• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/usr/bin/env bash
2# Copyright (c) 2023 Huawei Device Co., Ltd.
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7#     http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15set -e
16pwd # out/target_name
17openssl_source_path="$1"
18build_all_generated_path="$2"
19openssl_selected_platform="$3"
20build_with_liblegacy="$4"
21
22# https://github.com/openssl/openssl/blob/master/INSTALL.md#out-of-tree-builds
23# OpenSSL can be configured to build in a build directory separate from the source code directory.
24# It's done by placing yourself in some other directory and invoking the configuration commands from there.
25rm -rf ${build_all_generated_path}
26mkdir -p ${build_all_generated_path}
27pushd ${build_all_generated_path}
28    # https://github.com/openssl/openssl/issues/20112#issuecomment-1400388204
29    # no-shared will disable building shared libcrypto and libssl libraries.
30    # But the legacy provider would still be built as a shared module.
31    # So you would need the legacy shared module present on the installed
32    # system and the paths would have to be correct.
33    # You can use no-module to make the legacy provider built-in.
34
35    # https://github.com/openssl/openssl/issues/17679#issue-1130060263
36    # Is there a way to build a static version of openssl3, including the "legacy" OSSL_PROVIDER?
37    # https://github.com/openssl/openssl/issues/17679#issuecomment-1034949099
38    # Configure with no-shared no-module. The legacy provider is then part of libcrypto.a.
39    # You still need to "load" it via OSSL_PROVIDER_load() - but no .so file is required in that case.
40
41    # https://github.com/openssl/openssl/issues/19368#issuecomment-1274558844
42    # no-shared affects the building of libcrypto*.dll and libssl*.dll,
43    # not dynamically loadable modules (which are governed by the configuration option no-module / enable-module,
44    # which is enabled by default).
45    if [ "$build_with_liblegacy" = "false" ]; then
46        echo "openssl disable liblegacy"
47        configure_cmd="${openssl_source_path}/Configure ${openssl_selected_platform} no-filenames"
48    else
49        echo "openssl enable liblegacy"
50        configure_cmd="${openssl_source_path}/Configure ${openssl_selected_platform} no-shared no-module no-filenames"
51    fi
52    echo $configure_cmd
53    $configure_cmd
54    make build_all_generated -j256 >/dev/null 2>&1
55popd
56