209 lines
5.8 KiB
Bash
Executable File
209 lines
5.8 KiB
Bash
Executable File
#!/bin/sh
|
|
set -eux
|
|
|
|
download_openssl () {
|
|
if [ ! -f "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ]; then
|
|
|
|
#
|
|
# OpenSSL has different links for latest and previous releases
|
|
# since we want to download several versions, let us try to treat
|
|
# current version as latest, if it fails, follow with previous
|
|
#
|
|
|
|
wget -P download-cache/ \
|
|
"https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" || \
|
|
wget -P download-cache/ \
|
|
"https://www.openssl.org/source/old/${OPENSSL_VERSION%[a-z]}/openssl-${OPENSSL_VERSION}.tar.gz"
|
|
fi
|
|
}
|
|
|
|
# recent openssl versions support parallel builds and skipping the docs,
|
|
# while older ones require to build everything sequentially.
|
|
build_openssl_linux () {
|
|
(
|
|
cd "openssl-${OPENSSL_VERSION}/"
|
|
./config shared --prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY
|
|
if [ -z "${OPENSSL_VERSION##1.*}" ]; then
|
|
make all
|
|
else
|
|
make -j$(nproc) build_sw
|
|
fi
|
|
make install_sw
|
|
)
|
|
}
|
|
|
|
build_openssl_osx () {
|
|
(
|
|
cd "openssl-${OPENSSL_VERSION}/"
|
|
./Configure darwin64-x86_64-cc shared \
|
|
--prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY
|
|
make depend build_sw install_sw
|
|
)
|
|
}
|
|
|
|
build_openssl () {
|
|
if [ "$(cat ${HOME}/opt/.openssl-version)" != "${OPENSSL_VERSION}" ]; then
|
|
tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz"
|
|
case `uname` in
|
|
'Darwin')
|
|
build_openssl_osx
|
|
;;
|
|
'Linux')
|
|
build_openssl_linux
|
|
;;
|
|
esac
|
|
echo "${OPENSSL_VERSION}" > "${HOME}/opt/.openssl-version"
|
|
fi
|
|
}
|
|
|
|
download_libressl () {
|
|
if [ ! -f "download-cache/libressl-${LIBRESSL_VERSION}.tar.gz" ]; then
|
|
wget -P download-cache/ \
|
|
"https://cdn.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz"
|
|
fi
|
|
}
|
|
|
|
build_libressl () {
|
|
if [ "$(cat ${HOME}/opt/.libressl-version)" != "${LIBRESSL_VERSION}" ]; then
|
|
tar zxf "download-cache/libressl-${LIBRESSL_VERSION}.tar.gz"
|
|
(
|
|
cd "libressl-${LIBRESSL_VERSION}/"
|
|
./configure --prefix="${HOME}/opt"
|
|
make all install
|
|
)
|
|
echo "${LIBRESSL_VERSION}" > "${HOME}/opt/.libressl-version"
|
|
fi
|
|
}
|
|
|
|
download_boringssl () {
|
|
if [ ! -d "download-cache/boringssl" ]; then
|
|
git clone --depth=1 https://boringssl.googlesource.com/boringssl download-cache/boringssl
|
|
else
|
|
(
|
|
cd download-cache/boringssl
|
|
git pull
|
|
)
|
|
fi
|
|
}
|
|
|
|
download_aws_lc () {
|
|
if [ ! -f "download-cache/aws-lc-${AWS_LC_VERSION}.tar.gz" ]; then
|
|
mkdir -p download-cache
|
|
wget -q -O "download-cache/aws-lc-${AWS_LC_VERSION}.tar.gz" \
|
|
"https://github.com/aws/aws-lc/archive/refs/tags/v${AWS_LC_VERSION}.tar.gz"
|
|
fi
|
|
}
|
|
|
|
build_aws_lc () {
|
|
if [ "$(cat ${HOME}/opt/.aws_lc-version)" != "${AWS_LC_VERSION}" ]; then
|
|
tar zxf "download-cache/aws-lc-${AWS_LC_VERSION}.tar.gz"
|
|
(
|
|
cd "aws-lc-${AWS_LC_VERSION}/"
|
|
mkdir -p build
|
|
cd build
|
|
cmake -version
|
|
cmake -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=1 -DDISABLE_GO=1 -DDISABLE_PERL=1 \
|
|
-DBUILD_TESTING=0 -DCMAKE_INSTALL_PREFIX=${HOME}/opt ..
|
|
make -j$(nproc)
|
|
make install
|
|
)
|
|
echo "${AWS_LC_VERSION}" > "${HOME}/opt/.aws_lc-version"
|
|
fi
|
|
}
|
|
|
|
download_quictls () {
|
|
if [ ! -d "download-cache/quictls" ]; then
|
|
git clone --depth=1 https://github.com/quictls/openssl download-cache/quictls
|
|
else
|
|
(
|
|
cd download-cache/quictls
|
|
git pull
|
|
)
|
|
fi
|
|
}
|
|
|
|
download_wolfssl () {
|
|
if [ ! -f "download-cache/wolfssl-${WOLFSSL_VERSION}.tar.gz" ]; then
|
|
mkdir -p download-cache
|
|
if [ "${WOLFSSL_VERSION%%-*}" != "git" ]; then
|
|
wget -q -O "download-cache/wolfssl-${WOLFSSL_VERSION}.tar.gz" \
|
|
"https://github.com/wolfSSL/wolfssl/archive/refs/tags/v${WOLFSSL_VERSION}-stable.tar.gz"
|
|
else
|
|
wget -q -O "download-cache/wolfssl-${WOLFSSL_VERSION}.tar.gz" \
|
|
"https://github.com/wolfSSL/wolfssl/archive/${WOLFSSL_VERSION##git-}.tar.gz"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
build_wolfssl () {
|
|
if [ "$(cat ${HOME}/opt/.wolfssl-version)" != "${WOLFSSL_VERSION}" ]; then
|
|
mkdir "wolfssl-${WOLFSSL_VERSION}/"
|
|
tar zxf "download-cache/wolfssl-${WOLFSSL_VERSION}.tar.gz" -C "wolfssl-${WOLFSSL_VERSION}/" --strip-components=1
|
|
(
|
|
cd "wolfssl-${WOLFSSL_VERSION}/"
|
|
autoreconf -i
|
|
./configure --enable-haproxy --enable-quic --prefix="${HOME}/opt"
|
|
make -j$(nproc)
|
|
make install
|
|
)
|
|
echo "${WOLFSSL_VERSION}" > "${HOME}/opt/.wolfssl-version"
|
|
fi
|
|
}
|
|
|
|
if [ ! -z ${LIBRESSL_VERSION+x} ]; then
|
|
download_libressl
|
|
build_libressl
|
|
fi
|
|
|
|
if [ ! -z ${OPENSSL_VERSION+x} ]; then
|
|
download_openssl
|
|
build_openssl
|
|
fi
|
|
|
|
if [ ! -z ${BORINGSSL+x} ]; then
|
|
(
|
|
|
|
# travis-ci comes with go-1.11, while boringssl requires go-1.13
|
|
eval "$(curl -sL https://raw.githubusercontent.com/travis-ci/gimme/master/gimme | GIMME_GO_VERSION=1.13 bash)"
|
|
|
|
download_boringssl
|
|
cd download-cache/boringssl
|
|
if [ -d build ]; then rm -rf build; fi
|
|
mkdir build
|
|
cd build
|
|
cmake -GNinja -DCMAKE_BUILD_TYPE=release -DBUILD_SHARED_LIBS=1 ..
|
|
ninja
|
|
|
|
rm -rf ${HOME}/opt/lib || exit 0
|
|
rm -rf ${HOME}/opt/include || exit 0
|
|
|
|
mkdir -p ${HOME}/opt/lib
|
|
cp crypto/libcrypto.so ssl/libssl.so ${HOME}/opt/lib
|
|
|
|
mkdir -p ${HOME}/opt/include
|
|
cp -r ../include/* ${HOME}/opt/include
|
|
)
|
|
fi
|
|
|
|
if [ ! -z ${AWS_LC_VERSION+x} ]; then
|
|
download_aws_lc
|
|
build_aws_lc
|
|
fi
|
|
|
|
if [ ! -z ${QUICTLS+x} ]; then
|
|
(
|
|
download_quictls
|
|
cd download-cache/quictls
|
|
|
|
./config shared no-tests ${QUICTLS_EXTRA_ARGS:-} --prefix="${HOME}/opt" --openssldir="${HOME}/opt" --libdir=lib -DPURIFY
|
|
make -j$(nproc) build_sw
|
|
make install_sw
|
|
|
|
)
|
|
fi
|
|
|
|
if [ ! -z ${WOLFSSL_VERSION+x} ]; then
|
|
download_wolfssl
|
|
build_wolfssl
|
|
fi
|