123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411 |
- #
- # Copyright (C) 2006-2016 OpenWrt.org
- #
- # This is free software, licensed under the GNU General Public License v2.
- # See /LICENSE for more information.
- #
- include $(TOPDIR)/rules.mk
- PKG_NAME:=openssl
- PKG_BASE:=1.1.1
- PKG_BUGFIX:=t
- PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
- PKG_RELEASE:=1
- PKG_USE_MIPS16:=0
- ENGINES_DIR=engines-1.1
- PKG_BUILD_PARALLEL:=1
- PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
- PKG_SOURCE_URL:= \
- http://ftp.fi.muni.cz/pub/openssl/source/ \
- http://ftp.linux.hr/pub/openssl/source/ \
- ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
- ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/
- PKG_HASH:=8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b
- PKG_LICENSE:=OpenSSL
- PKG_LICENSE_FILES:=LICENSE
- PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
- PKG_CPE_ID:=cpe:/a:openssl:openssl
- PKG_CONFIG_DEPENDS:= \
- CONFIG_OPENSSL_ENGINE \
- CONFIG_OPENSSL_ENGINE_BUILTIN \
- CONFIG_OPENSSL_ENGINE_BUILTIN_AFALG \
- CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO \
- CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK \
- CONFIG_OPENSSL_NO_DEPRECATED \
- CONFIG_OPENSSL_OPTIMIZE_SPEED \
- CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM \
- CONFIG_OPENSSL_WITH_ARIA \
- CONFIG_OPENSSL_WITH_ASM \
- CONFIG_OPENSSL_WITH_ASYNC \
- CONFIG_OPENSSL_WITH_BLAKE2 \
- CONFIG_OPENSSL_WITH_CAMELLIA \
- CONFIG_OPENSSL_WITH_CHACHA_POLY1305 \
- CONFIG_OPENSSL_WITH_CMS \
- CONFIG_OPENSSL_WITH_COMPRESSION \
- CONFIG_OPENSSL_WITH_DTLS \
- CONFIG_OPENSSL_WITH_EC2M \
- CONFIG_OPENSSL_WITH_ERROR_MESSAGES \
- CONFIG_OPENSSL_WITH_GOST \
- CONFIG_OPENSSL_WITH_IDEA \
- CONFIG_OPENSSL_WITH_MDC2 \
- CONFIG_OPENSSL_WITH_NPN \
- CONFIG_OPENSSL_WITH_PSK \
- CONFIG_OPENSSL_WITH_RFC3779 \
- CONFIG_OPENSSL_WITH_SEED \
- CONFIG_OPENSSL_WITH_SM234 \
- CONFIG_OPENSSL_WITH_SRP \
- CONFIG_OPENSSL_WITH_SSE2 \
- CONFIG_OPENSSL_WITH_TLS13 \
- CONFIG_OPENSSL_WITH_WHIRLPOOL
- include $(INCLUDE_DIR)/package.mk
- ifneq ($(CONFIG_CCACHE),)
- HOSTCC=$(HOSTCC_NOCACHE)
- HOSTCXX=$(HOSTCXX_NOCACHE)
- endif
- define Package/openssl/Default
- TITLE:=Open source SSL toolkit
- URL:=http://www.openssl.org/
- SECTION:=libs
- CATEGORY:=Libraries
- endef
- define Package/libopenssl/config
- source "$(SOURCE)/Config.in"
- endef
- define Package/openssl/Default/description
- The OpenSSL Project is a collaborative effort to develop a robust,
- commercial-grade, full-featured, and Open Source toolkit implementing the
- Transport Layer Security (TLS) protocol as well as a full-strength
- general-purpose cryptography library.
- endef
- define Package/libopenssl
- $(call Package/openssl/Default)
- SUBMENU:=SSL
- DEPENDS:=+OPENSSL_WITH_COMPRESSION:zlib \
- +OPENSSL_ENGINE_BUILTIN_AFALG:kmod-crypto-user \
- +OPENSSL_ENGINE_BUILTIN_DEVCRYPTO:kmod-cryptodev \
- +OPENSSL_ENGINE_BUILTIN_PADLOCK:kmod-crypto-hw-padlock
- TITLE+= (libraries)
- ABI_VERSION:=1.1
- MENU:=1
- endef
- define Package/libopenssl/description
- $(call Package/openssl/Default/description)
- This package contains the OpenSSL shared libraries, needed by other programs.
- endef
- define Package/openssl-util
- $(call Package/openssl/Default)
- SECTION:=utils
- CATEGORY:=Utilities
- DEPENDS:=+libopenssl +libopenssl-conf
- TITLE+= (utility)
- endef
- define Package/openssl-util/description
- $(call Package/openssl/Default/description)
- This package contains the OpenSSL command-line utility.
- endef
- define Package/libopenssl-conf
- $(call Package/openssl/Default)
- SUBMENU:=SSL
- TITLE:=/etc/ssl/openssl.cnf config file
- DEPENDS:=libopenssl
- endef
- define Package/libopenssl-conf/conffiles
- /etc/ssl/openssl.cnf
- endef
- define Package/libopenssl-conf/description
- $(call Package/openssl/Default/description)
- This package installs the OpenSSL configuration file /etc/ssl/openssl.cnf.
- endef
- define Package/libopenssl-afalg
- $(call Package/openssl/Default)
- SUBMENU:=SSL
- TITLE:=AFALG hardware acceleration engine
- DEPENDS:=libopenssl @OPENSSL_ENGINE @KERNEL_AIO \
- +PACKAGE_libopenssl-afalg:kmod-crypto-user +libopenssl-conf @!OPENSSL_ENGINE_BUILTIN
- endef
- define Package/libopenssl-afalg/description
- This package adds an engine that enables hardware acceleration
- through the AF_ALG kernel interface.
- To use it, you need to configure the engine in /etc/ssl/openssl.cnf
- See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
- and https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators
- The engine_id is "afalg"
- endef
- define Package/libopenssl-devcrypto
- $(call Package/openssl/Default)
- SUBMENU:=SSL
- TITLE:=/dev/crypto hardware acceleration engine
- DEPENDS:=libopenssl @OPENSSL_ENGINE +PACKAGE_libopenssl-devcrypto:kmod-cryptodev +libopenssl-conf \
- @!OPENSSL_ENGINE_BUILTIN
- endef
- define Package/libopenssl-devcrypto/description
- This package adds an engine that enables hardware acceleration
- through the /dev/crypto kernel interface.
- To use it, you need to configure the engine in /etc/ssl/openssl.cnf
- See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
- and https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators
- The engine_id is "devcrypto"
- endef
- define Package/libopenssl-padlock
- $(call Package/openssl/Default)
- SUBMENU:=SSL
- TITLE:=VIA Padlock hardware acceleration engine
- DEPENDS:=libopenssl @OPENSSL_ENGINE @TARGET_x86 +PACKAGE_libopenssl-padlock:kmod-crypto-hw-padlock \
- +libopenssl-conf @!OPENSSL_ENGINE_BUILTIN
- endef
- define Package/libopenssl-padlock/description
- This package adds an engine that enables VIA Padlock hardware acceleration.
- To use it, you need to configure it in /etc/ssl/openssl.cnf.
- See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
- and https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators
- The engine_id is "padlock"
- endef
- OPENSSL_OPTIONS:= shared
- ifndef CONFIG_OPENSSL_WITH_BLAKE2
- OPENSSL_OPTIONS += no-blake2
- endif
- ifndef CONFIG_OPENSSL_WITH_CHACHA_POLY1305
- OPENSSL_OPTIONS += no-chacha no-poly1305
- else
- ifdef CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM
- OPENSSL_OPTIONS += -DOPENSSL_PREFER_CHACHA_OVER_GCM
- endif
- endif
- ifndef CONFIG_OPENSSL_WITH_ASYNC
- OPENSSL_OPTIONS += no-async
- endif
- ifndef CONFIG_OPENSSL_WITH_EC2M
- OPENSSL_OPTIONS += no-ec2m
- endif
- ifndef CONFIG_OPENSSL_WITH_ERROR_MESSAGES
- OPENSSL_OPTIONS += no-err
- endif
- ifndef CONFIG_OPENSSL_WITH_TLS13
- OPENSSL_OPTIONS += no-tls1_3
- endif
- ifndef CONFIG_OPENSSL_WITH_ARIA
- OPENSSL_OPTIONS += no-aria
- endif
- ifndef CONFIG_OPENSSL_WITH_SM234
- OPENSSL_OPTIONS += no-sm2 no-sm3 no-sm4
- endif
- ifndef CONFIG_OPENSSL_WITH_CAMELLIA
- OPENSSL_OPTIONS += no-camellia
- endif
- ifndef CONFIG_OPENSSL_WITH_IDEA
- OPENSSL_OPTIONS += no-idea
- endif
- ifndef CONFIG_OPENSSL_WITH_SEED
- OPENSSL_OPTIONS += no-seed
- endif
- ifndef CONFIG_OPENSSL_WITH_MDC2
- OPENSSL_OPTIONS += no-mdc2
- endif
- ifndef CONFIG_OPENSSL_WITH_WHIRLPOOL
- OPENSSL_OPTIONS += no-whirlpool
- endif
- ifndef CONFIG_OPENSSL_WITH_CMS
- OPENSSL_OPTIONS += no-cms
- endif
- ifndef CONFIG_OPENSSL_WITH_RFC3779
- OPENSSL_OPTIONS += no-rfc3779
- endif
- ifdef CONFIG_OPENSSL_NO_DEPRECATED
- OPENSSL_OPTIONS += no-deprecated
- endif
- ifeq ($(CONFIG_OPENSSL_OPTIMIZE_SPEED),y)
- TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS)) -O3
- else
- OPENSSL_OPTIONS += -DOPENSSL_SMALL_FOOTPRINT
- endif
- ifdef CONFIG_OPENSSL_ENGINE
- ifdef CONFIG_OPENSSL_ENGINE_BUILTIN
- OPENSSL_OPTIONS += disable-dynamic-engine
- ifndef CONFIG_OPENSSL_ENGINE_BUILTIN_AFALG
- OPENSSL_OPTIONS += no-afalgeng
- endif
- ifdef CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
- OPENSSL_OPTIONS += enable-devcryptoeng
- endif
- ifndef CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK
- OPENSSL_OPTIONS += no-hw-padlock
- endif
- else
- ifdef CONFIG_PACKAGE_libopenssl-devcrypto
- OPENSSL_OPTIONS += enable-devcryptoeng
- endif
- ifndef CONFIG_PACKAGE_libopenssl-afalg
- OPENSSL_OPTIONS += no-afalgeng
- endif
- ifndef CONFIG_PACKAGE_libopenssl-padlock
- OPENSSL_OPTIONS += no-hw-padlock
- endif
- endif
- else
- OPENSSL_OPTIONS += no-engine
- endif
- ifndef CONFIG_OPENSSL_WITH_GOST
- OPENSSL_OPTIONS += no-gost
- endif
- ifndef CONFIG_OPENSSL_WITH_DTLS
- OPENSSL_OPTIONS += no-dtls
- endif
- ifdef CONFIG_OPENSSL_WITH_COMPRESSION
- OPENSSL_OPTIONS += zlib-dynamic
- else
- OPENSSL_OPTIONS += no-comp
- endif
- ifndef CONFIG_OPENSSL_WITH_NPN
- OPENSSL_OPTIONS += no-nextprotoneg
- endif
- ifndef CONFIG_OPENSSL_WITH_PSK
- OPENSSL_OPTIONS += no-psk
- endif
- ifndef CONFIG_OPENSSL_WITH_SRP
- OPENSSL_OPTIONS += no-srp
- endif
- ifndef CONFIG_OPENSSL_WITH_ASM
- OPENSSL_OPTIONS += no-asm
- endif
- ifdef CONFIG_i386
- ifndef CONFIG_OPENSSL_WITH_SSE2
- OPENSSL_OPTIONS += no-sse2
- endif
- endif
- OPENSSL_TARGET:=linux-$(call qstrip,$(CONFIG_ARCH))-librecmc
- STAMP_CONFIGURED := $(STAMP_CONFIGURED)_$(shell echo $(OPENSSL_OPTIONS) | mkhash md5)
- define Build/Configure
- (cd $(PKG_BUILD_DIR); \
- ./Configure $(OPENSSL_TARGET) \
- --prefix=/usr \
- --libdir=lib \
- --openssldir=/etc/ssl \
- --cross-compile-prefix="$(TARGET_CROSS)" \
- $(TARGET_CPPFLAGS) \
- $(TARGET_LDFLAGS) \
- $(OPENSSL_OPTIONS) && \
- { [ -f $(STAMP_CONFIGURED) ] || make clean; } \
- )
- endef
- TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections
- TARGET_LDFLAGS += -Wl,--gc-sections
- define Build/Compile
- +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
- CC="$(TARGET_CC)" \
- SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
- LIBRECMC_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
- $(OPENSSL_MAKEFLAGS) \
- all
- $(MAKE) -C $(PKG_BUILD_DIR) \
- CC="$(TARGET_CC)" \
- DESTDIR="$(PKG_INSTALL_DIR)" \
- $(OPENSSL_MAKEFLAGS) \
- install_sw install_ssldirs
- endef
- define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/include
- $(CP) $(PKG_INSTALL_DIR)/usr/include/openssl $(1)/usr/include/
- $(INSTALL_DIR) $(1)/usr/lib/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{crypto,ssl}.{a,so*} $(1)/usr/lib/
- $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc $(1)/usr/lib/pkgconfig/
- [ -n "$(TARGET_LDFLAGS)" ] && $(SED) 's#$(TARGET_LDFLAGS)##g' $(1)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc || true
- endef
- define Package/libopenssl/install
- $(INSTALL_DIR) $(1)/etc/ssl/certs
- $(INSTALL_DIR) $(1)/etc/ssl/private
- chmod 0700 $(1)/etc/ssl/private
- $(INSTALL_DIR) $(1)/usr/lib
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcrypto.so.* $(1)/usr/lib/
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libssl.so.* $(1)/usr/lib/
- $(if $(CONFIG_OPENSSL_ENGINE),$(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR))
- endef
- define Package/libopenssl-conf/install
- $(INSTALL_DIR) $(1)/etc/ssl
- $(CP) $(PKG_INSTALL_DIR)/etc/ssl/openssl.cnf $(1)/etc/ssl/
- endef
- define Package/openssl-util/install
- $(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openssl $(1)/usr/bin/
- endef
- define Package/libopenssl-afalg/install
- $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/afalg.so $(1)/usr/lib/$(ENGINES_DIR)
- endef
- define Package/libopenssl-devcrypto/install
- $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/devcrypto.so $(1)/usr/lib/$(ENGINES_DIR)
- endef
- define Package/libopenssl-padlock/install
- $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/*padlock.so $(1)/usr/lib/$(ENGINES_DIR)
- endef
- $(eval $(call BuildPackage,libopenssl))
- $(eval $(call BuildPackage,libopenssl-conf))
- $(eval $(call BuildPackage,libopenssl-afalg))
- $(eval $(call BuildPackage,libopenssl-devcrypto))
- $(eval $(call BuildPackage,libopenssl-padlock))
- $(eval $(call BuildPackage,openssl-util))
|