+#
+# Copyright (C) 2006-2010 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
include $(TOPDIR)/rules.mk
-PKG_NAME := openssl
-PKG_VERSION := 0.9.7e
-PKG_RELEASE := 1
+PKG_NAME:=openssl
+PKG_VERSION:=0.9.8m
+PKG_RELEASE:=2
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://www.openssl.org/source/ \
+ ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \
+ ftp://ftp.webmonster.de/pub/openssl/source/ \
+ ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
+PKG_MD5SUM:=898bf125370926d5f692a2201124f8ec
+
+PKG_BUILD_DEPENDS:=ocf-crypto-headers
+PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/openssl/Default
+ TITLE:=Open source SSL toolkit
+ URL:=http://www.openssl.org/
+endef
+
+define Package/libopenssl/config
+source "$(SOURCE)/Config.in"
+endef
+
+define Package/openssl/Default/description
+The OpenSSL Project is a collaborative effort to develop a robust,
+commercial-grade, full-featured, and Open Source toolkit implementing the Secure
+Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well
+as a full-strength general purpose cryptography library.
+endef
+
+define Package/libopenssl
+$(call Package/openssl/Default)
+ SECTION:=libs
+ SUBMENU:=SSL
+ CATEGORY:=Libraries
+ DEPENDS:=+zlib
+ TITLE+= (libraries)
+endef
+
+define Package/libopenssl/description
+$(call Package/openssl/Default/description)
+This package contains the OpenSSL shared libraries, needed by other programs.
+endef
-PKG_SOURCE_SITE := http://www.openssl.org/source
-PKG_SOURCE_FILE := $(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_CAT := zcat
-PKG_SOURCE_DIR := $(PKG_NAME)-$(PKG_VERSION)
-PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_SOURCE_DIR)
-PKG_IPK := $(PACKAGE_DIR)/$(PKG_NAME)_$(PKG_VERSION)-$(PKG_RELEASE)_$(ARCH).ipk
+define Package/openssl-util
+ $(call Package/openssl/Default)
+ SECTION:=utils
+ CATEGORY:=Utilities
+ DEPENDS:=+libopenssl
+ TITLE+= (utility)
+endef
-OPENSSL_NO_CIPHERS:=no-idea no-mdc2 no-rc5 no-rc2 no-md2 no-md4
+define Package/openssl-util/conffiles
+/etc/ssl/openssl.cnf
+endef
-$(DL_DIR)/$(PKG_SOURCE_FILE):
- mkdir -p $(DL_DIR)
- $(WGET) -P $(DL_DIR) $(PKG_SOURCE_SITE)/$(PKG_SOURCE_FILE)
+define Package/openssl-util/description
+$(call Package/openssl/Default/description)
+This package contains the OpenSSL command-line utility.
+endef
-$(PKG_BUILD_DIR)/.patched: $(DL_DIR)/$(PKG_SOURCE_FILE)
- mkdir -p $(TOOL_BUILD_DIR)
- $(PKG_SOURCE_CAT) $(DL_DIR)/$(PKG_SOURCE_FILE) | tar -C $(BUILD_DIR) $(TAR_OPTIONS) -
- $(PATCH) $(PKG_BUILD_DIR) ./patches
- $(SED) 's,/CFLAG=,/CFLAG= $(TARGET_SOFT_FLOAT) ,g' \
- $(PKG_BUILD_DIR)/Configure
- touch $(PKG_BUILD_DIR)/.patched
-$(PKG_BUILD_DIR)/.configured: $(PKG_BUILD_DIR)/.patched
+OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-smime \
+ no-rmd160 no-aes192 no-ripemd no-camellia no-ans1 no-krb5
+OPENSSL_OPTIONS:= shared no-ec no-err no-hw no-threads zlib-dynamic no-sse2
+
+ifdef CONFIG_OPENSSL_ENGINE
+ OPENSSL_OPTIONS += --with-cryptodev
+else
+ OPENSSL_OPTIONS += no-engines
+endif
+
+OPENSSL_OPTIONS += no-perlasm
+
+define Build/Configure
(cd $(PKG_BUILD_DIR); \
- CFLAGS="-DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5" \
- PATH=$(TARGET_PATH) ./Configure linux-$(ARCH) --prefix=/ \
- --openssldir=/usr/lib/ssl -L$(STAGING_DIR)/lib -ldl \
- -I$(STAGING_DIR)/include $(OPENSSL_NO_CIPHERS) \
- shared no-krb5 no-ec no-engine zlib-dynamic no-hw no-threads )
- touch $(PKG_BUILD_DIR)/.configured
-
-$(PKG_BUILD_DIR)/apps/openssl: $(PKG_BUILD_DIR)/.configured
- $(MAKE) CC=$(TARGET_CC) -C $(PKG_BUILD_DIR) all build-shared
+ ./Configure linux-openwrt \
+ --prefix=/usr \
+ --openssldir=/etc/ssl \
+ $(TARGET_CPPFLAGS) \
+ $(TARGET_LDFLAGS) -ldl \
+ -DOPENSSL_SMALL_FOOTPRINT \
+ $(OPENSSL_NO_CIPHERS) \
+ $(OPENSSL_OPTIONS) \
+ )
+endef
+
+TARGET_CFLAGS += $(FPIC)
+
+define Build/Compile
+ # XXX: OpenSSL "make depend" will look for installed headers before its own,
+ # so remove installed stuff first
+ -$(SUBMAKE) -j1 clean-staging
+ $(MAKE) -C $(PKG_BUILD_DIR) \
+ MAKEDEPPROG="$(TARGET_CROSS)gcc" \
+ OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
+ $(OPENSSL_MAKEFLAGS) \
+ depend
+ $(_SINGLE)$(MAKE) -C $(PKG_BUILD_DIR) \
+ CC="$(TARGET_CC)" \
+ AR="$(TARGET_CROSS)ar r" \
+ RANLIB="$(TARGET_CROSS)ranlib" \
+ OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
+ $(OPENSSL_MAKEFLAGS) \
+ all
+ $(MAKE) -C $(PKG_BUILD_DIR) \
+ CC="$(TARGET_CC)" \
+ AR="$(TARGET_CROSS)ar r" \
+ RANLIB="$(TARGET_CROSS)ranlib" \
+ OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
+ $(OPENSSL_MAKEFLAGS) \
+ build-shared
# Work around openssl build bug to link libssl.so with libcrypto.so.
-rm $(PKG_BUILD_DIR)/libssl.so.*.*.*
- $(MAKE) CC=$(TARGET_CC) -C $(PKG_BUILD_DIR) do_linux-shared
-
-$(STAGING_DIR)/lib/libssl.so: $(PKG_BUILD_DIR)/apps/openssl
- $(MAKE) CC=$(TARGET_CC) INSTALL_PREFIX=$(STAGING_DIR) -C $(PKG_BUILD_DIR) install_sw
- cp -fa $(PKG_BUILD_DIR)/libcrypto.so* $(STAGING_DIR)/lib/
- chmod a-x $(STAGING_DIR)/lib/libcrypto.so.0.9.7
- (cd $(STAGING_DIR)/lib; ln -fs libcrypto.so.0.9.7 libcrypto.so)
- (cd $(STAGING_DIR)/lib; ln -fs libcrypto.so.0.9.7 libcrypto.so.0)
- cp -fa $(PKG_BUILD_DIR)/libssl.so* $(STAGING_DIR)/lib/
- chmod a-x $(STAGING_DIR)/lib/libssl.so.0.9.7
- (cd $(STAGING_DIR)/lib; ln -fs libssl.so.0.9.7 libssl.so)
- (cd $(STAGING_DIR)/lib; ln -fs libssl.so.0.9.7 libssl.so.0)
-
-$(PKG_IPK): $(STAGING_DIR)/lib/libssl.so
- mkdir -p $(PACKAGE_DIR)
- $(SCRIPT_DIR)/make-ipkg-dir.sh $(PKG_BUILD_DIR)/ipkg/$(PKG_NAME) $(PKG_NAME).control $(PKG_VERSION)-$(PKG_RELEASE) $(ARCH)
- mkdir -p $(PKG_BUILD_DIR)/ipkg/$(PKG_NAME)/usr/lib
- cp -a $(STAGING_DIR)/lib/libssl.so* $(PKG_BUILD_DIR)/ipkg/$(PKG_NAME)/usr/lib
- cp -a $(STAGING_DIR)/lib/libcrypto.so* $(PKG_BUILD_DIR)/ipkg/$(PKG_NAME)/usr/lib
- $(STRIP) $(PKG_BUILD_DIR)/ipkg/$(PKG_NAME)/usr/lib/*
- $(IPKG_BUILD) $(PKG_BUILD_DIR)/ipkg/$(PKG_NAME) $(PACKAGE_DIR)
-
-$(IPKG_STATE_DIR)/info/openssl.list: $(PKG_IPK)
- $(IPKG) install $(PKG_IPK)
-
-source: $(DL_DIR)/$(PKG_SOURCE_FILE)
-prepare: $(PKG_BUILD_DIR)/.patched
-compile: $(STAGING_DIR)/lib/libssl.so $(PACKAGE_DIR)/$(PKG_IPK)
-install: $(PKG_ZLIB) $(IPKG_STATE_DIR)/info/openssl.list
-
-clean:
- rm -rf $(PKG_BUILD_DIR)
- rm -f $(STAGING_DIR)/lib/libssl*
- rm -f $(STAGING_DIR)/lib/libcrypto*
- rm -f $(PACKAGE_DIR)/$(PKG_NAME)\*.ipk
+ $(MAKE) -C $(PKG_BUILD_DIR) \
+ CC="$(TARGET_CC)" \
+ OPENWRT_OPTIMIZATION_FLAGS="$(TARGET_CFLAGS)" \
+ $(OPENSSL_MAKEFLAGS) \
+ do_linux-shared
+ $(MAKE) -C $(PKG_BUILD_DIR) \
+ INSTALL_PREFIX="$(PKG_INSTALL_DIR)" \
+ $(OPENSSL_MAKEFLAGS) \
+ install
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/openssl $(1)/usr/include/
+ $(INSTALL_DIR) $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{crypto,ssl}.{a,so*} $(1)/usr/lib/
+ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc $(1)/usr/lib/pkgconfig/
+ $(SED) 's#$(TARGET_LDFLAGS)##g' $(1)/usr/lib/pkgconfig/{openssl,libcrypto,libssl}.pc
+endef
+
+define Package/libopenssl/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcrypto.so.* $(1)/usr/lib/
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libssl.so.* $(1)/usr/lib/
+endef
+
+define Package/openssl-util/install
+ $(INSTALL_DIR) $(1)/etc/ssl
+ $(CP) $(PKG_INSTALL_DIR)/etc/ssl/openssl.cnf $(1)/etc/ssl/
+ $(INSTALL_DIR) $(1)/etc/ssl/certs
+ $(INSTALL_DIR) $(1)/etc/ssl/private
+ chmod 0700 $(1)/etc/ssl/private
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openssl $(1)/usr/bin/
+endef
+$(eval $(call BuildPackage,libopenssl))
+$(eval $(call BuildPackage,openssl-util))