From f70bc4e08feddf2e5000a1698e5cc166e7007039 Mon Sep 17 00:00:00 2001 From: Dirk Date: Fri, 12 May 2017 17:21:45 +0200 Subject: [PATCH] better platform support, revert to pure /bin/sh, better verbosity... --- utils/make-openssl.sh | 137 +++++++++++++++++++++++++----------------- 1 file changed, 81 insertions(+), 56 deletions(-) diff --git a/utils/make-openssl.sh b/utils/make-openssl.sh index 094e559..97df2b5 100755 --- a/utils/make-openssl.sh +++ b/utils/make-openssl.sh @@ -1,13 +1,16 @@ -#!/bin/bash - +#!/bin/sh +# # License GPLv2, see ../LICENSE +# +# instructions @ https://github.com/drwetter/testssl.sh/tree/2.9dev/bin -echo + +echo echo "###################################################################" echo "####### Build script for Peter Mosmans openssl #######" echo "####### which contains all broken and all advanced features #######" echo "###################################################################" -echo +echo sleep 3 STDOPTIONS="--prefix=/usr/ --openssldir=/etc/ssl -DOPENSSL_USE_BUILD_DATE enable-zlib \ @@ -15,63 +18,76 @@ enable-ssl2 enable-ssl3 enable-ssl-trace enable-rc5 enable-rc2 \ enable-gost enable-cms enable-md2 enable-mdc2 enable-ec enable-ec2m enable-ecdh enable-ecdsa \ enable-seed enable-camellia enable-idea enable-rfc3779 experimental-jpake" -clean() { - case $NOCLEAN in - yes|Y|YES) ;; - *) make clean ;; - esac - #[ $? -ne 0 ] && error "no openssl directory" - return 0 -} error() { - tput bold - echo "### ERROR $1 ###" - tput sgr0 - exit 2 + tput bold + echo "### ERROR $1 ###" + tput sgr0 + exit 2 +} + +clean() { + case $NOCLEAN in + yes|Y|YES) ;; + *) make clean + [ $? -ne 0 ] && error "no openssl directory" + ;; + esac + return 0 } makeall() { - make depend || error "depend" - make || error "making" - make report || error "testing/make report" - #FIXME: we need another error handler, as of now a failure doesn't mean a return status of 1 - # see https://github.com/openssl/openssl/pull/336 - return 0 + make depend || error "depend" + make || error "making" + make report || error "testing/make report" + #FIXME: we need another error handler, as of now a failure doesn't mean a return status of != 0 + # see https://github.com/openssl/openssl/pull/336 + return 0 } copyfiles() { - echo; apps/openssl version -a; echo - if grep static <<< "$1"; then - cp -p apps/openssl ../openssl.$(uname).$(uname -m) - else - cp -p apps/openssl ../openssl.$(uname).$(uname -m).krb5 - fi - return $? + local ret + local target=../openssl.$(uname).$(uname -m).$1 + + echo; apps/openssl version -a; echo + if [ -e "$target" ]; then + case $(uname) in + *BSD|*Darwin) + mv $target $target-$(stat -f "%Sm" -t "%Y-%m-%d %H:%M" "$target" | sed -e 's/ .*$//' -e 's/-//g') + ;; + *) mv $target $target-$(stat -c %y $target | awk '{ print $1 }' | sed -e 's/ .*$//' -e 's/-//g') ;; + esac + fi + cp -pf apps/openssl ../openssl.$(uname).$(uname -m).$1 + ret=$? + echo + ls -l apps/openssl ../openssl.$(uname).$(uname -m).$1 + return $ret } testv6_patch() { - if grep -q 'ending bracket for IPv6' apps/s_socket.c; then - STDOPTIONS="$STDOPTIONS -DOPENSSL_USE_IPV6" - else - echo - echo "no IPv6 patch (Fedora) detected!! -- Press ^C and dl & apply from" - echo "https://github.com/drwetter/testssl.sh/blob/master/bin/fedora-dirk-ipv6.diff" - echo "or press any key to ignore" + if grep -q 'ending bracket for IPv6' apps/s_socket.c; then + STDOPTIONS="$STDOPTIONS -DOPENSSL_USE_IPV6" + echo "detected IPv6 patch thus compiling in IPv6 support" echo - read a - fi + else + echo + echo "no IPv6 patch (Fedora) detected!! -- Press ^C and dl & apply from" + echo "https://github.com/drwetter/testssl.sh/blob/master/bin/fedora-dirk-ipv6.diff" + echo "or press any key to ignore" + echo + read a + fi } testv6_patch - case $(uname) in - Linux|FreeBSD) + Linux|FreeBSD) case $(uname -m) in - "i686") clean - if [[ "$1" = krb ]]; then + i686|armv7l) clean + if [ "$1" == krb ]; then name2add=krb ./config $STDOPTIONS no-ec_nistp_64_gcc_128 --with-krb5-flavor=MIT else @@ -81,13 +97,13 @@ case $(uname) in [ $? -ne 0 ] && error "configuring" makeall && copyfiles "$name2add" [ $? -ne 0 ] && error "copying files" - apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l + echo "\n(w/o 4 GOST ciphers): $(apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l)" echo echo "------------ all ok ------------" - echo + echo ;; - "x86_64") clean - if [[ "$1" = krb ]]; then + x86_64|amd64) clean + if [ "$1" = krb ]; then name2add=krb ./config $STDOPTIONS enable-ec_nistp_64_gcc_128 --with-krb5-flavor=MIT else @@ -97,22 +113,31 @@ case $(uname) in [ $? -ne 0 ] && error "configuring" makeall && copyfiles "$name2add" [ $? -ne 0 ] && error "copying files" - apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l + echo "\n(w/o 4 GOST ciphers): $(apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l)" echo echo "------------ all ok ------------" - echo + echo ;; - *) echo " Sorry, don't know this architecture $(uname -m)" - exit 1 + *) echo " Sorry, don't know this architecture $(uname -m)" + exit 1 + ;; + esac + ;; + Darwin) + case $(uname -m) in + x86_64) clean + echo "FIXME" + ;; + i386) clean + echo "FIXME" ;; esac ;; - Darwin) - - ;; + *) echo " Sorry, don't know this OS $(uname)" + ;; esac - -# vim:tw=90:ts=5:sw=5 -# $Id: make-openssl.sh,v 1.14 2015/07/20 19:40:54 dirkw Exp $ + +# vim:ts=5:sw=5 +# $Id: make-openssl.sh,v 1.18 2017/05/12 15:03:00 dirkw Exp $