1#!/usr/local/bin/bash 2# 3# vim:tw=90:ts=5:sw=5 4# 5# Script compiling OpenSSL 1.1.1 from github. Not yet particular sophisticated. 6# Just meant to provide a help to get the compile job done 7 8echo 9echo "#####################################################" 10echo "####### Build script for openssl 1.1.1 #######" 11echo "####### (contains some weak cryptography) #######" 12echo "#####################################################" 13echo 14 15OPT11="enable-tls1_3 enable-ec_nistp_64_gcc_128 sctp enable-aria enable-asan enable-rc5 \ 16enable-ssl3 enable-ssl3-method enable-dynamic-engine enable-ssl-trace \ 17-DOPENSSL_TLS_SECURITY_LEVEL=0 " 18 19STDOPTIONS="--prefix=/usr/ --openssldir=/etc/ssl -DOPENSSL_USE_BUILD_DATE enable-zlib \ 20enable-heartbeats enable-rc5 enable-md2 enable-ssl3 enable-weak-ssl-ciphers zlib no-shared \ 21enable-rc2 enable-gost enable-cms enable-mdc2 enable-ec enable-ec2m enable-ecdh enable-ecdsa \ 22enable-seed enable-camellia enable-idea enable-rfc3779" 23 24grep OPENSSL_VERSION_TEXT include/openssl/opensslv.h | grep -q 1.1.1 && STDOPTIONS="$STDOPTIONS $OPT11" 25 26clean() { 27 case $NOCLEAN in 28 yes|Y|YES) ;; 29 *) make clean ;; 30 esac 31 #[ $? -ne 0 ] && error "no openssl directory" 32 return 0 33} 34 35error() { 36 tput bold 37 echo "ERROR $1" 38 tput sgr0 39 exit 2 40} 41 42makeall() { 43 make depend && make -j2 # && make report 44 if [ $? -ne 0 ]; then 45#FIXME: we need another error handler, as a failure doesn't mean here anymore a return status of 1 46 error "making" 47 return 1 48 fi 49 return 0 50} 51 52copyfiles() { 53 echo; apps/openssl version -a; echo 54 cp -p apps/openssl ../openssl.$(uname).$(uname -m).$1 55 echo 56 return $? 57} 58 59 60case $(uname -m) in 61 "i686") clean 62 if [[ "$1" = krb ]]; then 63 name2add=krb 64 ./config $STDOPTIONS --with-krb5-flavor=MIT 65 else 66 name2add=static 67 #export CFLAGS='-fPIC' 68 ./config $STDOPTIONS -static 69 fi 70 [ $? -ne 0 ] && error "configuring" 71 makeall && copyfiles "$name2add" 72 [ $? -ne 0 ] && error "copying files" 73 apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l 74 echo 75 echo "------------ all ok ------------" 76 echo 77 ;; 78 "x86_64") clean 79 if [[ "$1" = krb ]]; then 80 name2add=krb 81 ./config $STDOPTIONS --with-krb5-flavor=MIT 82 else 83 name2add=static 84 ./config $STDOPTIONS -static 85 fi 86 [ $? -ne 0 ] && error "configuring" 87 makeall && copyfiles "$name2add" 88 [ $? -ne 0 ] && error "copying files" 89 # see ciphers(1), SSL_CTX_set_security_level(3) 90 apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL:@SECLEVEL=0' | wc -l 91 echo 92 echo "------------ all ok ------------" 93 echo 94 ;; 95 *) echo " Sorry, don't know this architecture $(uname -m)" 96 exit 1 97 ;; 98esac 99