Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / refs/heads/next-2.8 / . / scripts / build-ssl.sh
blob: a1935dd1ed480b087148fd1bc944044df4006048 [file] [log] [blame]
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]1#!/bin/sh
2set -eux
3
4download_openssl () {
5 if [ ! -f "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ]; then
Ilya Shipitsin6e18f922020-04-07 23:35:49 +0500[diff] [blame]6
7#
8# OpenSSL has different links for latest and previous releases
9# since we want to download several versions, let us try to treat
10# current version as latest, if it fails, follow with previous
11#
12
13 wget -P download-cache/ \
14 "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" || \
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]15 wget -P download-cache/ \
Ilya Shipitsin6e18f922020-04-07 23:35:49 +0500[diff] [blame]16 "https://www.openssl.org/source/old/${OPENSSL_VERSION%[a-z]}/openssl-${OPENSSL_VERSION}.tar.gz"
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]17 fi
18}
19
Willy Tarreaucbc0c232021-06-17 15:39:30 +0200[diff] [blame]20# recent openssl versions support parallel builds and skipping the docs,
21# while older ones require to build everything sequentially.
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]22build_openssl_linux () {
23 (
24 cd "openssl-${OPENSSL_VERSION}/"
Ilya Shipitsincd61e832021-08-21 16:01:25 +0500[diff] [blame]25 ./config shared --prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY
Willy Tarreaucbc0c232021-06-17 15:39:30 +0200[diff] [blame]26 if [ -z "${OPENSSL_VERSION##1.*}" ]; then
27 make all
28 else
29 make -j$(nproc) build_sw
30 fi
Willy Tarreauc6f14982021-06-10 07:52:23 +0200[diff] [blame]31 make install_sw
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]32 )
33}
34
35build_openssl_osx () {
36 (
37 cd "openssl-${OPENSSL_VERSION}/"
38 ./Configure darwin64-x86_64-cc shared \
Ilya Shipitsincd61e832021-08-21 16:01:25 +0500[diff] [blame]39 --prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY
Willy Tarreauf4b98012021-06-10 07:52:23 +0200[diff] [blame]40 make depend build_sw install_sw
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]41 )
42}
43
44build_openssl () {
45 if [ "$(cat ${HOME}/opt/.openssl-version)" != "${OPENSSL_VERSION}" ]; then
46 tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz"
Ilya Shipitsin47e09dd2020-02-11 14:36:23 +0500[diff] [blame]47 case `uname` in
48 'Darwin')
49 build_openssl_osx
50 ;;
51 'Linux')
52 build_openssl_linux
53 ;;
54 esac
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]55 echo "${OPENSSL_VERSION}" > "${HOME}/opt/.openssl-version"
56 fi
57}
58
59download_libressl () {
60 if [ ! -f "download-cache/libressl-${LIBRESSL_VERSION}.tar.gz" ]; then
61 wget -P download-cache/ \
Ilia Shipitsin67036532023-04-26 12:15:11 +0200[diff] [blame]62 "https://cdn.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz"
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]63 fi
64}
65
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]66build_libressl () {
67 if [ "$(cat ${HOME}/opt/.libressl-version)" != "${LIBRESSL_VERSION}" ]; then
68 tar zxf "download-cache/libressl-${LIBRESSL_VERSION}.tar.gz"
69 (
70 cd "libressl-${LIBRESSL_VERSION}/"
71 ./configure --prefix="${HOME}/opt"
72 make all install
73 )
74 echo "${LIBRESSL_VERSION}" > "${HOME}/opt/.libressl-version"
75 fi
76}
77
Ilya Shipitsina088d3d2019-06-05 02:16:51 +0500[diff] [blame]78download_boringssl () {
79 if [ ! -d "download-cache/boringssl" ]; then
80 git clone --depth=1 https://boringssl.googlesource.com/boringssl download-cache/boringssl
81 else
82 (
83 cd download-cache/boringssl
84 git pull
85 )
86 fi
87}
88
Ilya Shipitsin2091c7c2021-11-18 18:27:56 +0500[diff] [blame]89download_quictls () {
90 if [ ! -d "download-cache/quictls" ]; then
91 git clone --depth=1 https://github.com/quictls/openssl download-cache/quictls
92 else
93 (
94 cd download-cache/quictls
95 git pull
96 )
97 fi
98}
99
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]100if [ ! -z ${LIBRESSL_VERSION+x} ]; then
101 download_libressl
102 build_libressl
103fi
104
105if [ ! -z ${OPENSSL_VERSION+x} ]; then
106 download_openssl
107 build_openssl
108fi
109
Ilya Shipitsin35d20af2019-05-09 01:15:59 +0500[diff] [blame]110if [ ! -z ${BORINGSSL+x} ]; then
111 (
Ilya Shipitsin8abf0262019-09-16 16:13:10 +0500[diff] [blame]112
113 # travis-ci comes with go-1.11, while boringssl requires go-1.13
114 eval "$(curl -sL https://raw.githubusercontent.com/travis-ci/gimme/master/gimme | GIMME_GO_VERSION=1.13 bash)"
115
Ilya Shipitsina088d3d2019-06-05 02:16:51 +0500[diff] [blame]116 download_boringssl
117 cd download-cache/boringssl
118 if [ -d build ]; then rm -rf build; fi
Ilya Shipitsin35d20af2019-05-09 01:15:59 +0500[diff] [blame]119 mkdir build
120 cd build
Ilya Shipitsinaaa34ea2020-06-21 16:39:30 +0500[diff] [blame]121 cmake -GNinja -DCMAKE_BUILD_TYPE=release -DBUILD_SHARED_LIBS=1 ..
122 ninja
Ilya Shipitsin35d20af2019-05-09 01:15:59 +0500[diff] [blame]123
Ilya Shipitsin6b736b42020-10-11 23:42:51 +0500[diff] [blame]124 rm -rf ${HOME}/opt/lib || exit 0
125 rm -rf ${HOME}/opt/include || exit 0
Ilya Shipitsin35d20af2019-05-09 01:15:59 +0500[diff] [blame]126
Ilya Shipitsin6b736b42020-10-11 23:42:51 +0500[diff] [blame]127 mkdir -p ${HOME}/opt/lib
128 cp crypto/libcrypto.so ssl/libssl.so ${HOME}/opt/lib
Ilya Shipitsin35d20af2019-05-09 01:15:59 +0500[diff] [blame]129
Ilya Shipitsin6b736b42020-10-11 23:42:51 +0500[diff] [blame]130 mkdir -p ${HOME}/opt/include
131 cp -r ../include/* ${HOME}/opt/include
Ilya Shipitsin35d20af2019-05-09 01:15:59 +0500[diff] [blame]132 )
133fi
Ilya Shipitsin054a5b82019-05-03 14:31:20 +0500[diff] [blame]134
Ilya Shipitsin2091c7c2021-11-18 18:27:56 +0500[diff] [blame]135if [ ! -z ${QUICTLS+x} ]; then
136 (
Ilya Shipitsin2091c7c2021-11-18 18:27:56 +0500[diff] [blame]137 download_quictls
138 cd download-cache/quictls
139
Ilya Shipitsin47ddc892022-10-15 09:55:49 +0500[diff] [blame]140 ./config shared no-tests ${QUICTLS_EXTRA_ARGS:-} --prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY
Ilya Shipitsin2091c7c2021-11-18 18:27:56 +0500[diff] [blame]141 make -j$(nproc) build_sw
142 make install_sw
143
144 )
145fi