Changes between Initial Version and Version 1 of Packages/OpenSSL


Ignore:
Timestamp:
Dec 2, 2005, 11:22:36 AM (14 years ago)
Author:
ChrisJohns
Comment:

Fix the warning text.

Legend:

Unmodified
Added
Removed
Modified
  • Packages/OpenSSL

    v1 v1  
     1= OpenSSL =
     2
     3= OpenSSL =
     4
     5
     6The OpenSSL web site is http://www.openssl.org/. To quote the projects web site ...
     7
     8   The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.
     9
     10It is your responsibility to check the [http://www.openssl.org/ OpenSSL] web site for your legal requirements. You need to insure you have meet these legal requirements. To quote the [http://www.openssl.org/ OpenSSL] Title web page ...
     11
     12PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS OF OPENSSL ARE NOT LIABLE FOR ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.
     13= Building OpenSSL =
     14
     15
     16Download the OpenSSL source code from the [http://www.openssl.org/source/ OpenSSL Source] page. The lastest built version is -
     17
     18  http://www.openssl.org/source/openssl-0.9.7d.tar.gz
     19
     20This version was built with the following instructions with a 4.6.1 [wiki:Developer/Multilib Multilib RTEMS] for the M68K target.
     21
     22I have built applications with the library on RTEMS and they work and interoperate with Linux software. The [wiki:GoAhead GoAhead] web server also builds with the OpenSSL library. Watch the initialisation of the OpenSLL library when you have the [wiki:GoAhead GoAhead] web server running. Starting a SSL web server will result in the OpenSSL library being initialised. You need to arrange initialisation in one place.
     23
     24The applications tested do not use <i>select</i>, rather threads are used with blocking sockets. This made the code simpler as <i>select</i> requires you handle the need for the SSL code wanting more data. You can find details about this in the OpenSSL API.
     25
     26Change to a scratch work space on your host development machine and untar the source code:
     27
     28{{{
     29    $ tar zxf openssl-0.9.7d.tar.gz
     30    $ cd openssl-0.9.7d
     31}}}
     32
     33You need to edit the perl ''Configure'' script. Open it in an editor and locate the following:
     34
     35{{{
     36    my %table=(
     37###File 'TABLE' (created by 'make TABLE') contains the data from this list,
     38###formatted for better readability.
     39}}}
     40
     41then scroll down to the end the perl table. For the '''m68k-rtems''' target add the following lines:
     42
     43{{{
     44#### RTEMS Realtime Embedded Kernel
     45"m68k-rtems", "m68k-rtems-gcc:-O3 -Wall -DTERMIOS -DNO''STRINGS''H=1 -I\$(INSTALLTOP)/m68k-rtems/lib/include::-D_REENTRANT:RTEMS:"
     46}}}
     47
     48Change the target and compiler flags to suit your target. Do not add processor specific flags. These can be added when you run the ''Configure'' script. Note, OpenSSL is built in the source tree. Run the ''Configure'' script by entering a command line similar too this:
     49
     50{{{
     51    $ ./Configure --prefix=/opt/rtems m68k-rtems -m5200
     52    Configuring for m68k-rtems
     53    ~IsWindows=0
     54    CC            =m68k-rtems-gcc
     55    CFLAG         =-DOPENSSL''SYSNAME''RTEMS -DOPENSSL''THREADS -D''REENTRANT \
     56   * *******DOPENSSL''NO''KRB5 -m5200 -O3 -Wall -DTERMIOS DNO''STRINGS''H=1 \
     57   * *******I$(INSTALLTOP)/m68k-rtems/lib/include
     58    EX_LIBS       =
     59
     60    BN''ASM        =bn''asm.o
     61    DES''ENC       =des''enc.o fcrypt_b.o
     62    BF''ENC        =bf''enc.o
     63    CAST''ENC      =c''enc.o
     64    RC4''ENC       =rc4''enc.o
     65    RC5''ENC       =rc5''enc.o
     66    MD5''OBJ''ASM   =
     67
     68    SHA1''OBJ''ASM  =
     69
     70    RMD160''OBJ''ASM=
     71
     72    PROCESSOR     =
     73
     74    RANLIB        =/usr/bin/ranlib
     75    ARFLAGS       =
     76
     77    PERL          =/usr/bin/perl
     78    THIRTY''TWO''BIT mode
     79    RC4_CHUNK is undefined
     80    Makefile => Makefile.ssl
     81     .....
     82}}}
     83
     84In this example the library is for the generic Coldfire processor (5200). Once ''Configure'' completes you can check your setup by running:
     85
     86{{{
     87    $ make TABLE
     88    (echo 'Output of `Configure TABLE'"':"; \
     89    /usr/bin/perl Configure TABLE) > TABLE
     90}}}
     91
     92The TABLE for the '''m68k-rtems''' target is:
     93
     94{{{
     95    *** m68k-rtems
     96    $cc           = m68k-rtems-gcc
     97    $cflags       <tt> -O3 -Wall -DTERMIOS -DNO''STRINGS''H</tt>1 -I$(INSTALLTOP)/m68k-rtems/lib/include
     98    $unistd       =
     99
     100    $thread''cflag = -D''REENTRANT
     101    $sys_id       = RTEMS
     102    $lflags       =
     103
     104    $bn_ops       =
     105
     106    $bn_obj       =
     107
     108    $des_obj      =
     109
     110    $bf_obj       =
     111
     112    $md5_obj      =
     113
     114    $sha1_obj     =
     115
     116    $cast_obj     =
     117
     118    $rc4_obj      =
     119
     120    $rmd160_obj   =
     121
     122    $rc5_obj      =
     123
     124    $dso_scheme   =
     125
     126    $shared_target=
     127
     128    $shared_cflag =
     129
     130    $shared_ldflag =
     131
     132    $shared_extension =
     133
     134    $ranlib       =
     135
     136    $arflags      =
     137
     138}}}
     139
     140To build the OpenSSL libraries enter the following '''make''' command line overriding the standard build directories This stops the building of OpenSSL applications that will not link cleanly:
     141
     142{{{
     143    $ make DIRS="crypto ssl" all install
     144}}}
     145
     146OpenSSL installs to paths that are typically used when building for a native library rather than a cross-compiler multilib target. For the RTEMS M68K multilib target with the <tt>-m5200</tt> compiler option the include and library paths are:
     147    [[BR]]
     148    /opt/rtems/m68k-rtems/include[[BR]]
     149    /opt/rtems/m68k-rtems/lib/m5200[[BR]]
     150
     151while OpenSSL will install the files into:
     152    [[BR]]
     153    /opt/rtems/include/openssl/*.h[[BR]]
     154    /opt/rtems/lib/libcrypto.a[[BR]]
     155    /opt/rtems/lib/libssl.a[[BR]]
     156
     157A possible work around is to use the ''INSTALL''PREFIX'' argument to ''make_ to install into a scratch location and then to move the header files and libraries into the expected RTEMS locations.
     158
     159It is recommended the header files are placed in <tt>$prefix/m68k-rtems/include</tt> so the following autoconf test can be used to detect OpenSSL has been installed:
     160
     161 
     162     AC_CHECK_HEADER([openssl/ssl.h])