better platform support, revert to pure /bin/sh, better verbosity...

2025-10-31 22:05:26 +01:00 · 2017-05-12 17:21:45 +02:00
parent bed1f8cc0d
commit f70bc4e08f
1 changed files with 81 additions and 56 deletions
--- a/utils/make-openssl.sh
+++ b/utils/make-openssl.sh
@@ -1,13 +1,16 @@
-#!/bin/bash
-
+#!/bin/sh
+#
 # License GPLv2, see ../LICENSE
+#
+# instructions @ https://github.com/drwetter/testssl.sh/tree/2.9dev/bin

-echo 
+
+echo
 echo "###################################################################"
 echo "#######      Build script for Peter Mosmans openssl         #######"
 echo "####### which contains all broken and all advanced features #######"
 echo "###################################################################"
-echo 
+echo
 sleep 3

 STDOPTIONS="--prefix=/usr/ --openssldir=/etc/ssl -DOPENSSL_USE_BUILD_DATE enable-zlib \
@@ -15,63 +18,76 @@ enable-ssl2 enable-ssl3 enable-ssl-trace enable-rc5 enable-rc2 \
 enable-gost enable-cms enable-md2 enable-mdc2 enable-ec enable-ec2m enable-ecdh enable-ecdsa \
 enable-seed enable-camellia enable-idea enable-rfc3779 experimental-jpake"

-clean() {
-	case $NOCLEAN in 
-		yes|Y|YES) ;;
-		*) make clean ;;
-	esac
-	#[ $? -ne 0 ] && error "no openssl directory"
-	return 0
-}

 error() {
-	tput bold
-	echo "### ERROR $1 ###"
-	tput sgr0
-	exit 2
+     tput bold
+     echo "### ERROR $1 ###"
+     tput sgr0
+     exit 2
+}
+
+clean() {
+     case $NOCLEAN in
+          yes|Y|YES) ;;
+          *) make clean
+     	[ $? -ne 0 ] && error "no openssl directory"
+		;;
+     esac
+     return 0
 }

 makeall() {
-	make depend || error "depend"
-	make || error "making"
-	make report || error "testing/make report"
-	#FIXME: we need another error handler, as of now a failure doesn't mean a return status of 1
-	# see https://github.com/openssl/openssl/pull/336
-	return 0
+     make depend || error "depend"
+     make || error "making"
+     make report || error "testing/make report"
+     #FIXME: we need another error handler, as of now a failure doesn't mean a return status of != 0
+     # see https://github.com/openssl/openssl/pull/336
+     return 0
 }

 copyfiles() {
-	echo; apps/openssl version -a; echo
-	if grep static <<< "$1"; then
-		cp -p apps/openssl ../openssl.$(uname).$(uname -m)
-	else
-		cp -p apps/openssl ../openssl.$(uname).$(uname -m).krb5
-	fi
-	return $?
+     local ret
+     local target=../openssl.$(uname).$(uname -m).$1
+
+     echo; apps/openssl version -a; echo
+     if [ -e "$target" ]; then
+		case $(uname) in
+          	*BSD|*Darwin)
+               	mv $target $target-$(stat -f "%Sm" -t "%Y-%m-%d %H:%M" "$target" | sed -e 's/ .*$//' -e 's/-//g')
+				;;
+			*) mv $target $target-$(stat -c %y $target | awk '{ print $1 }' | sed -e 's/ .*$//' -e 's/-//g') ;;
+		esac
+     fi
+     cp -pf apps/openssl ../openssl.$(uname).$(uname -m).$1
+     ret=$?
+     echo
+     ls -l apps/openssl ../openssl.$(uname).$(uname -m).$1
+     return $ret
 }

 testv6_patch() {
-	if grep -q 'ending bracket for IPv6' apps/s_socket.c; then
-		STDOPTIONS="$STDOPTIONS -DOPENSSL_USE_IPV6"
-	else
-		echo 
-		echo "no IPv6 patch (Fedora) detected!!  -- Press ^C and dl & apply from"
-		echo "https://github.com/drwetter/testssl.sh/blob/master/bin/fedora-dirk-ipv6.diff"
-		echo "or press any key to ignore"
+     if grep -q 'ending bracket for IPv6' apps/s_socket.c; then
+          STDOPTIONS="$STDOPTIONS -DOPENSSL_USE_IPV6"
+          echo "detected IPv6 patch thus compiling in IPv6 support"
 		echo
-		read a
-	fi
+     else
+          echo
+          echo "no IPv6 patch (Fedora) detected!!  -- Press ^C and dl & apply from"
+          echo "https://github.com/drwetter/testssl.sh/blob/master/bin/fedora-dirk-ipv6.diff"
+          echo "or press any key to ignore"
+          echo
+          read a
+     fi
 }


 testv6_patch

-
 case $(uname) in
-	Linux|FreeBSD)
+     Linux|FreeBSD)
 		case $(uname -m) in
-			"i686") clean 
-				if [[ "$1" = krb ]]; then
+         		i686|armv7l) clean
+				if [ "$1" == krb ]; then
 					name2add=krb
 					./config $STDOPTIONS no-ec_nistp_64_gcc_128 --with-krb5-flavor=MIT
 				else
@@ -81,13 +97,13 @@ case $(uname) in
 				[ $? -ne 0 ] && error "configuring"
 				makeall && copyfiles "$name2add"
 				[ $? -ne 0 ] && error "copying files"
-				apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l
+				echo "\n(w/o 4 GOST ciphers): $(apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l)"
 				echo
 				echo "------------ all ok ------------"
-				echo 
+				echo
 				;;
-			"x86_64") clean
-				if [[ "$1" = krb ]]; then
+			x86_64|amd64) clean
+               	if [ "$1" = krb ]; then
 					name2add=krb
 					./config $STDOPTIONS enable-ec_nistp_64_gcc_128 --with-krb5-flavor=MIT
 				else
@@ -97,22 +113,31 @@ case $(uname) in
 				[ $? -ne 0 ] && error "configuring"
 				makeall && copyfiles "$name2add"
 				[ $? -ne 0 ] && error "copying files"
-				apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l
+				echo "\n(w/o 4 GOST ciphers): $(apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l)"
 				echo
 				echo "------------ all ok ------------"
-				echo 
+				echo
 				;;
-			*)	echo " Sorry, don't know this architecture $(uname -m)" 
-				exit 1
+			*) echo " Sorry, don't know this architecture $(uname -m)"
+               	exit 1
+               	;;
+         esac
+         ;;
+     Darwin)
+		case $(uname -m) in
+			x86_64) clean
+				echo "FIXME"
+          		;;
+			i386) clean
+				echo "FIXME"
 				;;
 		esac
 		;;
-	Darwin)
-
-		;;
+	*) echo " Sorry, don't know this OS $(uname)"
+	;;
 esac
-		

-#  vim:tw=90:ts=5:sw=5
-#  $Id: make-openssl.sh,v 1.14 2015/07/20 19:40:54 dirkw Exp $ 
+
+#  vim:ts=5:sw=5
+#  $Id: make-openssl.sh,v 1.18 2017/05/12 15:03:00 dirkw Exp $