110DIR=openssl_1.1.0
|
||||
|
||||
LINK_OPENSSL098=$(LINK) -L$(INTERMEDIATE_DIR)/$(OPENSSL098DIR) -L$(SCXPAL_TARGET_DIR)
|
||||
LINK_OPENSSL100=$(LINK) -L$(INTERMEDIATE_DIR)/$(OPENSSL100DIR) -L$(SCXPAL_TARGET_DIR)
|
||||
LINK_OPENSSL110=$(LINK) -L$(INTERMEDIATE_DIR)/$(OPENSSL110DIR) -L$(SCXPAL_TARGET_DIR)
|
||||
|
||||
LD_LIBRARY_PATH_OPENSSL098=$(OPENSSL098_LIBDIR)
|
||||
PKG_CONFIG_PATH_OPENSSL098=$(OPENSSL098_LIBDIR)/pkgconfig
|
||||
LD_LIBRARY_PATH_OPENSSL100=$(OPENSSL100_LIBDIR)
|
||||
PKG_CONFIG_PATH_OPENSSL100=$(OPENSSL100_LIBDIR)/pkgconfig
|
||||
LD_LIBRARY_PATH_OPENSSL110=$(OPENSSL110_LIBDIR)
|
||||
PKG_CONFIG_PATH_OPENSSL110=$(OPENSSL110_LIBDIR)/pkgconfig
|
||||
|
||||
endif
|
||||
|
||||
|
|
|
|||
|
|
@ -40,12 +40,18 @@ STATIC_SCXSSLCONFIG_OBJFILES_DIR=$(dir $(STATIC_SCXSSLCONFIG_OBJFILES))
|
|||
STATIC_SCXSSLCONFIG_OBJFILES_NOTDIR=$(notdir $(STATIC_SCXSSLCONFIG_OBJFILES))
|
||||
STATIC_SCXSSLCONFIG_OBJFILES_OPENSSL098 = $(STATIC_SCXSSLCONFIG_OBJFILES_DIR)$(OPENSSL098DIR)/$(STATIC_SCXSSLCONFIG_OBJFILES_NOTDIR)
|
||||
STATIC_SCXSSLCONFIG_OBJFILES_OPENSSL100 = $(STATIC_SCXSSLCONFIG_OBJFILES_DIR)$(OPENSSL100DIR)/$(STATIC_SCXSSLCONFIG_OBJFILES_NOTDIR)
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
STATIC_SCXSSLCONFIG_OBJFILES_OPENSSL110 = $(STATIC_SCXSSLCONFIG_OBJFILES_DIR)$(OPENSSL110DIR)/$(STATIC_SCXSSLCONFIG_OBJFILES_NOTDIR)
|
||||
endif
|
||||
|
||||
# Build paths to object output for each version of OpenSSL
|
||||
SCXSSLCONFIG_OBJFILES_DIR = $(dir $(call src_to_obj,$(SCXSSLCONFIG_SRCFILES)))
|
||||
SCXSSLCONFIG_OBJFILES_NOTDIR = $(notdir $(call src_to_obj,$(SCXSSLCONFIG_SRCFILES)))
|
||||
SCXSSLCONFIG_OBJFILES_OPENSSL098 = $(SCXSSLCONFIG_OBJFILES_DIR)$(OPENSSL098DIR)/$(SCXSSLCONFIG_OBJFILES_NOTDIR)
|
||||
SCXSSLCONFIG_OBJFILES_OPENSSL100 = $(SCXSSLCONFIG_OBJFILES_DIR)$(OPENSSL100DIR)/$(SCXSSLCONFIG_OBJFILES_NOTDIR)
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
SCXSSLCONFIG_OBJFILES_OPENSSL110 = $(SCXSSLCONFIG_OBJFILES_DIR)$(OPENSSL110DIR)/$(SCXSSLCONFIG_OBJFILES_NOTDIR)
|
||||
endif
|
||||
|
||||
endif
|
||||
|
||||
|
|
@ -80,21 +86,36 @@ SCXSSLCONFIG_STATICLIB_DEPS_OPENSSL = \
|
|||
# Foreach XYZ in the list above, build $(INTERMEDIATE_DIR)/libXYZ.a
|
||||
SCXSSLCONFIG_DEPFILES=$(SCXSSLCONFIG_OBJFILES:.$(PF_OBJ_FILE_SUFFIX)=.d) $(STATIC_SCXSSLCONFIG_OBJFILES:.$(PF_OBJ_FILE_SUFFIX)=.d)
|
||||
|
||||
# Need two targets, one for each flavor of OpenSSL
|
||||
# Need three targets, one for each flavor of OpenSSL
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
scxsslconfig_both_targets: \
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL098DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX) \
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL100DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX) \
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL110DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX)
|
||||
else
|
||||
scxsslconfig_both_targets: \
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL098DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX) \
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL100DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX)
|
||||
|
||||
endif
|
||||
|
||||
# These targets override those in the Makefile.rules file
|
||||
# They build code and everything downstream to order for each version of OpenSSL
|
||||
# Non-universal Linux builds handle these steps implicitly through suffix rules.
|
||||
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
$(INTERMEDIATE_DIR)/source/code/shared/tools/scx_ssl_config/$(OPENSSL110DIR)/%.$(PF_OBJ_FILE_SUFFIX) : $(SCXSSLCONFIG_DIR)/%.cpp
|
||||
$(MKPATH) $(@D)
|
||||
$(PROFILING) $(CXX) -c $(CXXFLAGS) -Wno-long-long $(OPENSSL110_CFLAGS) $(INCLUDES) -I$(<D) -o $@ $<
|
||||
endif
|
||||
|
||||
$(INTERMEDIATE_DIR)/source/code/shared/tools/scx_ssl_config/$(OPENSSL100DIR)/%.$(PF_OBJ_FILE_SUFFIX) : $(SCXSSLCONFIG_DIR)/%.cpp
|
||||
$(MKPATH) $(@D)
|
||||
$(PROFILING) $(CXX) -c $(CXXFLAGS) $(INCLUDES) -I$(<D) -o $@ $<
|
||||
$(PROFILING) $(CXX) -c $(CXXFLAGS) -Wno-long-long $(OPENSSL100_CFLAGS) $(INCLUDES) -I$(<D) -o $@ $<
|
||||
|
||||
$(INTERMEDIATE_DIR)/source/code/shared/tools/scx_ssl_config/$(OPENSSL098DIR)/%.$(PF_OBJ_FILE_SUFFIX) : $(SCXSSLCONFIG_DIR)/%.cpp
|
||||
$(MKPATH) $(@D)
|
||||
$(PROFILING) $(CXX) -c $(CXXFLAGS) $(INCLUDES) -I$(<D) -o $@ $<
|
||||
$(PROFILING) $(CXX) -c $(CXXFLAGS) -Wno-long-long $(OPENSSL098_CFLAGS) $(INCLUDES) -I$(<D) -o $@ $<
|
||||
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL098DIR)/libscxsslconfig.$(PF_STAT_LIB_FILE_SUFFIX) : $(STATIC_SCXSSLCONFIG_OBJFILES_OPENSSL098)
|
||||
-$(MKPATH) $(INTERMEDIATE_DIR)/$(OPENSSL098DIR)
|
||||
|
|
@ -112,6 +133,16 @@ $(INTERMEDIATE_DIR)/$(OPENSSL100DIR)/libscxsslconfig.$(PF_STAT_LIB_FILE_SUFFIX)
|
|||
export LD_LIBRARY_PATH=$(LD_LIBRARY_PATH_OPENSSL100); \
|
||||
$(LINK_STATLIB) $(LINK_STATLIB_OUTFLAG) $^
|
||||
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL110DIR)/libscxsslconfig.$(PF_STAT_LIB_FILE_SUFFIX) : $(STATIC_SCXSSLCONFIG_OBJFILES_OPENSSL110)
|
||||
-$(MKPATH) $(INTERMEDIATE_DIR)/$(OPENSSL110DIR)
|
||||
|
||||
# Use appropriate environment variable to set pkg-config paths.
|
||||
export PKG_CONFIG_PATH=$(PKG_CONFIG_PATH_OPENSSL110); \
|
||||
export LD_LIBRARY_PATH=$(LD_LIBRARY_PATH_OPENSSL110); \
|
||||
$(LINK_STATLIB) $(LINK_STATLIB_OUTFLAG) $^
|
||||
endif
|
||||
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL098DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX): $(SCXSSLCONFIG_OBJFILES_OPENSSL098) $(INTERMEDIATE_DIR)/$(OPENSSL098DIR)/libscxsslconfig.$(PF_STAT_LIB_FILE_SUFFIX) $(SCXSSLCONFIG_DEPFILES) $(SCXPAL_STATICLIB_DEPFILES)
|
||||
-$(MKPATH) $(INTERMEDIATE_DIR)/$(OPENSSL098DIR)
|
||||
-$(MKPATH) $(INTERMEDIATE_DIR)/tools
|
||||
|
|
@ -130,6 +161,17 @@ $(INTERMEDIATE_DIR)/$(OPENSSL100DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX): $(SCXSSL
|
|||
export LD_LIBRARY_PATH=$(LD_LIBRARY_PATH_OPENSSL100); \
|
||||
$(PROFILING) $(LINK_OPENSSL100) $(LINK_OUTFLAG) $(STATIC_SCXSSLCONFIG_OBJFILES_OPENSSL100) $(SCXSSLCONFIG_OBJFILES_OPENSSL100) $(SCXPAL_STATICLIB_DEPFILES) $(SSL_LIBS) $(LDFLAGS_EXECUTABLE)
|
||||
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
$(INTERMEDIATE_DIR)/$(OPENSSL110DIR)/scxsslconfig$(PF_EXE_FILE_SUFFIX): $(SCXSSLCONFIG_OBJFILES_OPENSSL110) $(INTERMEDIATE_DIR)/$(OPENSSL110DIR)/libscxsslconfig.$(PF_STAT_LIB_FILE_SUFFIX) $(SCXSSLCONFIG_DEPFILES) $(SCXPAL_STATICLIB_DEPFILES)
|
||||
-$(MKPATH) $(INTERMEDIATE_DIR)/$(OPENSSL110DIR)
|
||||
-$(MKPATH) $(INTERMEDIATE_DIR)/tools
|
||||
|
||||
# Use appropriate pkg-config environment variable to set library and header paths
|
||||
export PKG_CONFIG_PATH=$(PKG_CONFIG_PATH_OPENSSL110); \
|
||||
export LD_LIBRARY_PATH=$(LD_LIBRARY_PATH_OPENSSL110); \
|
||||
$(PROFILING) $(LINK_OPENSSL110) $(LINK_OUTFLAG) $(STATIC_SCXSSLCONFIG_OBJFILES_OPENSSL110) $(SCXSSLCONFIG_OBJFILES_OPENSSL110) $(SCXPAL_STATICLIB_DEPFILES) $(SSL_LIBS) $(LDFLAGS_EXECUTABLE)
|
||||
endif
|
||||
|
||||
# Test builds require this to produce test kits built with system version of openssl.
|
||||
|
||||
ifeq ($(OPENSSL_SYSTEM_VERSION),"0.9.8")
|
||||
|
|
@ -149,7 +191,17 @@ $(INTERMEDIATE_DIR)/libscxsslconfig.$(PF_STAT_LIB_FILE_SUFFIX) : $(STATIC_SCXSSL
|
|||
@echo Building with system openssl kit, version 1.0.0 ....
|
||||
$(LINK_STATLIB) $(LINK_STATLIB_OUTFLAG) $^
|
||||
|
||||
endif
|
||||
endif
|
||||
else
|
||||
ifeq ($(OPENSSL_SYSTEM_VERSION),"1.1.0")
|
||||
ifeq ($(PF_ARCH),x64)
|
||||
|
||||
# System kit is 1.0.0
|
||||
$(INTERMEDIATE_DIR)/libscxsslconfig.$(PF_STAT_LIB_FILE_SUFFIX) : $(STATIC_SCXSSLCONFIG_OBJFILES_OPENSSL110)
|
||||
-$(MKPATH) $(INTERMEDIATE_DIR)/$(OPENSSL110DIR)
|
||||
@echo Building with system openssl kit, version 1.1.0 ....
|
||||
$(LINK_STATLIB) $(LINK_STATLIB_OUTFLAG) $^
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ fi
|
|||
|
||||
perform_ulinux_build()
|
||||
{
|
||||
if [ ! -d "/usr/local_ssl_0.9.8" -o ! -d "/usr/local_ssl_1.0.0" ]; then
|
||||
if [ ! -d "/usr/local_ssl_0.9.8" -o ! -d "/usr/local_ssl_1.0.0" -o \( `uname -m` = "x86_64" -a ! -d "/usr/local_ssl_1.1.0" \) ]; then
|
||||
echo "Cannot build ULINUX without Universal SSL libraries"
|
||||
exit 1
|
||||
fi
|
||||
|
|
@ -150,6 +150,7 @@ if [ $combined_packages -ne 0 ]; then
|
|||
x86_64 )
|
||||
openssl098_libdir=/usr/local_ssl_0.9.8/lib
|
||||
openssl100_libdir=/usr/local_ssl_1.0.0/lib64
|
||||
openssl110_libdir=/usr/local_ssl_1.1.0/lib
|
||||
;;
|
||||
|
||||
* )
|
||||
|
|
@ -161,6 +162,10 @@ if [ $combined_packages -ne 0 ]; then
|
|||
openssl098_libs=`PKG_CONFIG_PATH=$openssl098_libdir/pkgconfig $pkgconfig --libs openssl`
|
||||
openssl100_cflags=`PKG_CONFIG_PATH=$openssl100_libdir/pkgconfig $pkgconfig --cflags openssl`
|
||||
openssl100_libs=`PKG_CONFIG_PATH=$openssl100_libdir/pkgconfig $pkgconfig --libs openssl`
|
||||
if [ `uname -m` = "x86_64" ]; then
|
||||
openssl110_cflags=`PKG_CONFIG_PATH=$openssl110_libdir/pkgconfig $pkgconfig --cflags openssl`
|
||||
openssl110_libs=`PKG_CONFIG_PATH=$openssl110_libdir/pkgconfig $pkgconfig --libs openssl`
|
||||
fi
|
||||
fi
|
||||
|
||||
##==============================================================================
|
||||
|
|
@ -212,6 +217,10 @@ OPENSSL098_LIBDIR=$openssl098_libdir
|
|||
OPENSSL100_CFLAGS=$openssl100_cflags
|
||||
OPENSSL100_LIBS=$openssl100_libs
|
||||
OPENSSL100_LIBDIR=$openssl100_libdir
|
||||
OPENSSL110_CFLAGS=$openssl110_cflags
|
||||
OPENSSL110_LIBS=$openssl110_libs
|
||||
OPENSSL110_LIBDIR=$openssl110_libdir
|
||||
|
||||
TRAVIS_CI=$travis_ci
|
||||
EOF
|
||||
|
||||
|
|
|
|||
|
|
@ -179,18 +179,25 @@ verifyNoInstallationOption()
|
|||
|
||||
ulinux_detect_openssl_version() {
|
||||
TMPBINDIR=
|
||||
# the system OpenSSL version is 0.9.8. Likewise with OPENSSL_SYSTEM_VERSION_100
|
||||
# the system OpenSSL version is 0.9.8. Likewise with OPENSSL_SYSTEM_VERSION_100 and OPENSSL_SYSTEM_VERSION_110
|
||||
OPENSSL_SYSTEM_VERSION_FULL=`openssl version | awk '{print $2}'`
|
||||
OPENSSL_SYSTEM_VERSION_098=`echo $OPENSSL_SYSTEM_VERSION_FULL | grep -Eq '^0.9.8'; echo $?`
|
||||
OPENSSL_SYSTEM_VERSION_100=`echo $OPENSSL_SYSTEM_VERSION_FULL | grep -Eq '^1.0.'; echo $?`
|
||||
[ `uname -m` = "x86_64" ] && OPENSSL_SYSTEM_VERSION_110=`echo $OPENSSL_SYSTEM_VERSION_FULL | grep -Eq '^1.1.'; echo $?`
|
||||
if [ $OPENSSL_SYSTEM_VERSION_098 = 0 ]; then
|
||||
TMPBINDIR=098
|
||||
elif [ $OPENSSL_SYSTEM_VERSION_100 = 0 ]; then
|
||||
TMPBINDIR=100
|
||||
elif [ $OPENSSL_SYSTEM_VERSION_110 = 0 ]; then
|
||||
TMPBINDIR=110
|
||||
else
|
||||
echo "Error: This system does not have a supported version of OpenSSL installed."
|
||||
echo "This system's OpenSSL version: $OPENSSL_SYSTEM_VERSION_FULL"
|
||||
echo "Supported versions: 0.9.8*, 1.0.*"
|
||||
if [ `uname -m` = "x86_64" ];then
|
||||
echo "Supported versions: 0.9.8*, 1.0.*, 1.1.*"
|
||||
else
|
||||
echo "Supported versions: 0.9.8*, 1.0.*"
|
||||
fi
|
||||
cleanup_and_exit 60
|
||||
fi
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,13 +16,24 @@ ULINUX
|
|||
|
||||
%Preinstall_50
|
||||
# VerifySSLVersion
|
||||
openssl version | awk '{print $2}' | grep -Eq '^0.9.8|^1.0.'
|
||||
if [ $? -ne 0 ]; then
|
||||
echo 'Unsupported OpenSSL version - must be either 0.9.8* or 1.0.*.'
|
||||
echo 'Installation cannot proceed.'
|
||||
exit 1
|
||||
if [ `uname -m` != "x86_64" ];then
|
||||
openssl version | awk '{print $2}' | grep -Eq '^0.9.8|^1.0.'
|
||||
if [ $? -ne 0 ]; then
|
||||
echo 'Unsupported OpenSSL version - must be either 0.9.8* or 1.0.*.'
|
||||
echo 'Installation cannot proceed.'
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
openssl version | awk '{print $2}' | grep -Eq '^0.9.8|^1.0.|^1.1'
|
||||
if [ $? -ne 0 ]; then
|
||||
echo 'Unsupported OpenSSL version - must be either 0.9.8* or 1.0.*|^1.1.*.'
|
||||
echo 'Installation cannot proceed.'
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
|
||||
%Postinstall_875
|
||||
set -e
|
||||
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@
|
|||
#include <openssl/dsa.h>
|
||||
#include <openssl/engine.h>
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
#include "scxsslcert.h"
|
||||
#include "resourcehelper.h"
|
||||
|
|
@ -319,11 +320,15 @@ struct LoadASN1 {
|
|||
|
||||
OpenSSL_add_all_algorithms() is a macro so it could not be passed as a function pointer.
|
||||
*/
|
||||
#if OPENSSL_VERSION_NUMBER <= 0x100fffffL // SSL 1.0.x or lower?
|
||||
static void SSL_OpenSSL_add_all_algorithms()
|
||||
{
|
||||
// Call to a macro
|
||||
OpenSSL_add_all_algorithms();
|
||||
}
|
||||
#else
|
||||
void NoOp_Destructor(){}
|
||||
#endif
|
||||
|
||||
/*----------------------------------------------------------------------------*/
|
||||
/**
|
||||
|
|
@ -342,9 +347,13 @@ void SCXSSLCertificate::DoGenerate()
|
|||
string outfile(StrToMultibyte(m_CertPath));
|
||||
string keyout(StrToMultibyte(m_KeyPath));
|
||||
|
||||
ManagedResource res1(ERR_load_crypto_strings, ERR_free_strings);
|
||||
ManagedResource res2(SSL_OpenSSL_add_all_algorithms, EVP_cleanup);
|
||||
ManagedResource res3(ENGINE_load_builtin_engines, ENGINE_cleanup);
|
||||
#if OPENSSL_VERSION_NUMBER <= 0x100fffffL // SSL 1.0.x or lower?
|
||||
ManagedResource res1(ERR_load_crypto_strings, ERR_free_strings);
|
||||
ManagedResource res2(SSL_OpenSSL_add_all_algorithms, EVP_cleanup);
|
||||
ManagedResource res3(ENGINE_load_builtin_engines, ENGINE_cleanup);
|
||||
#else
|
||||
ManagedResource res1(ENGINE_load_builtin_engines, NoOp_Destructor);
|
||||
#endif
|
||||
|
||||
// Serial number is always set to "1".
|
||||
// This is a self-signed certificate. Serial number is unimportant.
|
||||
|
|
@ -370,13 +379,40 @@ void SCXSSLCertificate::DoGenerate()
|
|||
}
|
||||
|
||||
{
|
||||
RSA * rsa = RSA_generate_key(newKeyLength, 0x10001, 0, 0);
|
||||
if ( ! rsa )
|
||||
{
|
||||
throw SCXCoreLib::SCXNULLPointerException(L"Error allocating RSA structure.",
|
||||
SCXSRCLOCATION);
|
||||
}
|
||||
if ( ! EVP_PKEY_assign_RSA(pkey.Get(), rsa))
|
||||
int ret = 1;
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x0090800fL // SSL version lower than 0.9.8? It is needed for Solaris-10.
|
||||
RSA * rsa = RSA_generate_key(newKeyLength, 0x10001, 0, 0);
|
||||
|
||||
if ( ! rsa )
|
||||
{
|
||||
throw SCXCoreLib::SCXNULLPointerException(L"Error allocating RSA structure.",
|
||||
SCXSRCLOCATION);
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
BIGNUM *bne = BN_new();
|
||||
|
||||
ret = BN_set_word(bne,RSA_F4);
|
||||
|
||||
if(ret !=1){
|
||||
throw SCXNULLPointerException(L"Unable to set empty private key structure.",
|
||||
SCXSRCLOCATION);
|
||||
}
|
||||
|
||||
RSA * rsa = RSA_new();
|
||||
|
||||
if ( ! rsa )
|
||||
{
|
||||
throw SCXCoreLib::SCXNULLPointerException(L"Error allocating RSA structure.",
|
||||
SCXSRCLOCATION);
|
||||
}
|
||||
|
||||
ret = RSA_generate_key_ex(rsa, newKeyLength, bne, NULL);
|
||||
#endif
|
||||
|
||||
if ( ret != 1 || ! EVP_PKEY_assign_RSA(pkey.Get(), rsa))
|
||||
{
|
||||
// Free rsa if the assign was unsuccessful. (If it was successful, then rsa
|
||||
// is owned by pkey.)
|
||||
|
|
@ -529,18 +565,24 @@ void SCXSSLCertificate::DoGenerate()
|
|||
}
|
||||
|
||||
// Cleanup the rest of the resources that may have been allocated internally.
|
||||
OBJ_cleanup();
|
||||
#if OPENSSL_VERSION_NUMBER <= 0x100fffffL // SSL 1.0.x or lower?
|
||||
OBJ_cleanup();
|
||||
#endif
|
||||
CONF_modules_unload(1);
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
ERR_remove_state(0);
|
||||
#if OPENSSL_VERSION_NUMBER <= 0x100fffffL // SSL 1.0.x or lower?
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
ERR_remove_state(0);
|
||||
#endif
|
||||
}
|
||||
catch (SCXCoreLib::SCXException & e)
|
||||
{
|
||||
// Blunt force resource release functions.
|
||||
OBJ_cleanup();
|
||||
CONF_modules_free();
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
ERR_remove_state(0);
|
||||
#if OPENSSL_VERSION_NUMBER <= 0x100fffffL // SSL 1.0.x or lower?
|
||||
OBJ_cleanup();
|
||||
CONF_modules_free();
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
ERR_remove_state(0);
|
||||
#endif
|
||||
|
||||
throw;
|
||||
}
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче