]>
Commit | Line | Data |
---|---|---|
26abc8f0 RL |
1 | |
2 | INSTALLATION ON THE WIN32 PLATFORM | |
3 | ---------------------------------- | |
4 | ||
5 | [Instructions for building for Windows CE can be found in INSTALL.WCE] | |
1875e6db | 6 | [Instructions for building for Win64 can be found in INSTALL.W64] |
26abc8f0 RL |
7 | |
8 | Heres a few comments about building OpenSSL in Windows environments. Most | |
9 | of this is tested on Win32 but it may also work in Win 3.1 with some | |
10 | modification. | |
11 | ||
12 | You need Perl for Win32. Unless you will build on Cygwin, you will need | |
13 | ActiveState Perl, available from http://www.activestate.com/ActivePerl. | |
14 | ||
15 | and one of the following C compilers: | |
16 | ||
17 | * Visual C++ | |
18 | * Borland C | |
19 | * GNU C (Cygwin or MinGW) | |
20 | ||
21 | If you are compiling from a tarball or a CVS snapshot then the Win32 files | |
22 | may well be not up to date. This may mean that some "tweaking" is required to | |
23 | get it all to work. See the trouble shooting section later on for if (when?) | |
24 | it goes wrong. | |
25 | ||
26 | Visual C++ | |
27 | ---------- | |
28 | ||
29 | If you want to compile in the assembly language routines with Visual C++ then | |
30 | you will need an assembler. This is worth doing because it will result in | |
31 | faster code: for example it will typically result in a 2 times speedup in the | |
32 | RSA routines. Currently the following assemblers are supported: | |
33 | ||
34 | * Microsoft MASM (aka "ml") | |
35 | * Free Netwide Assembler NASM. | |
36 | ||
37 | MASM is distributed with most versions of VC++. For the versions where it is | |
38 | not included in VC++, it is also distributed with some Microsoft DDKs, for | |
39 | example the Windows NT 4.0 DDK and the Windows 98 DDK. If you do not have | |
40 | either of these DDKs then you can just download the binaries for the Windows | |
41 | 98 DDK and extract and rename the two files XXXXXml.exe and XXXXXml.err, to | |
42 | ml.exe and ml.err and install somewhere on your PATH. Both DDKs can be | |
43 | downloaded from the Microsoft developers site www.msdn.com. | |
44 | ||
45 | NASM is freely available. Version 0.98 was used during testing: other versions | |
46 | may also work. It is available from many places, see for example: | |
47 | http://www.kernel.org/pub/software/devel/nasm/binaries/win32/ | |
48 | The NASM binary nasmw.exe needs to be installed anywhere on your PATH. | |
49 | ||
50 | Firstly you should run Configure: | |
51 | ||
df8dae1d DSH |
52 | > perl Configure VC-WIN32 --prefix=c:/some/openssl/dir |
53 | ||
54 | Where the prefix argument specifies where OpenSSL will be installed to. | |
26abc8f0 RL |
55 | |
56 | Next you need to build the Makefiles and optionally the assembly language | |
57 | files: | |
58 | ||
59 | - If you are using MASM then run: | |
60 | ||
61 | > ms\do_masm | |
62 | ||
63 | - If you are using NASM then run: | |
64 | ||
65 | > ms\do_nasm | |
66 | ||
67 | - If you don't want to use the assembly language files at all then run: | |
68 | ||
69 | > ms\do_ms | |
70 | ||
71 | If you get errors about things not having numbers assigned then check the | |
72 | troubleshooting section: you probably won't be able to compile it as it | |
73 | stands. | |
74 | ||
75 | Then from the VC++ environment at a prompt do: | |
76 | ||
77 | > nmake -f ms\ntdll.mak | |
78 | ||
79 | If all is well it should compile and you will have some DLLs and executables | |
80 | in out32dll. If you want to try the tests then do: | |
81 | ||
df8dae1d DSH |
82 | > nmake -f ms\ntdll.mak test |
83 | ||
84 | ||
85 | To install OpenSSL to the specified location do: | |
86 | ||
87 | > nmake -f ms\ntdll.mak install | |
26abc8f0 RL |
88 | |
89 | Tweaks: | |
90 | ||
91 | There are various changes you can make to the Win32 compile environment. By | |
92 | default the library is not compiled with debugging symbols. If you add 'debug' | |
93 | to the mk1mf.pl lines in the do_* batch file then debugging symbols will be | |
94 | compiled in. Note that mk1mf.pl expects the platform to be the last argument | |
95 | on the command line, so 'debug' must appear before that, as all other options. | |
96 | ||
df8dae1d DSH |
97 | |
98 | By default in 0.9.8 OpenSSL will compile builtin ENGINES into the libeay32.dll | |
99 | shared library. If you specify the "no-static-engine" option on the command | |
100 | line to Configure the shared library build (ms\ntdll.mak) will compile the | |
101 | engines as separate DLLs. | |
102 | ||
26abc8f0 RL |
103 | The default Win32 environment is to leave out any Windows NT specific |
104 | features. | |
105 | ||
106 | If you want to enable the NT specific features of OpenSSL (currently only the | |
107 | logging BIO) follow the instructions above but call the batch file do_nt.bat | |
108 | instead of do_ms.bat. | |
109 | ||
110 | You can also build a static version of the library using the Makefile | |
111 | ms\nt.mak | |
112 | ||
df8dae1d DSH |
113 | |
114 | ||
26abc8f0 RL |
115 | Borland C++ builder 5 |
116 | --------------------- | |
117 | ||
118 | * Configure for building with Borland Builder: | |
119 | > perl Configure BC-32 | |
120 | ||
121 | * Create the appropriate makefile | |
122 | > ms\do_nasm | |
123 | ||
124 | * Build | |
125 | > make -f ms\bcb.mak | |
126 | ||
127 | Borland C++ builder 3 and 4 | |
128 | --------------------------- | |
129 | ||
130 | * Setup PATH. First must be GNU make then bcb4/bin | |
131 | ||
132 | * Run ms\bcb4.bat | |
133 | ||
134 | * Run make: | |
135 | > make -f bcb.mak | |
136 | ||
137 | GNU C (Cygwin) | |
138 | -------------- | |
139 | ||
140 | Cygwin provides a bash shell and GNU tools environment running | |
141 | on NT 4.0, Windows 9x, Windows ME, Windows 2000, and Windows XP. | |
142 | Consequently, a make of OpenSSL with Cygwin is closer to a GNU | |
143 | bash environment such as Linux than to other the other Win32 | |
144 | makes. | |
145 | ||
146 | Cygwin implements a Posix/Unix runtime system (cygwin1.dll). | |
147 | It is also possible to create Win32 binaries that only use the | |
148 | Microsoft C runtime system (msvcrt.dll or crtdll.dll) using | |
149 | MinGW. MinGW can be used in the Cygwin development environment | |
150 | or in a standalone setup as described in the following section. | |
151 | ||
152 | To build OpenSSL using Cygwin: | |
153 | ||
154 | * Install Cygwin (see http://cygwin.com/) | |
155 | ||
156 | * Install Perl and ensure it is in the path. Both Cygwin perl | |
157 | (5.6.1-2 or newer) and ActivePerl work. | |
158 | ||
159 | * Run the Cygwin bash shell | |
160 | ||
161 | * $ tar zxvf openssl-x.x.x.tar.gz | |
162 | $ cd openssl-x.x.x | |
163 | ||
164 | To build the Cygwin version of OpenSSL: | |
165 | ||
166 | $ ./config | |
167 | [...] | |
168 | $ make | |
169 | [...] | |
170 | $ make test | |
171 | $ make install | |
172 | ||
173 | This will create a default install in /usr/local/ssl. | |
174 | ||
175 | To build the MinGW version (native Windows) in Cygwin: | |
176 | ||
177 | $ ./Configure mingw | |
178 | [...] | |
179 | $ make | |
180 | [...] | |
181 | $ make test | |
182 | $ make install | |
183 | ||
184 | Cygwin Notes: | |
185 | ||
186 | "make test" and normal file operations may fail in directories | |
187 | mounted as text (i.e. mount -t c:\somewhere /home) due to Cygwin | |
188 | stripping of carriage returns. To avoid this ensure that a binary | |
189 | mount is used, e.g. mount -b c:\somewhere /home. | |
190 | ||
191 | "bc" is not provided in older Cygwin distribution. This causes a | |
192 | non-fatal error in "make test" but is otherwise harmless. If | |
193 | desired and needed, GNU bc can be built with Cygwin without change. | |
194 | ||
195 | GNU C (MinGW) | |
196 | ------------- | |
197 | ||
198 | * Compiler installation: | |
199 | ||
200 | MinGW is available from http://www.mingw.org. Run the installer and | |
201 | set the MinGW bin directory to the PATH in "System Properties" or | |
202 | autoexec.bat. | |
203 | ||
204 | * Compile OpenSSL: | |
205 | ||
206 | > ms\mingw32 | |
207 | ||
208 | This will create the library and binaries in out. In case any problems | |
209 | occur, try | |
210 | > ms\mingw32 no-asm | |
211 | instead. | |
212 | ||
213 | libcrypto.a and libssl.a are the static libraries. To use the DLLs, | |
214 | link with libeay32.a and libssl32.a instead. | |
215 | ||
216 | See troubleshooting if you get error messages about functions not having | |
217 | a number assigned. | |
218 | ||
219 | * You can now try the tests: | |
220 | ||
221 | > cd out | |
222 | > ..\ms\test | |
223 | ||
224 | ||
225 | Installation | |
226 | ------------ | |
227 | ||
228 | If you used the Cygwin procedure above, you have already installed and | |
229 | can skip this section. For all other procedures, there's currently no real | |
230 | installation procedure for Win32. There are, however, some suggestions: | |
231 | ||
232 | - do nothing. The include files are found in the inc32/ subdirectory, | |
233 | all binaries are found in out32dll/ or out32/ depending if you built | |
234 | dynamic or static libraries. | |
235 | ||
236 | - do as is written in INSTALL.Win32 that comes with modssl: | |
237 | ||
238 | $ md c:\openssl | |
239 | $ md c:\openssl\bin | |
240 | $ md c:\openssl\lib | |
241 | $ md c:\openssl\include | |
242 | $ md c:\openssl\include\openssl | |
0ad2c4f8 | 243 | $ copy /b inc32\openssl\* c:\openssl\include\openssl |
26abc8f0 RL |
244 | $ copy /b out32dll\ssleay32.lib c:\openssl\lib |
245 | $ copy /b out32dll\libeay32.lib c:\openssl\lib | |
246 | $ copy /b out32dll\ssleay32.dll c:\openssl\bin | |
247 | $ copy /b out32dll\libeay32.dll c:\openssl\bin | |
248 | $ copy /b out32dll\openssl.exe c:\openssl\bin | |
249 | ||
250 | Of course, you can choose another device than c:. C: is used here | |
251 | because that's usually the first (and often only) harddisk device. | |
252 | Note: in the modssl INSTALL.Win32, p: is used rather than c:. | |
253 | ||
254 | ||
255 | Troubleshooting | |
256 | --------------- | |
257 | ||
258 | Since the Win32 build is only occasionally tested it may not always compile | |
259 | cleanly. If you get an error about functions not having numbers assigned | |
260 | when you run ms\do_ms then this means the Win32 ordinal files are not up to | |
261 | date. You can do: | |
262 | ||
263 | > perl util\mkdef.pl crypto ssl update | |
264 | ||
265 | then ms\do_XXX should not give a warning any more. However the numbers that | |
266 | get assigned by this technique may not match those that eventually get | |
267 | assigned in the CVS tree: so anything linked against this version of the | |
268 | library may need to be recompiled. | |
269 | ||
270 | If you get errors about unresolved symbols there are several possible | |
271 | causes. | |
272 | ||
273 | If this happens when the DLL is being linked and you have disabled some | |
274 | ciphers then it is possible the DEF file generator hasn't removed all | |
275 | the disabled symbols: the easiest solution is to edit the DEF files manually | |
276 | to delete them. The DEF files are ms\libeay32.def ms\ssleay32.def. | |
277 | ||
278 | Another cause is if you missed or ignored the errors about missing numbers | |
279 | mentioned above. | |
280 | ||
281 | If you get warnings in the code then the compilation will halt. | |
282 | ||
283 | The default Makefile for Win32 halts whenever any warnings occur. Since VC++ | |
284 | has its own ideas about warnings which don't always match up to other | |
285 | environments this can happen. The best fix is to edit the file with the | |
286 | warning in and fix it. Alternatively you can turn off the halt on warnings by | |
287 | editing the CFLAG line in the Makefile and deleting the /WX option. | |
288 | ||
289 | You might get compilation errors. Again you will have to fix these or report | |
290 | them. | |
291 | ||
292 | One final comment about compiling applications linked to the OpenSSL library. | |
293 | If you don't use the multithreaded DLL runtime library (/MD option) your | |
294 | program will almost certainly crash because malloc gets confused -- the | |
295 | OpenSSL DLLs are statically linked to one version, the application must | |
296 | not use a different one. You might be able to work around such problems | |
297 | by adding CRYPTO_malloc_init() to your program before any calls to the | |
298 | OpenSSL libraries: This tells the OpenSSL libraries to use the same | |
299 | malloc(), free() and realloc() as the application. However there are many | |
300 | standard library functions used by OpenSSL that call malloc() internally | |
301 | (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot | |
302 | rely on CRYPTO_malloc_init() solving your problem, and you should | |
303 | consistently use the multithreaded library. | |
b3836ed3 AP |
304 | |
305 | Linking your application | |
306 | ------------------------ | |
307 | ||
308 | If you link with static OpenSSL libraries [those built with ms/nt.mak], | |
309 | then you're expected to additionally link your application with | |
310 | WSOCK32.LIB, ADVAPI32.LIB, GDI32.LIB and USER32.LIB. Those developing | |
311 | non-interactive service applications might feel concerned about linking | |
312 | with latter two, as they are justly associated with interactive desktop, | |
313 | which is not available to service processes. The toolkit is designed | |
314 | to detect in which context it's currently executed, GUI, console app | |
315 | or service, and act accordingly, namely whether or not to actually make | |
316 | GUI calls. | |
317 | ||
318 | If you link with OpenSSL .DLLs, then you're expected to include into | |
319 | your application code small "shim" snippet, which provides glue between | |
320 | OpenSSL BIO layer and your compiler run-time. Look up OPENSSL_Applink | |
321 | reference page for further details. |