1 # Created by: Dirk Froemberg <dirk@FreeBSD.org>
8 CATEGORIES= security devel
9 MASTER_SITES= http://www.openssl.org/%SUBDIR%/ \
10 ftp://ftp.openssl.org/%SUBDIR%/ \
11 ftp://ftp.cert.dfn.de/pub/tools/net/openssl/%SUBDIR%/
12 MASTER_SITE_SUBDIR= source
13 DIST_SUBDIR= ${DISTNAME}
15 MAINTAINER= dinoex@FreeBSD.org
16 COMMENT= SSL and crypto library
19 .error You have `USE_OPENSSL' variable defined either in environment or in make(1) arguments. Please undefine and try again.
22 CONFLICTS?= libressl-*
24 OPTIONS_DEFINE= SHARED THREADS I386 SSE2 ASM PADLOCK ZLIB GMP SCTP SSL2 SSL3 RFC3779 MD2 RC5 EXPCIPHERS DOCS
25 OPTIONS_DEFAULT=SHARED THREADS SSE2 SCTP SSL2 SSL3 MD2
27 OPTIONS_DEFINE_${a}= EC
28 OPTIONS_DEFAULT_${a}= EC
30 TARGET_ARCH?= ${MACHINE_ARCH}
31 .if ${TARGET_ARCH} == "mips64el"
32 OPTIONS_DEFINE_mips= EC
33 OPTIONS_DEFAULT_mips= EC
37 I386_DESC?= Optimize for i386 (instead of i486+)
38 SSE2_DESC?= runtime SSE2 detection
39 ASM_DESC?= optimized Assembler code
40 PADLOCK_DESC?= VIA Padlock support
41 SHARED_DESC?= build of shared libs
42 ZLIB_DESC?= zlib compression support
43 GMP_DESC?= gmp support (LGPLv3)
44 SCTP_DESC?= SCTP protocol support
45 SSL2_DESC?= SSLv2 protocol support
46 SSL3_DESC?= SSLv3 protocol support
47 RFC3779_DESC?= RFC3779 support (BGP)
48 MD2_DESC?= MD2 hash (obsolete)
49 RC5_DESC?= RC5 cipher (patented)
50 EXPCIPHERS_DESC?= Include experimental ciphers
51 EC_DESC?= Optimize NIST elliptic curves
53 GMP_LIB_DEPENDS= libgmp.so:${PORTSDIR}/math/gmp
56 NOPRECIOUSMAKEVARS= Too many _MLINKS for fetch
57 NOPRECIOUSSOFTMAKEVARS= Too many _MLINKS for fetch
61 MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive
62 MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS=
63 SUB_FILES= pkg-message
65 CPE_VERSION= ${PORTVERSION}${DISTVERSIONSUFFIX}
67 .include <bsd.port.pre.mk>
70 IGNORE= OpenSSL can not be installed over the base version
73 OPENSSLDIR?= ${PREFIX}/openssl
74 PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^${PREFIX}/==}
76 OPENSSL_BASE_SONAME!= readlink ${DESTDIR}/usr/lib/libcrypto.so || true
77 OPENSSL_SHLIBVER_BASE= ${OPENSSL_BASE_SONAME:E}
78 OPENSSL_BASE_SOPATH= ${OPENSSL_BASE_SONAME:H}
81 .if ${PORT_OPTIONS:MI386}
87 .if empty(PORT_OPTIONS:MSSE2)
88 # disable runtime SSE2 detection
89 EXTRACONFIGURE+= no-sse2
92 .if ${PORT_OPTIONS:MASM}
93 EXTRACONFIGURE+= enable-asm
95 EXTRACONFIGURE+= no-asm
98 .if ${PORT_OPTIONS:MTHREADS}
99 EXTRACONFIGURE+= threads
101 EXTRACONFIGURE+= no-threads
104 .if ${PORT_OPTIONS:MSHARED}
105 EXTRACONFIGURE+= shared
106 MAKE_ENV+= SHLIBVER=${OPENSSL_SHLIBVER}
107 PLIST_SUB+= SHLIBVER=${OPENSSL_SHLIBVER}
111 .if ${PORT_OPTIONS:MZLIB}
112 EXTRACONFIGURE+= zlib zlib-dynamic
114 EXTRACONFIGURE+= no-zlib no-zlib-dynamic
117 .if ${PORT_OPTIONS:MSCTP}
118 EXTRACONFIGURE+= sctp
120 EXTRACONFIGURE+= no-sctp
123 .if ${PORT_OPTIONS:MSSL2}
124 EXTRACONFIGURE+= enable-ssl2
126 EXTRACONFIGURE+= no-ssl2
129 .if ${PORT_OPTIONS:MSSL3}
130 EXTRACONFIGURE+= enable-ssl3
132 EXTRACONFIGURE+= no-ssl3
135 .if ${PORT_OPTIONS:MMD2}
136 EXTRACONFIGURE+= enable-md2
138 EXTRACONFIGURE+= no-md2
141 .if ${PORT_OPTIONS:MRC5}
142 EXTRACONFIGURE+= enable-rc5
144 EXTRACONFIGURE+= no-rc5
147 .if ${PORT_OPTIONS:MPADLOCK}
148 PATCH_DIST_STRIP= -p1
149 PATCH_SITES+= http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock
150 PATCHFILES+= 0009-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \
151 0010-backport-changes-from-upstream-padlock-module.patch:padlock \
152 0011-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch:padlock \
153 0012-crypto-engine-autoload-padlock-dynamic-engine.patch:padlock
156 .if ${PORT_OPTIONS:MGMP}
157 EXTRACONFIGURE+= enable-gmp -I${LOCALBASE}/include
158 IGNORE= GMP is LGPLv3 and can not be linked
160 EXTRACONFIGURE+= no-gmp
163 .if ${PORT_OPTIONS:MRFC3779}
164 EXTRACONFIGURE+= enable-rfc3779
166 EXTRACONFIGURE+= no-rfc3779
169 .if ${PORT_OPTIONS:MEC}
170 EXTRACONFIGURE+= enable-ec_nistp_64_gcc_128
172 EXTRACONFIGURE+= no-ec_nistp_64_gcc_128
175 .if ${OPENSSL_SHLIBVER_BASE} > ${OPENSSL_SHLIBVER}
178 @${ECHO_CMD} "# this ports conflicts with your base system"
179 @${ECHO_CMD} "# please undefine OPENSSL_OVERWRITE_PORT"
180 @${ECHO_CMD} "# and use WITH_OPENSSL_BASE=yes instead."
187 ${REINPLACE_CMD} -e 's|m4 -B 8192|m4|g' \
188 ${WRKSRC}/crypto/des/Makefile
189 ${REINPLACE_CMD} -e 's|SHLIB_VERSION_NUMBER "1.0.0"|SHLIB_VERSION_NUMBER "${OPENSSL_SHLIBVER}"|' \
190 ${WRKSRC}/crypto/opensslv.h
191 ${REINPLACE_CMD} -e 's|ERR_R_MALLOC_ERROR|ERR_R_MALLOC_FAILURE|' \
192 ${WRKSRC}/crypto/bio/bss_dgram.c
193 .if ${PORT_OPTIONS:MEXPCIPHERS}
194 ${REINPLACE_CMD} -e 's|TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0|TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1|' \
199 ${REINPLACE_CMD} -e "s|options 386|options|" \
201 .if ${PORT_OPTIONS:MTHREADS}
203 && ${SETENV} CC="${CC}" FREEBSDCC="${CC}" CFLAGS="${CFLAGS}" PERL="${PERL}" \
204 ./config --prefix=${PREFIX} --openssldir=${OPENSSLDIR} \
205 --install_prefix=${STAGEDIR} \
206 -L${PREFIX}/lib ${EXTRACONFIGURE}
209 && ${SETENV} CC="${CC}" FREEBSDCC="${CC}" CFLAGS="${CFLAGS}" PERL="${PERL}" \
210 ./config --prefix=${PREFIX} --openssldir=${OPENSSLDIR} \
211 --install_prefix=${STAGEDIR} \
212 -L${PREFIX}/lib ${EXTRACONFIGURE}
215 -e 's|^MANDIR=.*$$|MANDIR=$$(PREFIX)/man|' \
216 -e 's|$$(LIBDIR)/pkgconfig|libdata/pkgconfig|g' \
217 -e 's|LIBVERSION=[^ ]* |LIBVERSION=$(OPENSSL_SHLIBVER) |' \
221 .if ${PORT_OPTIONS:MSHARED}
222 .for i in libcrypto libssl
223 ${INSTALL_DATA} ${WRKSRC}/$i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib
224 ${LN} -sf $i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib/$i.so
227 .if ${PORT_OPTIONS:MDOCS}
228 ${MKDIR} ${STAGEDIR}${DOCSDIR}
229 ${INSTALL_DATA} ${WRKSRC}/doc/openssl.txt ${STAGEDIR}${DOCSDIR}/
231 ${SED} -e 's|/usr/local|${PREFIX}|g' ${PKGMESSAGE}
234 cd ${WRKSRC} && ${MAKE} test
236 regression-test: test
238 .include <bsd.port.post.mk>