diff options
Diffstat (limited to 'packaging/nacl/ports/openssl')
-rw-r--r-- | packaging/nacl/ports/openssl/build.sh | 75 | ||||
-rw-r--r-- | packaging/nacl/ports/openssl/nacl.patch | 61 | ||||
-rw-r--r-- | packaging/nacl/ports/openssl/pkg_info | 7 |
3 files changed, 143 insertions, 0 deletions
diff --git a/packaging/nacl/ports/openssl/build.sh b/packaging/nacl/ports/openssl/build.sh new file mode 100644 index 000000000..3e0d973de --- /dev/null +++ b/packaging/nacl/ports/openssl/build.sh @@ -0,0 +1,75 @@ +#!/bin/bash +# Copyright (c) 2012 The Native Client Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# The openssl build can fail when build with -jN. +# TODO(sbc): Remove this if/when openssl is upgraded to a version that supports +# parallel make. +OS_JOBS=1 +BUILD_DIR=${SRC_DIR} +INSTALL_TARGETS="install_sw INSTALL_PREFIX=${DESTDIR}" + +ConfigureStep() { + if [ "${NACL_SHARED}" = "1" ] ; then + local EXTRA_ARGS="shared" + else + local EXTRA_ARGS="no-dso" + fi + + if [ "${NACL_LIBC}" = "newlib" ] ; then + EXTRA_ARGS+=" -I${NACLPORTS_INCLUDE}/glibc-compat" + # The default from MACHINE=i686 is linux-elf, which links things + # with -ldl. However, newlib does not have -ldl. In that case, + # make a fake machine where the build rule does not use -ldl. + local machine="le32newlib" + else + local machine="i686" + fi + + MACHINE=${machine} CC=${NACLCC} AR=${NACLAR} RANLIB=${NACLRANLIB} \ + LogExecute ./config \ + --prefix=${PREFIX} no-asm no-hw no-krb5 ${EXTRA_ARGS} -D_GNU_SOURCE + + HackStepForNewlib +} + + +HackStepForNewlib() { + if [ "${NACL_SHARED}" = "1" ]; then + git checkout apps/Makefile + git checkout test/Makefile + return + fi + + # apps/Makefile links programs that require socket(), etc. + # Stub it out until we link against nacl_io or something. + echo "all clean install: " > apps/Makefile + # test/Makefile is similar -- stub out, but keep the original for testing. + git checkout test/Makefile + mv test/Makefile test/Makefile.orig + echo "all clean install: " > test/Makefile +} + + +BuildStep() { + LogExecute make clean + DefaultBuildStep +} + + +InstallStep() { + DefaultInstallStep + # openssl (for some reason) installs shared libraries with 555 (i.e. + # not writable. This causes issues when create_nmf copies the libraries + # and then tries to overwrite them later. + if [ "${NACL_SHARED}" = "1" ] ; then + LogExecute chmod 644 ${DESTDIR_LIB}/libssl.so.* + LogExecute chmod 644 ${DESTDIR_LIB}/libcrypto.so.* + fi +} + + +TestStep() { + return 0 +} diff --git a/packaging/nacl/ports/openssl/nacl.patch b/packaging/nacl/ports/openssl/nacl.patch new file mode 100644 index 000000000..46b257ca4 --- /dev/null +++ b/packaging/nacl/ports/openssl/nacl.patch @@ -0,0 +1,61 @@ +diff -Naur openssl-1.0.1e_old/config openssl-1.0.1e/config +--- openssl-1.0.1e_old/config 2013-02-11 07:26:04.000000000 -0800 ++++ openssl-1.0.1e/config 2013-10-23 13:04:35.247827139 -0700 +@@ -660,6 +660,7 @@ + #fi + OUT="linux64-s390x" + ;; ++ le32newlib-*-linux?) OUT="linux-le32newlib" ;; + x86_64-*-linux?) OUT="linux-x86_64" ;; + *86-*-linux2) OUT="linux-elf" + if [ "$GCCVER" -gt 28 ]; then +diff -Naur openssl-1.0.1e_old/Configure openssl-1.0.1e/Configure +--- openssl-1.0.1e_old/Configure 2013-02-11 07:26:04.000000000 -0800 ++++ openssl-1.0.1e/Configure 2013-10-23 15:18:50.833411949 -0700 +@@ -362,6 +362,11 @@ + "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", + "linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", ++ ++#### NaCl Newlib version (much like linux-elf, which NaCl Glibc uses) ++#### Use linux-aout instead of linux-elf, since it's statically linked. ++"linux-le32newlib", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out", ++ + #### So called "highgprs" target for z/Architecture CPUs + # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see + # /proc/cpuinfo. The idea is to preserve most significant bits of +diff -Naur openssl-1.0.1e_old/crypto/rand/rand_unix.c openssl-1.0.1e/crypto/rand/rand_unix.c +--- openssl-1.0.1e_old/crypto/rand/rand_unix.c 2013-02-11 07:26:04.000000000 -0800 ++++ openssl-1.0.1e/crypto/rand/rand_unix.c 2013-10-23 13:00:36.981427165 -0700 +@@ -133,7 +133,30 @@ + # define FD_SETSIZE (8*sizeof(fd_set)) + #endif + +-#if defined(OPENSSL_SYS_VOS) ++#if defined(__native_client__) ++#include <stdlib.h> ++#include <irt.h> ++/* TODO(sehr): remove this patch when nacl_io can handle /dev/urandom. */ ++int RAND_poll(void) ++{ ++ unsigned char buf[ENTROPY_NEEDED]; ++ size_t n = 0; ++ struct nacl_irt_random rand_intf; ++ if (nacl_interface_query(NACL_IRT_RANDOM_v0_1, &rand_intf, sizeof(rand_intf)) ++ != sizeof(rand_intf)) ++ abort(); ++ while (n < sizeof(buf)) { ++ size_t nread; ++ if (rand_intf.get_random_bytes((unsigned char *)buf+n, ++ ENTROPY_NEEDED-n, &nread) != 0) ++ abort(); ++ n += nread; ++ } ++ RAND_add(buf, sizeof(buf), ENTROPY_NEEDED); ++ memset(buf, 0, sizeof(buf)); ++ return 1; ++} ++#elif defined(OPENSSL_SYS_VOS) + + /* The following algorithm repeatedly samples the real-time clock + (RTC) to generate a sequence of unpredictable data. The algorithm diff --git a/packaging/nacl/ports/openssl/pkg_info b/packaging/nacl/ports/openssl/pkg_info new file mode 100644 index 000000000..b76b8a2ca --- /dev/null +++ b/packaging/nacl/ports/openssl/pkg_info @@ -0,0 +1,7 @@ +NAME=openssl +VERSION=1.0.1g +URL=http://www.openssl.org/source/openssl-1.0.1g.tar.gz +LICENSE=CUSTOM:LICENSE +BUILD_OS=linux +DEPENDS=(glibc-compat) +SHA1=b28b3bcb1dc3ee7b55024c9f795be60eb3183e3c |