Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 05:45:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9bcede1a6c1d537fe934939da315a5289a6c3618
testssl.sh/utils/make-openssl111.sh
Peter Dave Hello 9e61b8ba13 Make vim modeline config consistent, cc #1901
2021-06-01 14:31:31 +08:00

99 lines
2.5 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
#
# vim:ts=5:sw=5:expandtab
#
# Script compiling OpenSSL 1.1.1 from GitHub. Not yet particular sophisticated.
# Just meant to provide a help to get the compile job done
echo
echo "#####################################################"
echo "####### Build script for openssl 1.1.1 #######"
echo "####### (contains some weak cryptography) #######"
echo "#####################################################"
echo
OPT11="enable-tls1_3 enable-ec_nistp_64_gcc_128 sctp enable-aria enable-asan enable-rc5 \
enable-ssl3 enable-ssl3-method enable-dynamic-engine enable-ssl-trace \
-DOPENSSL_TLS_SECURITY_LEVEL=0 "
STDOPTIONS="--prefix=/usr/ --openssldir=/etc/ssl -DOPENSSL_USE_BUILD_DATE enable-zlib \
enable-heartbeats enable-rc5 enable-md2 enable-ssl3 enable-weak-ssl-ciphers zlib no-shared \
enable-rc2 enable-gost enable-cms enable-mdc2 enable-ec enable-ec2m enable-ecdh enable-ecdsa \
enable-seed enable-camellia enable-idea enable-rfc3779"
grep OPENSSL_VERSION_TEXT include/openssl/opensslv.h | grep -q 1.1.1 && STDOPTIONS="$STDOPTIONS $OPT11"
clean() {
case $NOCLEAN in
yes|Y|YES) ;;
*) make clean ;;
esac
#[ $? -ne 0 ] && error "no openssl directory"
return 0
}
error() {
tput bold
echo "ERROR $1"
tput sgr0
exit 2
}
makeall() {
make depend && make -j2 # && make report
if [ $? -ne 0 ]; then
#FIXME: we need another error handler, as a failure doesn't mean here anymore a return status of 1
error "making"
return 1
fi
return 0
}
copyfiles() {
echo; apps/openssl version -a; echo
cp -p apps/openssl ../openssl.$(uname).$(uname -m).$1
echo
return $?
}
case $(uname -m) in
"i686") clean
if [[ "$1" = krb ]]; then
name2add=krb
./config $STDOPTIONS --with-krb5-flavor=MIT
else
name2add=static
#export CFLAGS='-fPIC'
./config $STDOPTIONS -static
fi
[ $? -ne 0 ] && error "configuring"
makeall && copyfiles "$name2add"
[ $? -ne 0 ] && error "copying files"
apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l
echo
echo "------------ all ok ------------"
echo
;;
"x86_64") clean
if [[ "$1" = krb ]]; then
name2add=krb
./config $STDOPTIONS --with-krb5-flavor=MIT
else
name2add=static
./config $STDOPTIONS -static
fi
[ $? -ne 0 ] && error "configuring"
makeall && copyfiles "$name2add"
[ $? -ne 0 ] && error "copying files"
# see ciphers(1), SSL_CTX_set_security_level(3)
apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL:@SECLEVEL=0' | wc -l
echo
echo "------------ all ok ------------"
echo
;;
*) echo " Sorry, don't know this architecture $(uname -m)"
exit 1
;;
esac
Reference in New Issue View Git Blame Copy Permalink