]>
Commit | Line | Data |
---|---|---|
dc589dae | 1 | Notes for Windows platforms |
474853c3 | 2 | =========================== |
26abc8f0 | 3 | |
dc589dae | 4 | - [Native builds using Visual C++](#native-builds-using-visual-c++) |
55aa235e TI |
5 | - [Native builds using Embarcadero C++Builder]( |
6 | #native-builds-using-embarcadero-c++-builder) | |
dc589dae DMSP |
7 | - [Native builds using MinGW](#native-builds-using-mingw) |
8 | - [Linking native applications](#linking-native-applications) | |
9 | - [Hosted builds using Cygwin](#hosted-builds-using-cygwin) | |
df4c1d80 | 10 | |
dc589dae | 11 | There are various options to build and run OpenSSL on the Windows platforms. |
df4c1d80 | 12 | |
dc589dae DMSP |
13 | "Native" OpenSSL uses the Windows APIs directly at run time. |
14 | To build a native OpenSSL you can either use: | |
df4c1d80 | 15 | |
dc589dae | 16 | Microsoft Visual C++ (MSVC) C compiler on the command line |
55aa235e TI |
17 | or |
18 | Embarcadero C++Builder | |
dc589dae DMSP |
19 | or |
20 | MinGW cross compiler | |
21 | run on the GNU-like development environment MSYS2 | |
22 | or run on Linux or Cygwin | |
97a479c6 | 23 | |
dc589dae DMSP |
24 | "Hosted" OpenSSL relies on an external POSIX compatibility layer |
25 | for building (using GNU/Unix shell, compiler, and tools) and at run time. | |
26 | For this option you can use Cygwin. | |
26abc8f0 | 27 | |
dc589dae DMSP |
28 | Native builds using Visual C++ |
29 | ============================== | |
07930a75 | 30 | |
bd28a23e | 31 | The native builds using Visual C++ have a `VC-*` prefix. |
df4c1d80 | 32 | |
dc589dae DMSP |
33 | Requirement details |
34 | ------------------- | |
df4c1d80 | 35 | |
bd28a23e | 36 | In addition to the requirements and instructions listed in `INSTALL.md`, |
dc589dae | 37 | these are required as well: |
df4c1d80 | 38 | |
dc589dae DMSP |
39 | ### Perl |
40 | ||
41 | We recommend Strawberry Perl, available from <http://strawberryperl.com/> | |
42 | Please read NOTES.PERL for more information, including the use of CPAN. | |
43 | An alternative is ActiveState Perl, <https://www.activestate.com/ActivePerl> | |
44 | for which you may need to explicitly build the Perl module Win32/Console.pm | |
45 | via <https://platform.activestate.com/ActiveState> and then download it. | |
46 | ||
47 | ### Microsoft Visual C compiler. | |
48 | ||
49 | Since these are proprietary and ever-changing we cannot test them all. | |
50 | Older versions may not work. Use a recent version wherever possible. | |
51 | ||
52 | ### Netwide Assembler (NASM) | |
53 | ||
54 | NASM is the only supported assembler. It is available from <https://www.nasm.us>. | |
55 | ||
56 | Quick start | |
57 | ----------- | |
df4c1d80 DDO |
58 | |
59 | 1. Install Perl | |
60 | ||
61 | 2. Install NASM | |
62 | ||
63 | 3. Make sure both Perl and NASM are on your %PATH% | |
64 | ||
65 | 4. Use Visual Studio Developer Command Prompt with administrative privileges, | |
66 | choosing one of its variants depending on the intended architecture. | |
bd28a23e TM |
67 | Or run `cmd` and execute `vcvarsall.bat` with one of the options `x86`, |
68 | `x86_amd64`, `x86_arm`, `x86_arm64`, `amd64`, `amd64_x86`, `amd64_arm`, | |
69 | or `amd64_arm64`. | |
70 | This sets up the environment variables needed for `nmake.exe`, `cl.exe`, | |
71 | etc. | |
474853c3 RS |
72 | See also |
73 | <https://docs.microsoft.com/cpp/build/building-on-the-command-line> | |
df4c1d80 DDO |
74 | |
75 | 5. From the root of the OpenSSL source directory enter | |
bd28a23e TM |
76 | - `perl Configure VC-WIN32` if you want 32-bit OpenSSL or |
77 | - `perl Configure VC-WIN64A` if you want 64-bit OpenSSL or | |
78 | - `perl Configure VC-WIN64-ARM` if you want Windows on Arm (win-arm64) | |
79 | OpenSSL or | |
80 | - `perl Configure` to let Configure figure out the platform | |
df4c1d80 | 81 | |
bd28a23e | 82 | 6. `nmake` |
3189772e | 83 | |
bd28a23e | 84 | 7. `nmake test` |
26abc8f0 | 85 | |
bd28a23e | 86 | 8. `nmake install` |
26abc8f0 | 87 | |
dc589dae DMSP |
88 | For the full installation instructions, or if anything goes wrong at any stage, |
89 | check the INSTALL.md file. | |
b32b8961 | 90 | |
dc589dae DMSP |
91 | Installation directories |
92 | ------------------------ | |
8c16829e | 93 | |
dc589dae DMSP |
94 | The default installation directories are derived from environment |
95 | variables. | |
8c16829e | 96 | |
dc589dae | 97 | For VC-WIN32, the following defaults are use: |
8c16829e | 98 | |
70f23648 JS |
99 | PREFIX: %ProgramFiles(x86)%\OpenSSL |
100 | OPENSSLDIR: %CommonProgramFiles(x86)%\SSL | |
8c16829e | 101 | |
dc589dae | 102 | For VC-WIN64, the following defaults are use: |
8c16829e | 103 | |
dc589dae DMSP |
104 | PREFIX: %ProgramW6432%\OpenSSL |
105 | OPENSSLDIR: %CommonProgramW6432%\SSL | |
8c16829e | 106 | |
dc589dae DMSP |
107 | Should those environment variables not exist (on a pure Win32 |
108 | installation for examples), these fallbacks are used: | |
8c16829e | 109 | |
dc589dae DMSP |
110 | PREFIX: %ProgramFiles%\OpenSSL |
111 | OPENSSLDIR: %CommonProgramFiles%\SSL | |
8c16829e | 112 | |
dc589dae DMSP |
113 | ALSO NOTE that those directories are usually write protected, even if |
114 | your account is in the Administrators group. To work around that, | |
115 | start the command prompt by right-clicking on it and choosing "Run as | |
bd28a23e | 116 | Administrator" before running `nmake install`. The other solution |
dc589dae | 117 | is, of course, to choose a different set of directories by using |
bd28a23e | 118 | `--prefix` and `--openssldir` when configuring. |
8c16829e | 119 | |
bd28a23e TM |
120 | Special notes for Universal Windows Platform builds, aka `VC-*-UWP` |
121 | ------------------------------------------------------------------- | |
5ded1ca6 M |
122 | |
123 | - UWP targets only support building the static and dynamic libraries. | |
124 | ||
bd28a23e TM |
125 | - You should define the platform type to `uwp` and the target arch via |
126 | `vcvarsall.bat` before you compile. For example, if you want to build | |
127 | `arm64` builds, you should run `vcvarsall.bat x86_arm64 uwp`. | |
5ded1ca6 | 128 | |
55aa235e TI |
129 | Native builds using Embarcadero C++Builder |
130 | ========================================= | |
131 | ||
132 | This toolchain (a descendant of Turbo/Borland C++) is an alternative to MSVC. | |
5fee3fe2 | 133 | OpenSSL currently includes an experimental 32-bit configuration targeting the |
bd28a23e | 134 | Clang-based compiler (`bcc32c.exe`) in v10.3.3 Community Edition. |
55aa235e TI |
135 | <https://www.embarcadero.com/products/cbuilder/starter> |
136 | ||
137 | 1. Install Perl. | |
138 | ||
139 | 2. Open the RAD Studio Command Prompt. | |
140 | ||
141 | 3. Go to the root of the OpenSSL source directory and run: | |
bd28a23e | 142 | `perl Configure BC-32 --prefix=%CD%` |
55aa235e | 143 | |
bd28a23e | 144 | 4. `make -N` |
55aa235e | 145 | |
bd28a23e | 146 | 5. `make -N test` |
5fee3fe2 TI |
147 | |
148 | 6. Build your program against this OpenSSL: | |
55aa235e TI |
149 | * Set your include search path to the "include" subdirectory of OpenSSL. |
150 | * Set your library search path to the OpenSSL source directory. | |
151 | ||
5fee3fe2 TI |
152 | Note that this is very experimental. Support for 64-bit and other Configure |
153 | options is still pending. | |
55aa235e | 154 | |
dc589dae DMSP |
155 | Native builds using MinGW |
156 | ========================= | |
3e67b333 | 157 | |
dc589dae | 158 | MinGW offers an alternative way to build native OpenSSL, by cross compilation. |
b32b8961 | 159 | |
df4c1d80 | 160 | * Usually the build is done on Windows in a GNU-like environment called MSYS2. |
b32b8961 | 161 | |
df4c1d80 DDO |
162 | MSYS2 provides GNU tools, a Unix-like command prompt, |
163 | and a UNIX compatibility layer for applications. | |
8c1cbc72 | 164 | However, in this context it is only used for building OpenSSL. |
df4c1d80 DDO |
165 | The resulting OpenSSL does not rely on MSYS2 to run and is fully native. |
166 | ||
167 | Requirement details | |
168 | ||
474853c3 | 169 | - MSYS2 shell, from <https://www.msys2.org/> |
df4c1d80 DDO |
170 | |
171 | - Perl, at least version 5.10.0, which usually comes pre-installed with MSYS2 | |
172 | ||
bd28a23e | 173 | - make, installed using `pacman -S make` into the MSYS2 environment |
df4c1d80 | 174 | |
bd28a23e | 175 | - MinGW[64] compiler: `mingw-w64-i686-gcc` and/or `mingw-w64-x86_64-gcc`. |
df4c1d80 DDO |
176 | These compilers must be on your MSYS2 $PATH. |
177 | A common error is to not have these on your $PATH. | |
178 | The MSYS2 version of gcc will not work correctly here. | |
179 | ||
180 | In the MSYS2 shell do the configuration depending on the target architecture: | |
b32b8961 | 181 | |
dc589dae | 182 | ./Configure mingw ... |
bd28a23e | 183 | |
97a479c6 | 184 | or |
bd28a23e | 185 | |
dc589dae | 186 | ./Configure mingw64 ... |
bd28a23e | 187 | |
df4c1d80 | 188 | or |
bd28a23e | 189 | |
dc589dae DMSP |
190 | ./Configure ... |
191 | ||
df4c1d80 DDO |
192 | for the default architecture. |
193 | ||
bd28a23e | 194 | Apart from that, follow the Unix / Linux instructions in `INSTALL.md`. |
df4c1d80 DDO |
195 | |
196 | * It is also possible to build mingw[64] on Linux or Cygwin. | |
197 | ||
bd28a23e TM |
198 | In this case configure with the corresponding `--cross-compile-prefix=` |
199 | option. For example | |
b32b8961 | 200 | |
dc589dae | 201 | ./Configure mingw --cross-compile-prefix=i686-w64-mingw32- ... |
bd28a23e | 202 | |
df4c1d80 | 203 | or |
bd28a23e | 204 | |
dc589dae | 205 | ./Configure mingw64 --cross-compile-prefix=x86_64-w64-mingw32- ... |
b32b8961 | 206 | |
df4c1d80 DDO |
207 | This requires that you've installed the necessary add-on packages for |
208 | mingw[64] cross compilation. | |
b32b8961 | 209 | |
dc589dae DMSP |
210 | Linking native applications |
211 | =========================== | |
212 | ||
213 | This section applies to all native builds. | |
214 | ||
215 | If you link with static OpenSSL libraries then you're expected to | |
bd28a23e TM |
216 | additionally link your application with `WS2_32.LIB`, `GDI32.LIB`, |
217 | `ADVAPI32.LIB`, `CRYPT32.LIB` and `USER32.LIB`. Those developing | |
dc589dae | 218 | non-interactive service applications might feel concerned about |
bd28a23e | 219 | linking with `GDI32.LIB` and `USER32.LIB`, as they are justly associated |
dc589dae DMSP |
220 | with interactive desktop, which is not available to service |
221 | processes. The toolkit is designed to detect in which context it's | |
222 | currently executed, GUI, console app or service, and act accordingly, | |
223 | namely whether or not to actually make GUI calls. Additionally those | |
bd28a23e | 224 | who wish to `/DELAYLOAD:GDI32.DLL` and `/DELAYLOAD:USER32.DLL` and |
dc589dae | 225 | actually keep them off service process should consider implementing |
bd28a23e TM |
226 | and exporting from .exe image in question own `_OPENSSL_isservice` not |
227 | relying on `USER32.DLL`. E.g., on Windows Vista and later you could: | |
dc589dae DMSP |
228 | |
229 | __declspec(dllexport) __cdecl BOOL _OPENSSL_isservice(void) | |
230 | { | |
231 | DWORD sess; | |
232 | ||
233 | if (ProcessIdToSessionId(GetCurrentProcessId(), &sess)) | |
234 | return sess == 0; | |
235 | return FALSE; | |
236 | } | |
237 | ||
238 | If you link with OpenSSL .DLLs, then you're expected to include into | |
239 | your application code a small "shim" snippet, which provides | |
240 | the glue between the OpenSSL BIO layer and your compiler run-time. | |
241 | See also the OPENSSL_Applink manual page. | |
242 | ||
243 | Hosted builds using Cygwin | |
244 | ========================== | |
245 | ||
bd28a23e | 246 | Cygwin implements a POSIX/Unix runtime system (`cygwin1.dll`) on top of the |
dc589dae DMSP |
247 | Windows subsystem and provides a Bash shell and GNU tools environment. |
248 | Consequently, a build of OpenSSL with Cygwin is virtually identical to the | |
249 | Unix procedure. | |
250 | ||
251 | To build OpenSSL using Cygwin, you need to: | |
97a479c6 | 252 | |
474853c3 | 253 | * Install Cygwin, see <https://cygwin.com/> |
97a479c6 | 254 | |
df4c1d80 DDO |
255 | * Install Cygwin Perl, at least version 5.10.0 |
256 | and ensure it is in the $PATH | |
97a479c6 | 257 | |
df4c1d80 | 258 | * Run the Cygwin Bash shell |
97a479c6 | 259 | |
dc589dae | 260 | Apart from that, follow the Unix / Linux instructions in INSTALL.md. |
97a479c6 | 261 | |
bd28a23e TM |
262 | NOTE: `make test` and normal file operations may fail in directories |
263 | mounted as text (i.e. `mount -t c:\somewhere /home`) due to Cygwin | |
dc589dae | 264 | stripping of carriage returns. To avoid this ensure that a binary |
bd28a23e | 265 | mount is used, e.g. `mount -b c:\somewhere /home`. |