testssl.sh/utils/make-openssl111.sh

99 lines
2.5 KiB
Bash
Raw Normal View History

#!/usr/bin/env bash
2018-07-17 00:41:21 +02:00
#
# vim:ts=5:sw=5:expandtab
#
2021-05-29 01:19:58 +02:00
# Script compiling OpenSSL 1.1.1 from GitHub. Not yet particular sophisticated.
# Just meant to provide a help to get the compile job done
2018-07-17 00:41:21 +02:00
echo
echo "#####################################################"
echo "####### Build script for openssl 1.1.1 #######"
echo "####### (contains some weak cryptography) #######"
2018-07-17 00:41:21 +02:00
echo "#####################################################"
echo
2019-07-10 08:54:55 +02:00
OPT11="enable-tls1_3 enable-ec_nistp_64_gcc_128 sctp enable-aria enable-asan enable-rc5 \
enable-ssl3 enable-ssl3-method enable-dynamic-engine enable-ssl-trace \
-DOPENSSL_TLS_SECURITY_LEVEL=0 "
2018-07-17 00:41:21 +02:00
STDOPTIONS="--prefix=/usr/ --openssldir=/etc/ssl -DOPENSSL_USE_BUILD_DATE enable-zlib \
enable-heartbeats enable-rc5 enable-md2 enable-ssl3 enable-weak-ssl-ciphers zlib no-shared \
enable-rc2 enable-gost enable-cms enable-mdc2 enable-ec enable-ec2m enable-ecdh enable-ecdsa \
enable-seed enable-camellia enable-idea enable-rfc3779"
grep OPENSSL_VERSION_TEXT include/openssl/opensslv.h | grep -q 1.1.1 && STDOPTIONS="$STDOPTIONS $OPT11"
clean() {
case $NOCLEAN in
yes|Y|YES) ;;
*) make clean ;;
esac
#[ $? -ne 0 ] && error "no openssl directory"
return 0
}
error() {
tput bold
echo "ERROR $1"
tput sgr0
exit 2
}
makeall() {
make depend && make -j2 # && make report
if [ $? -ne 0 ]; then
#FIXME: we need another error handler, as a failure doesn't mean here anymore a return status of 1
2018-07-17 00:41:21 +02:00
error "making"
return 1
fi
return 0
}
copyfiles() {
echo; apps/openssl version -a; echo
cp -p apps/openssl ../openssl.$(uname).$(uname -m).$1
echo
return $?
}
case $(uname -m) in
"i686") clean
if [[ "$1" = krb ]]; then
name2add=krb
./config $STDOPTIONS --with-krb5-flavor=MIT
2018-07-17 00:41:21 +02:00
else
name2add=static
#export CFLAGS='-fPIC'
./config $STDOPTIONS -static
2018-07-17 00:41:21 +02:00
fi
[ $? -ne 0 ] && error "configuring"
makeall && copyfiles "$name2add"
[ $? -ne 0 ] && error "copying files"
apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l
echo
echo "------------ all ok ------------"
echo
;;
"x86_64") clean
if [[ "$1" = krb ]]; then
name2add=krb
./config $STDOPTIONS --with-krb5-flavor=MIT
2018-07-17 00:41:21 +02:00
else
2019-07-10 08:54:55 +02:00
name2add=static
./config $STDOPTIONS -static
2018-07-17 00:41:21 +02:00
fi
[ $? -ne 0 ] && error "configuring"
makeall && copyfiles "$name2add"
[ $? -ne 0 ] && error "copying files"
# see ciphers(1), SSL_CTX_set_security_level(3)
apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL:@SECLEVEL=0' | wc -l
2018-07-17 00:41:21 +02:00
echo
echo "------------ all ok ------------"
echo
;;
*) echo " Sorry, don't know this architecture $(uname -m)"
exit 1
;;
esac