2 # Copyright (C) 2006-2016 OpenWrt.org
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
8 include $(TOPDIR
)/rules.mk
13 PKG_BUILD_FLAGS
:=no-mips16 gc-sections
17 PKG_BASE
:=$(subst $(space
),.
,$(wordlist
1,2,$(subst .
,$(space
),$(PKG_VERSION
))))
18 PKG_SOURCE
:=$(PKG_NAME
)-$(PKG_VERSION
).
tar.gz
20 http
://www.openssl.org
/source
/ \
21 http
://www.openssl.org
/source
/old
/$(PKG_BASE
)/ \
22 http
://ftp.fi.muni.cz
/pub
/openssl
/source
/ \
23 http
://ftp.fi.muni.cz
/pub
/openssl
/source
/old
/$(PKG_BASE
)/ \
24 ftp
://ftp.pca.dfn.de
/pub
/tools
/net
/openssl
/source
/ \
25 ftp
://ftp.pca.dfn.de
/pub
/tools
/net
/openssl
/source
/old
/$(PKG_BASE
)/
27 PKG_HASH
:=6c13d2bf38fdf31eac3ce2a347073673f5d63263398f1f69d0df4a41253e4b3e
29 PKG_LICENSE
:=Apache-2.0
30 PKG_LICENSE_FILES
:=LICENSE
31 PKG_MAINTAINER
:=Eneas U de Queiroz
<cotequeiroz@gmail.com
>
32 PKG_CPE_ID
:=cpe
:/a
:openssl
:openssl
33 PKG_CONFIG_DEPENDS
:= \
34 CONFIG_OPENSSL_ENGINE \
35 CONFIG_OPENSSL_ENGINE_BUILTIN \
36 CONFIG_OPENSSL_ENGINE_BUILTIN_AFALG \
37 CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO \
38 CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK \
39 CONFIG_OPENSSL_NO_DEPRECATED \
40 CONFIG_OPENSSL_OPTIMIZE_SPEED \
41 CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM \
42 CONFIG_OPENSSL_SMALL_FOOTPRINT \
43 CONFIG_OPENSSL_WITH_ARIA \
44 CONFIG_OPENSSL_WITH_ASM \
45 CONFIG_OPENSSL_WITH_ASYNC \
46 CONFIG_OPENSSL_WITH_BLAKE2 \
47 CONFIG_OPENSSL_WITH_CAMELLIA \
48 CONFIG_OPENSSL_WITH_CHACHA_POLY1305 \
49 CONFIG_OPENSSL_WITH_CMS \
50 CONFIG_OPENSSL_WITH_COMPRESSION \
51 CONFIG_OPENSSL_WITH_DTLS \
52 CONFIG_OPENSSL_WITH_EC2M \
53 CONFIG_OPENSSL_WITH_ERROR_MESSAGES \
54 CONFIG_OPENSSL_WITH_IDEA \
55 CONFIG_OPENSSL_WITH_MDC2 \
56 CONFIG_OPENSSL_WITH_NPN \
57 CONFIG_OPENSSL_WITH_PSK \
58 CONFIG_OPENSSL_WITH_RFC3779 \
59 CONFIG_OPENSSL_WITH_SEED \
60 CONFIG_OPENSSL_WITH_SM234 \
61 CONFIG_OPENSSL_WITH_SRP \
62 CONFIG_OPENSSL_WITH_SSE2 \
63 CONFIG_OPENSSL_WITH_TLS13 \
64 CONFIG_OPENSSL_WITH_WHIRLPOOL
66 include $(INCLUDE_DIR
)/package.mk
67 include $(INCLUDE_DIR
)/openssl-engine.mk
69 ifneq ($(CONFIG_CCACHE
),)
70 HOSTCC
=$(HOSTCC_NOCACHE
)
71 HOSTCXX
=$(HOSTCXX_NOCACHE
)
74 define Package
/openssl
/Default
75 TITLE
:=Open source SSL toolkit
76 URL
:=http
://www.openssl.org
/
81 define Package
/libopenssl
/config
82 source
"$(SOURCE)/Config.in"
85 define Package
/openssl
/Default
/description
86 The OpenSSL Project is a collaborative effort to develop a robust
,
87 commercial-grade
, full-featured
, and Open Source toolkit implementing the
88 Transport Layer Security
(TLS
) protocol
as well
as a full-strength
89 general-purpose cryptography library.
92 define Package
/libopenssl
93 $(call Package
/openssl
/Default
)
95 DEPENDS
:=+OPENSSL_WITH_COMPRESSION
:zlib \
96 +OPENSSL_ENGINE_BUILTIN_AFALG
:kmod-crypto-user \
97 +OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
:kmod-cryptodev \
98 +OPENSSL_ENGINE_BUILTIN_PADLOCK
:kmod-crypto-hw-padlock \
99 +(arm||armeb||mips||mipsel||powerpc||arc
):libatomic
101 ABI_VERSION
:=$(firstword $(subst .
,$(space
),$(PKG_VERSION
)))
105 define Package
/libopenssl
/description
106 $(call Package
/openssl
/Default
/description
)
107 This package contains the OpenSSL shared libraries
, needed by other programs.
110 define Package
/openssl-util
111 $(call Package
/openssl
/Default
)
114 DEPENDS
:=+libopenssl
+libopenssl-conf
118 define Package
/openssl-util
/description
119 $(call Package
/openssl
/Default
/description
)
120 This package contains the OpenSSL command-line utility.
123 define Package
/libopenssl-conf
124 $(call Package
/openssl
/Default
)
126 TITLE
:=/etc
/ssl
/openssl.cnf config file
130 define Package
/libopenssl-conf
/conffiles
132 $(if
$(CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
),/etc
/ssl
/engines.cnf.d
/devcrypto.cnf
)
133 $(if
$(CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK
),/etc
/ssl
/engines.cnf.d
/padlock.cnf
)
136 define Package
/libopenssl-conf
/description
137 $(call Package
/openssl
/Default
/description
)
138 This package installs the OpenSSL configuration file
/etc
/ssl
/openssl.cnf.
141 ifneq ($(CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK
)$(CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
),)
142 define Package
/libopenssl-conf
/postinst
144 OPENSSL_UCI
="$${IPKG_INSTROOT}/etc/config/openssl"
146 add_engine_config
() {
147 if
[ -z
"$${IPKG_INSTROOT}" ] && uci
-q
get "openssl.$$1" >/dev
/null
; then
148 [ "$$(uci -q get "openssl.
$$1.builtin
")" = 1 ] && return
149 uci set
"openssl.$$1.builtin=1" && uci commit openssl
154 echo
" option enabled '1'"
155 echo
" option builtin '1'"
157 } >>"$${OPENSSL_UCI}"
160 $(if
$(CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
),add_engine_config devcrypto
)
161 $(if
$(CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK
),add_engine_config padlock
)
165 $(eval
$(call Package
/openssl
/add-engine
,afalg
))
166 define Package
/libopenssl-afalg
167 $(call Package
/openssl
/Default
)
168 $(call Package
/openssl
/engine
/Default
)
169 TITLE
:=AFALG hardware acceleration engine
170 DEPENDS
+= @KERNEL_AIO
+PACKAGE_libopenssl-afalg
:kmod-crypto-user \
171 @
!OPENSSL_ENGINE_BUILTIN
174 define Package
/libopenssl-afalg
/description
175 This package adds an engine that enables hardware acceleration
176 through the AF_ALG kernel interface.
177 See https
://www.openssl.org
/docs
/man1.1
.1/man5
/config.html
#Engine-Configuration-Module
178 and https
://openwrt.org
/docs
/techref
/hardware
/cryptographic.hardware.accelerators
179 The engine_id is
"afalg"
182 $(eval
$(call Package
/openssl
/add-engine
,devcrypto
))
183 define Package
/libopenssl-devcrypto
184 $(call Package
/openssl
/Default
)
185 $(call Package
/openssl
/engine
/Default
)
186 TITLE
:=/dev
/crypto hardware acceleration engine
187 DEPENDS
+= +PACKAGE_libopenssl-devcrypto
:kmod-cryptodev @
!OPENSSL_ENGINE_BUILTIN
190 define Package
/libopenssl-devcrypto
/description
191 This package adds an engine that enables hardware acceleration
192 through the
/dev
/crypto kernel interface.
193 See https
://www.openssl.org
/docs
/man1.1
.1/man5
/config.html
#Engine-Configuration-Module
194 and https
://openwrt.org
/docs
/techref
/hardware
/cryptographic.hardware.accelerators
195 The engine_id is
"devcrypto"
198 $(eval
$(call Package
/openssl
/add-engine
,padlock
))
199 define Package
/libopenssl-padlock
200 $(call Package
/openssl
/Default
)
201 $(call Package
/openssl
/engine
/Default
)
202 TITLE
:=VIA Padlock hardware acceleration engine
203 DEPENDS
+= @TARGET_x86
+PACKAGE_libopenssl-padlock
:kmod-crypto-hw-padlock \
204 @
!OPENSSL_ENGINE_BUILTIN
207 define Package
/libopenssl-padlock
/description
208 This package adds an engine that enables VIA Padlock hardware acceleration.
209 See https
://www.openssl.org
/docs
/man1.1
.1/man5
/config.html
#Engine-Configuration-Module
210 and https
://openwrt.org
/docs
/techref
/hardware
/cryptographic.hardware.accelerators
211 The engine_id is
"padlock"
214 OPENSSL_OPTIONS
:= shared no-tests
216 ifndef CONFIG_OPENSSL_WITH_BLAKE2
217 OPENSSL_OPTIONS
+= no-blake2
220 ifndef CONFIG_OPENSSL_WITH_CHACHA_POLY1305
221 OPENSSL_OPTIONS
+= no-chacha no-poly1305
223 ifdef CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM
224 OPENSSL_OPTIONS
+= -DOPENSSL_PREFER_CHACHA_OVER_GCM
228 ifndef CONFIG_OPENSSL_WITH_ASYNC
229 OPENSSL_OPTIONS
+= no-async
232 ifndef CONFIG_OPENSSL_WITH_EC2M
233 OPENSSL_OPTIONS
+= no-ec2m
236 ifndef CONFIG_OPENSSL_WITH_ERROR_MESSAGES
237 OPENSSL_OPTIONS
+= no-err
240 ifndef CONFIG_OPENSSL_WITH_TLS13
241 OPENSSL_OPTIONS
+= no-tls1_3
244 ifndef CONFIG_OPENSSL_WITH_ARIA
245 OPENSSL_OPTIONS
+= no-aria
248 ifndef CONFIG_OPENSSL_WITH_SM234
249 OPENSSL_OPTIONS
+= no-sm2 no-sm3 no-sm4
252 ifndef CONFIG_OPENSSL_WITH_CAMELLIA
253 OPENSSL_OPTIONS
+= no-camellia
256 ifndef CONFIG_OPENSSL_WITH_IDEA
257 OPENSSL_OPTIONS
+= no-idea
260 ifndef CONFIG_OPENSSL_WITH_SEED
261 OPENSSL_OPTIONS
+= no-seed
264 ifndef CONFIG_OPENSSL_WITH_MDC2
265 OPENSSL_OPTIONS
+= no-mdc2
268 ifndef CONFIG_OPENSSL_WITH_WHIRLPOOL
269 OPENSSL_OPTIONS
+= no-whirlpool
272 ifndef CONFIG_OPENSSL_WITH_CMS
273 OPENSSL_OPTIONS
+= no-cms
276 ifndef CONFIG_OPENSSL_WITH_RFC3779
277 OPENSSL_OPTIONS
+= no-rfc3779
280 ifdef CONFIG_OPENSSL_NO_DEPRECATED
281 OPENSSL_OPTIONS
+= no-deprecated
284 ifeq ($(CONFIG_OPENSSL_OPTIMIZE_SPEED
),y
)
285 TARGET_CFLAGS
:= $(filter-out -O
%,$(TARGET_CFLAGS
)) -O3
288 ifeq ($(CONFIG_OPENSSL_SMALL_FOOTPRINT
),y
)
289 OPENSSL_OPTIONS
+= -DOPENSSL_SMALL_FOOTPRINT
292 ifdef CONFIG_OPENSSL_ENGINE
293 ifdef CONFIG_OPENSSL_ENGINE_BUILTIN
294 OPENSSL_OPTIONS
+= disable-dynamic-engine
295 ifndef CONFIG_OPENSSL_ENGINE_BUILTIN_AFALG
296 OPENSSL_OPTIONS
+= no-afalgeng
298 ifdef CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
299 OPENSSL_OPTIONS
+= enable-devcryptoeng
301 ifndef CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK
302 OPENSSL_OPTIONS
+= no-padlockeng
305 ifdef CONFIG_PACKAGE_libopenssl-devcrypto
306 OPENSSL_OPTIONS
+= enable-devcryptoeng
308 ifndef CONFIG_PACKAGE_libopenssl-afalg
309 OPENSSL_OPTIONS
+= no-afalgeng
311 ifndef CONFIG_PACKAGE_libopenssl-padlock
312 OPENSSL_OPTIONS
+= no-padlockeng
316 OPENSSL_OPTIONS
+= no-engine
319 ifndef CONFIG_OPENSSL_WITH_DTLS
320 OPENSSL_OPTIONS
+= no-dtls
323 ifdef CONFIG_OPENSSL_WITH_COMPRESSION
324 OPENSSL_OPTIONS
+= zlib-dynamic
326 OPENSSL_OPTIONS
+= no-comp
329 ifndef CONFIG_OPENSSL_WITH_NPN
330 OPENSSL_OPTIONS
+= no-nextprotoneg
333 ifndef CONFIG_OPENSSL_WITH_PSK
334 OPENSSL_OPTIONS
+= no-psk
337 ifndef CONFIG_OPENSSL_WITH_SRP
338 OPENSSL_OPTIONS
+= no-srp
341 ifndef CONFIG_OPENSSL_WITH_ASM
342 OPENSSL_OPTIONS
+= no-asm
346 ifndef CONFIG_OPENSSL_WITH_SSE2
347 OPENSSL_OPTIONS
+= no-sse2
351 OPENSSL_TARGET
:=linux-
$(call qstrip
,$(CONFIG_ARCH
))-openwrt
353 STAMP_CONFIGURED
:= $(STAMP_CONFIGURED
)_
$(shell echo
$(OPENSSL_OPTIONS
) |
$(MKHASH
) md5
)
355 define Build
/Configure
356 (cd
$(PKG_BUILD_DIR
); \
357 .
/Configure
$(OPENSSL_TARGET
) \
360 --openssldir
=/etc
/ssl \
361 --cross-compile-prefix
="$(TARGET_CROSS)" \
364 $(OPENSSL_OPTIONS
) && \
365 { [ -f
$(STAMP_CONFIGURED
) ] || make
clean; } \
369 TARGET_CFLAGS
+= $(FPIC
)
372 +$(MAKE
) $(PKG_JOBS
) -C
$(PKG_BUILD_DIR
) \
374 SOURCE_DATE_EPOCH
=$(SOURCE_DATE_EPOCH
) \
375 OPENWRT_OPTIMIZATION_FLAGS
="$(TARGET_CFLAGS)" \
376 $(OPENSSL_MAKEFLAGS
) \
378 $(MAKE
) -C
$(PKG_BUILD_DIR
) \
380 DESTDIR
="$(PKG_INSTALL_DIR)" \
381 $(OPENSSL_MAKEFLAGS
) \
382 install_sw install_ssldirs
385 define Build
/InstallDev
386 $(INSTALL_DIR
) $(1)/usr
/include
387 $(CP
) $(PKG_INSTALL_DIR
)/usr
/include/openssl
$(1)/usr
/include/
388 $(INSTALL_DIR
) $(1)/usr
/lib
/
389 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/lib
{crypto
,ssl
}.
{a
,so
*} $(1)/usr
/lib
/
390 $(INSTALL_DIR
) $(1)/usr
/lib
/pkgconfig
391 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/pkgconfig
/{openssl
,libcrypto
,libssl
}.
pc $(1)/usr
/lib
/pkgconfig
/
392 [ -n
"$(TARGET_LDFLAGS)" ] && $(SED
) 's#$(TARGET_LDFLAGS)##g' $(1)/usr
/lib
/pkgconfig
/{openssl
,libcrypto
,libssl
}.
pc || true
395 define Package
/libopenssl
/install
396 $(INSTALL_DIR
) $(1)/etc
/ssl
/certs
397 $(INSTALL_DIR
) $(1)/etc
/ssl
/private
398 chmod
0700 $(1)/etc
/ssl
/private
399 $(INSTALL_DIR
) $(1)/usr
/lib
400 $(INSTALL_DATA
) $(PKG_INSTALL_DIR
)/usr
/lib
/libcrypto.so.
* $(1)/usr
/lib
/
401 $(INSTALL_DATA
) $(PKG_INSTALL_DIR
)/usr
/lib
/libssl.so.
* $(1)/usr
/lib
/
402 $(if
$(CONFIG_OPENSSL_ENGINE
),$(INSTALL_DIR
) $(1)/usr
/lib
/$(ENGINES_DIR
))
405 define Package
/libopenssl-conf
/install
406 $(INSTALL_DIR
) $(1)/etc
/ssl
/engines.cnf.d
$(1)/etc
/config
$(1)/etc
/init.d
407 $(CP
) $(PKG_INSTALL_DIR
)/etc
/ssl
/openssl.cnf
$(1)/etc
/ssl
/
408 $(INSTALL_BIN
) .
/files
/openssl.init
$(1)/etc
/init.d
/openssl
409 $(SED
) 's!%ENGINES_DIR%!/usr/lib/$(ENGINES_DIR)!' $(1)/etc
/init.d
/openssl
410 touch
$(1)/etc
/config
/openssl
411 $(if
$(CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
),
412 $(CP
) .
/files
/devcrypto.cnf
$(1)/etc
/ssl
/engines.cnf.d
/
413 echo
-e
"config engine 'devcrypto'\n\toption enabled '1'" >> $(1)/etc
/config
/openssl
)
414 $(if
$(CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK
),
415 $(CP
) .
/files
/padlock.cnf
$(1)/etc
/ssl
/engines.cnf.d
/
416 echo
-e
"\nconfig engine 'padlock'\n\toption enabled '1'" >> $(1)/etc
/config
/openssl
)
419 define Package
/openssl-util
/install
420 $(INSTALL_DIR
) $(1)/usr
/bin
421 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/bin
/openssl
$(1)/usr
/bin
/
424 $(eval
$(call BuildPackage
,libopenssl
))
425 $(eval
$(call BuildPackage
,libopenssl-conf
))
426 $(eval
$(call BuildPackage
,libopenssl-afalg
))
427 $(eval
$(call BuildPackage
,libopenssl-devcrypto
))
428 $(eval
$(call BuildPackage
,libopenssl-padlock
))
429 $(eval
$(call BuildPackage
,openssl-util
))