2 # Copyright (C) 2006-2016 OpenWrt.org
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
8 include $(TOPDIR
)/rules.mk
13 PKG_VERSION
:=$(PKG_BASE
)$(PKG_BUGFIX
)
16 ENGINES_DIR
=engines-1.1
20 PKG_SOURCE
:=$(PKG_NAME
)-$(PKG_VERSION
).
tar.gz
22 http
://ftp.fi.muni.cz
/pub
/openssl
/source
/ \
23 http
://ftp.linux.hr
/pub
/openssl
/source
/ \
24 ftp
://ftp.pca.dfn.de
/pub
/tools
/net
/openssl
/source
/ \
25 http
://www.openssl.org
/source
/ \
26 http
://www.openssl.org
/source
/old
/$(PKG_BASE
)/
27 PKG_HASH
:=5c9ca8774bd7b03e5784f26ae9e9e6d749c9da2438545077e6b3d755a06595d9
30 PKG_LICENSE_FILES
:=LICENSE
31 PKG_MAINTAINER
:=Eneas U de Queiroz
<cotequeiroz@gmail.com
>
32 PKG_CPE_ID
:=cpe
:/a
:openssl
:openssl
33 PKG_CONFIG_DEPENDS
:= \
34 CONFIG_OPENSSL_ENGINE \
35 CONFIG_OPENSSL_ENGINE_BUILTIN \
36 CONFIG_OPENSSL_ENGINE_BUILTIN_AFALG \
37 CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO \
38 CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK \
39 CONFIG_OPENSSL_NO_DEPRECATED \
40 CONFIG_OPENSSL_OPTIMIZE_SPEED \
41 CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM \
42 CONFIG_OPENSSL_WITH_ARIA \
43 CONFIG_OPENSSL_WITH_ASM \
44 CONFIG_OPENSSL_WITH_ASYNC \
45 CONFIG_OPENSSL_WITH_BLAKE2 \
46 CONFIG_OPENSSL_WITH_CAMELLIA \
47 CONFIG_OPENSSL_WITH_CHACHA_POLY1305 \
48 CONFIG_OPENSSL_WITH_CMS \
49 CONFIG_OPENSSL_WITH_COMPRESSION \
50 CONFIG_OPENSSL_WITH_DTLS \
51 CONFIG_OPENSSL_WITH_EC2M \
52 CONFIG_OPENSSL_WITH_ERROR_MESSAGES \
53 CONFIG_OPENSSL_WITH_GOST \
54 CONFIG_OPENSSL_WITH_IDEA \
55 CONFIG_OPENSSL_WITH_MDC2 \
56 CONFIG_OPENSSL_WITH_NPN \
57 CONFIG_OPENSSL_WITH_PSK \
58 CONFIG_OPENSSL_WITH_RFC3779 \
59 CONFIG_OPENSSL_WITH_SEED \
60 CONFIG_OPENSSL_WITH_SM234 \
61 CONFIG_OPENSSL_WITH_SRP \
62 CONFIG_OPENSSL_WITH_SSE2 \
63 CONFIG_OPENSSL_WITH_TLS13 \
64 CONFIG_OPENSSL_WITH_WHIRLPOOL
66 include $(INCLUDE_DIR
)/package.mk
68 ifneq ($(CONFIG_CCACHE
),)
69 HOSTCC
=$(HOSTCC_NOCACHE
)
70 HOSTCXX
=$(HOSTCXX_NOCACHE
)
73 define Package
/openssl
/Default
74 TITLE
:=Open source SSL toolkit
75 URL
:=http
://www.openssl.org
/
80 define Package
/libopenssl
/config
81 source
"$(SOURCE)/Config.in"
84 define Package
/openssl
/Default
/description
85 The OpenSSL Project is a collaborative effort to develop a robust
,
86 commercial-grade
, full-featured
, and Open Source toolkit implementing the
87 Transport Layer Security
(TLS
) protocol
as well
as a full-strength
88 general-purpose cryptography library.
91 define Package
/libopenssl
92 $(call Package
/openssl
/Default
)
94 DEPENDS
:=+OPENSSL_WITH_COMPRESSION
:zlib \
95 +OPENSSL_ENGINE_BUILTIN_AFALG
:kmod-crypto-user \
96 +OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
:kmod-cryptodev \
97 +OPENSSL_ENGINE_BUILTIN_PADLOCK
:kmod-crypto-hw-padlock
103 define Package
/libopenssl
/description
104 $(call Package
/openssl
/Default
/description
)
105 This package contains the OpenSSL shared libraries
, needed by other programs.
108 define Package
/openssl-util
109 $(call Package
/openssl
/Default
)
112 DEPENDS
:=+libopenssl
+libopenssl-conf
116 define Package
/openssl-util
/description
117 $(call Package
/openssl
/Default
/description
)
118 This package contains the OpenSSL command-line utility.
121 define Package
/libopenssl-conf
122 $(call Package
/openssl
/Default
)
124 TITLE
:=/etc
/ssl
/openssl.cnf config file
128 define Package
/libopenssl-conf
/conffiles
132 define Package
/libopenssl-conf
/description
133 $(call Package
/openssl
/Default
/description
)
134 This package installs the OpenSSL configuration file
/etc
/ssl
/openssl.cnf.
137 define Package
/libopenssl-afalg
138 $(call Package
/openssl
/Default
)
140 TITLE
:=AFALG hardware acceleration engine
141 DEPENDS
:=libopenssl @OPENSSL_ENGINE @KERNEL_AIO \
142 +PACKAGE_libopenssl-afalg
:kmod-crypto-user
+libopenssl-conf @
!OPENSSL_ENGINE_BUILTIN
145 define Package
/libopenssl-afalg
/description
146 This package adds an engine that enables hardware acceleration
147 through the AF_ALG kernel interface.
148 To use it
, you need to configure the engine in
/etc
/ssl
/openssl.cnf
149 See https
://www.openssl.org
/docs
/man1.1
.1/man5
/config.html
#Engine-Configuration-Module
150 and https
://openwrt.org
/docs
/techref
/hardware
/cryptographic.hardware.accelerators
151 The engine_id is
"afalg"
154 define Package
/libopenssl-devcrypto
155 $(call Package
/openssl
/Default
)
157 TITLE
:=/dev
/crypto hardware acceleration engine
158 DEPENDS
:=libopenssl @OPENSSL_ENGINE
+PACKAGE_libopenssl-devcrypto
:kmod-cryptodev
+libopenssl-conf \
159 @
!OPENSSL_ENGINE_BUILTIN
162 define Package
/libopenssl-devcrypto
/description
163 This package adds an engine that enables hardware acceleration
164 through the
/dev
/crypto kernel interface.
165 To use it
, you need to configure the engine in
/etc
/ssl
/openssl.cnf
166 See https
://www.openssl.org
/docs
/man1.1
.1/man5
/config.html
#Engine-Configuration-Module
167 and https
://openwrt.org
/docs
/techref
/hardware
/cryptographic.hardware.accelerators
168 The engine_id is
"devcrypto"
171 define Package
/libopenssl-padlock
172 $(call Package
/openssl
/Default
)
174 TITLE
:=VIA Padlock hardware acceleration engine
175 DEPENDS
:=libopenssl @OPENSSL_ENGINE @TARGET_x86
+PACKAGE_libopenssl-padlock
:kmod-crypto-hw-padlock \
176 +libopenssl-conf @
!OPENSSL_ENGINE_BUILTIN
179 define Package
/libopenssl-padlock
/description
180 This package adds an engine that enables VIA Padlock hardware acceleration.
181 To use it
, you need to configure it in
/etc
/ssl
/openssl.cnf.
182 See https
://www.openssl.org
/docs
/man1.1
.1/man5
/config.html
#Engine-Configuration-Module
183 and https
://openwrt.org
/docs
/techref
/hardware
/cryptographic.hardware.accelerators
184 The engine_id is
"padlock"
187 OPENSSL_OPTIONS
:= shared
189 ifndef CONFIG_OPENSSL_WITH_BLAKE2
190 OPENSSL_OPTIONS
+= no-blake2
193 ifndef CONFIG_OPENSSL_WITH_CHACHA_POLY1305
194 OPENSSL_OPTIONS
+= no-chacha no-poly1305
196 ifdef CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM
197 OPENSSL_OPTIONS
+= -DOPENSSL_PREFER_CHACHA_OVER_GCM
201 ifndef CONFIG_OPENSSL_WITH_ASYNC
202 OPENSSL_OPTIONS
+= no-async
205 ifndef CONFIG_OPENSSL_WITH_EC2M
206 OPENSSL_OPTIONS
+= no-ec2m
209 ifndef CONFIG_OPENSSL_WITH_ERROR_MESSAGES
210 OPENSSL_OPTIONS
+= no-err
213 ifndef CONFIG_OPENSSL_WITH_TLS13
214 OPENSSL_OPTIONS
+= no-tls1_3
217 ifndef CONFIG_OPENSSL_WITH_ARIA
218 OPENSSL_OPTIONS
+= no-aria
221 ifndef CONFIG_OPENSSL_WITH_SM234
222 OPENSSL_OPTIONS
+= no-sm2 no-sm3 no-sm4
225 ifndef CONFIG_OPENSSL_WITH_CAMELLIA
226 OPENSSL_OPTIONS
+= no-camellia
229 ifndef CONFIG_OPENSSL_WITH_IDEA
230 OPENSSL_OPTIONS
+= no-idea
233 ifndef CONFIG_OPENSSL_WITH_SEED
234 OPENSSL_OPTIONS
+= no-seed
237 ifndef CONFIG_OPENSSL_WITH_MDC2
238 OPENSSL_OPTIONS
+= no-mdc2
241 ifndef CONFIG_OPENSSL_WITH_WHIRLPOOL
242 OPENSSL_OPTIONS
+= no-whirlpool
245 ifndef CONFIG_OPENSSL_WITH_CMS
246 OPENSSL_OPTIONS
+= no-cms
249 ifndef CONFIG_OPENSSL_WITH_RFC3779
250 OPENSSL_OPTIONS
+= no-rfc3779
253 ifdef CONFIG_OPENSSL_NO_DEPRECATED
254 OPENSSL_OPTIONS
+= no-deprecated
257 ifeq ($(CONFIG_OPENSSL_OPTIMIZE_SPEED
),y
)
258 TARGET_CFLAGS
:= $(filter-out -O
%,$(TARGET_CFLAGS
)) -O3
260 OPENSSL_OPTIONS
+= -DOPENSSL_SMALL_FOOTPRINT
263 ifdef CONFIG_OPENSSL_ENGINE
264 ifdef CONFIG_OPENSSL_ENGINE_BUILTIN
265 OPENSSL_OPTIONS
+= disable-dynamic-engine
266 ifndef CONFIG_OPENSSL_ENGINE_BUILTIN_AFALG
267 OPENSSL_OPTIONS
+= no-afalgeng
269 ifdef CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
270 OPENSSL_OPTIONS
+= enable-devcryptoeng
272 ifndef CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK
273 OPENSSL_OPTIONS
+= no-hw-padlock
276 ifdef CONFIG_PACKAGE_libopenssl-devcrypto
277 OPENSSL_OPTIONS
+= enable-devcryptoeng
279 ifndef CONFIG_PACKAGE_libopenssl-afalg
280 OPENSSL_OPTIONS
+= no-afalgeng
282 ifndef CONFIG_PACKAGE_libopenssl-padlock
283 OPENSSL_OPTIONS
+= no-hw-padlock
287 OPENSSL_OPTIONS
+= no-engine
290 ifndef CONFIG_OPENSSL_WITH_GOST
291 OPENSSL_OPTIONS
+= no-gost
294 ifndef CONFIG_OPENSSL_WITH_DTLS
295 OPENSSL_OPTIONS
+= no-dtls
298 ifdef CONFIG_OPENSSL_WITH_COMPRESSION
299 OPENSSL_OPTIONS
+= zlib-dynamic
301 OPENSSL_OPTIONS
+= no-comp
304 ifndef CONFIG_OPENSSL_WITH_NPN
305 OPENSSL_OPTIONS
+= no-nextprotoneg
308 ifndef CONFIG_OPENSSL_WITH_PSK
309 OPENSSL_OPTIONS
+= no-psk
312 ifndef CONFIG_OPENSSL_WITH_SRP
313 OPENSSL_OPTIONS
+= no-srp
316 ifndef CONFIG_OPENSSL_WITH_ASM
317 OPENSSL_OPTIONS
+= no-asm
321 ifndef CONFIG_OPENSSL_WITH_SSE2
322 OPENSSL_OPTIONS
+= no-sse2
326 OPENSSL_TARGET
:=linux-
$(call qstrip
,$(CONFIG_ARCH
))-openwrt
328 STAMP_CONFIGURED
:= $(STAMP_CONFIGURED
)_
$(shell echo
$(OPENSSL_OPTIONS
) | mkhash md5
)
330 define Build
/Configure
331 (cd
$(PKG_BUILD_DIR
); \
332 .
/Configure
$(OPENSSL_TARGET
) \
335 --openssldir
=/etc
/ssl \
336 --cross-compile-prefix
="$(TARGET_CROSS)" \
339 $(OPENSSL_OPTIONS
) && \
340 { [ -f
$(STAMP_CONFIGURED
) ] || make
clean; } \
344 TARGET_CFLAGS
+= $(FPIC
) -ffunction-sections
-fdata-sections
345 TARGET_LDFLAGS
+= -Wl
,--gc-sections
348 +$(MAKE
) $(PKG_JOBS
) -C
$(PKG_BUILD_DIR
) \
350 SOURCE_DATE_EPOCH
=$(SOURCE_DATE_EPOCH
) \
351 OPENWRT_OPTIMIZATION_FLAGS
="$(TARGET_CFLAGS)" \
352 $(OPENSSL_MAKEFLAGS
) \
354 $(MAKE
) -C
$(PKG_BUILD_DIR
) \
356 DESTDIR
="$(PKG_INSTALL_DIR)" \
357 $(OPENSSL_MAKEFLAGS
) \
358 install_sw install_ssldirs
361 define Build
/InstallDev
362 $(INSTALL_DIR
) $(1)/usr
/include
363 $(CP
) $(PKG_INSTALL_DIR
)/usr
/include/openssl
$(1)/usr
/include/
364 $(INSTALL_DIR
) $(1)/usr
/lib
/
365 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/lib
{crypto
,ssl
}.
{a
,so
*} $(1)/usr
/lib
/
366 $(INSTALL_DIR
) $(1)/usr
/lib
/pkgconfig
367 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/pkgconfig
/{openssl
,libcrypto
,libssl
}.
pc $(1)/usr
/lib
/pkgconfig
/
368 [ -n
"$(TARGET_LDFLAGS)" ] && $(SED
) 's#$(TARGET_LDFLAGS)##g' $(1)/usr
/lib
/pkgconfig
/{openssl
,libcrypto
,libssl
}.
pc || true
371 define Package
/libopenssl
/install
372 $(INSTALL_DIR
) $(1)/etc
/ssl
/certs
373 $(INSTALL_DIR
) $(1)/etc
/ssl
/private
374 chmod
0700 $(1)/etc
/ssl
/private
375 $(INSTALL_DIR
) $(1)/usr
/lib
376 $(INSTALL_DATA
) $(PKG_INSTALL_DIR
)/usr
/lib
/libcrypto.so.
* $(1)/usr
/lib
/
377 $(INSTALL_DATA
) $(PKG_INSTALL_DIR
)/usr
/lib
/libssl.so.
* $(1)/usr
/lib
/
378 $(if
$(CONFIG_OPENSSL_ENGINE
),$(INSTALL_DIR
) $(1)/usr
/lib
/$(ENGINES_DIR
))
381 define Package
/libopenssl-conf
/install
382 $(INSTALL_DIR
) $(1)/etc
/ssl
383 $(CP
) $(PKG_INSTALL_DIR
)/etc
/ssl
/openssl.cnf
$(1)/etc
/ssl
/
386 define Package
/openssl-util
/install
387 $(INSTALL_DIR
) $(1)/usr
/bin
388 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/bin
/openssl
$(1)/usr
/bin
/
391 define Package
/libopenssl-afalg
/install
392 $(INSTALL_DIR
) $(1)/usr
/lib
/$(ENGINES_DIR
)
393 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/lib
/$(ENGINES_DIR
)/afalg.so
$(1)/usr
/lib
/$(ENGINES_DIR
)
396 define Package
/libopenssl-devcrypto
/install
397 $(INSTALL_DIR
) $(1)/usr
/lib
/$(ENGINES_DIR
)
398 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/lib
/$(ENGINES_DIR
)/devcrypto.so
$(1)/usr
/lib
/$(ENGINES_DIR
)
401 define Package
/libopenssl-padlock
/install
402 $(INSTALL_DIR
) $(1)/usr
/lib
/$(ENGINES_DIR
)
403 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/lib
/$(ENGINES_DIR
)/*padlock.so
$(1)/usr
/lib
/$(ENGINES_DIR
)
406 $(eval
$(call BuildPackage
,libopenssl
))
407 $(eval
$(call BuildPackage
,libopenssl-conf
))
408 $(eval
$(call BuildPackage
,libopenssl-afalg
))
409 $(eval
$(call BuildPackage
,libopenssl-devcrypto
))
410 $(eval
$(call BuildPackage
,libopenssl-padlock
))
411 $(eval
$(call BuildPackage
,openssl-util
))