package/libs/openssl/Makefile

   1 #
   2 # Copyright (C) 2006-2016 OpenWrt.org
   3 #
   4 # This is free software, licensed under the GNU General Public License v2.
   5 # See /LICENSE for more information.
   6 #
   7
   8 include $(TOPDIR)/rules.mk
   9
  10 PKG_NAME:=openssl
  11 PKG_BASE:=1.1.1
  12 PKG_BUGFIX:=a
  13 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
  14 PKG_RELEASE:=2
  15 PKG_USE_MIPS16:=0
  16 ENGINES_DIR=engines-1.1
  17
  18 PKG_BUILD_PARALLEL:=0
  19 PKG_BUILD_DEPENDS:=cryptodev-linux
  20
  21 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
  22 PKG_SOURCE_URL:= \
  23         http://ftp.fi.muni.cz/pub/openssl/source/ \
  24         http://ftp.linux.hr/pub/openssl/source/ \
  25         ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
  26         http://www.openssl.org/source/ \
  27         http://www.openssl.org/source/old/$(PKG_BASE)/
  28 PKG_HASH:=fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41
  29
  30 PKG_LICENSE:=OpenSSL
  31 PKG_LICENSE_FILES:=LICENSE
  32 PKG_CPE_ID:=cpe:/a:openssl:openssl
  33 PKG_CONFIG_DEPENDS:= \
  34         CONFIG_OPENSSL_ENGINE \
  35         CONFIG_OPENSSL_ENGINE_CRYPTO \
  36         CONFIG_OPENSSL_NO_DEPRECATED \
  37         CONFIG_OPENSSL_OPTIMIZE_SPEED \
  38         CONFIG_OPENSSL_WITH_ARIA \
  39         CONFIG_OPENSSL_WITH_ASM \
  40         CONFIG_OPENSSL_WITH_ASYNC \
  41         CONFIG_OPENSSL_WITH_BLAKE2 \
  42         CONFIG_OPENSSL_WITH_CAMELLIA \
  43         CONFIG_OPENSSL_WITH_CHACHA_POLY1305 \
  44         CONFIG_OPENSSL_WITH_CMS \
  45         CONFIG_OPENSSL_WITH_COMPRESSION \
  46         CONFIG_OPENSSL_WITH_DTLS \
  47         CONFIG_OPENSSL_WITH_EC \
  48         CONFIG_OPENSSL_WITH_EC2M \
  49         CONFIG_OPENSSL_WITH_ERROR_MESSAGES \
  50         CONFIG_OPENSSL_WITH_GOST \
  51         CONFIG_OPENSSL_WITH_IDEA \
  52         CONFIG_OPENSSL_WITH_MDC2 \
  53         CONFIG_OPENSSL_WITH_NPN \
  54         CONFIG_OPENSSL_WITH_PSK \
  55         CONFIG_OPENSSL_WITH_RFC3779 \
  56         CONFIG_OPENSSL_WITH_SEED \
  57         CONFIG_OPENSSL_WITH_SM234 \
  58         CONFIG_OPENSSL_WITH_SRP \
  59         CONFIG_OPENSSL_WITH_SSE2 \
  60         CONFIG_OPENSSL_WITH_TLS13 \
  61         CONFIG_OPENSSL_WITH_WHIRLPOOL
  62
  63 include $(INCLUDE_DIR)/package.mk
  64
  65 ifneq ($(CONFIG_CCACHE),)
  66 HOSTCC=$(HOSTCC_NOCACHE)
  67 HOSTCXX=$(HOSTCXX_NOCACHE)
  68 endif
  69
  70 define Package/openssl/Default
  71   TITLE:=Open source SSL toolkit
  72   URL:=http://www.openssl.org/
  73   SECTION:=libs
  74   CATEGORY:=Libraries
  75 endef
  76
  77 define Package/libopenssl/config
  78 source "$(SOURCE)/Config.in"
  79 endef
  80
  81 define Package/openssl/Default/description
  82 The OpenSSL Project is a collaborative effort to develop a robust,
  83 commercial-grade, full-featured, and Open Source toolkit implementing the
  84 Transport Layer Security (TLS) protocol as well as a full-strength
  85 general-purpose cryptography library.
  86 endef
  87
  88 define Package/libopenssl
  89 $(call Package/openssl/Default)
  90   SUBMENU:=SSL
  91   DEPENDS:=+OPENSSL_WITH_COMPRESSION:zlib
  92   TITLE+= (libraries)
  93   ABI_VERSION:=1.1
  94   MENU:=1
  95 endef
  96
  97 define Package/libopenssl/description
  98 $(call Package/openssl/Default/description)
  99 This package contains the OpenSSL shared libraries, needed by other programs.
 100 endef
 101
 102 define Package/openssl-util
 103   $(call Package/openssl/Default)
 104   SECTION:=utils
 105   CATEGORY:=Utilities
 106   DEPENDS:=+libopenssl
 107   TITLE+= (utility)
 108 endef
 109
 110 define Package/openssl-util/conffiles
 111 /etc/ssl/openssl.cnf
 112 endef
 113
 114 define Package/openssl-util/description
 115 $(call Package/openssl/Default/description)
 116 This package contains the OpenSSL command-line utility.
 117 endef
 118
 119 define Package/libopenssl-afalg
 120   $(call Package/openssl/Default)
 121   SUBMENU:=SSL
 122   TITLE:=AFALG hardware acceleration engine
 123   DEPENDS:=libopenssl @OPENSSL_ENGINE @KERNEL_AIO @!LINUX_3_18 +kmod-crypto-user
 124 endef
 125
 126 define Package/libopenssl-afalg/description
 127 This package adds an engine that enables hardware acceleration
 128 through the AF_ALG kernel interface.
 129 To use it, you need to configure the engine in /etc/ssl/openssl.cnf
 130 See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
 131 The engine_id is "afalg"
 132 endef
 133
 134 define Package/libopenssl-padlock
 135   $(call Package/openssl/Default)
 136   SUBMENU:=SSL
 137   TITLE:=VIA Padlock hardware acceleration engine
 138   DEPENDS:=libopenssl @OPENSSL_ENGINE @TARGET_x86 +kmod-crypto-hw-padlock
 139 endef
 140
 141 define Package/libopenssl-padlock/description
 142 This package adds an engine that enables VIA Padlock hardware acceleration.
 143 To use it, you need to configure it in /etc/ssl/openssl.cnf.
 144 See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
 145 The engine_id is "padlock"
 146 endef
 147
 148 OPENSSL_OPTIONS:= shared
 149
 150 ifndef CONFIG_OPENSSL_WITH_BLAKE2
 151   OPENSSL_OPTIONS += no-blake2
 152 endif
 153
 154 ifndef CONFIG_OPENSSL_WITH_CHACHA_POLY1305
 155   OPENSSL_OPTIONS += no-chacha no-poly1305
 156 endif
 157
 158 ifndef CONFIG_OPENSSL_WITH_ASYNC
 159   OPENSSL_OPTIONS += no-async
 160 endif
 161
 162 ifndef CONFIG_OPENSSL_WITH_EC
 163   OPENSSL_OPTIONS += no-ec
 164 endif
 165
 166 ifndef CONFIG_OPENSSL_WITH_EC2M
 167   OPENSSL_OPTIONS += no-ec2m
 168 endif
 169
 170 ifndef CONFIG_OPENSSL_WITH_ERROR_MESSAGES
 171   OPENSSL_OPTIONS += no-err
 172 endif
 173
 174 ifndef CONFIG_OPENSSL_WITH_TLS13
 175   OPENSSL_OPTIONS += no-tls1_3
 176 endif
 177
 178 ifndef CONFIG_OPENSSL_WITH_ARIA
 179   OPENSSL_OPTIONS += no-aria
 180 endif
 181
 182 ifndef CONFIG_OPENSSL_WITH_SM234
 183   OPENSSL_OPTIONS += no-sm2 no-sm3 no-sm4
 184 endif
 185
 186 ifndef CONFIG_OPENSSL_WITH_CAMELLIA
 187   OPENSSL_OPTIONS += no-camellia
 188 endif
 189
 190 ifndef CONFIG_OPENSSL_WITH_IDEA
 191   OPENSSL_OPTIONS += no-idea
 192 endif
 193
 194 ifndef CONFIG_OPENSSL_WITH_SEED
 195   OPENSSL_OPTIONS += no-seed
 196 endif
 197
 198 ifndef CONFIG_OPENSSL_WITH_MDC2
 199   OPENSSL_OPTIONS += no-mdc2
 200 endif
 201
 202 ifndef CONFIG_OPENSSL_WITH_WHIRLPOOL
 203   OPENSSL_OPTIONS += no-whirlpool
 204 endif
 205
 206 ifndef CONFIG_OPENSSL_WITH_CMS
 207   OPENSSL_OPTIONS += no-cms
 208 endif
 209
 210 ifndef CONFIG_OPENSSL_WITH_RFC3779
 211   OPENSSL_OPTIONS += no-rfc3779
 212 endif
 213
 214 ifdef CONFIG_OPENSSL_NO_DEPRECATED
 215   OPENSSL_OPTIONS += no-deprecated
 216 endif
 217
 218 ifeq ($(CONFIG_OPENSSL_OPTIMIZE_SPEED),y)
 219   TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS)) -O3
 220 else
 221   OPENSSL_OPTIONS += -DOPENSSL_SMALL_FOOTPRINT
 222 endif
 223
 224 ifdef CONFIG_OPENSSL_ENGINE
 225   ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
 226     OPENSSL_OPTIONS += enable-devcryptoeng
 227   endif
 228   ifndef CONFIG_PACKAGE_libopenssl-afalg
 229     OPENSSL_OPTIONS += no-afalgeng
 230   endif
 231   ifndef CONFIG_PACKAGE_libopenssl-padlock
 232     OPENSSL_OPTIONS += no-hw-padlock
 233   endif
 234 else
 235   OPENSSL_OPTIONS += no-engine
 236 endif
 237
 238 ifndef CONFIG_OPENSSL_WITH_GOST
 239   OPENSSL_OPTIONS += no-gost
 240 endif
 241
 242 ifndef CONFIG_OPENSSL_WITH_DTLS
 243   OPENSSL_OPTIONS += no-dtls
 244 endif
 245
 246 ifdef CONFIG_OPENSSL_WITH_COMPRESSION
 247   OPENSSL_OPTIONS += zlib-dynamic
 248 else
 249   OPENSSL_OPTIONS += no-comp
 250 endif
 251
 252 ifndef CONFIG_OPENSSL_WITH_NPN
 253   OPENSSL_OPTIONS += no-nextprotoneg
 254 endif
 255
 256 ifndef CONFIG_OPENSSL_WITH_PSK
 257   OPENSSL_OPTIONS += no-psk
 258 endif
 259
 260 ifndef CONFIG_OPENSSL_WITH_SRP
 261   OPENSSL_OPTIONS += no-srp
 262 endif
 263
 264 ifndef CONFIG_OPENSSL_WITH_ASM
 265   OPENSSL_OPTIONS += no-asm
 266 endif
 267
 268 ifdef CONFIG_i386
 269   ifndef CONFIG_OPENSSL_WITH_SSE2
 270     OPENSSL_OPTIONS += no-sse2
 271   endif
 272 endif
 273
 274 OPENSSL_TARGET:=linux-$(call qstrip,$(CONFIG_ARCH))-openwrt
 275
 276 STAMP_CONFIGURED := $(STAMP_CONFIGURED)_$(shell echo $(OPENSSL_OPTIONS) | mkhash md5)
 277
 278 define Build/Configure
 279         [ -f $(STAMP_CONFIGURED) ] || { \
 280                 rm -f $(PKG_BUILD_DIR)/*.so.* $(PKG_BUILD_DIR)/*.a; \
 281                 find $(PKG_BUILD_DIR) -name \*.o | xargs rm -f; \
 282         }
 283         (cd $(PKG_BUILD_DIR); \
 284                 ./Configure $(OPENSSL_TARGET) \
 285                         --prefix=/usr \
 286                         --libdir=lib \
 287                         --openssldir=/etc/ssl \
 288                         $(TARGET_CPPFLAGS) \
 289                         $(TARGET_LDFLAGS) \
 290                         $(OPENSSL_OPTIONS) \
 291         )
 292 endef
 293
 294 TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections
 295 TARGET_LDFLAGS += -Wl,--gc-sections
 296
 297 define Build/Compile
 298         +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
 299                 CROSS_COMPILE="$(TARGET_CROSS)" \
 300                 CC="$(TARGET_CC)" \
 301                 SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
 302                 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
 303                 $(OPENSSL_MAKEFLAGS) \
 304                 all
 305         $(MAKE) -C $(PKG_BUILD_DIR) \
 306                 CROSS_COMPILE="$(TARGET_CROSS)" \
 307                 CC="$(TARGET_CC)" \
 308                 DESTDIR="$(PKG_INSTALL_DIR)" \
 309                 $(OPENSSL_MAKEFLAGS) \
 310                 install_sw install_ssldirs
 311 endef
 312
 313 define Build/InstallDev
 314         $(INSTALL_DIR) $(1)/usr/include
 315         $(CP) $(PKG_INSTALL_DIR)/usr/include/openssl $(1)/usr/include/
 316         $(INSTALL_DIR) $(1)/usr/lib/
 317         $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{crypto,ssl}.{a,so*} $(1)/usr/lib/
 318         $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
 319         $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc $(1)/usr/lib/pkgconfig/
 320         [ -n "$(TARGET_LDFLAGS)" ] && $(SED) 's#$(TARGET_LDFLAGS)##g' $(1)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc || true
 321 endef
 322
 323 define Package/libopenssl/install
 324         $(INSTALL_DIR) $(1)/etc/ssl/certs
 325         $(INSTALL_DIR) $(1)/etc/ssl/private
 326         chmod 0700 $(1)/etc/ssl/private
 327         $(INSTALL_DIR) $(1)/usr/lib
 328         $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcrypto.so.* $(1)/usr/lib/
 329         $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libssl.so.* $(1)/usr/lib/
 330         $(if $(CONFIG_OPENSSL_ENGINE),$(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR))
 331 endef
 332
 333 define Package/openssl-util/install
 334         $(INSTALL_DIR) $(1)/etc/ssl
 335         $(CP) $(PKG_INSTALL_DIR)/etc/ssl/openssl.cnf $(1)/etc/ssl/
 336         $(INSTALL_DIR) $(1)/usr/bin
 337         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openssl $(1)/usr/bin/
 338 endef
 339
 340 define Package/libopenssl-afalg/install
 341         $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
 342         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/afalg.so $(1)/usr/lib/$(ENGINES_DIR)
 343 endef
 344
 345 define Package/libopenssl-padlock/install
 346         $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
 347         $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/*padlock.so $(1)/usr/lib/$(ENGINES_DIR)
 348 endef
 349
 350 $(eval $(call BuildPackage,libopenssl))
 351 $(eval $(call BuildPackage,libopenssl-afalg))
 352 $(eval $(call BuildPackage,libopenssl-padlock))
 353 $(eval $(call BuildPackage,openssl-util))