package/libs/openssl/Makefile

   1 #
   2 # Copyright (C) 2006-2016 OpenWrt.org
   3 #
   4 # This is free software, licensed under the GNU General Public License v2.
   5 # See /LICENSE for more information.
   6 #
   7
   8 include $(TOPDIR)/rules.mk
   9
  10 PKG_NAME:=openssl
  11 PKG_BASE:=1.0.2
  12 PKG_BUGFIX:=q
  13 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
  14 PKG_RELEASE:=2
  15 PKG_USE_MIPS16:=0
  16
  17 PKG_BUILD_PARALLEL:=0
  18 PKG_BUILD_DEPENDS:=cryptodev-linux
  19
  20 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
  21 PKG_SOURCE_URL:= \
  22         http://ftp.fi.muni.cz/pub/openssl/source/ \
  23         http://ftp.linux.hr/pub/openssl/source/ \
  24         ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
  25         http://www.openssl.org/source/ \
  26         http://www.openssl.org/source/old/$(PKG_BASE)/
  27 PKG_HASH:=5744cfcbcec2b1b48629f7354203bc1e5e9b5466998bbccc5b5fcde3b18eb684
  28 ENGINES_DIR=engines
  29
  30 PKG_LICENSE:=OpenSSL
  31 PKG_LICENSE_FILES:=LICENSE
  32 PKG_CPE_ID:=cpe:/a:openssl:openssl
  33 PKG_CONFIG_DEPENDS:= \
  34         CONFIG_OPENSSL_ENGINE \
  35         CONFIG_OPENSSL_ENGINE_CRYPTO \
  36         CONFIG_OPENSSL_ENGINE_DIGEST \
  37         CONFIG_OPENSSL_NO_DEPRECATED \
  38         CONFIG_OPENSSL_OPTIMIZE_SPEED \
  39         CONFIG_OPENSSL_WITH_ASM \
  40         CONFIG_OPENSSL_WITH_CAMELLIA \
  41         CONFIG_OPENSSL_WITH_CMS \
  42         CONFIG_OPENSSL_WITH_COMPRESSION \
  43         CONFIG_OPENSSL_WITH_DTLS \
  44         CONFIG_OPENSSL_WITH_EC \
  45         CONFIG_OPENSSL_WITH_EC2M \
  46         CONFIG_OPENSSL_WITH_ERROR_MESSAGES \
  47         CONFIG_OPENSSL_WITH_GOST \
  48         CONFIG_OPENSSL_WITH_IDEA \
  49         CONFIG_OPENSSL_WITH_MDC2 \
  50         CONFIG_OPENSSL_WITH_NPN \
  51         CONFIG_OPENSSL_WITH_PSK \
  52         CONFIG_OPENSSL_WITH_RFC3779 \
  53         CONFIG_OPENSSL_WITH_SEED \
  54         CONFIG_OPENSSL_WITH_SRP \
  55         CONFIG_OPENSSL_WITH_SSE2 \
  56         CONFIG_OPENSSL_WITH_WHIRLPOOL
  57
  58 include $(INCLUDE_DIR)/package.mk
  59
  60 ifneq ($(CONFIG_CCACHE),)
  61 HOSTCC=$(HOSTCC_NOCACHE)
  62 HOSTCXX=$(HOSTCXX_NOCACHE)
  63 endif
  64
  65 define Package/openssl/Default
  66   TITLE:=Open source SSL toolkit
  67   URL:=http://www.openssl.org/
  68   SECTION:=libs
  69   CATEGORY:=Libraries
  70 endef
  71
  72 define Package/libopenssl/config
  73 source "$(SOURCE)/Config.in"
  74 endef
  75
  76 define Package/openssl/Default/description
  77 The OpenSSL Project is a collaborative effort to develop a robust,
  78 commercial-grade, full-featured, and Open Source toolkit implementing the
  79 Transport Layer Security (TLS) protocol as well as a full-strength
  80 general-purpose cryptography library.
  81 endef
  82
  83 define Package/libopenssl
  84 $(call Package/openssl/Default)
  85   SUBMENU:=SSL
  86   DEPENDS:=+OPENSSL_WITH_COMPRESSION:zlib
  87   TITLE+= (libraries)
  88   ABI_VERSION:=1.0.0
  89   MENU:=1
  90 endef
  91
  92 define Package/libopenssl/description
  93 $(call Package/openssl/Default/description)
  94 This package contains the OpenSSL shared libraries, needed by other programs.
  95 endef
  96
  97 define Package/openssl-util
  98   $(call Package/openssl/Default)
  99   SECTION:=utils
 100   CATEGORY:=Utilities
 101   DEPENDS:=+libopenssl
 102   TITLE+= (utility)
 103 endef
 104
 105 define Package/openssl-util/conffiles
 106 /etc/ssl/openssl.cnf
 107 endef
 108
 109 define Package/openssl-util/description
 110 $(call Package/openssl/Default/description)
 111 This package contains the OpenSSL command-line utility.
 112 endef
 113
 114 define Package/libopenssl-gost
 115   $(call Package/openssl/Default)
 116   SUBMENU:=SSL
 117   TITLE:=Russian GOST algorithms engine
 118   DEPENDS:=libopenssl +@OPENSSL_WITH_GOST
 119 endef
 120
 121 define Package/libopenssl-gost/description
 122 This package adds an engine that enables Russian GOST algorithms.
 123 To use it, you need to configure the engine in /etc/ssl/openssl.cnf
 124 See https://www.openssl.org/docs/man1.0.2/apps/config.html#ENGINE-CONFIGURATION-MODULE
 125 The engine_id is "gost"
 126 endef
 127
 128 define Package/libopenssl-padlock
 129   $(call Package/openssl/Default)
 130   SUBMENU:=SSL
 131   TITLE:=VIA Padlock hardware acceleration engine
 132   DEPENDS:=libopenssl @OPENSSL_ENGINE @TARGET_x86 +kmod-crypto-hw-padlock
 133 endef
 134
 135 define Package/libopenssl-padlock/description
 136 This package adds an engine that enables VIA Padlock hardware acceleration.
 137 To use it, you need to configure it in /etc/ssl/openssl.cnf.
 138 See https://www.openssl.org/docs/man1.0.2/apps/config.html#ENGINE-CONFIGURATION-MODULE
 139 The engine_id is "padlock"
 140 endef
 141
 142 OPENSSL_OPTIONS:= shared no-heartbeats no-sha0 no-ssl2-method no-ssl3-method
 143
 144 ifndef CONFIG_OPENSSL_WITH_EC
 145   OPENSSL_OPTIONS += no-ec
 146 endif
 147
 148 ifndef CONFIG_OPENSSL_WITH_EC2M
 149   OPENSSL_OPTIONS += no-ec2m
 150 endif
 151
 152 ifndef CONFIG_OPENSSL_WITH_ERROR_MESSAGES
 153   OPENSSL_OPTIONS += no-err
 154 endif
 155
 156 ifndef CONFIG_OPENSSL_WITH_CAMELLIA
 157   OPENSSL_OPTIONS += no-camellia
 158 endif
 159
 160 ifndef CONFIG_OPENSSL_WITH_IDEA
 161   OPENSSL_OPTIONS += no-idea
 162 endif
 163
 164 ifndef CONFIG_OPENSSL_WITH_SEED
 165   OPENSSL_OPTIONS += no-seed
 166 endif
 167
 168 ifndef CONFIG_OPENSSL_WITH_MDC2
 169   OPENSSL_OPTIONS += no-mdc2
 170 endif
 171
 172 ifndef CONFIG_OPENSSL_WITH_WHIRLPOOL
 173   OPENSSL_OPTIONS += no-whirlpool
 174 endif
 175
 176 ifndef CONFIG_OPENSSL_WITH_CMS
 177   OPENSSL_OPTIONS += no-cms
 178 endif
 179
 180 ifdef CONFIG_OPENSSL_WITH_RFC3779
 181   OPENSSL_OPTIONS += enable-rfc3779
 182 endif
 183
 184 ifdef CONFIG_OPENSSL_NO_DEPRECATED
 185   OPENSSL_OPTIONS += no-deprecated
 186 endif
 187
 188 ifeq ($(CONFIG_OPENSSL_OPTIMIZE_SPEED),y)
 189   TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS)) -O3
 190 else
 191   OPENSSL_OPTIONS += -DOPENSSL_SMALL_FOOTPRINT
 192 endif
 193
 194 ifdef CONFIG_OPENSSL_ENGINE
 195   ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
 196     OPENSSL_OPTIONS += -DHAVE_CRYPTODEV
 197     ifdef CONFIG_OPENSSL_ENGINE_DIGEST
 198       OPENSSL_OPTIONS += -DUSE_CRYPTODEV_DIGESTS
 199     endif
 200   endif
 201   ifndef CONFIG_PACKAGE_libopenssl-padlock
 202     OPENSSL_OPTIONS += no-hw-padlock
 203   endif
 204 else
 205   OPENSSL_OPTIONS += no-engine
 206 endif
 207
 208 ifndef CONFIG_OPENSSL_WITH_GOST
 209   OPENSSL_OPTIONS += no-gost
 210 endif
 211
 212 # Even with no-dtls and no-dtls1 options, the library keeps the DTLS code,
 213 # but openssl util gets built without it
 214 ifndef CONFIG_OPENSSL_WITH_DTLS
 215   OPENSSL_OPTIONS += no-dtls no-dtls1
 216 endif
 217
 218 ifdef CONFIG_OPENSSL_WITH_COMPRESSION
 219   OPENSSL_OPTIONS += zlib-dynamic
 220 else
 221   OPENSSL_OPTIONS += no-comp
 222 endif
 223
 224 ifndef CONFIG_OPENSSL_WITH_NPN
 225   OPENSSL_OPTIONS += no-nextprotoneg
 226 endif
 227
 228 ifndef CONFIG_OPENSSL_WITH_PSK
 229   OPENSSL_OPTIONS += no-psk
 230 endif
 231
 232 ifndef CONFIG_OPENSSL_WITH_SRP
 233   OPENSSL_OPTIONS += no-srp
 234 endif
 235
 236 ifndef CONFIG_OPENSSL_WITH_ASM
 237   OPENSSL_OPTIONS += no-asm
 238 endif
 239
 240 ifdef CONFIG_i386
 241   ifndef CONFIG_OPENSSL_WITH_SSE2
 242     OPENSSL_OPTIONS += no-sse2
 243   endif
 244 endif
 245
 246 OPENSSL_TARGET:=linux-$(call qstrip,$(CONFIG_ARCH))-openwrt
 247
 248 STAMP_CONFIGURED := $(STAMP_CONFIGURED)_$(shell echo $(OPENSSL_OPTIONS) | mkhash md5)
 249
 250 define Build/Configure
 251         [ -f $(STAMP_CONFIGURED) ] || { \
 252                 rm -f $(PKG_BUILD_DIR)/*.so.* $(PKG_BUILD_DIR)/*.a; \
 253                 find $(PKG_BUILD_DIR) -name \*.o | xargs rm -f; \
 254         }
 255         (cd $(PKG_BUILD_DIR); \
 256                 ./Configure $(OPENSSL_TARGET) \
 257                         --prefix=/usr \
 258                         --libdir=lib \
 259                         --openssldir=/etc/ssl \
 260                         $(TARGET_CPPFLAGS) \
 261                         $(TARGET_LDFLAGS) \
 262                         $(OPENSSL_OPTIONS) \
 263         )
 264         +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
 265                 CROSS_COMPILE="$(TARGET_CROSS)" \
 266                 MAKEDEPPROG="$(TARGET_CROSS)gcc" \
 267                 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
 268                 $(OPENSSL_MAKEFLAGS) \
 269                 depend
 270 endef
 271
 272 TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections
 273 TARGET_LDFLAGS += -Wl,--gc-sections
 274
 275 define Build/Compile
 276         +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
 277                 CROSS_COMPILE="$(TARGET_CROSS)" \
 278                 CC="$(TARGET_CC)" \
 279                 ASFLAGS="$(TARGET_ASFLAGS) -I$(PKG_BUILD_DIR)/crypto -c" \
 280                 AR="$(TARGET_CROSS)ar r" \
 281                 RANLIB="$(TARGET_CROSS)ranlib" \
 282                 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
 283                 $(OPENSSL_MAKEFLAGS) \
 284                 all
 285         +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
 286                 CROSS_COMPILE="$(TARGET_CROSS)" \
 287                 CC="$(TARGET_CC)" \
 288                 ASFLAGS="$(TARGET_ASFLAGS) -I$(PKG_BUILD_DIR)/crypto -c" \
 289                 AR="$(TARGET_CROSS)ar r" \
 290                 RANLIB="$(TARGET_CROSS)ranlib" \
 291                 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
 292                 $(OPENSSL_MAKEFLAGS) \
 293                 build-shared
 294         # Work around openssl build bug to link libssl.so with libcrypto.so.
 295         -rm $(PKG_BUILD_DIR)/libssl.so.*.*.*
 296         +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
 297                 CROSS_COMPILE="$(TARGET_CROSS)" \
 298                 CC="$(TARGET_CC)" \
 299                 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
 300                 $(OPENSSL_MAKEFLAGS) \
 301                 do_linux-shared
 302         $(MAKE) -C $(PKG_BUILD_DIR) \
 303                 CROSS_COMPILE="$(TARGET_CROSS)" \
 304                 CC="$(TARGET_CC)" \
 305                 INSTALL_PREFIX="$(PKG_INSTALL_DIR)" \
 306                 $(OPENSSL_MAKEFLAGS) \
 307                 install
 308 endef
 309
 310 define Build/InstallDev
 311         $(INSTALL_DIR) $(1)/usr/include
 312         $(CP) $(PKG_INSTALL_DIR)/usr/include/openssl $(1)/usr/include/
 313         $(INSTALL_DIR) $(1)/usr/lib/
 314         $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{crypto,ssl}.{a,so*} $(1)/usr/lib/
 315         $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
 316         $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc $(1)/usr/lib/pkgconfig/
 317         [ -n "$(TARGET_LDFLAGS)" ] && $(SED) 's#$(TARGET_LDFLAGS)##g' $(1)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc || true
 318 endef
 319
 320 define Package/libopenssl/install
 321         $(INSTALL_DIR) $(1)/etc/ssl/certs
 322         $(INSTALL_DIR) $(1)/etc/ssl/private
 323         chmod 0700 $(1)/etc/ssl/private
 324         $(INSTALL_DIR) $(1)/usr/lib
 325         $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcrypto.so.* $(1)/usr/lib/
 326         $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libssl.so.* $(1)/usr/lib/
 327         $(if $(CONFIG_OPENSSL_ENGINE),$(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR))
 328 endef
 329
 330 define Package/openssl-util/install
 331         $(INSTALL_DIR) $(1)/etc/ssl
 332         $(CP) $(PKG_INSTALL_DIR)/etc/ssl/openssl.cnf $(1)/etc/ssl/
 333         $(INSTALL_DIR) $(1)/usr/bin
 334         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openssl $(1)/usr/bin/
 335 endef
 336
 337 define Package/libopenssl-padlock/install
 338         $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
 339         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/*padlock.so $(1)/usr/lib/$(ENGINES_DIR)
 340 endef
 341
 342 define Package/libopenssl-gost/install
 343         $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
 344         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/libgost.so $(1)/usr/lib/$(ENGINES_DIR)
 345 endef
 346
 347 $(eval $(call BuildPackage,libopenssl))
 348 $(eval $(call BuildPackage,libopenssl-gost))
 349 $(eval $(call BuildPackage,libopenssl-padlock))
 350 $(eval $(call BuildPackage,openssl-util))