Use vendored OpenSSL with reqwest

.circleci/config.yml

@@ -124,7 +124,6 @@ commands:
       - run: |
           echo 'export NSS_STATIC=1' >> $BASH_ENV
           echo 'export NSS_DIR=$(pwd)/libs/desktop/linux-x86-64/nss' >> $BASH_ENV
-          echo 'export OPENSSL_DIR=$(pwd)/libs/desktop/linux-x86-64/openssl' >> $BASH_ENV
           echo 'export SQLCIPHER_LIB_DIR=$(pwd)/libs/desktop/linux-x86-64/sqlcipher/lib' >> $BASH_ENV
           echo 'export SQLCIPHER_INCLUDE_DIR=$(pwd)/libs/desktop/linux-x86-64/sqlcipher/include' >> $BASH_ENV
   rust-tests:

Cargo.lock

@@ -1438,6 +1438,14 @@ name = "openssl-probe"
 version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
+[[package]]
+name = "openssl-src"
+version = "111.5.0+1.1.1c"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cc 1.0.38 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "openssl-sys"
 version = "0.9.48"
@@ -1446,6 +1454,7 @@ dependencies = [
  "autocfg 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
  "cc 1.0.38 (registry+https://github.com/rust-lang/crates.io-index)",
  "libc 0.2.60 (registry+https://github.com/rust-lang/crates.io-index)",
+ "openssl-src 111.5.0+1.1.1c (registry+https://github.com/rust-lang/crates.io-index)",
  "pkg-config 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)",
  "vcpkg 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
@@ -3119,6 +3128,7 @@ dependencies = [
 "checksum once_cell 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)" = "1824583b0e4dc0c1716eea4fb51a9ca2634943f0b07fd929e79af6aeb5a513cc"
 "checksum openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)" = "8152bb5a9b5b721538462336e3bef9a539f892715e5037fda0f984577311af15"
 "checksum openssl-probe 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "77af24da69f9d9341038eba93a073b1fdaaa1b788221b00a69bce9e762cb32de"
+"checksum openssl-src 111.5.0+1.1.1c (registry+https://github.com/rust-lang/crates.io-index)" = "4bdebf3f49173e2f693e3ad83eed3aa9fe9e5a60e23c84010c29063b1497049e"
 "checksum openssl-sys 0.9.48 (registry+https://github.com/rust-lang/crates.io-index)" = "b5ba300217253bcc5dc68bed23d782affa45000193866e025329aa8a7a9f05b8"
 "checksum output_vt100 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "53cdc5b785b7a58c5aad8216b3dfa114df64b0b06ae6e1501cef91df2fbdf8f9"
 "checksum owning_ref 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "49a4b8ea2179e6a2e27411d3bca09ca6dd630821cf6894c6c7c8467a8ee7ef13"

DEPENDENCIES.md

@@ -507,6 +507,7 @@ The following text applies to code linked from these dependendencies:
 [num_cpus](https://github.com/seanmonstar/num_cpus),
 [once_cell](https://github.com/matklad/once_cell),
 [openssl-probe](https://github.com/alexcrichton/openssl-probe),
+[openssl-src](https://github.com/alexcrichton/openssl-src-rs),
 [openssl](https://github.com/sfackler/rust-openssl),
 [parking_lot](https://github.com/Amanieu/parking_lot),
 [parking_lot_core](https://github.com/Amanieu/parking_lot),

README.md

@@ -37,7 +37,7 @@ that are largely shared across platforms, like this:
 The code for these components is organized as follows:
 
 * [./libs/](libs) contains infratructure for building some native dependencies,
-  such as OpenSSL.
+  such as NSS.
 * [./components/](components) contains the source for each component, and its
   FFI bindings.
   * See [./components/logins/](components/logins) for an example, where you can

automation/taskcluster/decision_task.py

@@ -364,7 +364,6 @@ def linux_cross_compile_build_task(name):
             export ORG_GRADLE_PROJECT_RUST_ANDROID_GRADLE_TARGET_X86_64_APPLE_DARWIN_NSS_STATIC=1
             export ORG_GRADLE_PROJECT_RUST_ANDROID_GRADLE_TARGET_X86_64_APPLE_DARWIN_NSS_DIR=/build/repo/libs/desktop/darwin/nss
             export ORG_GRADLE_PROJECT_RUST_ANDROID_GRADLE_TARGET_X86_64_APPLE_DARWIN_SQLCIPHER_LIB_DIR=/build/repo/libs/desktop/darwin/sqlcipher/lib
-            export ORG_GRADLE_PROJECT_RUST_ANDROID_GRADLE_TARGET_X86_64_APPLE_DARWIN_OPENSSL_DIR=/build/repo/libs/desktop/darwin/openssl
             export ORG_GRADLE_PROJECT_RUST_ANDROID_GRADLE_TARGET_X86_64_APPLE_DARWIN_CC=/tmp/clang/bin/clang
             export ORG_GRADLE_PROJECT_RUST_ANDROID_GRADLE_TARGET_X86_64_APPLE_DARWIN_TOOLCHAIN_PREFIX=/tmp/cctools/bin
             export ORG_GRADLE_PROJECT_RUST_ANDROID_GRADLE_TARGET_X86_64_APPLE_DARWIN_AR=/tmp/cctools/bin/x86_64-darwin11-ar

build-scripts/xc-universal-binary.sh

@@ -46,10 +46,8 @@ for i in "${!LIBS_ARCHS[@]}"; do
     LIB_ARCH=${LIBS_ARCHS[${i}]}
     env -i \
         PATH="${PATH}" \
-        OPENSSL_STATIC=1 \
         NSS_STATIC=1 \
         NSS_DIR="${LIBSDIR}/ios/${LIB_ARCH}/nss" \
-        OPENSSL_DIR="${LIBSDIR}/ios/${LIB_ARCH}/openssl" \
         SQLCIPHER_LIB_DIR="${LIBSDIR}/ios/${LIB_ARCH}/sqlcipher/lib" \
         SQLCIPHER_INCLUDE_DIR="${LIBSDIR}/ios/${LIB_ARCH}/sqlcipher/include" \
         RUSTC_WRAPPER="${RUSTC_WRAPPER:-}" \

build.gradle

@@ -224,10 +224,8 @@ subprojects {
 // the Cargo build.  We assume that the `libs/` directory has been populated
 // before invoking Gradle (or Cargo).
 ext.cargoExec = { spec, toolchain ->
-    spec.environment("OPENSSL_STATIC", "1")
     spec.environment("NSS_STATIC", "1")
     spec.environment("NSS_DIR",               new File(rootProject.ext.libsRootDir, "libs/${toolchain.folder}/nss").absolutePath)
-    spec.environment("OPENSSL_DIR",           new File(rootProject.ext.libsRootDir, "libs/${toolchain.folder}/openssl").absolutePath)
 }
 // Strictly speaking, we could always specify `SQLCIPHER_LIB_DIR` and
 // `SQLCIPHER_INCLUDE_DIR`, and so long as everything else is configured right,

components/viaduct/Cargo.toml

@@ -23,7 +23,7 @@ prost = "0.5.0"
 prost-derive = "0.5.0"
 bytes = "0.4.12"
 ffi-support = { path = "../support/ffi" }
-reqwest = { version = "0.9.19", optional = true }
+reqwest = { version = "0.9.19", features = ["default-tls-vendored"], optional = true }
 
 
 [build-dependencies]

docs/contributing.md

@@ -21,7 +21,7 @@ To work on the code in this repo you will need to be familiar with
 the [Rust](https://www.rust-lang.org/) programming language.
 You can get a working rust compiler and toolchain via [rustup](https://rustup.rs/).
 
-Some components also require `openssl` and `sqlcipher` in order to build correctly.
+Some components also require `nss` and `sqlcipher` in order to build correctly.
 You may be able to install these via your OS package manager, but for consistency
 we recommend using the versions included in this repo by doing the following from
 the root of your checkout:

docs/dependency-management.md

@@ -83,7 +83,6 @@ No additional Swift dependencies should be added to the project unless absolutel
 
 We currently depend on local builds of the following system dependencies:
 
-* [OpenSSL](https://www.openssl.org/source/)
 * [NSS](https://hg.mozilla.org/projects/nss) and [NSPR](https://hg.mozilla.org/projects/nspr)
 * [SQLCipher](https://github.com/sqlcipher/sqlcipher)
 * [Protobuf](https://github.com/protocolbuffers/protobuf)

docs/howtos/setup-android-build-environment.md

@@ -63,10 +63,10 @@ a rc file or similar so they persist between reboots etc.
      them somewhere - use the "SDK Manager" to identify this location.
    - Set `ANDROID_HOME` to this location and add it to your rc file.
 
-7. Build NSS, OpenSSL and sqlcipher
+7. Build NSS and SQLCipher
     - `cd path/to/application-services/libs` (Same dir you were just in for step 4)
     - `./build-all.sh android` (Go make some coffee or something, this will take
-       some time as it has to compile sqlcipher and openssl for x86, x86_64, arm, and arm64).
+       some time as it has to compile NSS and SQLCipher for x86, x86_64, arm, and arm64).
     - Note that if something goes wrong here
         - Check all environment variables mentions above are set and correct.
         - The following directories should exist, and point to standalone NDK
@@ -127,7 +127,7 @@ You should also find the .kt files for the project somewhere there and in the ri
 
 # Using Windows
 
-It's currently tricky to get some of these builds working on Windows, primarily due to our use of `sqlcipher` and `openssl`. However, by using the Windows Subsystem for Linux, it is possible to get builds working, but still have them published to your "native" local maven cache so it's available for use by a "native" Android Studio.
+It's currently tricky to get some of these builds working on Windows, primarily due to our use of `sqlcipher`. However, by using the Windows Subsystem for Linux, it is possible to get builds working, but still have them published to your "native" local maven cache so it's available for use by a "native" Android Studio.
 
 As above, this document may be incomplete, so please edit or open PRs where necessary.
 

libs/.gitignore

@@ -3,7 +3,6 @@
 *.7z
 
 # Intermediate folders leftover on build failures.
-openssl*
 sqlcipher*
 nss*
 dist

libs/bootstrap-desktop.sh

@@ -19,10 +19,9 @@ else
 fi
 export SQLCIPHER_LIB_DIR="${APPSERVICES_PLATFORM_DIR}/sqlcipher/lib"
 export SQLCIPHER_INCLUDE_DIR="${APPSERVICES_PLATFORM_DIR}/sqlcipher/include"
-export OPENSSL_DIR="${APPSERVICES_PLATFORM_DIR}/openssl"
 export NSS_STATIC="1"
 export NSS_DIR="${APPSERVICES_PLATFORM_DIR}/nss"
-if [[ ! -d "${SQLCIPHER_LIB_DIR}" ]] || [[ ! -d "${OPENSSL_DIR}" ]] || [[ ! -d "${NSS_DIR}" ]]; then
+if [[ ! -d "${SQLCIPHER_LIB_DIR}" ]] || [[ ! -d "${NSS_DIR}" ]]; then
   pushd libs
   ./build-all.sh desktop
   popd

libs/build-all-android.sh

@@ -12,18 +12,17 @@ TARGET_ARCHS_TOOLCHAINS=("x86_64-linux-android" "i686-linux-android" "aarch64-li
 
 # End of configuration.
 
-if [[ "${#}" -ne 3 ]]
+if [[ "${#}" -ne 2 ]]
 then
     echo "Usage:"
-    echo "./build-all-android.sh <OPENSSL_SRC_PATH> <SQLCIPHER_SRC_PATH> <NSS_SRC_PATH>"
+    echo "./build-all-android.sh <SQLCIPHER_SRC_PATH> <NSS_SRC_PATH>"
     exit 1
 fi
 
 # shellcheck disable=SC1091
 source "android_defaults.sh"
-OPENSSL_SRC_PATH=${1}
-SQLCIPHER_SRC_PATH=${2}
-NSS_SRC_PATH=${3}
+SQLCIPHER_SRC_PATH=${1}
+NSS_SRC_PATH=${2}
 
 echo "# Building NSS"
 for i in "${!TARGET_ARCHS[@]}"; do
@@ -37,18 +36,6 @@ for i in "${!TARGET_ARCHS[@]}"; do
   fi
 done
 
-echo "# Building openssl"
-for i in "${!TARGET_ARCHS[@]}"; do
-  ARCH=${TARGET_ARCHS[${i}]}
-  DIST=${TARGET_ARCHS_DISTS[${i}]}
-  DIST_DIR=$(abspath "android/${DIST}/openssl")
-  if [[ -d "${DIST_DIR}" ]]; then
-    echo "${DIST_DIR} already exists. Skipping building openssl."
-  else
-    ./build-openssl-android.sh "${OPENSSL_SRC_PATH}" "${DIST_DIR}" "${ANDROID_NDK_TOOLCHAIN_DIR}/${ARCH}-${ANDROID_NDK_API_VERSION}" "${TARGET_ARCHS_TOOLCHAINS[${i}]}" "${ANDROID_NDK_API_VERSION}" || exit 1
-  fi
-done
-
 echo "# Building sqlcipher"
 for i in "${!TARGET_ARCHS[@]}"; do
   ARCH=${TARGET_ARCHS[${i}]}

libs/build-all-ios.sh

@@ -6,16 +6,15 @@ IOS_MIN_SDK_VERSION="11.0"
 # Our short-names for the architectures.
 TARGET_ARCHS=("x86_64" "arm64")
 
-if [[ "${#}" -ne 3 ]]
+if [[ "${#}" -ne 2 ]]
 then
     echo "Usage:"
-    echo "./build-all-ios.sh <OPENSSL_SRC_PATH> <SQLCIPHER_SRC_PATH> <NSS_SRC_PATH>"
+    echo "./build-all-ios.sh <SQLCIPHER_SRC_PATH> <NSS_SRC_PATH>"
     exit 1
 fi
 
-OPENSSL_SRC_PATH=${1}
-SQLCIPHER_SRC_PATH=${2}
-NSS_SRC_PATH=${3}
+SQLCIPHER_SRC_PATH=${1}
+NSS_SRC_PATH=${2}
 
 function universal_lib() {
   DIR_NAME="${1}"
@@ -66,19 +65,6 @@ universal_lib "nss" "libhw-acc-crypto.a" "${TARGET_ARCHS[@]}"
 universal_lib "nss" "libgcm-aes-x86_c_lib.a" "x86_64"
 universal_lib "nss" "libgcm-aes-aarch64_c_lib.a" "arm64"
 
-echo "# Building openssl"
-for i in "${!TARGET_ARCHS[@]}"; do
-  ARCH=${TARGET_ARCHS[${i}]}
-  DIST_DIR=$(abspath "ios/${ARCH}/openssl")
-  if [[ -d "${DIST_DIR}" ]]; then
-    echo "${DIST_DIR} already exists. Skipping building openssl."
-  else
-    ./build-openssl-ios.sh "${OPENSSL_SRC_PATH}" "${DIST_DIR}" "${ARCH}" "${IOS_MIN_SDK_VERSION}" || exit 1
-  fi
-done
-universal_lib "openssl" "libssl.a" "${TARGET_ARCHS[@]}"
-universal_lib "openssl" "libcrypto.a" "${TARGET_ARCHS[@]}"
-
 echo "# Building sqlcipher"
 for i in "${!TARGET_ARCHS[@]}"; do
   ARCH=${TARGET_ARCHS[${i}]}
@@ -91,14 +77,6 @@ for i in "${!TARGET_ARCHS[@]}"; do
 done
 universal_lib "sqlcipher" "libsqlcipher.a" "${TARGET_ARCHS[@]}"
 
-HEADER_DIST_DIR="ios/universal/openssl/include/openssl"
-if [[ ! -e "${HEADER_DIST_DIR}" ]]; then
-  mkdir -p ${HEADER_DIST_DIR}
-  cp -L "${OPENSSL_SRC_PATH}"/include/openssl/*.h "${HEADER_DIST_DIR}"
-  # The following file is generated during compilation, we pick the one in arm64.
-  cp -L "${PWD}"/ios/arm64/openssl/include/openssl/opensslconf.h "${HEADER_DIST_DIR}"
-fi
-
 HEADER_DIST_DIR="ios/universal/sqlcipher/include/sqlcipher"
 if [[ ! -e "${HEADER_DIST_DIR}" ]]; then
   mkdir -p ${HEADER_DIST_DIR}

libs/build-all.sh

@@ -2,9 +2,6 @@
 
 set -euvx
 
-OPENSSL_VERSION="1.1.1a"
-OPENSSL_SHA256="fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41"
-
 # SQLCIPHER_VERSION="4.1.0"
 # SQLCIPHER_SHA256="65144ca3ba4c0f9cd4bae8c20bb42f2b84424bf29d1ebcf04c44a728903b1faa"
 
@@ -49,18 +46,6 @@ if ! [[ -x "$(command -v tclsh)" ]]; then
   exit 1
 fi
 
-OPENSSL="openssl-${OPENSSL_VERSION}"
-rm -rf "${OPENSSL}"
-if [[ ! -e "${OPENSSL}.tar.gz" ]]; then
-  echo "Downloading ${OPENSSL}.tar.gz"
-  curl -L -O "https://www.openssl.org/source/${OPENSSL}.tar.gz"
-else
-  echo "Using ${OPENSSL}.tar.gz"
-fi
-echo "${OPENSSL_SHA256}  ${OPENSSL}.tar.gz" | shasum -a 256 -c - || exit 2
-tar xfz "${OPENSSL}.tar.gz"
-OPENSSL_SRC_PATH=$(abspath ${OPENSSL})
-
 # Delete the following...
 rm -rf sqlcipher
 git clone --single-branch --branch nss-crypto-impl --depth 1 "https://github.com/eoger/sqlcipher.git"
@@ -125,19 +110,17 @@ diff -r 65efa74ef84a coreconf/config.gypi
 
 if [[ "${PLATFORM}" == "ios" ]]
 then
-  ./build-all-ios.sh "${OPENSSL_SRC_PATH}" "${SQLCIPHER_SRC_PATH}" "${NSS_SRC_PATH}"
+  ./build-all-ios.sh "${SQLCIPHER_SRC_PATH}" "${NSS_SRC_PATH}"
 elif [[ "${PLATFORM}" == "android" ]]
 then
-  ./build-all-android.sh "${OPENSSL_SRC_PATH}" "${SQLCIPHER_SRC_PATH}" "${NSS_SRC_PATH}"
+  ./build-all-android.sh "${SQLCIPHER_SRC_PATH}" "${NSS_SRC_PATH}"
 elif [[ "${PLATFORM}" == "desktop" ]]
 then
   ./build-nss-desktop.sh "${NSS_SRC_PATH}"
-  ./build-openssl-desktop.sh "${OPENSSL_SRC_PATH}"
   ./build-sqlcipher-desktop.sh "${SQLCIPHER_SRC_PATH}"
 elif [[ "${PLATFORM}" == "darwin" ]] || [[ "${PLATFORM}" == "win32-x86-64" ]]
 then
   ./build-nss-desktop.sh "${NSS_SRC_PATH}" "${PLATFORM}"
-  ./build-openssl-desktop.sh "${OPENSSL_SRC_PATH}" "${PLATFORM}"
   ./build-sqlcipher-desktop.sh "${SQLCIPHER_SRC_PATH}" "${PLATFORM}"
 else
   echo "Unrecognized platform"
@@ -145,7 +128,6 @@ else
 fi
 
 echo "Cleaning up"
-rm -rf "${OPENSSL_SRC_PATH}"
 rm -rf "${SQLCIPHER_SRC_PATH}"
 rm -rf "${NSS_SRC_PATH}"
 

libs/build-openssl-android.sh

@@ -1,63 +0,0 @@
-#!/usr/bin/env bash
-
-# This script downloads and builds the Android openssl library.
-
-set -euvx
-
-if [[ "${#}" -ne 5 ]]
-then
-    echo "Usage:"
-    echo "./build-openssl-android.sh <ABSOLUTE_SRC_DIR> <DIST_DIR> <TOOLCHAIN_PATH> <TOOLCHAIN> <ANDROID_NDK_API_VERSION>"
-    exit 1
-fi
-
-OPENSSL_DIR=${1}
-DIST_DIR=${2}
-TOOLCHAIN_PATH=${3}
-TOOLCHAIN=${4}
-ANDROID_NDK_API_VERSION=${5}
-
-if [[ -d "${DIST_DIR}" ]]; then
-  echo "${DIST_DIR}"" folder already exists. Skipping build."
-  exit 0
-fi
-
-cd "${OPENSSL_DIR}"
-
-export CFLAGS="-D__ANDROID_API__=${ANDROID_NDK_API_VERSION}"
-export ANDROID_NDK="${TOOLCHAIN_PATH}"
-export PATH="${TOOLCHAIN_PATH}/bin:${PATH}"
-
-OPENSSL_OUTPUT_PATH="/tmp/openssl-${TOOLCHAIN}_${$}"
-mkdir -p "${OPENSSL_OUTPUT_PATH}"
-
-if [[ "${TOOLCHAIN}" == "x86_64-linux-android" ]]
-then
-  CONFIGURE_ARCH="android64-x86_64"
-elif [[ "${TOOLCHAIN}" == "i686-linux-android" ]]
-then
-  CONFIGURE_ARCH="android-x86"
-elif [[ "${TOOLCHAIN}" == "aarch64-linux-android" ]]
-then
-  CONFIGURE_ARCH="android-arm64"
-elif [[ "${TOOLCHAIN}" == "arm-linux-androideabi" ]]
-then
-  CONFIGURE_ARCH="android-arm"
-else
-  echo "Unknown toolchain"
-  exit 1
-fi
-
-make clean || true
-./Configure "${CONFIGURE_ARCH}" shared --prefix="${OPENSSL_OUTPUT_PATH}" || exit 1
-make -j6
-make install_sw
-mkdir -p "${DIST_DIR}""/include/openssl"
-mkdir -p "${DIST_DIR}""/lib"
-cp -p "${OPENSSL_OUTPUT_PATH}"/lib/libssl.a "${DIST_DIR}"/lib
-cp -p "${OPENSSL_OUTPUT_PATH}"/lib/libcrypto.a "${DIST_DIR}"/lib
-cp -L "${PWD}"/include/openssl/*.h "${DIST_DIR}/include/openssl"
-# For some reason the created binaries are -w.
-chmod +w "${DIST_DIR}"/lib/libssl.a
-chmod +w "${DIST_DIR}"/lib/libcrypto.a
-rm -rf "${OPENSSL_OUTPUT_PATH}"

libs/build-openssl-desktop.sh

@@ -1,107 +0,0 @@
-#!/usr/bin/env bash
-
-set -euvx
-
-# End of configuration.
-
-if [[ "${#}" -lt 1 ]] || [[ "${#}" -gt 2 ]]
-then
-  echo "Usage:"
-  echo "./build-openssl-desktop.sh <OPENSSL_SRC_PATH> [CROSS_COMPILE_TARGET]"
-  exit 1
-fi
-
-OPENSSL_SRC_PATH=${1}
-CROSS_COMPILE_TARGET=${2-}
-
-if [[ -n "${CROSS_COMPILE_TARGET}" ]] && [[ "$(uname -s)" != "Linux" ]]; then
-  echo "Can only cross compile from 'Linux'; 'uname -s' is $(uname -s)"
-  exit 1
-fi
-
-if [[ "${CROSS_COMPILE_TARGET}" =~ "win32-x86-64" ]]; then
-  OPENSSL_DIR=$(abspath "desktop/win32-x86-64/openssl")
-elif [[ "${CROSS_COMPILE_TARGET}" =~ "darwin" ]]; then
-  OPENSSL_DIR=$(abspath "desktop/darwin/openssl")
-elif [[ -n "${CROSS_COMPILE_TARGET}" ]]; then
-  echo "Cannot build OpenSSL for unrecognized target OS ${CROSS_COMPILE_TARGET}"
-  exit 1
-elif [[ "$(uname -s)" == "Darwin" ]]; then
-  OPENSSL_DIR=$(abspath "desktop/darwin/openssl")
-elif [[ "$(uname -s)" == "Linux" ]]; then
-  # This is a JNA weirdness: "x86-64" rather than "x86_64".
-  OPENSSL_DIR=$(abspath "desktop/linux-x86-64/openssl")
-else
-   echo "Cannot build OpenSSL on unrecognized host OS $(uname -s)"
-   exit 1
-fi
-
-if [[ -d "${OPENSSL_DIR}" ]]; then
-  echo "${OPENSSL_DIR} folder already exists. Skipping build."
-  exit 0
-fi
-
-echo "# Building openssl"
-OPENSSL_OUTPUT_PATH="/tmp/openssl_${$}"
-pushd "${OPENSSL_SRC_PATH}"
-mkdir -p "${OPENSSL_OUTPUT_PATH}"
-
-if [[ "${CROSS_COMPILE_TARGET}" =~ "darwin" ]]; then
-  # OpenSSL's configure script isn't very robust: it appears to look
-  # in ${PATH}.  This is all cribbed from
-  # https://searchfox.org/mozilla-central/rev/8848b9741fc4ee4e9bc3ae83ea0fc048da39979f/build/macosx/cross-mozconfig.common.
-  export PATH=/tmp/clang/bin:/tmp/cctools/bin:${PATH}
-
-  export CC=/tmp/clang/bin/clang
-
-  export TOOLCHAIN_PREFIX=/tmp/cctools/bin
-  export AR=/tmp/cctools/bin/x86_64-darwin11-ar
-  export RANLIB=/tmp/cctools/bin/x86_64-darwin11-ranlib
-
-  LD_LIBRARY_PATH=/tmp/clang/lib ./Configure darwin64-x86_64-cc \
-    no-asm shared \
-    -march=x86-64 \
-    '-B /tmp/cctools/bin' \
-    '-target x86_64-darwin11' \
-    '-isysroot /tmp/MacOSX10.11.sdk' \
-    '-Wl,-syslibroot,/tmp/MacOSX10.11.sdk' \
-    '-Wl,-dead_strip' \
-    --prefix="${OPENSSL_OUTPUT_PATH}"
-
-  sed -i.orig 's/-arch x86_64//' Makefile
-
-  # See https://searchfox.org/mozilla-central/rev/8848b9741fc4ee4e9bc3ae83ea0fc048da39979f/build/macosx/cross-mozconfig.common#12-13.
-  export LD_LIBRARY_PATH=/tmp/clang/lib
-elif [[ "${CROSS_COMPILE_TARGET}" =~ "win32-x86-64" ]]; then
-    # Force 64 bits on Windows..
-    ./Configure --cross-compile-prefix=x86_64-w64-mingw32- mingw64 \
-      shared \
-      --prefix="${OPENSSL_OUTPUT_PATH}"
-elif [[ "$(uname -s)" == "Darwin" ]]; then
-    # Force 64 bits on macOS.
-    ./Configure darwin64-x86_64-cc \
-      shared \
-      --prefix="${OPENSSL_OUTPUT_PATH}"
-elif [[ "$(uname -s)" == "Linux" ]]; then
-    ./config shared \
-      --prefix="${OPENSSL_OUTPUT_PATH}"
-fi
-
-make clean || true
-make -j6
-make install_sw
-
-mkdir -p "${OPENSSL_DIR}""/include/openssl"
-mkdir -p "${OPENSSL_DIR}""/lib"
-cp -p "${OPENSSL_OUTPUT_PATH}"/lib/libssl.a "${OPENSSL_DIR}""/lib"
-cp -p "${OPENSSL_OUTPUT_PATH}"/lib/libcrypto.a "${OPENSSL_DIR}""/lib"
-cp -L "${PWD}"/include/openssl/*.h "${OPENSSL_DIR}/include/openssl"
-rm -rf "${OPENSSL_OUTPUT_PATH}"
-
-if [[ "${CROSS_COMPILE_TARGET}" =~ "win32-x86-64" ]]; then
-  # See https://www.wagner.pp.ru/~vitus/articles/openssl-mingw.html.
-  mv "${OPENSSL_DIR}/lib/libssl.a" "${OPENSSL_DIR}/lib/libssl.lib"
-  mv "${OPENSSL_DIR}/lib/libcrypto.a" "${OPENSSL_DIR}/lib/libcrypto.lib"
-fi
-
-popd

libs/build-openssl-ios.sh

@@ -1,57 +0,0 @@
-#!/usr/bin/env bash
-
-# This script downloads and builds the iOS openssl library.
-
-set -euvx
-
-if [[ "${#}" -ne 4 ]]
-then
-    echo "Usage:"
-    echo "./build-openssl-ios.sh <ABSOLUTE_SRC_DIR> <DIST_DIR> <ARCH> <IOS_MIN_SDK_VERSION>"
-    exit 1
-fi
-
-OPENSSL_DIR=${1}
-DIST_DIR=${2}
-ARCH=${3}
-IOS_MIN_SDK_VERSION=${4}
-
-if [[ -d "${DIST_DIR}" ]]; then
-  echo "${DIST_DIR} folder already exists. Skipping build."
-  exit 0
-fi
-
-cd "${OPENSSL_DIR}"
-
-OPENSSL_OUTPUT_PATH="/tmp/openssl-${ARCH}_${$}"
-mkdir -p "${OPENSSL_OUTPUT_PATH}"
-
-if [[ "${ARCH}" == "x86_64" ]]; then
-  OS_COMPILER="iPhoneSimulator"
-  HOST="darwin64-x86_64-cc"
-elif [[ "${ARCH}" == "arm64" ]]; then
-  OS_COMPILER="iPhoneOS"
-  HOST="ios64-cross"
-else
-  echo "Unsupported architecture"
-  exit 1
-fi
-
-DEVELOPER=$(xcode-select -print-path)
-export CROSS_TOP="${DEVELOPER}/Platforms/${OS_COMPILER}.platform/Developer"
-export CROSS_SDK="${OS_COMPILER}.sdk"
-export CROSS_COMPILE="${DEVELOPER}/Toolchains/XcodeDefault.xctoolchain/usr/bin/"
-
-make clean || true
-./Configure ${HOST} "-arch ${ARCH} -fembed-bitcode" no-asm no-ssl3 no-comp no-hw no-engine no-async --prefix="${OPENSSL_OUTPUT_PATH}" || exit 1
-if [[ "${OS_COMPILER}" == "iPhoneSimulator" ]]; then
-  sed -ie "s!^CFLAGS=!CFLAGS=-isysroot ${CROSS_TOP}/SDKs/${CROSS_SDK} -mios-version-min=${IOS_MIN_SDK_VERSION} !" "Makefile"
-fi
-make -j6
-make install_sw
-mkdir -p "${DIST_DIR}/include/openssl"
-mkdir -p "${DIST_DIR}/lib"
-cp -p "${OPENSSL_OUTPUT_PATH}"/lib/libssl.a "${DIST_DIR}/lib"
-cp -p "${OPENSSL_OUTPUT_PATH}"/lib/libcrypto.a "${DIST_DIR}/lib"
-cp -L "${PWD}"/include/openssl/*.h "${DIST_DIR}/include/openssl"
-rm -rf "${OPENSSL_OUTPUT_PATH}"