Optimize build script + OpenSSL 1.0.0g

This commit is contained in:
Felix Schulze 2012-01-28 20:20:37 +01:00
parent 3383aa74bd
commit 7333cb85fd
11 changed files with 75 additions and 82 deletions

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
bin
lib
*.gz

View File

@ -75,7 +75,7 @@
- (IBAction)showInfo { - (IBAction)showInfo {
UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"OpenSSL-for-iOS" message:@"OpenSSL-Version: 1.0.0e\nLicense: See include/LICENSE\n\nCopyright 2010-2011 by Felix Schulze\n http://www.x2on.de" delegate:nil cancelButtonTitle:@"Close" otherButtonTitles:nil]; UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"OpenSSL-for-iOS" message:@"OpenSSL-Version: 1.0.0g\nLicense: See include/LICENSE\n\nCopyright 2010-2012 by Felix Schulze\n http://www.x2on.de" delegate:nil cancelButtonTitle:@"Close" otherButtonTitles:nil];
[alert show]; [alert show];
[alert release]; [alert release];

View File

@ -28,8 +28,8 @@
28AD733E0D9D9553002E5188 /* MainWindow.xib */ = {isa = PBXFileReference; lastKnownFileType = file.xib; path = MainWindow.xib; sourceTree = "<group>"; }; 28AD733E0D9D9553002E5188 /* MainWindow.xib */ = {isa = PBXFileReference; lastKnownFileType = file.xib; path = MainWindow.xib; sourceTree = "<group>"; };
29B97316FDCFA39411CA2CEA /* main.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; }; 29B97316FDCFA39411CA2CEA /* main.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; };
2A28EE4512AA83FE00C0D35A /* Icon.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = Icon.png; sourceTree = "<group>"; }; 2A28EE4512AA83FE00C0D35A /* Icon.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = Icon.png; sourceTree = "<group>"; };
2AA51C5312AA80B400AEA776 /* libssl.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libssl.a; sourceTree = "<group>"; }; 2AA51C5312AA80B400AEA776 /* libssl.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; name = libssl.a; path = lib/libssl.a; sourceTree = "<group>"; };
2AA51C5412AA80B400AEA776 /* libcrypto.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libcrypto.a; sourceTree = "<group>"; }; 2AA51C5412AA80B400AEA776 /* libcrypto.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; name = libcrypto.a; path = lib/libcrypto.a; sourceTree = "<group>"; };
32CA4F630368D1EE00C91783 /* OpenSSL_for_iOS_Prefix.pch */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenSSL_for_iOS_Prefix.pch; sourceTree = "<group>"; }; 32CA4F630368D1EE00C91783 /* OpenSSL_for_iOS_Prefix.pch */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenSSL_for_iOS_Prefix.pch; sourceTree = "<group>"; };
8D1107310486CEB800E47090 /* OpenSSL_for_iOS-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "OpenSSL_for_iOS-Info.plist"; plistStructureDefinitionIdentifier = "com.apple.xcode.plist.structure-definition.iphone.info-plist"; sourceTree = "<group>"; }; 8D1107310486CEB800E47090 /* OpenSSL_for_iOS-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "OpenSSL_for_iOS-Info.plist"; plistStructureDefinitionIdentifier = "com.apple.xcode.plist.structure-definition.iphone.info-plist"; sourceTree = "<group>"; };
/* End PBXFileReference section */ /* End PBXFileReference section */
@ -189,10 +189,7 @@
GCC_PRECOMPILE_PREFIX_HEADER = YES; GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = OpenSSL_for_iOS_Prefix.pch; GCC_PREFIX_HEADER = OpenSSL_for_iOS_Prefix.pch;
INFOPLIST_FILE = "OpenSSL_for_iOS-Info.plist"; INFOPLIST_FILE = "OpenSSL_for_iOS-Info.plist";
LIBRARY_SEARCH_PATHS = ( LIBRARY_SEARCH_PATHS = lib;
"$(inherited)",
"\"$(SRCROOT)\"",
);
PRODUCT_NAME = OpenSSL; PRODUCT_NAME = OpenSSL;
}; };
name = Debug; name = Debug;
@ -205,10 +202,7 @@
GCC_PRECOMPILE_PREFIX_HEADER = YES; GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = OpenSSL_for_iOS_Prefix.pch; GCC_PREFIX_HEADER = OpenSSL_for_iOS_Prefix.pch;
INFOPLIST_FILE = "OpenSSL_for_iOS-Info.plist"; INFOPLIST_FILE = "OpenSSL_for_iOS-Info.plist";
LIBRARY_SEARCH_PATHS = ( LIBRARY_SEARCH_PATHS = lib;
"$(inherited)",
"\"$(SRCROOT)\"",
);
PRODUCT_NAME = OpenSSL; PRODUCT_NAME = OpenSSL;
VALIDATE_PRODUCT = YES; VALIDATE_PRODUCT = YES;
}; };

1
README
View File

@ -1,5 +1,6 @@
From: http://www.x2on.de/2010/02/01/tutorial-iphone-app-with-compiled-openssl-library/ and http://www.x2on.de/2010/07/13/tutorial-iphone-app-with-compiled-openssl-1-0-0a-library/ From: http://www.x2on.de/2010/02/01/tutorial-iphone-app-with-compiled-openssl-library/ and http://www.x2on.de/2010/07/13/tutorial-iphone-app-with-compiled-openssl-1-0-0a-library/
UPDATE 2012-01-28: OpemSSL 1.0.0g + Optimized build script
UPDATE 2011-10-23: OpemSSL 1.0.0e + iOS 5.0 UPDATE 2011-10-23: OpemSSL 1.0.0e + iOS 5.0
UPDATE 2011-02-08: I habe updated OpemSSL to 1.0.0d UPDATE 2011-02-08: I habe updated OpemSSL to 1.0.0d
UPDATE 2010-12-16: Script for building OpenSSL UPDATE 2010-12-16: Script for building OpenSSL

View File

@ -21,7 +21,7 @@
########################################################################### ###########################################################################
# Change values here # # Change values here #
# # # #
VERSION="1.0.0e" # VERSION="1.0.0g" #
SDKVERSION="5.0" # SDKVERSION="5.0" #
# # # #
########################################################################### ###########################################################################
@ -31,8 +31,8 @@ SDKVERSION="5.0" #
########################################################################### ###########################################################################
CURRENTPATH=`pwd` CURRENTPATH=`pwd`
ARCHS="i386 armv6 armv7"
set -e set -e
if [ ! -e openssl-${VERSION}.tar.gz ]; then if [ ! -e openssl-${VERSION}.tar.gz ]; then
@ -43,80 +43,47 @@ else
fi fi
mkdir -p "${CURRENTPATH}/src" mkdir -p "${CURRENTPATH}/src"
mkdir -p "${CURRENTPATH}/bin"
mkdir -p "${CURRENTPATH}/lib"
tar zxf openssl-${VERSION}.tar.gz -C "${CURRENTPATH}/src" tar zxf openssl-${VERSION}.tar.gz -C "${CURRENTPATH}/src"
cd "${CURRENTPATH}/src/openssl-${VERSION}" cd "${CURRENTPATH}/src/openssl-${VERSION}"
############
# iPhone Simulator for ARCH in ${ARCHS}
echo "Building openssl for iPhoneSimulator ${SDKVERSION} i386" do
if [ "${ARCH}" == "i386" ];
then
PLATFORM="iPhoneSimulator"
else
sed -ie "s!static volatile sig_atomic_t intr_signal;!static volatile intr_signal;!" "crypto/ui/ui_openssl.c"
PLATFORM="iPhoneOS"
fi
echo "Building openssl-${VERSION} for ${PLATFORM} ${SDKVERSION} ${ARCH}"
echo "Please stand by..." echo "Please stand by..."
export CC="/Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc -arch i386" export CC="/Developer/Platforms/${PLATFORM}.platform/Developer/usr/bin/gcc -arch ${ARCH}"
mkdir -p "${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}.sdk" mkdir -p "${CURRENTPATH}/bin/${PLATFORM}${SDKVERSION}-${ARCH}.sdk"
LOG="${CURRENTPATH}/bin/${PLATFORM}${SDKVERSION}-${ARCH}.sdk/build-openssl-${VERSION}.log"
LOG="${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}.sdk/build-openssl-${VERSION}.log" ./configure BSD-generic32 --openssldir="${CURRENTPATH}/bin/${PLATFORM}${SDKVERSION}-${ARCH}.sdk" > "${LOG}" 2>&1
./configure BSD-generic32 --openssldir="${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}.sdk" > "${LOG}" 2>&1
# add -isysroot to CC= # add -isysroot to CC=
sed -ie "s!^CFLAG=!CFLAG=-isysroot /Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator${SDKVERSION}.sdk !" "Makefile" sed -ie "s!^CFLAG=!CFLAG=-isysroot /Developer/Platforms/${PLATFORM}.platform/Developer/SDKs/${PLATFORM}${SDKVERSION}.sdk !" "Makefile"
make >> "${LOG}" 2>&1 make >> "${LOG}" 2>&1
make install >> "${LOG}" 2>&1 make install >> "${LOG}" 2>&1
make clean >> "${LOG}" 2>&1 make clean >> "${LOG}" 2>&1
############# done
#############
# iPhoneOS armv6
echo "Building openssl for iPhoneOS ${SDKVERSION} armv6"
echo "Please stand by..."
export CC="/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/gcc -arch armv6"
mkdir -p "${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv6.sdk"
LOG="${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv6.sdk/build-openssl-${VERSION}.log"
./configure BSD-generic32 --openssldir="${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv6.sdk" > "${LOG}" 2>&1
sed -ie "s!^CFLAG=!CFLAG=-isysroot /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS${SDKVERSION}.sdk !" "Makefile"
# remove sig_atomic for iPhoneOS
sed -ie "s!static volatile sig_atomic_t intr_signal;!static volatile intr_signal;!" "crypto/ui/ui_openssl.c"
make >> "${LOG}" 2>&1
make install >> "${LOG}" 2>&1
make clean >> "${LOG}" 2>&1
#############
#############
# iPhoneOS armv7
echo "Building openssl for iPhoneOS ${SDKVERSION} armv7"
echo "Please stand by..."
export CC="/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/gcc -arch armv7"
mkdir -p "${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv7.sdk"
LOG="${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv7.sdk/build-openssl-${VERSION}.log"
./configure BSD-generic32 --openssldir="${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv7.sdk" >> "${LOG}" 2>&1
sed -ie "s!^CFLAG=!CFLAG=-isysroot /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS${SDKVERSION}.sdk !" "Makefile"
# remove sig_atomic for iPhoneOS
sed -ie "s!static volatile sig_atomic_t intr_signal;!static volatile intr_signal;!" "crypto/ui/ui_openssl.c"
make >> "${LOG}" 2>&1
make install >> "${LOG}" 2>&1
make clean >> "${LOG}" 2>&1
#############
echo "Build library..." echo "Build library..."
lipo -create ${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}.sdk/lib/libssl.a ${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv6.sdk/lib/libssl.a ${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv7.sdk/lib/libssl.a -output ${CURRENTPATH}/libssl.a lipo -create ${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}-i386.sdk/lib/libssl.a ${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv6.sdk/lib/libssl.a ${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv7.sdk/lib/libssl.a -output ${CURRENTPATH}/lib/libssl.a
lipo -create ${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}.sdk/lib/libcrypto.a ${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv6.sdk/lib/libcrypto.a ${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv7.sdk/lib/libcrypto.a -output ${CURRENTPATH}/libcrypto.a lipo -create ${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}-i386.sdk/lib/libcrypto.a ${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv6.sdk/lib/libcrypto.a ${CURRENTPATH}/bin/iPhoneOS${SDKVERSION}-armv7.sdk/lib/libcrypto.a -output ${CURRENTPATH}/lib/libcrypto.a
mkdir -p ${CURRENTPATH}/include mkdir -p ${CURRENTPATH}/include
cp -R ${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}.sdk/include/openssl ${CURRENTPATH}/include/ cp -R ${CURRENTPATH}/bin/iPhoneSimulator${SDKVERSION}-i386.sdk/include/openssl ${CURRENTPATH}/include/
echo "Building done." echo "Building done."
echo "Cleaning up..." echo "Cleaning up..."
rm -rf ${CURRENTPATH}/src rm -rf ${CURRENTPATH}/src/openssl-${VERSION}
rm -rf ${CURRENTPATH}/bin
echo "Done." echo "Done."

View File

@ -306,6 +306,15 @@ DECLARE_STACK_OF(BIO)
typedef struct bio_f_buffer_ctx_struct typedef struct bio_f_buffer_ctx_struct
{ {
/* Buffers are setup like this:
*
* <---------------------- size ----------------------->
* +---------------------------------------------------+
* | consumed | remaining | free space |
* +---------------------------------------------------+
* <-- off --><------- len ------->
*/
/* BIO *bio; */ /* this is now in the BIO struct */ /* BIO *bio; */ /* this is now in the BIO struct */
int ibuf_size; /* how big is the input buffer */ int ibuf_size; /* how big is the input buffer */
int obuf_size; /* how big is the output buffer */ int obuf_size; /* how big is the output buffer */

View File

@ -193,8 +193,14 @@ extern "C" {
#endif #endif
/* --------------------------------- VOS ----------------------------------- */ /* --------------------------------- VOS ----------------------------------- */
#ifdef OPENSSL_SYSNAME_VOS #if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
# define OPENSSL_SYS_VOS # define OPENSSL_SYS_VOS
#ifdef __HPPA__
# define OPENSSL_SYS_VOS_HPPA
#endif
#ifdef __IA32__
# define OPENSSL_SYS_VOS_IA32
#endif
#endif #endif
/* ------------------------------- VxWorks --------------------------------- */ /* ------------------------------- VxWorks --------------------------------- */

View File

@ -71,8 +71,8 @@
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
#define ENGINESDIR "/Users/felixschulze/Projects/github/OpenSSL-for-iPhone/bin/iPhoneSimulator5.0.sdk/lib/engines" #define ENGINESDIR "/Users/felixschulze/Projects/OpenSSL-for-iPhone/bin/iPhoneSimulator5.0-i386.sdk/lib/engines"
#define OPENSSLDIR "/Users/felixschulze/Projects/github/OpenSSL-for-iPhone/bin/iPhoneSimulator5.0.sdk" #define OPENSSLDIR "/Users/felixschulze/Projects/OpenSSL-for-iPhone/bin/iPhoneSimulator5.0-i386.sdk"
#endif #endif
#endif #endif

View File

@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta) * major minor fix final patch/beta)
*/ */
#define OPENSSL_VERSION_NUMBER 0x1000005fL #define OPENSSL_VERSION_NUMBER 0x1000007fL
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0e-fips 6 Sep 2011" #define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0g-fips 18 Jan 2012"
#else #else
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0e 6 Sep 2011" #define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0g 18 Jan 2012"
#endif #endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

View File

@ -1882,6 +1882,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL3_CALLBACK_CTRL 233 #define SSL_F_SSL3_CALLBACK_CTRL 233
#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 #define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 #define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
#define SSL_F_SSL3_CHECK_CLIENT_HELLO 304
#define SSL_F_SSL3_CLIENT_HELLO 131 #define SSL_F_SSL3_CLIENT_HELLO 131
#define SSL_F_SSL3_CONNECT 132 #define SSL_F_SSL3_CONNECT 132
#define SSL_F_SSL3_CTRL 213 #define SSL_F_SSL3_CTRL 213
@ -2139,6 +2140,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_MISSING_TMP_RSA_KEY 172 #define SSL_R_MISSING_TMP_RSA_KEY 172
#define SSL_R_MISSING_TMP_RSA_PKEY 173 #define SSL_R_MISSING_TMP_RSA_PKEY 173
#define SSL_R_MISSING_VERIFY_MESSAGE 174 #define SSL_R_MISSING_VERIFY_MESSAGE 174
#define SSL_R_MULTIPLE_SGC_RESTARTS 346
#define SSL_R_NON_SSLV2_INITIAL_PACKET 175 #define SSL_R_NON_SSLV2_INITIAL_PACKET 175
#define SSL_R_NO_CERTIFICATES_RETURNED 176 #define SSL_R_NO_CERTIFICATES_RETURNED 176
#define SSL_R_NO_CERTIFICATE_ASSIGNED 177 #define SSL_R_NO_CERTIFICATE_ASSIGNED 177

View File

@ -380,6 +380,17 @@ typedef struct ssl3_buffer_st
#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 #define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
* restart a handshake because of MS SGC and so prevents us
* from restarting the handshake in a loop. It's reset on a
* renegotiation, so effectively limits the client to one restart
* per negotiation. This limits the possibility of a DDoS
* attack where the client handshakes in a loop using SGC to
* restart. Servers which permit renegotiation can still be
* effected, but we can't prevent that.
*/
#define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
typedef struct ssl3_state_st typedef struct ssl3_state_st
{ {
long flags; long flags;