1 # $NetBSD: builtin.mk,v 1.28 2009/06/07 14:24:03 joerg Exp $
5 BUILTIN_FIND_LIBS:= des
6 BUILTIN_FIND_FILES_VAR:= H_OPENSSLCONF H_OPENSSLV
7 BUILTIN_FIND_FILES.H_OPENSSLCONF= /usr/include/openssl/opensslconf.h \
8 /boot/common/include/openssl/opensslconf.h
9 BUILTIN_FIND_FILES.H_OPENSSLV= /usr/include/openssl/opensslv.h \
10 /boot/common/include/openssl/opensslv.h
12 .include "../../mk/buildlink3/bsd.builtin.mk"
15 ### Determine if there is a built-in implementation of the package and
16 ### set IS_BUILTIN.<pkg> appropriately ("yes" or "no").
18 .if !defined(IS_BUILTIN.openssl)
19 IS_BUILTIN.openssl= no
20 . if empty(H_OPENSSLV:M__nonexistent__) && empty(H_OPENSSLV:M${LOCALBASE}/*)
21 IS_BUILTIN.openssl= yes
24 MAKEVARS+= IS_BUILTIN.openssl
27 ### If there is a built-in implementation, then set BUILTIN_PKG.<pkg> to
28 ### a package name to represent the built-in package.
30 .if !defined(BUILTIN_PKG.openssl) && \
31 !empty(IS_BUILTIN.openssl:M[yY][eE][sS]) && \
32 empty(H_OPENSSLV:M__nonexistent__)
33 BUILTIN_VERSION.openssl!= \
34 ${AWK} 'BEGIN { hex="0123456789abcdef"; \
35 split("abcdefghijklmnopqrstuvwxyz", alpha, ""); \
37 /\#define[ ]*OPENSSL_VERSION_NUMBER/ { \
38 major = index(hex, substr($$3, 3, 1)) - 1; \
39 i = 16 * (index(hex, substr($$3, 4, 1)) - 1); \
40 i += index(hex, substr($$3, 5, 1)) - 1; \
42 i = 16 * (index(hex, substr($$3, 6, 1)) - 1); \
43 i += index(hex, substr($$3, 7, 1)) - 1; \
45 i = 16 * (index(hex, substr($$3, 8, 1)) - 1); \
46 i += index(hex, substr($$3, 9, 1)) - 1; \
49 } else if (i > 26) { \
52 patchlevel = alpha[i]; \
54 printf "%s%s%s%s\n", \
55 major, minor, teeny, patchlevel; \
60 . if !empty(BUILTIN_VERSION.openssl:M0\.9\.6g) && \
61 empty(H_OPENSSLV:M__nonexistent__)
63 # If the native OpenSSL contains the security fixes pulled up to the
64 # netbsd-1-6 branch on 2003-11-07, then pretend it's openssl-0.9.6l.
66 BUILTIN_OPENSSL_HAS_20031107_FIX!= \
67 ${AWK} 'BEGIN { ans = "no" } \
68 /OPENSSL_HAS_20031107_FIX/ { ans = "yes" } \
69 END { print ans; exit 0 } \
71 . if !empty(BUILTIN_OPENSSL_HAS_20031107_FIX:M[yY][eE][sS])
72 BUILTIN_VERSION.openssl= 0.9.6l
75 # If the native OpenSSL contains the security fixes pulled up to the
76 # netbsd-1-6 branch on 2004-04-01, then pretend it's openssl-0.9.6m.
78 BUILTIN_OPENSSL_HAS_20040401_FIX!= \
79 ${AWK} 'BEGIN { ans = "no" } \
80 /OPENSSL_HAS_20040401_FIX/ { ans = "yes" } \
81 END { print ans; exit 0 } \
83 . if !empty(BUILTIN_OPENSSL_HAS_20040401_FIX:M[yY][eE][sS])
84 BUILTIN_VERSION.openssl= 0.9.6m
86 . elif !empty(BUILTIN_VERSION.openssl:M0\.9\.7d) && \
87 empty(H_OPENSSLV:M__nonexistent__)
89 # If the native OpenSSL contains the security fixes pulled up to the
90 # netbsd-2-0, netbsd-2, and netbsd-3-0 branches on 2005-10-11, then
91 # pretend it's openssl-0.9.7h.
93 BUILTIN_OPENSSL_HAS_20051011_FIX!= \
94 ${AWK} 'BEGIN { ans = "no" } \
95 /OPENSSL_HAS_20051011_FIX/ { ans = "yes" } \
96 END { print ans; exit 0 } \
98 . if !empty(BUILTIN_OPENSSL_HAS_20051011_FIX:M[yY][eE][sS])
99 BUILTIN_VERSION.openssl= 0.9.7h
102 BUILTIN_PKG.openssl= openssl-${BUILTIN_VERSION.openssl}
104 MAKEVARS+= BUILTIN_PKG.openssl
106 .if !defined(BUILTIN_OPENSSL_HAS_THREADS) && \
107 !empty(IS_BUILTIN.openssl:M[yY][eE][sS]) && \
108 empty(H_OPENSSLCONF:M__nonexistent__)
109 BUILTIN_OPENSSL_HAS_THREADS!= \
110 ${AWK} 'BEGIN { ans = "no" } \
111 /\#[ ]*define[ ]*OPENSSL_THREADS/ { ans= "yes" } \
112 /\#[ ]*define[ ]*THREADS/ { ans = "yes" } \
113 END { print ans; exit 0 } \
116 MAKEVARS+= BUILTIN_OPENSSL_HAS_THREADS
119 ### Determine whether we should use the built-in implementation if it
120 ### exists, and set USE_BUILTIN.<pkg> appropriate ("yes" or "no").
122 .if !defined(USE_BUILTIN.openssl)
123 . if ${PREFER.openssl} == "pkgsrc"
124 USE_BUILTIN.openssl= no
126 USE_BUILTIN.openssl= ${IS_BUILTIN.openssl}
127 . if defined(BUILTIN_PKG.openssl) && \
128 !empty(IS_BUILTIN.openssl:M[yY][eE][sS])
129 USE_BUILTIN.openssl= yes
130 . for dep_ in ${BUILDLINK_API_DEPENDS.openssl}
131 . if !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
132 USE_BUILTIN.openssl!= \
133 if ${PKG_ADMIN} pmatch ${dep_:Q} ${BUILTIN_PKG.openssl:Q}; then \
141 . if !empty(IS_BUILTIN.openssl:M[yY][eE][sS]) && \
142 defined(USE_FEATURES.openssl)
143 . if !empty(USE_FEATURES.openssl:Mthreads) && \
144 !empty(BUILTIN_OPENSSL_HAS_THREADS:M[nN][oO])
145 USE_BUILTIN.openssl= no
148 . endif # PREFER.openssl
150 MAKEVARS+= USE_BUILTIN.openssl
153 ### The section below only applies if we are not including this file
154 ### solely to determine whether a built-in implementation exists.
156 CHECK_BUILTIN.openssl?= no
157 .if !empty(CHECK_BUILTIN.openssl:M[nN][oO])
159 . if !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
160 . if empty(H_OPENSSLV:M__nonexistent__)
161 . if !empty(H_OPENSSLV:M/usr/*)
162 BUILDLINK_PREFIX.openssl= /usr
163 . elif !empty(H_OPENSSLV:M/boot/common/*)
164 BUILDLINK_PREFIX.openssl= /boot/common
169 # By default, we don't bother with the old DES API.
171 . if !empty(USE_OLD_DES_API:M[yY][eE][sS])
173 # If we're using the old DES API, then check to see if the old DES
174 # code was factored out into a separate library and header files and
175 # no longer a part of libcrypto.
177 . if !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
178 . if exists(${BUILDLINK_PREFIX.openssl}/include/des.h) && \
179 !empty(BUILTIN_LIB_FOUND.des:M[yY][eE][sS])
180 BUILDLINK_TRANSFORM+= l:crypto:des:crypto
181 WRAPPER_REORDER_CMDS+= reorder:l:des:crypto
185 # The idea is to avoid the need to patch source files for packages that
186 # use OpenSSL for DES support by ensuring that including <openssl/des.h>
187 # will always present the old DES API.
189 # (1) If des_old.h exists, then we're using OpenSSL>=0.9.7, and
190 # <openssl/des.h> already does the right thing.
192 # (2) If des_old.h doesn't exist, then one of two things is happening:
193 # (a) If <openssl/des.h> is old and (only) supports the old DES API,
194 # then <openssl/des.h> does the right thing.
195 # (b) If it's NetBSD's Special(TM) one that stripped out the old DES
196 # support into a separate library and header (-ldes, <des.h>),
197 # then we create a new header <openssl/des.h> that includes the
198 # system one and <des.h>, and we create an <openssl/des_old.h>
199 # that just includes <des.h>.
201 BUILDLINK_TARGETS+= buildlink-openssl-des-h
202 . if !target(buildlink-openssl-des-h)
203 .PHONY: buildlink-openssl-des-h
204 buildlink-openssl-des-h:
206 bl_odes_h="${BUILDLINK_DIR}/include/openssl/des.h"; \
207 bl_odes_old_h="${BUILDLINK_DIR}/include/openssl/des_old.h"; \
208 odes_h="${BUILDLINK_PREFIX.openssl}/include/openssl/des.h"; \
209 odes_old_h="${BUILDLINK_PREFIX.openssl}/include/openssl/des_old.h"; \
210 des_h="${BUILDLINK_PREFIX.openssl}/include/des.h"; \
211 if ${TEST} -f "$$odes_old_h"; then \
212 ${ECHO_BUILDLINK_MSG} "<openssl/des.h> supports old DES API."; \
214 elif ${GREP} -q "des_cblock" "$$odes_h" 2>/dev/null; then \
215 ${ECHO_BUILDLINK_MSG} "<openssl/des.h> supports old DES API."; \
217 elif ${TEST} -f "$$des_h" -a -f "$$odes_h"; then \
218 ${ECHO_BUILDLINK_MSG} "Creating $$bl_odes_h"; \
219 ${RM} -f $$bl_odes_h; \
220 ${MKDIR} `${DIRNAME} $$bl_odes_h`; \
221 ( ${ECHO} "/* Created by openssl/builtin.mk:${.TARGET} */"; \
222 ${ECHO} "#include \"$$odes_h\""; \
223 ${ECHO} "#include \"$$des_h\""; \
225 ${ECHO_BUILDLINK_MSG} "Creating $$bl_odes_old_h"; \
226 ${RM} -f $$bl_odes_old_h; \
227 ${MKDIR} `${DIRNAME} $$bl_odes_old_h`; \
228 ( ${ECHO} "/* Created by openssl/builtin.mk:${.TARGET} */"; \
229 ${ECHO} "#include \"$$des_h\""; \
230 ) > $$bl_odes_old_h; \
233 ${ECHO} "Unable to find headers for old DES API."; \
237 . endif # USE_OLD_DES_API == yes
239 . if defined(PKG_SYSCONFDIR.openssl)
240 SSLDIR= ${PKG_SYSCONFDIR.openssl}
241 . elif !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
242 . if ${OPSYS} == "NetBSD"
244 . elif ${OPSYS} == "Haiku"
245 SSLDIR= /boot/common/ssl
247 SSLDIR= /etc/ssl # most likely place
250 SSLDIR= ${PKG_SYSCONFBASEDIR}/openssl
253 SSLCERTS= ${SSLDIR}/certs
254 SSLKEYS= ${SSLDIR}/private
256 BUILD_DEFS+= SSLDIR SSLCERTS SSLKEYS
258 # create pc files for builtin version; other versions assumed to contain them
259 # If we are using the builtin version, check whether it has a *.pc
260 # files or not. If the latter, generate fake ones.
261 . if !empty(USE_BUILTIN.openssl:M[Yy][Ee][Ss])
262 BUILDLINK_TARGETS+= openssl-fake-pc
264 . if !defined(HAS_OPENSSL_FAKE_PC)
269 src=${BUILDLINK_PREFIX.openssl}/lib/pkgconfig/libcrypto.pc; \
270 dst=${BUILDLINK_DIR}/lib/pkgconfig/libcrypto.pc; \
271 ${MKDIR} ${BUILDLINK_DIR}/lib/pkgconfig; \
272 if ${TEST} -f $${src}; then \
273 ${LN} -sf $${src} $${dst}; \
275 { ${ECHO} "Name: OpenSSL-libcrypto"; \
276 ${ECHO} "Description: OpenSSL cryptography library"; \
277 ${ECHO} "Version: ${BUILTIN_VERSION.openssl}"; \
278 ${ECHO} "Libs: -L${BUILDLINK_PREFIX.openssl}/lib -lcrypto"; \
279 ${ECHO} "Cflags: -I${BUILDLINK_PREFIX.openssl}/include"; \
283 src=${BUILDLINK_PREFIX.openssl}/lib/pkgconfig/libssl.pc; \
284 dst=${BUILDLINK_DIR}/lib/pkgconfig/libssl.pc; \
285 ${MKDIR} ${BUILDLINK_DIR}/lib/pkgconfig; \
286 if ${TEST} -f $${src}; then \
287 ${LN} -sf $${src} $${dst}; \
289 { ${ECHO} "Name: OpenSSL"; \
290 ${ECHO} "Description: Secure Sockets Layer and cryptography libraries"; \
291 ${ECHO} "Version: ${BUILTIN_VERSION.openssl}"; \
292 ${ECHO} "Libs: -L${BUILDLINK_PREFIX.openssl}/lib -lssl -lcrypto"; \
293 ${ECHO} "Cflags: -I${BUILDLINK_PREFIX.openssl}/include"; \
297 src=${BUILDLINK_PREFIX.openssl}/lib/pkgconfig/openssl.pc; \
298 dst=${BUILDLINK_DIR}/lib/pkgconfig/openssl.pc; \
299 ${MKDIR} ${BUILDLINK_DIR}/lib/pkgconfig; \
300 if ${TEST} -f $${src}; then \
301 ${LN} -sf $${src} $${dst}; \
303 { ${ECHO} "Name: OpenSSL"; \
304 ${ECHO} "Description: Secure Sockets Layer and cryptography libraries and tools"; \
305 ${ECHO} "Version: ${BUILTIN_VERSION.openssl}"; \
306 ${ECHO} "Libs: -L${BUILDLINK_PREFIX.openssl}/lib -lssl -lcrypto"; \
307 ${ECHO} "Cflags: -I${BUILDLINK_PREFIX.openssl}/include"; \
313 .endif # CHECK_BUILTIN.openssl