openssl: security update to 1.0.1d to address CBC TLS issue
[openwrt/staging/mkresin.git] / package / libs / openssl / Makefile
1 #
2 # Copyright (C) 2006-2012 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=openssl
11 PKG_VERSION:=1.0.1d
12 PKG_RELEASE:=1
13
14 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
15 PKG_SOURCE_URL:=http://www.openssl.org/source/ \
16 ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \
17 ftp://ftp.webmonster.de/pub/openssl/source/ \
18 ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
19 PKG_MD5SUM:=b92fc634f0f1f31a67ed4175adc5ba33
20
21 PKG_LICENSE:=SSLEAY OPENSSL
22 PKG_LICENSE_FILES:=LICENSE
23 PKG_BUILD_DEPENDS:=ocf-crypto-headers
24 PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE_CRYPTO CONFIG_OPENSSL_ENGINE_DIGEST
25
26 include $(INCLUDE_DIR)/package.mk
27
28 define Package/openssl/Default
29 TITLE:=Open source SSL toolkit
30 URL:=http://www.openssl.org/
31 endef
32
33 define Package/libopenssl/config
34 source "$(SOURCE)/Config.in"
35 endef
36
37 define Package/openssl/Default/description
38 The OpenSSL Project is a collaborative effort to develop a robust,
39 commercial-grade, full-featured, and Open Source toolkit implementing the Secure
40 Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well
41 as a full-strength general purpose cryptography library.
42 endef
43
44 define Package/libopenssl
45 $(call Package/openssl/Default)
46 SECTION:=libs
47 SUBMENU:=SSL
48 CATEGORY:=Libraries
49 DEPENDS:=+zlib
50 TITLE+= (libraries)
51 MENU:=1
52 endef
53
54 define Package/libopenssl/description
55 $(call Package/openssl/Default/description)
56 This package contains the OpenSSL shared libraries, needed by other programs.
57 endef
58
59 define Package/openssl-util
60 $(call Package/openssl/Default)
61 SECTION:=utils
62 CATEGORY:=Utilities
63 DEPENDS:=+libopenssl
64 TITLE+= (utility)
65 endef
66
67 define Package/openssl-util/conffiles
68 /etc/ssl/openssl.cnf
69 endef
70
71 define Package/openssl-util/description
72 $(call Package/openssl/Default/description)
73 This package contains the OpenSSL command-line utility.
74 endef
75
76
77 OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-smime \
78 no-rmd160 no-aes192 no-ripemd no-camellia no-ans1 no-krb5
79 OPENSSL_OPTIONS:= shared no-ec no-err no-hw no-threads zlib-dynamic no-sse2
80
81 ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
82 OPENSSL_OPTIONS += -DHAVE_CRYPTODEV
83 ifdef CONFIG_OPENSSL_ENGINE_DIGEST
84 OPENSSL_OPTIONS += -DUSE_CRYPTODEV_DIGESTS
85 endif
86 else
87 OPENSSL_OPTIONS += no-engines
88 endif
89
90 ifeq ($(CONFIG_x86_64),y)
91 OPENSSL_TARGET:=linux-x86_64
92 else
93 OPENSSL_OPTIONS+=no-sse2
94 ifeq ($(CONFIG_mips)$(CONFIG_mipsel),y)
95 OPENSSL_TARGET:=linux-mips-openwrt
96 else
97 OPENSSL_TARGET:=linux-generic-openwrt
98 OPENSSL_OPTIONS+=no-perlasm
99 endif
100 endif
101
102 define Build/Configure
103 (cd $(PKG_BUILD_DIR); \
104 ./Configure $(OPENSSL_TARGET) \
105 --prefix=/usr \
106 --openssldir=/etc/ssl \
107 $(TARGET_CPPFLAGS) \
108 $(TARGET_LDFLAGS) -ldl \
109 -DOPENSSL_SMALL_FOOTPRINT \
110 $(OPENSSL_NO_CIPHERS) \
111 $(OPENSSL_OPTIONS) \
112 )
113 endef
114
115 TARGET_CFLAGS += $(FPIC)
116
117 define Build/Compile
118 # XXX: OpenSSL "make depend" will look for installed headers before its own,
119 # so remove installed stuff first
120 -$(SUBMAKE) -j1 clean-staging
121 $(MAKE) -C $(PKG_BUILD_DIR) \
122 MAKEDEPPROG="$(TARGET_CROSS)gcc" \
123 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
124 $(OPENSSL_MAKEFLAGS) \
125 depend
126 $(_SINGLE)$(MAKE) -C $(PKG_BUILD_DIR) \
127 CC="$(TARGET_CC)" \
128 AR="$(TARGET_CROSS)ar r" \
129 RANLIB="$(TARGET_CROSS)ranlib" \
130 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
131 $(OPENSSL_MAKEFLAGS) \
132 all
133 $(MAKE) -C $(PKG_BUILD_DIR) \
134 CC="$(TARGET_CC)" \
135 AR="$(TARGET_CROSS)ar r" \
136 RANLIB="$(TARGET_CROSS)ranlib" \
137 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
138 $(OPENSSL_MAKEFLAGS) \
139 build-shared
140 # Work around openssl build bug to link libssl.so with libcrypto.so.
141 -rm $(PKG_BUILD_DIR)/libssl.so.*.*.*
142 $(MAKE) -C $(PKG_BUILD_DIR) \
143 CC="$(TARGET_CC)" \
144 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
145 $(OPENSSL_MAKEFLAGS) \
146 do_linux-shared
147 $(MAKE) -C $(PKG_BUILD_DIR) \
148 CC="$(TARGET_CC)" \
149 INSTALL_PREFIX="$(PKG_INSTALL_DIR)" \
150 $(OPENSSL_MAKEFLAGS) \
151 install
152 endef
153
154 define Build/InstallDev
155 $(INSTALL_DIR) $(1)/usr/include
156 $(CP) $(PKG_INSTALL_DIR)/usr/include/openssl $(1)/usr/include/
157 $(INSTALL_DIR) $(1)/usr/lib/
158 $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{crypto,ssl}.{a,so*} $(1)/usr/lib/
159 $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
160 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc $(1)/usr/lib/pkgconfig/
161 [ -n "$(TARGET_LDFLAGS)" ] && $(SED) 's#$(TARGET_LDFLAGS)##g' $(1)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc || true
162 endef
163
164 define Package/libopenssl/install
165 $(INSTALL_DIR) $(1)/usr/lib
166 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcrypto.so.* $(1)/usr/lib/
167 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libssl.so.* $(1)/usr/lib/
168 endef
169
170 define Package/openssl-util/install
171 $(INSTALL_DIR) $(1)/etc/ssl
172 $(CP) $(PKG_INSTALL_DIR)/etc/ssl/openssl.cnf $(1)/etc/ssl/
173 $(INSTALL_DIR) $(1)/etc/ssl/certs
174 $(INSTALL_DIR) $(1)/etc/ssl/private
175 chmod 0700 $(1)/etc/ssl/private
176 $(INSTALL_DIR) $(1)/usr/bin
177 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openssl $(1)/usr/bin/
178 endef
179
180 $(eval $(call BuildPackage,libopenssl))
181 $(eval $(call BuildPackage,openssl-util))