Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | set -eux |
| 3 | |
| 4 | download_openssl () { |
| 5 | if [ ! -f "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ]; then |
Ilya Shipitsin | 6e18f92 | 2020-04-07 23:35:49 +0500 | [diff] [blame] | 6 | |
| 7 | # |
| 8 | # OpenSSL has different links for latest and previous releases |
| 9 | # since we want to download several versions, let us try to treat |
| 10 | # current version as latest, if it fails, follow with previous |
| 11 | # |
| 12 | |
| 13 | wget -P download-cache/ \ |
| 14 | "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" || \ |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 15 | wget -P download-cache/ \ |
Ilya Shipitsin | 6e18f92 | 2020-04-07 23:35:49 +0500 | [diff] [blame] | 16 | "https://www.openssl.org/source/old/${OPENSSL_VERSION%[a-z]}/openssl-${OPENSSL_VERSION}.tar.gz" |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 17 | fi |
| 18 | } |
| 19 | |
Willy Tarreau | cbc0c23 | 2021-06-17 15:39:30 +0200 | [diff] [blame] | 20 | # recent openssl versions support parallel builds and skipping the docs, |
| 21 | # while older ones require to build everything sequentially. |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 22 | build_openssl_linux () { |
| 23 | ( |
| 24 | cd "openssl-${OPENSSL_VERSION}/" |
Ilya Shipitsin | cd61e83 | 2021-08-21 16:01:25 +0500 | [diff] [blame] | 25 | ./config shared --prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY |
Willy Tarreau | cbc0c23 | 2021-06-17 15:39:30 +0200 | [diff] [blame] | 26 | if [ -z "${OPENSSL_VERSION##1.*}" ]; then |
| 27 | make all |
| 28 | else |
| 29 | make -j$(nproc) build_sw |
| 30 | fi |
Willy Tarreau | c6f1498 | 2021-06-10 07:52:23 +0200 | [diff] [blame] | 31 | make install_sw |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 32 | ) |
| 33 | } |
| 34 | |
| 35 | build_openssl_osx () { |
| 36 | ( |
| 37 | cd "openssl-${OPENSSL_VERSION}/" |
| 38 | ./Configure darwin64-x86_64-cc shared \ |
Ilya Shipitsin | cd61e83 | 2021-08-21 16:01:25 +0500 | [diff] [blame] | 39 | --prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY |
Willy Tarreau | f4b9801 | 2021-06-10 07:52:23 +0200 | [diff] [blame] | 40 | make depend build_sw install_sw |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 41 | ) |
| 42 | } |
| 43 | |
| 44 | build_openssl () { |
| 45 | if [ "$(cat ${HOME}/opt/.openssl-version)" != "${OPENSSL_VERSION}" ]; then |
| 46 | tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" |
Ilya Shipitsin | 47e09dd | 2020-02-11 14:36:23 +0500 | [diff] [blame] | 47 | case `uname` in |
| 48 | 'Darwin') |
| 49 | build_openssl_osx |
| 50 | ;; |
| 51 | 'Linux') |
| 52 | build_openssl_linux |
| 53 | ;; |
| 54 | esac |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 55 | echo "${OPENSSL_VERSION}" > "${HOME}/opt/.openssl-version" |
| 56 | fi |
| 57 | } |
| 58 | |
| 59 | download_libressl () { |
| 60 | if [ ! -f "download-cache/libressl-${LIBRESSL_VERSION}.tar.gz" ]; then |
| 61 | wget -P download-cache/ \ |
| 62 | "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz" |
| 63 | fi |
| 64 | } |
| 65 | |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 66 | build_libressl () { |
| 67 | if [ "$(cat ${HOME}/opt/.libressl-version)" != "${LIBRESSL_VERSION}" ]; then |
| 68 | tar zxf "download-cache/libressl-${LIBRESSL_VERSION}.tar.gz" |
| 69 | ( |
| 70 | cd "libressl-${LIBRESSL_VERSION}/" |
| 71 | ./configure --prefix="${HOME}/opt" |
| 72 | make all install |
| 73 | ) |
| 74 | echo "${LIBRESSL_VERSION}" > "${HOME}/opt/.libressl-version" |
| 75 | fi |
| 76 | } |
| 77 | |
Ilya Shipitsin | a088d3d | 2019-06-05 02:16:51 +0500 | [diff] [blame] | 78 | download_boringssl () { |
| 79 | if [ ! -d "download-cache/boringssl" ]; then |
| 80 | git clone --depth=1 https://boringssl.googlesource.com/boringssl download-cache/boringssl |
| 81 | else |
| 82 | ( |
| 83 | cd download-cache/boringssl |
| 84 | git pull |
| 85 | ) |
| 86 | fi |
| 87 | } |
| 88 | |
Ilya Shipitsin | 2091c7c | 2021-11-18 18:27:56 +0500 | [diff] [blame] | 89 | download_quictls () { |
| 90 | if [ ! -d "download-cache/quictls" ]; then |
| 91 | git clone --depth=1 https://github.com/quictls/openssl download-cache/quictls |
| 92 | else |
| 93 | ( |
| 94 | cd download-cache/quictls |
| 95 | git pull |
| 96 | ) |
| 97 | fi |
| 98 | } |
| 99 | |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 100 | if [ ! -z ${LIBRESSL_VERSION+x} ]; then |
| 101 | download_libressl |
| 102 | build_libressl |
| 103 | fi |
| 104 | |
| 105 | if [ ! -z ${OPENSSL_VERSION+x} ]; then |
| 106 | download_openssl |
| 107 | build_openssl |
| 108 | fi |
| 109 | |
Ilya Shipitsin | 35d20af | 2019-05-09 01:15:59 +0500 | [diff] [blame] | 110 | if [ ! -z ${BORINGSSL+x} ]; then |
| 111 | ( |
Ilya Shipitsin | 8abf026 | 2019-09-16 16:13:10 +0500 | [diff] [blame] | 112 | |
| 113 | # travis-ci comes with go-1.11, while boringssl requires go-1.13 |
| 114 | eval "$(curl -sL https://raw.githubusercontent.com/travis-ci/gimme/master/gimme | GIMME_GO_VERSION=1.13 bash)" |
| 115 | |
Ilya Shipitsin | a088d3d | 2019-06-05 02:16:51 +0500 | [diff] [blame] | 116 | download_boringssl |
| 117 | cd download-cache/boringssl |
| 118 | if [ -d build ]; then rm -rf build; fi |
Ilya Shipitsin | 35d20af | 2019-05-09 01:15:59 +0500 | [diff] [blame] | 119 | mkdir build |
| 120 | cd build |
Ilya Shipitsin | aaa34ea | 2020-06-21 16:39:30 +0500 | [diff] [blame] | 121 | cmake -GNinja -DCMAKE_BUILD_TYPE=release -DBUILD_SHARED_LIBS=1 .. |
| 122 | ninja |
Ilya Shipitsin | 35d20af | 2019-05-09 01:15:59 +0500 | [diff] [blame] | 123 | |
Ilya Shipitsin | 6b736b4 | 2020-10-11 23:42:51 +0500 | [diff] [blame] | 124 | rm -rf ${HOME}/opt/lib || exit 0 |
| 125 | rm -rf ${HOME}/opt/include || exit 0 |
Ilya Shipitsin | 35d20af | 2019-05-09 01:15:59 +0500 | [diff] [blame] | 126 | |
Ilya Shipitsin | 6b736b4 | 2020-10-11 23:42:51 +0500 | [diff] [blame] | 127 | mkdir -p ${HOME}/opt/lib |
| 128 | cp crypto/libcrypto.so ssl/libssl.so ${HOME}/opt/lib |
Ilya Shipitsin | 35d20af | 2019-05-09 01:15:59 +0500 | [diff] [blame] | 129 | |
Ilya Shipitsin | 6b736b4 | 2020-10-11 23:42:51 +0500 | [diff] [blame] | 130 | mkdir -p ${HOME}/opt/include |
| 131 | cp -r ../include/* ${HOME}/opt/include |
Ilya Shipitsin | 35d20af | 2019-05-09 01:15:59 +0500 | [diff] [blame] | 132 | ) |
| 133 | fi |
Ilya Shipitsin | 054a5b8 | 2019-05-03 14:31:20 +0500 | [diff] [blame] | 134 | |
Ilya Shipitsin | 2091c7c | 2021-11-18 18:27:56 +0500 | [diff] [blame] | 135 | if [ ! -z ${QUICTLS+x} ]; then |
| 136 | ( |
Ilya Shipitsin | 2091c7c | 2021-11-18 18:27:56 +0500 | [diff] [blame] | 137 | download_quictls |
| 138 | cd download-cache/quictls |
| 139 | |
Ilya Shipitsin | 3f59ac5 | 2022-07-29 23:13:21 +0500 | [diff] [blame] | 140 | ./config shared ${QUICTLS_EXTRA_ARGS:-} --prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY |
Ilya Shipitsin | 2091c7c | 2021-11-18 18:27:56 +0500 | [diff] [blame] | 141 | make -j$(nproc) build_sw |
| 142 | make install_sw |
| 143 | |
| 144 | ) |
| 145 | fi |