projects / openwrt / staging / jow.git / blob
? search:


737123930c624305946ef7bf777cd1b816b5d21a
[openwrt/staging/jow.git] / package / libs / openssl / Makefile
1 #
2 # Copyright (C) 2006-2016 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9
10 PKG_NAME:=openssl
11 PKG_BASE:=1.1.1
12 PKG_BUGFIX:=m
13 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
14 PKG_RELEASE:=1
15 PKG_USE_MIPS16:=0
16 ENGINES_DIR=engines-1.1
17
18 PKG_BUILD_PARALLEL:=1
19
20 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
21 PKG_SOURCE_URL:= \
22 http://www.openssl.org/source/ \
23 http://www.openssl.org/source/old/$(PKG_BASE)/ \
24 http://ftp.fi.muni.cz/pub/openssl/source/ \
25 http://ftp.fi.muni.cz/pub/openssl/source/old/$(PKG_BASE)/ \
26 ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
27 ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/
28
29 PKG_HASH:=f89199be8b23ca45fc7cb9f1d8d3ee67312318286ad030f5316aca6462db6c96
30
31 PKG_LICENSE:=OpenSSL
32 PKG_LICENSE_FILES:=LICENSE
33 PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
34 PKG_CPE_ID:=cpe:/a:openssl:openssl
35 PKG_CONFIG_DEPENDS:= \
36 CONFIG_OPENSSL_ENGINE \
37 CONFIG_OPENSSL_ENGINE_BUILTIN \
38 CONFIG_OPENSSL_ENGINE_BUILTIN_AFALG \
39 CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO \
40 CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK \
41 CONFIG_OPENSSL_NO_DEPRECATED \
42 CONFIG_OPENSSL_OPTIMIZE_SPEED \
43 CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM \
44 CONFIG_OPENSSL_WITH_ARIA \
45 CONFIG_OPENSSL_WITH_ASM \
46 CONFIG_OPENSSL_WITH_ASYNC \
47 CONFIG_OPENSSL_WITH_BLAKE2 \
48 CONFIG_OPENSSL_WITH_CAMELLIA \
49 CONFIG_OPENSSL_WITH_CHACHA_POLY1305 \
50 CONFIG_OPENSSL_WITH_CMS \
51 CONFIG_OPENSSL_WITH_COMPRESSION \
52 CONFIG_OPENSSL_WITH_DTLS \
53 CONFIG_OPENSSL_WITH_EC2M \
54 CONFIG_OPENSSL_WITH_ERROR_MESSAGES \
55 CONFIG_OPENSSL_WITH_IDEA \
56 CONFIG_OPENSSL_WITH_MDC2 \
57 CONFIG_OPENSSL_WITH_NPN \
58 CONFIG_OPENSSL_WITH_PSK \
59 CONFIG_OPENSSL_WITH_RFC3779 \
60 CONFIG_OPENSSL_WITH_SEED \
61 CONFIG_OPENSSL_WITH_SM234 \
62 CONFIG_OPENSSL_WITH_SRP \
63 CONFIG_OPENSSL_WITH_SSE2 \
64 CONFIG_OPENSSL_WITH_TLS13 \
65 CONFIG_OPENSSL_WITH_WHIRLPOOL
66
67 include $(INCLUDE_DIR)/package.mk
68
69 ifneq ($(CONFIG_CCACHE),)
70 HOSTCC=$(HOSTCC_NOCACHE)
71 HOSTCXX=$(HOSTCXX_NOCACHE)
72 endif
73
74 define Package/openssl/Default
75 TITLE:=Open source SSL toolkit
76 URL:=http://www.openssl.org/
77 SECTION:=libs
78 CATEGORY:=Libraries
79 endef
80
81 define Package/libopenssl/config
82 source "$(SOURCE)/Config.in"
83 endef
84
85 define Package/openssl/Default/description
86 The OpenSSL Project is a collaborative effort to develop a robust,
87 commercial-grade, full-featured, and Open Source toolkit implementing the
88 Transport Layer Security (TLS) protocol as well as a full-strength
89 general-purpose cryptography library.
90 endef
91
92 define Package/libopenssl
93 $(call Package/openssl/Default)
94 SUBMENU:=SSL
95 DEPENDS:=+OPENSSL_WITH_COMPRESSION:zlib \
96 +OPENSSL_ENGINE_BUILTIN_AFALG:kmod-crypto-user \
97 +OPENSSL_ENGINE_BUILTIN_DEVCRYPTO:kmod-cryptodev \
98 +OPENSSL_ENGINE_BUILTIN_PADLOCK:kmod-crypto-hw-padlock
99 TITLE+= (libraries)
100 ABI_VERSION:=1.1
101 MENU:=1
102 endef
103
104 define Package/libopenssl/description
105 $(call Package/openssl/Default/description)
106 This package contains the OpenSSL shared libraries, needed by other programs.
107 endef
108
109 define Package/openssl-util
110 $(call Package/openssl/Default)
111 SECTION:=utils
112 CATEGORY:=Utilities
113 DEPENDS:=+libopenssl +libopenssl-conf
114 TITLE+= (utility)
115 endef
116
117 define Package/openssl-util/description
118 $(call Package/openssl/Default/description)
119 This package contains the OpenSSL command-line utility.
120 endef
121
122 define Package/libopenssl-conf
123 $(call Package/openssl/Default)
124 SUBMENU:=SSL
125 TITLE:=/etc/ssl/openssl.cnf config file
126 DEPENDS:=libopenssl
127 endef
128
129 define Package/libopenssl-conf/conffiles
130 /etc/ssl/openssl.cnf
131 endef
132
133 define Package/libopenssl-conf/description
134 $(call Package/openssl/Default/description)
135 This package installs the OpenSSL configuration file /etc/ssl/openssl.cnf.
136 endef
137
138 define Package/libopenssl-afalg
139 $(call Package/openssl/Default)
140 SUBMENU:=SSL
141 TITLE:=AFALG hardware acceleration engine
142 DEPENDS:=libopenssl @OPENSSL_ENGINE @KERNEL_AIO \
143 +PACKAGE_libopenssl-afalg:kmod-crypto-user +libopenssl-conf @!OPENSSL_ENGINE_BUILTIN
144 endef
145
146 define Package/libopenssl-afalg/description
147 This package adds an engine that enables hardware acceleration
148 through the AF_ALG kernel interface.
149 To use it, you need to enable the engine in /etc/ssl/engines.cnf.d/engines.cnf.
150 See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
151 and https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators
152 The engine_id is "afalg"
153 endef
154
155 define Package/libopenssl-devcrypto
156 $(call Package/openssl/Default)
157 SUBMENU:=SSL
158 TITLE:=/dev/crypto hardware acceleration engine
159 DEPENDS:=libopenssl @OPENSSL_ENGINE +PACKAGE_libopenssl-devcrypto:kmod-cryptodev +libopenssl-conf \
160 @!OPENSSL_ENGINE_BUILTIN
161 endef
162
163 define Package/libopenssl-devcrypto/description
164 This package adds an engine that enables hardware acceleration
165 through the /dev/crypto kernel interface.
166 To use it, you need to enable the engine in /etc/ssl/engines.cnf.d/engines.cnf. You may
167 configure the engine by editing /etc/ssl/engines.cnf.d/devcrypto.cnf.
168 See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
169 and https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators
170 The engine_id is "devcrypto"
171 endef
172
173 define Package/libopenssl-padlock
174 $(call Package/openssl/Default)
175 SUBMENU:=SSL
176 TITLE:=VIA Padlock hardware acceleration engine
177 DEPENDS:=libopenssl @OPENSSL_ENGINE @TARGET_x86 +PACKAGE_libopenssl-padlock:kmod-crypto-hw-padlock \
178 +libopenssl-conf @!OPENSSL_ENGINE_BUILTIN
179 endef
180
181 define Package/libopenssl-padlock/description
182 This package adds an engine that enables VIA Padlock hardware acceleration.
183 To use it, you need to enable the engine in /etc/ssl/engines.cnf.d/engines.cnf.
184 See https://www.openssl.org/docs/man1.1.1/man5/config.html#Engine-Configuration-Module
185 and https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators
186 The engine_id is "padlock"
187 endef
188
189 OPENSSL_OPTIONS:= shared
190
191 ifndef CONFIG_OPENSSL_WITH_BLAKE2
192 OPENSSL_OPTIONS += no-blake2
193 endif
194
195 ifndef CONFIG_OPENSSL_WITH_CHACHA_POLY1305
196 OPENSSL_OPTIONS += no-chacha no-poly1305
197 else
198 ifdef CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM
199 OPENSSL_OPTIONS += -DOPENSSL_PREFER_CHACHA_OVER_GCM
200 endif
201 endif
202
203 ifndef CONFIG_OPENSSL_WITH_ASYNC
204 OPENSSL_OPTIONS += no-async
205 endif
206
207 ifndef CONFIG_OPENSSL_WITH_EC2M
208 OPENSSL_OPTIONS += no-ec2m
209 endif
210
211 ifndef CONFIG_OPENSSL_WITH_ERROR_MESSAGES
212 OPENSSL_OPTIONS += no-err
213 endif
214
215 ifndef CONFIG_OPENSSL_WITH_TLS13
216 OPENSSL_OPTIONS += no-tls1_3
217 endif
218
219 ifndef CONFIG_OPENSSL_WITH_ARIA
220 OPENSSL_OPTIONS += no-aria
221 endif
222
223 ifndef CONFIG_OPENSSL_WITH_SM234
224 OPENSSL_OPTIONS += no-sm2 no-sm3 no-sm4
225 endif
226
227 ifndef CONFIG_OPENSSL_WITH_CAMELLIA
228 OPENSSL_OPTIONS += no-camellia
229 endif
230
231 ifndef CONFIG_OPENSSL_WITH_IDEA
232 OPENSSL_OPTIONS += no-idea
233 endif
234
235 ifndef CONFIG_OPENSSL_WITH_SEED
236 OPENSSL_OPTIONS += no-seed
237 endif
238
239 ifndef CONFIG_OPENSSL_WITH_MDC2
240 OPENSSL_OPTIONS += no-mdc2
241 endif
242
243 ifndef CONFIG_OPENSSL_WITH_WHIRLPOOL
244 OPENSSL_OPTIONS += no-whirlpool
245 endif
246
247 ifndef CONFIG_OPENSSL_WITH_CMS
248 OPENSSL_OPTIONS += no-cms
249 endif
250
251 ifndef CONFIG_OPENSSL_WITH_RFC3779
252 OPENSSL_OPTIONS += no-rfc3779
253 endif
254
255 ifdef CONFIG_OPENSSL_NO_DEPRECATED
256 OPENSSL_OPTIONS += no-deprecated
257 endif
258
259 ifeq ($(CONFIG_OPENSSL_OPTIMIZE_SPEED),y)
260 TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS)) -O3
261 else
262 OPENSSL_OPTIONS += -DOPENSSL_SMALL_FOOTPRINT
263 endif
264
265 ifdef CONFIG_OPENSSL_ENGINE
266 ifdef CONFIG_OPENSSL_ENGINE_BUILTIN
267 OPENSSL_OPTIONS += disable-dynamic-engine
268 ifndef CONFIG_OPENSSL_ENGINE_BUILTIN_AFALG
269 OPENSSL_OPTIONS += no-afalgeng
270 endif
271 ifdef CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
272 OPENSSL_OPTIONS += enable-devcryptoeng
273 endif
274 ifndef CONFIG_OPENSSL_ENGINE_BUILTIN_PADLOCK
275 OPENSSL_OPTIONS += no-hw-padlock
276 endif
277 else
278 ifdef CONFIG_PACKAGE_libopenssl-devcrypto
279 OPENSSL_OPTIONS += enable-devcryptoeng
280 endif
281 ifndef CONFIG_PACKAGE_libopenssl-afalg
282 OPENSSL_OPTIONS += no-afalgeng
283 endif
284 ifndef CONFIG_PACKAGE_libopenssl-padlock
285 OPENSSL_OPTIONS += no-hw-padlock
286 endif
287 endif
288 else
289 OPENSSL_OPTIONS += no-engine
290 endif
291
292 ifndef CONFIG_OPENSSL_WITH_DTLS
293 OPENSSL_OPTIONS += no-dtls
294 endif
295
296 ifdef CONFIG_OPENSSL_WITH_COMPRESSION
297 OPENSSL_OPTIONS += zlib-dynamic
298 else
299 OPENSSL_OPTIONS += no-comp
300 endif
301
302 ifndef CONFIG_OPENSSL_WITH_NPN
303 OPENSSL_OPTIONS += no-nextprotoneg
304 endif
305
306 ifndef CONFIG_OPENSSL_WITH_PSK
307 OPENSSL_OPTIONS += no-psk
308 endif
309
310 ifndef CONFIG_OPENSSL_WITH_SRP
311 OPENSSL_OPTIONS += no-srp
312 endif
313
314 ifndef CONFIG_OPENSSL_WITH_ASM
315 OPENSSL_OPTIONS += no-asm
316 endif
317
318 ifdef CONFIG_i386
319 ifndef CONFIG_OPENSSL_WITH_SSE2
320 OPENSSL_OPTIONS += no-sse2
321 endif
322 endif
323
324 OPENSSL_TARGET:=linux-$(call qstrip,$(CONFIG_ARCH))-openwrt
325
326 STAMP_CONFIGURED := $(STAMP_CONFIGURED)_$(shell echo $(OPENSSL_OPTIONS) | $(MKHASH) md5)
327
328 define Build/Configure
329 (cd $(PKG_BUILD_DIR); \
330 ./Configure $(OPENSSL_TARGET) \
331 --prefix=/usr \
332 --libdir=lib \
333 --openssldir=/etc/ssl \
334 --cross-compile-prefix="$(TARGET_CROSS)" \
335 $(TARGET_CPPFLAGS) \
336 $(TARGET_LDFLAGS) \
337 $(OPENSSL_OPTIONS) && \
338 { [ -f $(STAMP_CONFIGURED) ] || make clean; } \
339 )
340 endef
341
342 TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections
343 TARGET_LDFLAGS += -Wl,--gc-sections
344
345 define Build/Compile
346 +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
347 CC="$(TARGET_CC)" \
348 SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
349 OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
350 $(OPENSSL_MAKEFLAGS) \
351 all
352 $(MAKE) -C $(PKG_BUILD_DIR) \
353 CC="$(TARGET_CC)" \
354 DESTDIR="$(PKG_INSTALL_DIR)" \
355 $(OPENSSL_MAKEFLAGS) \
356 install_sw install_ssldirs
357 endef
358
359 define Build/InstallDev
360 $(INSTALL_DIR) $(1)/usr/include
361 $(CP) $(PKG_INSTALL_DIR)/usr/include/openssl $(1)/usr/include/
362 $(INSTALL_DIR) $(1)/usr/lib/
363 $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{crypto,ssl}.{a,so*} $(1)/usr/lib/
364 $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
365 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc $(1)/usr/lib/pkgconfig/
366 [ -n "$(TARGET_LDFLAGS)" ] && $(SED) 's#$(TARGET_LDFLAGS)##g' $(1)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc || true
367 endef
368
369 define Package/libopenssl/install
370 $(INSTALL_DIR) $(1)/etc/ssl/certs
371 $(INSTALL_DIR) $(1)/etc/ssl/private
372 chmod 0700 $(1)/etc/ssl/private
373 $(INSTALL_DIR) $(1)/usr/lib
374 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcrypto.so.* $(1)/usr/lib/
375 $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libssl.so.* $(1)/usr/lib/
376 $(if $(CONFIG_OPENSSL_ENGINE),$(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR))
377 endef
378
379 define Package/libopenssl-conf/install
380 $(INSTALL_DIR) $(1)/etc/ssl/engines.cnf.d
381 $(CP) $(PKG_INSTALL_DIR)/etc/ssl/openssl.cnf $(1)/etc/ssl/
382 $(CP) ./files/engines.cnf $(1)/etc/ssl/engines.cnf.d/
383 endef
384
385 define Package/openssl-util/install
386 $(INSTALL_DIR) $(1)/usr/bin
387 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openssl $(1)/usr/bin/
388 endef
389
390 define Package/libopenssl-afalg/install
391 $(INSTALL_DIR) $(1)/etc/ssl/engines.cnf.d \
392 $(1)/usr/lib/$(ENGINES_DIR)
393 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/afalg.so $(1)/usr/lib/$(ENGINES_DIR)
394 $(INSTALL_DATA) ./files/afalg.cnf $(1)/etc/ssl/engines.cnf.d/
395 endef
396
397 define Package/libopenssl-devcrypto/install
398 $(INSTALL_DIR) $(1)/etc/ssl/engines.cnf.d \
399 $(1)/usr/lib/$(ENGINES_DIR)
400 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/devcrypto.so $(1)/usr/lib/$(ENGINES_DIR)
401 $(INSTALL_DATA) ./files/devcrypto.cnf $(1)/etc/ssl/engines.cnf.d/
402 endef
403
404 define Package/libopenssl-padlock/install
405 $(INSTALL_DIR) $(1)/etc/ssl/engines.cnf.d \
406 $(1)/usr/lib/$(ENGINES_DIR)
407 $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/*padlock.so $(1)/usr/lib/$(ENGINES_DIR)
408 $(INSTALL_DATA) ./files/padlock.cnf $(1)/etc/ssl/engines.cnf.d/
409 endef
410
411 $(eval $(call BuildPackage,libopenssl))
412 $(eval $(call BuildPackage,libopenssl-conf))
413 $(eval $(call BuildPackage,libopenssl-afalg))
414 $(eval $(call BuildPackage,libopenssl-devcrypto))
415 $(eval $(call BuildPackage,libopenssl-padlock))
416 $(eval $(call BuildPackage,openssl-util))
Staging tree of Jo-Philipp Wich