summaryrefslogtreecommitdiff
path: root/libcrypto/libcrypto/buildfile
blob: b5be1e298f43624668b53aaacf8273e49802f62c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
# file      : libcrypto/buildfile
# license   : OpenSSL and SSLeay Licenses; see accompanying LICENSE file

import imp_libs = libz%lib{z}

# Exclude source code of unused features (engines, disabled algorithms, etc).
#
# Note: crypto/LPdir_*.c and crypto/des/ncbc_enc.c are actually headers.
#
lib{crypto}: {h   }{** -buildinf-body}              \
             {h   }{buildinf-body}                  \
      crypto/{   c}{** -LPdir_* -*cap               \
                       -aes/aes_x86core             \
                       -bn/asm/x86_64-gcc           \
                       -bn/rsaz_exp                 \
                       -des/ncbc_enc                \
                       -ec/ecp_nistz256*            \
                       -engine/eng_devcrypto        \
                       -mdc2/**                     \
                       -poly1305/poly1305_ieee754   \
                       -poly1305/poly1305_base2_44} \
             { def}{libcrypto}                      \
      crypto/{file}{LPdir_*.c des/ncbc_enc.c}       \
             $imp_libs

# Symlinked where appropriate.
#
downstream/internal/h{platform}@./downstream/internal/: dist = false

tclass = $c.target.class
tsys   = $c.target.system

i686 = ($c.target.cpu == 'i686')

linux   = ($tclass == 'linux')
bsd     = ($tclass == 'bsd')
windows = ($tclass == 'windows')

lib{crypto}: file{libcrypto.map}: include = ($linux || $bsd ? adhoc : false)

# Build options.
#
# Drop -DOPENSSL_PIC and -D{L|B}_ENDIAN preprocessor options and define
# OPENSSL_PIC and {L|B}_ENDIAN macros in downstream/openssl/opensslconf.h.
# Pass -DLIBCRYPTO_BUILD to define the above macros only while building the
# libcrypto library.
#
# Note that upstream also passes -DNDEBUG. Let's omit it for now to enable
# assertions to gain some extra confidence that we didn't break anything while
# packaging.
#
c.poptions += -DLIBCRYPTO_BUILD -DZLIB

# Note that the upstream package uses the -pthread compiler/linker option on
# Linux and FreeBSD. The option is unsupported by build2 so we pass
# -D_REENTRANT and -lpthread preprocessor/linker options instead.
#
# Also note that on FreeBSD and Mac OS the upstream package also passes
# -D_REENTRANT.
#
if! $windows
  c.poptions += -D_REENTRANT
else
  c.poptions += -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE

switch $tclass, $tsys
{
  case 'linux'
    c.poptions += -DOPENSSL_USE_NODELETE

  case 'bsd'
    c.poptions += -D_THREAD_SAFE

  case 'windows', 'mingw32'
    c.poptions += -D_MT

  case 'windows'
  {
    # Note that upstream also adds Applink support if compiled with VC. This
    # is something about being able to use the library with application
    # compiled with a different compiler (see
    # ../../upstream/Configurations/10-main.conf for details). We drop this
    # for now as it requires ASM support. In particular, we don't pass
    # -DOPENSSL_USE_APPLINK preprocessor option no compile uplink.c and
    # auto-generated uplink-x86_64.asm.
    #
    c.poptions += -DOPENSSL_SYS_WIN32 -D_CRT_SECURE_NO_DEPRECATE \
                  -D_WINSOCK_DEPRECATED_NO_WARNINGS
  }
}

switch $c.class
{
  case 'gcc'
  {
    if $i686
      c.coptions += -fomit-frame-pointer

    # Disable warnings that pop up with -Wall -Wextra. Upstream doesn't seem
    # to care about these and it is not easy to disable specific warnings in a
    # way that works across compilers/versions (some -Wno-* options are only
    # recognized in newer versions). There are still some warnings left that
    # appear for certain platforms/compilers. We pass them through but disable
    # treating them as errors.
    #
    c.coptions += -Wno-all -Wno-extra -Wno-error
  }
  case 'msvc'
  {
    c.coptions += /Gs0 /GF /Gy

    # Disable warnings that pop up with /W3.
    #
    c.coptions += /wd4090 /wd4129 /wd4164 /wd4244 /wd4267 /wd4311
  }
}

# Escape backslashes and quotes in the compilation flags and substitute them
# into internal/buildinf-body.h as string literals, one per line.
#
# Note: the flag list will not reflect compiler options that build2 adds
# implicitly (-fPIC, etc).
#
cflags =
for f: $c.poptions $c.coptions
  cflags += $regex.replace($f, '(\\|")', '\\\1')

h{buildinf-body}: in{buildinf-body}
{
  cflags = $regex.merge($cflags, '(.+)', '\n  " \1"')
}

# Note that we have to add "-I$src_root" for the headers auto-generating
# machinery to work properly.
#
c.poptions =+ "-I$out_root" "-I$src_root"            \
              "-I$src_base/downstream" "-I$src_base"

crypto/             c.poptions =+ "-I$src_base/include"
crypto/evp/         c.poptions =+ "-I$src_root/libcrypto/crypto/modes"
crypto/ec/curve448/ c.poptions =+ "-I$src_base" "-I$src_base/arch_32"

# Note that upstream defines OPENSSLDIR and ENGINESDIR differently for
# different platforms/distributions. For example, it defines ENGINESDIR as
# /usr/local/lib64/engines-1.1 on Fedora and /usr/local/lib/engines-1_1 for
# MinGW GCC (which doesn't make much sense).
#
# Also note that Linux distributions may also define them differently. For
# example:
#
# Debian/Ubuntu: /usr/lib/ssl and /usr/lib/x86_64-linux-gnu/engines-1.1
# Fedora/RHEL:   /etc/pki/tls and /usr/lib64/engines-1.1
#
# We will not define these directories as there is no guarantee that they
# exist and contain data that is safe to use. Overall, the thinking is that if
# any of these directories are actually needed, then one should probably be
# using the system-installed OpenSSL or configure these directories manually
# at runtime (e.g., via environment variables, API, etc).
#
# Note that we cannot just leave the macros undefined as the project will fail
# to compile. Using empty paths may seem like a good idea but will end up in
# potentially existing filesystem entries (/certs, /cert.pem, etc; see
# upstream's cryptlib.h). Thus, we define them as "\0" which results in the
# empty string literal for the macros defined as follows:
#
# # define X509_CERT_DIR OPENSSLDIR "/certs"
#
# Also note that for the crypto/obj{cversion} target we instead need to leave
# OPENSSLDIR and ENGINESDIR undefined not to break strings used by the
# OpenSSL_version() function (see crypto/cversion.c for details).
#
ns = $regex.apply({**.c -crypto/cversion.c}, '.c$', '')
obj{$ns}: c.poptions += -DOPENSSLDIR='"\0"' -DENGINESDIR='"\0"'

crypto/obj{cversion}: c.poptions =+ "-I$src_root/libcrypto/downstream/internal"

switch $tclass, $tsys
{
  case 'linux'
  {
    c.loptions += -Wl,-znodelete -Wl,-Bsymbolic                  \
                  "-Wl,--version-script=$src_base/libcrypto.map"

    c.libs += -ldl -lpthread
  }
  case 'bsd'
  {
    c.loptions += -Wl,-Bsymbolic                                 \
                  "-Wl,--version-script=$src_base/libcrypto.map"

    c.libs += -lpthread
  }
  case 'windows', 'mingw32'
  {
    # Note that for MinGW GCC the upstream package also passes -static-libgcc.
    # We normally don't link GCC run-time statically when packaging other C
    # libraries, so let's not do that here either and see how it goes.
    #
    c.loptions += -Wl,--enable-auto-image-base

    c.libs += -lws2_32 -lgdi32 -lcrypt32
  }
  case 'windows'
  {
    # Suppress the 'object file does not define any public symbols' warning.
    #
    c.aoptions += /IGNORE:4221

    c.libs += ws2_32.lib gdi32.lib crypt32.lib advapi32.lib
  }
}

# Export options.
#
lib{crypto}: cc.export.poptions = "-I$src_base/downstream" "-I$src_base"

# See bootstrap.build for details.
#
if $version.pre_release
  lib{crypto}: bin.lib.version = @"-$version.project_id"
else
  lib{crypto}: bin.lib.version = @"-$abi_version"

# Install headers from the upstream and downstream openssl/ subdirectories
# only.
#
h{*}:                                install = false
openssl/h{*}:                        install = include/openssl/
downstream/openssl/h{*}:             install = include/openssl/
downstream/openssl/opensslconf/h{*}: install = include/openssl/opensslconf/

# Disable libssl headers installation (see ../README-DEV for details).
#
for h: dtls1 srtp ssl2 ssl3 sslerr ssl
  openssl/h{$h}@./openssl/: install = false