Skip to content

Commit

Permalink
Merge branch 'master' into openssl-1.0.2i
Browse files Browse the repository at this point in the history
  • Loading branch information
x2on authored Sep 22, 2016
2 parents 80ab1cc + cfedc3a commit 74f5df8
Showing 1 changed file with 75 additions and 24 deletions.
99 changes: 75 additions & 24 deletions build-libssl.sh
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@ echo_help()
echo " --archs=\"ARCH ARCH ...\" Space-separated list of architectures to build"
echo " Options: x86_64 i386 arm64 armv7s armv7 tv_x86_64 tv_arm64"
echo " Note: The framework will contain include files from the architecture listed first"
echo " --branch=BRANCH Select OpenSSL branch to build. The script will determine and download the latest release for that branch"
echo " Note: This script does not yet work with OpenSSL 1.1.0"
echo " --cleanup Clean up build directories (bin, include/openssl, lib, src) before starting build"
echo " --ec-nistp-64-gcc-128 Enable config option enable-ec_nistp_64_gcc_128 for 64 bit builds"
echo " -h, --help Print help (this message)"
Expand Down Expand Up @@ -95,6 +97,7 @@ check_status()

# Init optional command line vars
ARCHS=""
BRANCH=""
CLEANUP=""
CONFIG_ENABLE_EC_NISTP_64_GCC_128=""
IOS_SDKVERSION=""
Expand All @@ -111,6 +114,10 @@ case $i in
ARCHS="${i#*=}"
shift
;;
--branch=*)
BRANCH="${i#*=}"
shift
;;
--cleanup)
CLEANUP="true"
;;
Expand Down Expand Up @@ -149,16 +156,51 @@ case $i in
esac
done

# Preprocess/validate OpenSSL version
if [ -n "${VERSION}" ]; then
# Don't mix version and branch
if [[ -n "${VERSION}" && -n "${BRANCH}" ]]; then
echo "Either select a branch (the script will determine and build the latest version) or select a specific version, but not both."
exit 1

# Specific version: Verify version number format. Expected: dot notation
elif [[ -n "${VERSION}" && ! "${VERSION}" =~ ^[0-9]+\.[0-9]+\.[0-9]+[a-z]*$ ]]; then
echo "Unknown version number format. Examples: 1.0.2, 1.0.2h"
exit 1

# Specific branch
elif [ -n "${BRANCH}" ]; then
# Verify version number format. Expected: dot notation
if [[ ! "${VERSION}" =~ ^[0-9]+\.[0-9]+\.[0-9]+[a-z]*$ ]]; then
echo "Unknown version number format. Examples: 1.0.2, 1.0.2h"
if [[ ! "${BRANCH}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Unknown branch version number format. Examples: 1.0.2, 1.0.1"
exit 1

# Valid version number, determine latest version
else
echo "Checking latest version of ${BRANCH} branch on GitHub..."
# Request all git tags for the openssl repostory, get all tags that match the current branch version (with an optional alphabetic suffix), remove everything except the version number, sort the list and get the last item
GITHUB_VERSION=$(curl -Ls https://api.github.com/repos/openssl/openssl/git/refs/tags | grep -Eo "\"ref\": \"refs/tags/OpenSSL_${BRANCH//./_}[a-z]*\"" | sed -E 's|^.*"refs/tags/OpenSSL_([^"]+)".*$|\1|g' | sort | tail -1)

# Verify result
if [ -z "${GITHUB_VERSION}" ]; then
echo "Could not determine latest version, please check https://github.com/openssl/openssl/releases and use --version option"
exit 1
fi

VERSION="${GITHUB_VERSION//_/.}"

# Check whether download exists
# -I = HEAD, -L follow Location header, -f fail silently for 4xx errors and return status 22, -s silent
curl ${CURL_OPTIONS} -ILfs "https://github.com/openssl/openssl/archive/OpenSSL_${GITHUB_VERSION}.tar.gz" > /dev/null

# Check for success status
if [ $? -ne 0 ]; then
echo "Script determined latest version ${VERSION}, but the download archive does not seem to be available."
echo "Please check https://github.com/openssl/openssl/releases and use --version option"
exit 1
fi
fi

# Default OpenSSL version
else
# Script default
elif [ -z "${VERSION}" ]; then
VERSION="${DEFAULTVERSION}"
fi

Expand Down Expand Up @@ -226,34 +268,43 @@ fi
echo " Script directory and build location: ${CURRENTPATH}"
echo

# -e Abort script at first error, when a command exits with non-zero status (except in until or while loops, if-tests, list constructs)
# -o pipefail Causes a pipeline to return the exit status of the last command in the pipe that returned a non-zero return value
set -eo pipefail

# Download OpenSSL when not present
OPENSSL_ARCHIVE_BASE_NAME=OpenSSL_${GITHUB_VERSION}
OPENSSL_ARCHIVE_FILE_NAME=${OPENSSL_ARCHIVE_BASE_NAME}.tar.gz
if [ ! -e ${OPENSSL_ARCHIVE_FILE_NAME} ]; then
echo "Downloading ${OPENSSL_ARCHIVE_FILE_NAME}..."
curl ${CURL_OPTIONS} -L -O https://github.com/openssl/openssl/archive/${OPENSSL_ARCHIVE_FILE_NAME}
OPENSSL_ARCHIVE_URL="https://github.com/openssl/openssl/archive/${OPENSSL_ARCHIVE_FILE_NAME}"
# -L follow Location header, -f fail silently for 4xx errors and return status 22, -O Use server-specified filename for download
curl ${CURL_OPTIONS} -LfO "${OPENSSL_ARCHIVE_URL}"

# Check for success status
if [ $? -ne 0 ]; then
echo "An error occured when trying to download OpenSSL ${VERSION} from ${OPENSSL_ARCHIVE_URL}."
echo "Please check cURL's error message and/or your network connection."
exit 1
fi
else
echo "Using ${OPENSSL_ARCHIVE_FILE_NAME}"
fi

# -e Abort script at first error, when a command exits with non-zero status (except in until or while loops, if-tests, list constructs)
# -o pipefail Causes a pipeline to return the exit status of the last command in the pipe that returned a non-zero return value
set -eo pipefail

# Clean up target directories if requested and present
if [ "${CLEANUP}" == "true" ]; then
if [ -d "${CURRENTPATH}/bin" ]; then
rm -r "${CURRENTPATH}/bin"
fi
if [ -d "${CURRENTPATH}/include/openssl" ]; then
rm -r "${CURRENTPATH}/include/openssl"
fi
if [ -d "${CURRENTPATH}/lib" ]; then
rm -r "${CURRENTPATH}/lib"
fi
if [ -d "${CURRENTPATH}/src" ]; then
rm -r "${CURRENTPATH}/src"
fi
if [ -d "${CURRENTPATH}/bin" ]; then
rm -r "${CURRENTPATH}/bin"
fi
if [ -d "${CURRENTPATH}/include/openssl" ]; then
rm -r "${CURRENTPATH}/include/openssl"
fi
if [ -d "${CURRENTPATH}/lib" ]; then
rm -r "${CURRENTPATH}/lib"
fi
if [ -d "${CURRENTPATH}/src" ]; then
rm -r "${CURRENTPATH}/src"
fi
fi

# (Re-)create target directories
Expand Down Expand Up @@ -353,7 +404,7 @@ do
else
(./Configure ${LOCAL_CONFIG_OPTIONS} > "${LOG}" 2>&1) & spinner
fi

# Check for error status
check_status $? "Configure"

Expand Down

0 comments on commit 74f5df8

Please sign in to comment.