package/libs/openssl/Makefile

   1 #
   2 # Copyright (C) 2006-2016 OpenWrt.org
   3 #
   4 # This is free software, licensed under the GNU General Public License v2.
   5 # See /LICENSE for more information.
   6 #
   7
   8 include $(TOPDIR)/rules.mk
   9
  10 PKG_NAME:=openssl
  11 PKG_BASE:=1.1.1
  12 PKG_BUGFIX:=a
  13 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
  14 PKG_RELEASE:=2
  15 PKG_USE_MIPS16:=0
  16 ENGINES_DIR=engines-1.1
  17
  18 PKG_BUILD_PARALLEL:=0
  19 PKG_BUILD_DEPENDS:=cryptodev-linux
  20
  21 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
  22 PKG_SOURCE_URL:= \
  23         http://ftp.fi.muni.cz/pub/openssl/source/ \
  24         http://ftp.linux.hr/pub/openssl/source/ \
  25         ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
  26         http://www.openssl.org/source/ \
  27         http://www.openssl.org/source/old/$(PKG_BASE)/
  28 PKG_HASH:=fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41
  29
  30 PKG_LICENSE:=OpenSSL
  31 PKG_LICENSE_FILES:=LICENSE
  32 PKG_CPE_ID:=cpe:/a:openssl:openssl
  33 PKG_CONFIG_DEPENDS:= \
  34         CONFIG_OPENSSL_ENGINE \
  35         CONFIG_OPENSSL_ENGINE_CRYPTO \
  36         CONFIG_OPENSSL_NO_DEPRECATED \
  37         CONFIG_OPENSSL_OPTIMIZE_SPEED \
  38         CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM \
  39         CONFIG_OPENSSL_WITH_ARIA \
  40         CONFIG_OPENSSL_WITH_ASM \
  41         CONFIG_OPENSSL_WITH_ASYNC \
  42         CONFIG_OPENSSL_WITH_BLAKE2 \
  43         CONFIG_OPENSSL_WITH_CAMELLIA \
  44         CONFIG_OPENSSL_WITH_CHACHA_POLY1305 \
  45         CONFIG_OPENSSL_WITH_CMS \
  46         CONFIG_OPENSSL_WITH_COMPRESSION \
  47         CONFIG_OPENSSL_WITH_DTLS \
  48         CONFIG_OPENSSL_WITH_EC \
  49         CONFIG_OPENSSL_WITH_EC2M \
  50         CONFIG_OPENSSL_WITH_ERROR_MESSAGES \
  51         CONFIG_OPENSSL_WITH_GOST \
  52         CONFIG_OPENSSL_WITH_IDEA \
  53         CONFIG_OPENSSL_WITH_MDC2 \
  54         CONFIG_OPENSSL_WITH_NPN \
  55         CONFIG_OPENSSL_WITH_PSK \
  56         CONFIG_OPENSSL_WITH_RFC3779 \
  57         CONFIG_OPENSSL_WITH_SEED \
  58         CONFIG_OPENSSL_WITH_SM234 \
  59         CONFIG_OPENSSL_WITH_SRP \
  60         CONFIG_OPENSSL_WITH_SSE2 \
  61         CONFIG_OPENSSL_WITH_TLS13 \
  62         CONFIG_OPENSSL_WITH_WHIRLPOOL
  63
  64 include $(INCLUDE_DIR)/package.mk
  65
  66 ifneq ($(CONFIG_CCACHE),)
  67 HOSTCC=$(HOSTCC_NOCACHE)
  68 HOSTCXX=$(HOSTCXX_NOCACHE)
  69 endif
  70
  71 define Package/openssl/Default
  72   TITLE:=Open source SSL toolkit
  73   URL:=http://www.openssl.org/
  74   SECTION:=libs
  75   CATEGORY:=Libraries
  76 endef
  77
  78 define Package/libopenssl/config
  79 source "$(SOURCE)/Config.in"
  80 endef
  81
  82 define Package/openssl/Default/description
  83 The OpenSSL Project is a collaborative effort to develop a robust,
  84 commercial-grade, full-featured, and Open Source toolkit implementing the
  85 Transport Layer Security (TLS) protocol as well as a full-strength
  86 general-purpose cryptography library.
  87 endef
  88
  89 define Package/libopenssl
  90 $(call Package/openssl/Default)
  91   SUBMENU:=SSL
  92   DEPENDS:=+OPENSSL_WITH_COMPRESSION:zlib
  93   TITLE+= (libraries)
  94   ABI_VERSION:=1.1
  95   MENU:=1
  96 endef
  97
  98 define Package/libopenssl/description
  99 $(call Package/openssl/Default/description)
 100 This package contains the OpenSSL shared libraries, needed by other programs.
 101 endef
 102
 103 define Package/openssl-util
 104   $(call Package/openssl/Default)
 105   SECTION:=utils
 106   CATEGORY:=Utilities
 107   DEPENDS:=+libopenssl
 108   TITLE+= (utility)
 109 endef
 110
 111 define Package/openssl-util/conffiles
 112 /etc/ssl/openssl.cnf
 113 endef
 114
 115 define Package/openssl-util/description
 116 $(call Package/openssl/Default/description)
 117 This package contains the OpenSSL command-line utility.
 118 endef
 119
 120 define Package/libopenssl-afalg
 121   $(call Package/openssl/Default)
 122   SUBMENU:=SSL
 123   TITLE:=AFALG hardware acceleration engine
 124   DEPENDS:=libopenssl @OPENSSL_ENGINE @KERNEL_AIO @!LINUX_3_18 +kmod-crypto-user
 125 endef
 126
 127 define Package/libopenssl-afalg/description
 128 This package adds an engine that enables hardware acceleration
 129 through the AF_ALG kernel interface.
 130 To use it, you need to configure the engine in /etc/ssl/openssl.cnf
 131 See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
 132 The engine_id is "afalg"
 133 endef
 134
 135 define Package/libopenssl-padlock
 136   $(call Package/openssl/Default)
 137   SUBMENU:=SSL
 138   TITLE:=VIA Padlock hardware acceleration engine
 139   DEPENDS:=libopenssl @OPENSSL_ENGINE @TARGET_x86 +kmod-crypto-hw-padlock
 140 endef
 141
 142 define Package/libopenssl-padlock/description
 143 This package adds an engine that enables VIA Padlock hardware acceleration.
 144 To use it, you need to configure it in /etc/ssl/openssl.cnf.
 145 See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
 146 The engine_id is "padlock"
 147 endef
 148
 149 OPENSSL_OPTIONS:= shared
 150
 151 ifndef CONFIG_OPENSSL_WITH_BLAKE2
 152   OPENSSL_OPTIONS += no-blake2
 153 endif
 154
 155 ifndef CONFIG_OPENSSL_WITH_CHACHA_POLY1305
 156   OPENSSL_OPTIONS += no-chacha no-poly1305
 157 else
 158   ifdef CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM
 159     OPENSSL_OPTIONS += -DOPENSSL_PREFER_CHACHA_OVER_GCM
 160   endif
 161 endif
 162
 163 ifndef CONFIG_OPENSSL_WITH_ASYNC
 164   OPENSSL_OPTIONS += no-async
 165 endif
 166
 167 ifndef CONFIG_OPENSSL_WITH_EC
 168   OPENSSL_OPTIONS += no-ec
 169 endif
 170
 171 ifndef CONFIG_OPENSSL_WITH_EC2M
 172   OPENSSL_OPTIONS += no-ec2m
 173 endif
 174
 175 ifndef CONFIG_OPENSSL_WITH_ERROR_MESSAGES
 176   OPENSSL_OPTIONS += no-err
 177 endif
 178
 179 ifndef CONFIG_OPENSSL_WITH_TLS13
 180   OPENSSL_OPTIONS += no-tls1_3
 181 endif
 182
 183 ifndef CONFIG_OPENSSL_WITH_ARIA
 184   OPENSSL_OPTIONS += no-aria
 185 endif
 186
 187 ifndef CONFIG_OPENSSL_WITH_SM234
 188   OPENSSL_OPTIONS += no-sm2 no-sm3 no-sm4
 189 endif
 190
 191 ifndef CONFIG_OPENSSL_WITH_CAMELLIA
 192   OPENSSL_OPTIONS += no-camellia
 193 endif
 194
 195 ifndef CONFIG_OPENSSL_WITH_IDEA
 196   OPENSSL_OPTIONS += no-idea
 197 endif
 198
 199 ifndef CONFIG_OPENSSL_WITH_SEED
 200   OPENSSL_OPTIONS += no-seed
 201 endif
 202
 203 ifndef CONFIG_OPENSSL_WITH_MDC2
 204   OPENSSL_OPTIONS += no-mdc2
 205 endif
 206
 207 ifndef CONFIG_OPENSSL_WITH_WHIRLPOOL
 208   OPENSSL_OPTIONS += no-whirlpool
 209 endif
 210
 211 ifndef CONFIG_OPENSSL_WITH_CMS
 212   OPENSSL_OPTIONS += no-cms
 213 endif
 214
 215 ifndef CONFIG_OPENSSL_WITH_RFC3779
 216   OPENSSL_OPTIONS += no-rfc3779
 217 endif
 218
 219 ifdef CONFIG_OPENSSL_NO_DEPRECATED
 220   OPENSSL_OPTIONS += no-deprecated
 221 endif
 222
 223 ifeq ($(CONFIG_OPENSSL_OPTIMIZE_SPEED),y)
 224   TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS)) -O3
 225 else
 226   OPENSSL_OPTIONS += -DOPENSSL_SMALL_FOOTPRINT
 227 endif
 228
 229 ifdef CONFIG_OPENSSL_ENGINE
 230   ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
 231     OPENSSL_OPTIONS += enable-devcryptoeng
 232   endif
 233   ifndef CONFIG_PACKAGE_libopenssl-afalg
 234     OPENSSL_OPTIONS += no-afalgeng
 235   endif
 236   ifndef CONFIG_PACKAGE_libopenssl-padlock
 237     OPENSSL_OPTIONS += no-hw-padlock
 238   endif
 239 else
 240   OPENSSL_OPTIONS += no-engine
 241 endif
 242
 243 ifndef CONFIG_OPENSSL_WITH_GOST
 244   OPENSSL_OPTIONS += no-gost
 245 endif
 246
 247 ifndef CONFIG_OPENSSL_WITH_DTLS
 248   OPENSSL_OPTIONS += no-dtls
 249 endif
 250
 251 ifdef CONFIG_OPENSSL_WITH_COMPRESSION
 252   OPENSSL_OPTIONS += zlib-dynamic
 253 else
 254   OPENSSL_OPTIONS += no-comp
 255 endif
 256
 257 ifndef CONFIG_OPENSSL_WITH_NPN
 258   OPENSSL_OPTIONS += no-nextprotoneg
 259 endif
 260
 261 ifndef CONFIG_OPENSSL_WITH_PSK
 262   OPENSSL_OPTIONS += no-psk
 263 endif
 264
 265 ifndef CONFIG_OPENSSL_WITH_SRP
 266   OPENSSL_OPTIONS += no-srp
 267 endif
 268
 269 ifndef CONFIG_OPENSSL_WITH_ASM
 270   OPENSSL_OPTIONS += no-asm
 271 endif
 272
 273 ifdef CONFIG_i386
 274   ifndef CONFIG_OPENSSL_WITH_SSE2
 275     OPENSSL_OPTIONS += no-sse2
 276   endif
 277 endif
 278
 279 OPENSSL_TARGET:=linux-$(call qstrip,$(CONFIG_ARCH))-openwrt
 280
 281 STAMP_CONFIGURED := $(STAMP_CONFIGURED)_$(shell echo $(OPENSSL_OPTIONS) | mkhash md5)
 282
 283 define Build/Configure
 284         [ -f $(STAMP_CONFIGURED) ] || { \
 285                 rm -f $(PKG_BUILD_DIR)/*.so.* $(PKG_BUILD_DIR)/*.a; \
 286                 find $(PKG_BUILD_DIR) -name \*.o | xargs rm -f; \
 287         }
 288         (cd $(PKG_BUILD_DIR); \
 289                 ./Configure $(OPENSSL_TARGET) \
 290                         --prefix=/usr \
 291                         --libdir=lib \
 292                         --openssldir=/etc/ssl \
 293                         $(TARGET_CPPFLAGS) \
 294                         $(TARGET_LDFLAGS) \
 295                         $(OPENSSL_OPTIONS) \
 296         )
 297 endef
 298
 299 TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections
 300 TARGET_LDFLAGS += -Wl,--gc-sections
 301
 302 define Build/Compile
 303         +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
 304                 CROSS_COMPILE="$(TARGET_CROSS)" \
 305                 CC="$(TARGET_CC)" \
 306                 SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
 307                 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
 308                 $(OPENSSL_MAKEFLAGS) \
 309                 all
 310         $(MAKE) -C $(PKG_BUILD_DIR) \
 311                 CROSS_COMPILE="$(TARGET_CROSS)" \
 312                 CC="$(TARGET_CC)" \
 313                 DESTDIR="$(PKG_INSTALL_DIR)" \
 314                 $(OPENSSL_MAKEFLAGS) \
 315                 install_sw install_ssldirs
 316 endef
 317
 318 define Build/InstallDev
 319         $(INSTALL_DIR) $(1)/usr/include
 320         $(CP) $(PKG_INSTALL_DIR)/usr/include/openssl $(1)/usr/include/
 321         $(INSTALL_DIR) $(1)/usr/lib/
 322         $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{crypto,ssl}.{a,so*} $(1)/usr/lib/
 323         $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
 324         $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc $(1)/usr/lib/pkgconfig/
 325         [ -n "$(TARGET_LDFLAGS)" ] && $(SED) 's#$(TARGET_LDFLAGS)##g' $(1)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc || true
 326 endef
 327
 328 define Package/libopenssl/install
 329         $(INSTALL_DIR) $(1)/etc/ssl/certs
 330         $(INSTALL_DIR) $(1)/etc/ssl/private
 331         chmod 0700 $(1)/etc/ssl/private
 332         $(INSTALL_DIR) $(1)/usr/lib
 333         $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcrypto.so.* $(1)/usr/lib/
 334         $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libssl.so.* $(1)/usr/lib/
 335         $(if $(CONFIG_OPENSSL_ENGINE),$(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR))
 336 endef
 337
 338 define Package/openssl-util/install
 339         $(INSTALL_DIR) $(1)/etc/ssl
 340         $(CP) $(PKG_INSTALL_DIR)/etc/ssl/openssl.cnf $(1)/etc/ssl/
 341         $(INSTALL_DIR) $(1)/usr/bin
 342         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openssl $(1)/usr/bin/
 343 endef
 344
 345 define Package/libopenssl-afalg/install
 346         $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
 347         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/afalg.so $(1)/usr/lib/$(ENGINES_DIR)
 348 endef
 349
 350 define Package/libopenssl-padlock/install
 351         $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
 352         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/*padlock.so $(1)/usr/lib/$(ENGINES_DIR)
 353 endef
 354
 355 $(eval $(call BuildPackage,libopenssl))
 356 $(eval $(call BuildPackage,libopenssl-afalg))
 357 $(eval $(call BuildPackage,libopenssl-padlock))
 358 $(eval $(call BuildPackage,openssl-util))