factotum/libressl-portable
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add '--enable-libtls-only' build option

Browse Source
This commit is contained in:
Brent Cook 2021-04-05 02:32:35 -05:00
parent 141f7528cb
commit 921c0675a2
11 changed files with 90 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CMakeLists.txt
View File

@ -368,6 +368,17 @@ if(NOT MSVC)
DESTINATION ${CMAKE_INSTALL_LIBDIR}) DESTINATION ${CMAKE_INSTALL_LIBDIR})
endif() endif()
if(NOT "${OPENSSLDIR}" STREQUAL "")
set(CONF_DIR "${OPENSSLDIR}")
else()
set(CONF_DIR "${CMAKE_INSTALL_PREFIX}/etc/ssl")
endif()
if(ENABLE_LIBRESSL_INSTALL)
install(FILES cert.pem openssl.cnf x509v3.cnf DESTINATION ${CONF_DIR})
install(DIRECTORY DESTINATION ${CONF_DIR}/certs)
endif(ENABLE_LIBRESSL_INSTALL)
if(NOT TARGET uninstall) if(NOT TARGET uninstall)
configure_file( configure_file(
"${CMAKE_CURRENT_SOURCE_DIR}/cmake_uninstall.cmake.in" "${CMAKE_CURRENT_SOURCE_DIR}/cmake_uninstall.cmake.in"

33
Makefile.am
View File

@ -5,10 +5,41 @@ endif
ACLOCAL_AMFLAGS = -I m4 ACLOCAL_AMFLAGS = -I m4
pkgconfigdir = $(libdir)/pkgconfig pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libcrypto.pc libssl.pc libtls.pc openssl.pc pkgconfig_DATA = libtls.pc
if !ENABLE_LIBTLS_ONLY
pkgconfig_DATA += libcrypto.pc libssl.pc openssl.pc
endif
EXTRA_DIST = README.md README.windows VERSION config scripts EXTRA_DIST = README.md README.windows VERSION config scripts
EXTRA_DIST += CMakeLists.txt cmake_export_symbol.cmake cmake_uninstall.cmake.in FindLibreSSL.cmake EXTRA_DIST += CMakeLists.txt cmake_export_symbol.cmake cmake_uninstall.cmake.in FindLibreSSL.cmake
EXTRA_DIST += cert.pem openssl.cnf x509v3.cnf
.PHONY: install_sw .PHONY: install_sw
install_sw: install install_sw: install
install-exec-hook:
@if [ "@OPENSSLDIR@x" != "x" ]; then \
OPENSSLDIR="$(DESTDIR)@OPENSSLDIR@"; \
else \
OPENSSLDIR="$(DESTDIR)$(sysconfdir)/ssl"; \
fi; \
mkdir -p "$$OPENSSLDIR/certs"; \
for i in cert.pem openssl.cnf x509v3.cnf; do \
if [ ! -f "$$OPENSSLDIR/$i" ]; then \
$(INSTALL) -m 644 "$(srcdir)/$$i" "$$OPENSSLDIR/$$i"; \
else \
echo " $$OPENSSLDIR/$$i already exists, install will not overwrite"; \
fi \
done
uninstall-local:
@if [ "@OPENSSLDIR@x" != "x" ]; then \
OPENSSLDIR="$(DESTDIR)@OPENSSLDIR@"; \
else \
OPENSSLDIR="$(DESTDIR)$(sysconfdir)/ssl"; \
fi; \
for i in cert.pem openssl.cnf x509v3.cnf; do \
if cmp -s "$$OPENSSLDIR/$$i" "$(srcdir)/$$i"; then \
rm -f "$$OPENSSLDIR/$$i"; \
fi \
done

5
apps/ocspcheck/Makefile.am
View File

@ -1,8 +1,11 @@
include $(top_srcdir)/Makefile.am.common include $(top_srcdir)/Makefile.am.common
if !ENABLE_LIBTLS_ONLY
bin_PROGRAMS = ocspcheck bin_PROGRAMS = ocspcheck
dist_man_MANS = ocspcheck.8 dist_man_MANS = ocspcheck.8
else
noinst_PROGRAMS = ocspcheck
endif
EXTRA_DIST = ocspcheck.8 EXTRA_DIST = ocspcheck.8
EXTRA_DIST += CMakeLists.txt EXTRA_DIST += CMakeLists.txt

10
apps/openssl/CMakeLists.txt
View File

@ -83,13 +83,3 @@ if(ENABLE_LIBRESSL_INSTALL)
install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR}) install(TARGETS openssl DESTINATION ${CMAKE_INSTALL_BINDIR})
install(FILES openssl.1 DESTINATION ${CMAKE_INSTALL_MANDIR}/man1) install(FILES openssl.1 DESTINATION ${CMAKE_INSTALL_MANDIR}/man1)
endif(ENABLE_LIBRESSL_INSTALL) endif(ENABLE_LIBRESSL_INSTALL)
if(NOT "${OPENSSLDIR}" STREQUAL "")
set(CONF_DIR "${OPENSSLDIR}")
else()
set(CONF_DIR "${CMAKE_INSTALL_PREFIX}/etc/ssl")
endif()
if(ENABLE_LIBRESSL_INSTALL)
install(FILES cert.pem openssl.cnf x509v3.cnf DESTINATION ${CONF_DIR})
install(DIRECTORY DESTINATION ${CONF_DIR}/certs)
endif(ENABLE_LIBRESSL_INSTALL)

36
apps/openssl/Makefile.am
View File

@ -1,8 +1,11 @@
include $(top_srcdir)/Makefile.am.common include $(top_srcdir)/Makefile.am.common
if !ENABLE_LIBTLS_ONLY
bin_PROGRAMS = openssl bin_PROGRAMS = openssl
dist_man_MANS = openssl.1 dist_man_MANS = openssl.1
else
noinst_PROGRAMS = openssl
endif
openssl_LDADD = $(abs_top_builddir)/ssl/libssl.la openssl_LDADD = $(abs_top_builddir)/ssl/libssl.la
openssl_LDADD += $(abs_top_builddir)/crypto/libcrypto.la openssl_LDADD += $(abs_top_builddir)/crypto/libcrypto.la
@ -92,34 +95,5 @@ noinst_HEADERS += testdsa.h
noinst_HEADERS += testrsa.h noinst_HEADERS += testrsa.h
noinst_HEADERS += timeouts.h noinst_HEADERS += timeouts.h
EXTRA_DIST = cert.pem EXTRA_DIST = CMakeLists.txt
EXTRA_DIST += openssl.cnf
EXTRA_DIST += x509v3.cnf
EXTRA_DIST += CMakeLists.txt
install-exec-hook:
@if [ "@OPENSSLDIR@x" != "x" ]; then \
OPENSSLDIR="$(DESTDIR)@OPENSSLDIR@"; \
else \
OPENSSLDIR="$(DESTDIR)$(sysconfdir)/ssl"; \
fi; \
mkdir -p "$$OPENSSLDIR/certs"; \
for i in cert.pem openssl.cnf x509v3.cnf; do \
if [ ! -f "$$OPENSSLDIR/$i" ]; then \
$(INSTALL) -m 644 "$(srcdir)/$$i" "$$OPENSSLDIR/$$i"; \
else \
echo " $$OPENSSLDIR/$$i already exists, install will not overwrite"; \
fi \
done
uninstall-local:
@if [ "@OPENSSLDIR@x" != "x" ]; then \
OPENSSLDIR="$(DESTDIR)@OPENSSLDIR@"; \
else \
OPENSSLDIR="$(DESTDIR)$(sysconfdir)/ssl"; \
fi; \
for i in cert.pem openssl.cnf x509v3.cnf; do \
if cmp -s "$$OPENSSLDIR/$$i" "$(srcdir)/$$i"; then \
rm -f "$$OPENSSLDIR/$$i"; \
fi \
done

21
configure.ac
View File

@ -110,9 +110,6 @@ AM_CONDITIONAL([HOST_ASM_MASM_X86_64],
AM_CONDITIONAL([HOST_ASM_MINGW64_X86_64], AM_CONDITIONAL([HOST_ASM_MINGW64_X86_64],
[test "x$HOST_ABI" = "xmingw64" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"]) [test "x$HOST_ABI" = "xmingw64" -a "$host_cpu" = "x86_64" -a "x$enable_asm" != "xno"])
# Check if time_t is sized correctly
AC_CHECK_SIZEOF([time_t], [time.h])
AC_CONFIG_FILES([ AC_CONFIG_FILES([
Makefile Makefile
include/Makefile include/Makefile
@ -132,18 +129,14 @@ AC_CONFIG_FILES([
openssl.pc openssl.pc
]) ])
AM_CONDITIONAL([SMALL_TIME_T], [test "$ac_cv_sizeof_time_t" = "4"]) AC_ARG_ENABLE([nc],
if test "$ac_cv_sizeof_time_t" = "4"; then AS_HELP_STRING([--enable-nc], [Enable installing TLS-enabled nc(1)]))
AC_DEFINE([SMALL_TIME_T]) AM_CONDITIONAL([ENABLE_NC], [test "x$enable_nc" = xyes])
echo " ** Warning, this system is unable to represent times past 2038" AM_CONDITIONAL([BUILD_NC], [test x$BUILD_NC = xyes -o "x$enable_nc" = xyes])
echo " ** It will behave incorrectly when handling valid RFC5280 dates"
if test "$host_os" = "mingw32" ; then AC_ARG_ENABLE([libtls-only],
echo " **" AS_HELP_STRING([--enable-libtls-only], [Enable installing libtls only]))
echo " ** You can solve this by adjusting the build flags in your" AM_CONDITIONAL([ENABLE_LIBTLS_ONLY], [test "x$enable_libtls_only" = xyes])
echo " ** mingw-w64 toolchain. Refer to README.windows for details."
fi
fi
AC_REQUIRE_AUX_FILE([tap-driver.sh]) AC_REQUIRE_AUX_FILE([tap-driver.sh])

8
crypto/Makefile.am
View File

@ -9,7 +9,13 @@ AM_CPPFLAGS += -I$(top_srcdir)/crypto/evp
AM_CPPFLAGS += -I$(top_srcdir)/crypto/modes AM_CPPFLAGS += -I$(top_srcdir)/crypto/modes
AM_CPPFLAGS += -I$(top_srcdir)/crypto AM_CPPFLAGS += -I$(top_srcdir)/crypto
noinst_LTLIBRARIES = libcompat.la
if ENABLE_LIBTLS_ONLY
noinst_LTLIBRARIES += libcrypto.la
else
lib_LTLIBRARIES = libcrypto.la lib_LTLIBRARIES = libcrypto.la
endif
EXTRA_DIST = VERSION EXTRA_DIST = VERSION
EXTRA_DIST += CMakeLists.txt EXTRA_DIST += CMakeLists.txt
@ -126,8 +132,6 @@ else
libcrypto_la_CPPFLAGS += -DOPENSSLDIR=\"$(sysconfdir)/ssl\" libcrypto_la_CPPFLAGS += -DOPENSSLDIR=\"$(sysconfdir)/ssl\"
endif endif
noinst_LTLIBRARIES = libcompat.la
# compatibility functions that need to be built without optimizations # compatibility functions that need to be built without optimizations
if !HAVE_EXPLICIT_BZERO if !HAVE_EXPLICIT_BZERO
noinst_LTLIBRARIES += libcompatnoopt.la noinst_LTLIBRARIES += libcompatnoopt.la

1
include/openssl/Makefile.am.tpl
View File

@ -1,5 +1,6 @@
include $(top_srcdir)/Makefile.am.common include $(top_srcdir)/Makefile.am.common
if !ENABLE_LIBTLS_ONLY
opensslincludedir=$(includedir)/openssl opensslincludedir=$(includedir)/openssl
opensslinclude_HEADERS = opensslinclude_HEADERS =

18
m4/check-os-options.m4
View File

@ -123,10 +123,20 @@ char buf[1]; getentropy(buf, 1);
*) ;; *) ;;
esac esac
AC_ARG_ENABLE([nc], # Check if time_t is sized correctly
AS_HELP_STRING([--enable-nc], [Enable installing TLS-enabled nc(1)])) AC_CHECK_SIZEOF([time_t], [time.h])
AM_CONDITIONAL([ENABLE_NC], [test "x$enable_nc" = xyes]) AM_CONDITIONAL([SMALL_TIME_T], [test "$ac_cv_sizeof_time_t" = "4"])
AM_CONDITIONAL([BUILD_NC], [test x$BUILD_NC = xyes -o "x$enable_nc" = xyes]) if test "$ac_cv_sizeof_time_t" = "4"; then
AC_DEFINE([SMALL_TIME_T])
echo " ** Warning, this system is unable to represent times past 2038"
echo " ** It will behave incorrectly when handling valid RFC5280 dates"
if test "$host_os" = "mingw32" ; then
echo " **"
echo " ** You can solve this by adjusting the build flags in your"
echo " ** mingw-w64 toolchain. Refer to README.windows for details."
fi
fi
AM_CONDITIONAL([HOST_AIX], [test x$HOST_OS = xaix]) AM_CONDITIONAL([HOST_AIX], [test x$HOST_OS = xaix])
AM_CONDITIONAL([HOST_CYGWIN], [test x$HOST_OS = xcygwin]) AM_CONDITIONAL([HOST_CYGWIN], [test x$HOST_OS = xcygwin])

4
ssl/Makefile.am
View File

@ -1,6 +1,10 @@
include $(top_srcdir)/Makefile.am.common include $(top_srcdir)/Makefile.am.common
if ENABLE_LIBTLS_ONLY
noinst_LTLIBRARIES = libssl.la
else
lib_LTLIBRARIES = libssl.la lib_LTLIBRARIES = libssl.la
endif
EXTRA_DIST = VERSION EXTRA_DIST = VERSION
EXTRA_DIST += CMakeLists.txt EXTRA_DIST += CMakeLists.txt

10
update.sh
View File

@ -265,9 +265,9 @@ done
echo "copying openssl(1) source" echo "copying openssl(1) source"
$CP $bin_src/openssl/openssl.1 apps/openssl $CP $bin_src/openssl/openssl.1 apps/openssl
$CP_LIBC $libc_src/stdlib/strtonum.c apps/openssl/compat $CP_LIBC $libc_src/stdlib/strtonum.c apps/openssl/compat
$CP $libcrypto_src/cert.pem apps/openssl $CP $libcrypto_src/cert.pem .
$CP $libcrypto_src/openssl.cnf apps/openssl $CP $libcrypto_src/openssl.cnf .
$CP $libcrypto_src/x509v3.cnf apps/openssl $CP $libcrypto_src/x509v3.cnf .
for i in `awk '/SOURCES|HEADERS|MANS/ { print $3 }' apps/openssl/Makefile.am` ; do for i in `awk '/SOURCES|HEADERS|MANS/ { print $3 }' apps/openssl/Makefile.am` ; do
if [ -e $bin_src/openssl/$i ]; then if [ -e $bin_src/openssl/$i ]; then
$CP $bin_src/openssl/$i apps/openssl $CP $bin_src/openssl/$i apps/openssl
@ -327,6 +327,7 @@ chmod 755 tests/testssl
for i in `ls -1 *.h|sort`; do for i in `ls -1 *.h|sort`; do
echo "opensslinclude_HEADERS += $i" >> Makefile.am echo "opensslinclude_HEADERS += $i" >> Makefile.am
done done
echo endif >> Makefile.am
) )
add_man_links() { add_man_links() {
@ -362,9 +363,9 @@ done
# copy manpages # copy manpages
echo "copying manpages" echo "copying manpages"
echo EXTRA_DIST = CMakeLists.txt > man/Makefile.am echo EXTRA_DIST = CMakeLists.txt > man/Makefile.am
echo "if !ENABLE_LIBTLS_ONLY" >> man/Makefile.am
echo dist_man3_MANS = >> man/Makefile.am echo dist_man3_MANS = >> man/Makefile.am
echo dist_man5_MANS = >> man/Makefile.am echo dist_man5_MANS = >> man/Makefile.am
(cd man (cd man
for i in `ls -1 $libssl_src/man/*.3 | sort`; do for i in `ls -1 $libssl_src/man/*.3 | sort`; do
NAME=`basename "$i"` NAME=`basename "$i"`
@ -391,3 +392,4 @@ echo dist_man5_MANS = >> man/Makefile.am
done done
) )
add_man_links . man/Makefile.am add_man_links . man/Makefile.am
echo endif >> man/Makefile.am