[ipfire-3.x.git] / lfs / openssl

###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

###############################################################################
# Definitions
###############################################################################

include Config

PKG_NAME   = openssl
VER        = 0.9.8i

THISAPP    = $(PKG_NAME)-$(VER)
DL_FILE    = $(THISAPP).tar.gz
DIR_APP    = $(DIR_SRC)/$(THISAPP)

OBJECT     = $(DIR_INFO)/$(STAGE_ORDER)_$(STAGE)/$(THISAPP)

ifneq "$(MACHINE)" "i686"
	SSL_ARCH = no-asm 386 # 386 implies no-sse2
endif

# These arches do support sse2.
ifneq "$(TARGET)" "via-c7"
ifneq "$(TARGET)" "atom330"
ifneq "$(TARGET)" "core2duo"
	SSL_ARCH += no-sse2
endif
endif
endif

###############################################################################
# Top-level Rules
###############################################################################

objects = $(DL_FILE) \
	$(THISAPP)-fix_manpages-1.patch \
	$(THISAPP)-enginesdir.patch

install: $(OBJECT)

download : $(objects)

$(objects) :
	@$(LOAD)

###############################################################################
# Installation Details
###############################################################################

$(OBJECT) : 
	@$(PREBUILD)
	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
	cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/$(THISAPP)-fix_manpages-1.patch
	cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/$(THISAPP)-enginesdir.patch

	cd $(DIR_APP) && sed -i -e 's/-O3 -fomit-frame-pointer/$(CFLAGS)/' Configure

	cd $(DIR_APP) && sed -e 's/__OpenBSD__/__linux__/' -e 's/arandom/urandom/' \
				-i.orig crypto/rand/randfile.c

	cd $(DIR_APP) && sed 's/__OpenBSD__/__linux__/' -i.orig crypto/uid.c

	cd $(DIR_APP) && find crypto/ -name Makefile -exec \
		sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i.orig {} \;

	cd $(DIR_APP) && \
		./Configure \
			--prefix=/usr \
			--openssldir=/etc/pki/tls \
			--enginesdir=/usr/lib/openssl/engines \
			linux-elf $(SSL_ARCH) \
			shared \
			zlib-dynamic \
			enable-camellia \
			enable-seed \
			enable-tlsext \
			enable-rfc3779 \
			no-idea \
			no-mdc2 \
			no-rc5 \
			no-ec \
			no-ecdh \
			no-ecdsa \
			-DSSL_FORBID_ENULL

	# Build.
	cd $(DIR_APP) && make all build-shared #$(PARALLELISMFLAGS)

	# Generate hashes for the included certs.
	cd $(DIR_APP) && make rehash build-shared

	cd $(DIR_APP) && make install build-shared
	cd $(DIR_APP) && cp -v -r certs /etc/pki/tls

	mv -v /usr/lib/{libcrypto,libssl}.a /usr/lib/static
	install -d /usr/lib/openssl
	mv -v /usr/lib/engines /usr/lib/openssl

	-mkdir -m700 /etc/pki/CA
	-mkdir -m700 /etc/pki/CA/private

	install -m 0644 $(DIR_SRC)/config/ssl/openssl.cnf /etc/pki/tls

	@rm -rf $(DIR_APP) /etc/pki/tls/man
	@$(POSTBUILD)
Commit	Line	Data
cd1a2927	1	###############################################################################
cd1a2927	2	# #
70df8302 MT	3	# IPFire.org - A linux based firewall #
	4	# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
	5	# #
	6	# This program is free software: you can redistribute it and/or modify #
cd1a2927	7	# it under the terms of the GNU General Public License as published by #
70df8302	8	# the Free Software Foundation, either version 3 of the License, or #
cd1a2927 MT	9	# (at your option) any later version. #
cd1a2927 MT	10	# #
70df8302	11	# This program is distributed in the hope that it will be useful, #
cd1a2927 MT	12	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	13	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	14	# GNU General Public License for more details. #
	15	# #
	16	# You should have received a copy of the GNU General Public License #
70df8302	17	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
cd1a2927	18	# #
cd1a2927 MT	19	###############################################################################
	20
	21	###############################################################################
	22	# Definitions
	23	###############################################################################
	24
	25	include Config
	26
246556fe	27	PKG_NAME = openssl
ca39e074	28	VER = 0.9.8i
cd1a2927	29
246556fe	30	THISAPP = $(PKG_NAME)-$(VER)
cd1a2927	31	DL_FILE = $(THISAPP).tar.gz
cd1a2927	32	DIR_APP = $(DIR_SRC)/$(THISAPP)
246556fe	33
6679675b	34	OBJECT = $(DIR_INFO)/$(STAGE_ORDER)_$(STAGE)/$(THISAPP)
cd1a2927	35
9f87d5ba MT	36	ifneq "$(MACHINE)" "i686"
	37	SSL_ARCH = no-asm 386 # 386 implies no-sse2
	38	endif
	39
	40	# These arches do support sse2.
	41	ifneq "$(TARGET)" "via-c7"
	42	ifneq "$(TARGET)" "atom330"
	43	ifneq "$(TARGET)" "core2duo"
	44	SSL_ARCH += no-sse2
	45	endif
	46	endif
	47	endif
	48
cd1a2927 MT	49	###############################################################################
	50	# Top-level Rules
	51	###############################################################################
	52
9f87d5ba MT	53	objects = $(DL_FILE) \
	54	$(THISAPP)-fix_manpages-1.patch \
	55	$(THISAPP)-enginesdir.patch
cd1a2927	56
6679675b	57	install: $(OBJECT)
cd1a2927	58
87703b91	59	download : $(objects)
cd1a2927	60
87703b91	61	$(objects) :
cd1a2927 MT	62	@$(LOAD)
cd1a2927 MT	63
cd1a2927 MT	64	###############################################################################
	65	# Installation Details
	66	###############################################################################
	67
6679675b	68	$(OBJECT) :
cd1a2927 MT	69	@$(PREBUILD)
cd1a2927 MT	70	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
246556fe	71	cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/$(THISAPP)-fix_manpages-1.patch
9f87d5ba	72	cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/$(THISAPP)-enginesdir.patch
f3baef97	73
9f87d5ba	74	cd $(DIR_APP) && sed -i -e 's/-O3 -fomit-frame-pointer/$(CFLAGS)/' Configure
f3baef97 MT	75
	76	cd $(DIR_APP) && sed -e 's/__OpenBSD__/__linux__/' -e 's/arandom/urandom/' \
	77	-i.orig crypto/rand/randfile.c
	78
	79	cd $(DIR_APP) && sed 's/__OpenBSD__/__linux__/' -i.orig crypto/uid.c
f3baef97 MT	80
	81	cd $(DIR_APP) && find crypto/ -name Makefile -exec \
	82	sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i.orig {} \;
	83
9f87d5ba MT	84	cd $(DIR_APP) && \
	85	./Configure \
	86	--prefix=/usr \
	87	--openssldir=/etc/pki/tls \
	88	--enginesdir=/usr/lib/openssl/engines \
	89	linux-elf $(SSL_ARCH) \
	90	shared \
	91	zlib-dynamic \
	92	enable-camellia \
	93	enable-seed \
	94	enable-tlsext \
	95	enable-rfc3779 \
	96	no-idea \
	97	no-mdc2 \
	98	no-rc5 \
	99	no-ec \
	100	no-ecdh \
	101	no-ecdsa \
	102	-DSSL_FORBID_ENULL
	103
	104	# Build.
	105	cd $(DIR_APP) && make all build-shared #$(PARALLELISMFLAGS)
	106
	107	# Generate hashes for the included certs.
	108	cd $(DIR_APP) && make rehash build-shared
	109
	110	cd $(DIR_APP) && make install build-shared
	111	cd $(DIR_APP) && cp -v -r certs /etc/pki/tls
f3baef97 MT	112
f3baef97 MT	113	mv -v /usr/lib/{libcrypto,libssl}.a /usr/lib/static
9f87d5ba MT	114	install -d /usr/lib/openssl
	115	mv -v /usr/lib/engines /usr/lib/openssl
	116
	117	-mkdir -m700 /etc/pki/CA
	118	-mkdir -m700 /etc/pki/CA/private
	119
	120	install -m 0644 $(DIR_SRC)/config/ssl/openssl.cnf /etc/pki/tls
f3baef97	121
9f87d5ba	122	@rm -rf $(DIR_APP) /etc/pki/tls/man
cd1a2927	123	@$(POSTBUILD)