File: build-ssl.sh

package info (click to toggle)
haproxy 2.2.9-2%2Bdeb11u6
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 16,012 kB
  • sloc: ansic: 166,229; javascript: 2,442; sh: 1,782; xml: 1,754; makefile: 1,068; python: 1,048; perl: 168
file content (116 lines) | stat: -rwxr-xr-x 2,981 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
 
#!/bin/sh
set -eux

download_openssl () {
    if [ ! -f "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ]; then

#
# OpenSSL has different links for latest and previous releases
# since we want to download several versions, let us try to treat
# current version as latest, if it fails, follow with previous
#

	wget -P download-cache/ \
	    "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" || \
        wget -P download-cache/ \
            "https://www.openssl.org/source/old/${OPENSSL_VERSION%[a-z]}/openssl-${OPENSSL_VERSION}.tar.gz"
    fi
}

build_openssl_linux () {
    (
        cd "openssl-${OPENSSL_VERSION}/"
        ./config shared --prefix="${HOME}/opt" --openssldir="${HOME}/opt" -DPURIFY
        make all install_sw
    )
}

build_openssl_osx () {
    (
        cd "openssl-${OPENSSL_VERSION}/"
        ./Configure darwin64-x86_64-cc shared \
            --prefix="${HOME}/opt" --openssldir="${HOME}/opt" -DPURIFY
        make depend all install_sw
    )
}

build_openssl () {
    if [ "$(cat ${HOME}/opt/.openssl-version)" != "${OPENSSL_VERSION}" ]; then
        tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz"
	case `uname` in
		'Darwin')
			build_openssl_osx
			;;
		'Linux')
			build_openssl_linux
			;;
	esac
        echo "${OPENSSL_VERSION}" > "${HOME}/opt/.openssl-version"
    fi
}

download_libressl () {
    if [ ! -f "download-cache/libressl-${LIBRESSL_VERSION}.tar.gz" ]; then
        wget -P download-cache/ \
	    "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz"
    fi
}

build_libressl () {
    if [ "$(cat ${HOME}/opt/.libressl-version)" != "${LIBRESSL_VERSION}" ]; then
        tar zxf "download-cache/libressl-${LIBRESSL_VERSION}.tar.gz"
        (
           cd "libressl-${LIBRESSL_VERSION}/"
           ./configure --prefix="${HOME}/opt"
            make all install
        )
        echo "${LIBRESSL_VERSION}" > "${HOME}/opt/.libressl-version"
    fi
}

download_boringssl () {
    if [ ! -d "download-cache/boringssl" ]; then
        git clone --depth=1 https://boringssl.googlesource.com/boringssl download-cache/boringssl
    else
       (
        cd download-cache/boringssl
        git pull
       )
    fi
}

if [ ! -z ${LIBRESSL_VERSION+x} ]; then
	download_libressl
	build_libressl
fi

if [ ! -z ${OPENSSL_VERSION+x} ]; then
	download_openssl
	build_openssl
fi

if [ ! -z ${BORINGSSL+x} ]; then
	(

	# travis-ci comes with go-1.11, while boringssl requires go-1.13
	eval "$(curl -sL https://raw.githubusercontent.com/travis-ci/gimme/master/gimme | GIMME_GO_VERSION=1.13 bash)"

        download_boringssl
	cd download-cache/boringssl
        if [ -d build ]; then rm -rf build; fi
	mkdir build
	cd build
	cmake  -GNinja -DCMAKE_BUILD_TYPE=release -DBUILD_SHARED_LIBS=1 ..
	ninja

	rm -rf ${SSL_LIB} || exit 0
	rm -rf ${SSL_INC} || exit 0

	mkdir -p ${SSL_LIB}
	cp crypto/libcrypto.so ssl/libssl.so ${SSL_LIB}

	mkdir -p ${SSL_INC}
	cp -r ../include/* ${SSL_INC}
	)
fi