summaryrefslogtreecommitdiff
path: root/packaging/nacl/ports/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'packaging/nacl/ports/openssl')
-rw-r--r--packaging/nacl/ports/openssl/build.sh75
-rw-r--r--packaging/nacl/ports/openssl/nacl.patch61
-rw-r--r--packaging/nacl/ports/openssl/pkg_info7
3 files changed, 143 insertions, 0 deletions
diff --git a/packaging/nacl/ports/openssl/build.sh b/packaging/nacl/ports/openssl/build.sh
new file mode 100644
index 000000000..3e0d973de
--- /dev/null
+++ b/packaging/nacl/ports/openssl/build.sh
@@ -0,0 +1,75 @@
+#!/bin/bash
+# Copyright (c) 2012 The Native Client Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# The openssl build can fail when build with -jN.
+# TODO(sbc): Remove this if/when openssl is upgraded to a version that supports
+# parallel make.
+OS_JOBS=1
+BUILD_DIR=${SRC_DIR}
+INSTALL_TARGETS="install_sw INSTALL_PREFIX=${DESTDIR}"
+
+ConfigureStep() {
+ if [ "${NACL_SHARED}" = "1" ] ; then
+ local EXTRA_ARGS="shared"
+ else
+ local EXTRA_ARGS="no-dso"
+ fi
+
+ if [ "${NACL_LIBC}" = "newlib" ] ; then
+ EXTRA_ARGS+=" -I${NACLPORTS_INCLUDE}/glibc-compat"
+ # The default from MACHINE=i686 is linux-elf, which links things
+ # with -ldl. However, newlib does not have -ldl. In that case,
+ # make a fake machine where the build rule does not use -ldl.
+ local machine="le32newlib"
+ else
+ local machine="i686"
+ fi
+
+ MACHINE=${machine} CC=${NACLCC} AR=${NACLAR} RANLIB=${NACLRANLIB} \
+ LogExecute ./config \
+ --prefix=${PREFIX} no-asm no-hw no-krb5 ${EXTRA_ARGS} -D_GNU_SOURCE
+
+ HackStepForNewlib
+}
+
+
+HackStepForNewlib() {
+ if [ "${NACL_SHARED}" = "1" ]; then
+ git checkout apps/Makefile
+ git checkout test/Makefile
+ return
+ fi
+
+ # apps/Makefile links programs that require socket(), etc.
+ # Stub it out until we link against nacl_io or something.
+ echo "all clean install: " > apps/Makefile
+ # test/Makefile is similar -- stub out, but keep the original for testing.
+ git checkout test/Makefile
+ mv test/Makefile test/Makefile.orig
+ echo "all clean install: " > test/Makefile
+}
+
+
+BuildStep() {
+ LogExecute make clean
+ DefaultBuildStep
+}
+
+
+InstallStep() {
+ DefaultInstallStep
+ # openssl (for some reason) installs shared libraries with 555 (i.e.
+ # not writable. This causes issues when create_nmf copies the libraries
+ # and then tries to overwrite them later.
+ if [ "${NACL_SHARED}" = "1" ] ; then
+ LogExecute chmod 644 ${DESTDIR_LIB}/libssl.so.*
+ LogExecute chmod 644 ${DESTDIR_LIB}/libcrypto.so.*
+ fi
+}
+
+
+TestStep() {
+ return 0
+}
diff --git a/packaging/nacl/ports/openssl/nacl.patch b/packaging/nacl/ports/openssl/nacl.patch
new file mode 100644
index 000000000..46b257ca4
--- /dev/null
+++ b/packaging/nacl/ports/openssl/nacl.patch
@@ -0,0 +1,61 @@
+diff -Naur openssl-1.0.1e_old/config openssl-1.0.1e/config
+--- openssl-1.0.1e_old/config 2013-02-11 07:26:04.000000000 -0800
++++ openssl-1.0.1e/config 2013-10-23 13:04:35.247827139 -0700
+@@ -660,6 +660,7 @@
+ #fi
+ OUT="linux64-s390x"
+ ;;
++ le32newlib-*-linux?) OUT="linux-le32newlib" ;;
+ x86_64-*-linux?) OUT="linux-x86_64" ;;
+ *86-*-linux2) OUT="linux-elf"
+ if [ "$GCCVER" -gt 28 ]; then
+diff -Naur openssl-1.0.1e_old/Configure openssl-1.0.1e/Configure
+--- openssl-1.0.1e_old/Configure 2013-02-11 07:26:04.000000000 -0800
++++ openssl-1.0.1e/Configure 2013-10-23 15:18:50.833411949 -0700
+@@ -362,6 +362,11 @@
+ "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+ "linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
++
++#### NaCl Newlib version (much like linux-elf, which NaCl Glibc uses)
++#### Use linux-aout instead of linux-elf, since it's statically linked.
++"linux-le32newlib", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
++
+ #### So called "highgprs" target for z/Architecture CPUs
+ # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
+ # /proc/cpuinfo. The idea is to preserve most significant bits of
+diff -Naur openssl-1.0.1e_old/crypto/rand/rand_unix.c openssl-1.0.1e/crypto/rand/rand_unix.c
+--- openssl-1.0.1e_old/crypto/rand/rand_unix.c 2013-02-11 07:26:04.000000000 -0800
++++ openssl-1.0.1e/crypto/rand/rand_unix.c 2013-10-23 13:00:36.981427165 -0700
+@@ -133,7 +133,30 @@
+ # define FD_SETSIZE (8*sizeof(fd_set))
+ #endif
+
+-#if defined(OPENSSL_SYS_VOS)
++#if defined(__native_client__)
++#include <stdlib.h>
++#include <irt.h>
++/* TODO(sehr): remove this patch when nacl_io can handle /dev/urandom. */
++int RAND_poll(void)
++{
++ unsigned char buf[ENTROPY_NEEDED];
++ size_t n = 0;
++ struct nacl_irt_random rand_intf;
++ if (nacl_interface_query(NACL_IRT_RANDOM_v0_1, &rand_intf, sizeof(rand_intf))
++ != sizeof(rand_intf))
++ abort();
++ while (n < sizeof(buf)) {
++ size_t nread;
++ if (rand_intf.get_random_bytes((unsigned char *)buf+n,
++ ENTROPY_NEEDED-n, &nread) != 0)
++ abort();
++ n += nread;
++ }
++ RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
++ memset(buf, 0, sizeof(buf));
++ return 1;
++}
++#elif defined(OPENSSL_SYS_VOS)
+
+ /* The following algorithm repeatedly samples the real-time clock
+ (RTC) to generate a sequence of unpredictable data. The algorithm
diff --git a/packaging/nacl/ports/openssl/pkg_info b/packaging/nacl/ports/openssl/pkg_info
new file mode 100644
index 000000000..b76b8a2ca
--- /dev/null
+++ b/packaging/nacl/ports/openssl/pkg_info
@@ -0,0 +1,7 @@
+NAME=openssl
+VERSION=1.0.1g
+URL=http://www.openssl.org/source/openssl-1.0.1g.tar.gz
+LICENSE=CUSTOM:LICENSE
+BUILD_OS=linux
+DEPENDS=(glibc-compat)
+SHA1=b28b3bcb1dc3ee7b55024c9f795be60eb3183e3c