Skip to content

Instantly share code, notes, and snippets.

@foozmeat
Last active May 22, 2024 17:56
Show Gist options
  • Save foozmeat/5154962 to your computer and use it in GitHub Desktop.
Save foozmeat/5154962 to your computer and use it in GitHub Desktop.
A shell script to build openssl for iOS and Mac. It currently builds: Mac -> i386 & x86_64 // iOS -> armv7, arm64 // iOS Simulator -> i386 & x86_64.
#!/bin/bash
# This script builds the iOS and Mac openSSL libraries
# Download openssl http://www.openssl.org/source/ and place the tarball next to this script
# Credits:
# https://github.com/st3fan/ios-openssl
# https://github.com/x2on/OpenSSL-for-iPhone/blob/master/build-libssl.sh
set -e
usage ()
{
echo "usage: $0 [minimum iOS SDK version (default 8.2)]"
exit 127
}
if [ $1 -e "-h" ]; then
usage
fi
if [ -z $1 ]; then
SDK_VERSION="8.2"
else
SDK_VERSION=$1
fi
OPENSSL_VERSION="openssl-1.0.1m"
DEVELOPER=`xcode-select -print-path`
buildMac()
{
ARCH=$1
echo "Building ${OPENSSL_VERSION} for ${ARCH}"
TARGET="darwin-i386-cc"
if [[ $ARCH == "x86_64" ]]; then
TARGET="darwin64-x86_64-cc"
fi
pushd . > /dev/null
cd "${OPENSSL_VERSION}"
./Configure ${TARGET} --openssldir="/tmp/${OPENSSL_VERSION}-${ARCH}" &> "/tmp/${OPENSSL_VERSION}-${ARCH}.log"
make >> "/tmp/${OPENSSL_VERSION}-${ARCH}.log" 2>&1
make install >> "/tmp/${OPENSSL_VERSION}-${ARCH}.log" 2>&1
make clean >> "/tmp/${OPENSSL_VERSION}-${ARCH}.log" 2>&1
popd > /dev/null
}
buildIOS()
{
ARCH=$1
pushd . > /dev/null
cd "${OPENSSL_VERSION}"
if [[ "${ARCH}" == "i386" || "${ARCH}" == "x86_64" ]]; then
PLATFORM="iPhoneSimulator"
else
PLATFORM="iPhoneOS"
sed -ie "s!static volatile sig_atomic_t intr_signal;!static volatile intr_signal;!" "crypto/ui/ui_openssl.c"
fi
export $PLATFORM
export CROSS_TOP="${DEVELOPER}/Platforms/${PLATFORM}.platform/Developer"
export CROSS_SDK="${PLATFORM}${SDK_VERSION}.sdk"
export BUILD_TOOLS="${DEVELOPER}"
export CC="${BUILD_TOOLS}/usr/bin/gcc -arch ${ARCH}"
echo "Building ${OPENSSL_VERSION} for ${PLATFORM} ${SDK_VERSION} ${ARCH}"
if [[ "${ARCH}" == "x86_64" ]]; then
./Configure darwin64-x86_64-cc --openssldir="/tmp/${OPENSSL_VERSION}-iOS-${ARCH}" &> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log"
else
./Configure iphoneos-cross --openssldir="/tmp/${OPENSSL_VERSION}-iOS-${ARCH}" &> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log"
fi
# add -isysroot to CC=
sed -ie "s!^CFLAG=!CFLAG=-isysroot ${CROSS_TOP}/SDKs/${CROSS_SDK} -miphoneos-version-min=${SDK_VERSION} !" "Makefile"
make >> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log" 2>&1
make install >> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log" 2>&1
make clean >> "/tmp/${OPENSSL_VERSION}-iOS-${ARCH}.log" 2>&1
popd > /dev/null
}
echo "Cleaning up"
rm -rf include/openssl/* lib/*
mkdir -p lib/iOS
mkdir -p lib/Mac
mkdir -p include/openssl/
rm -rf "/tmp/${OPENSSL_VERSION}-*"
rm -rf "/tmp/${OPENSSL_VERSION}-*.log"
rm -rf "${OPENSSL_VERSION}"
if [ ! -e ${OPENSSL_VERSION}.tar.gz ]; then
echo "Downloading ${OPENSSL_VERSION}.tar.gz"
curl -O https://www.openssl.org/source/${OPENSSL_VERSION}.tar.gz
else
echo "Using ${OPENSSL_VERSION}.tar.gz"
fi
echo "Unpacking openssl"
tar xfz "${OPENSSL_VERSION}.tar.gz"
buildMac "i386"
buildMac "x86_64"
echo "Copying headers"
cp /tmp/${OPENSSL_VERSION}-i386/include/openssl/* include/openssl/
echo "Building Mac libraries"
lipo \
"/tmp/${OPENSSL_VERSION}-i386/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-x86_64/lib/libcrypto.a" \
-create -output lib/Mac/libcrypto.a
lipo \
"/tmp/${OPENSSL_VERSION}-i386/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-x86_64/lib/libssl.a" \
-create -output lib/Mac/libssl.a
buildIOS "armv7"
buildIOS "arm64"
buildIOS "x86_64"
buildIOS "i386"
echo "Building iOS libraries"
lipo \
"/tmp/${OPENSSL_VERSION}-iOS-armv7/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-i386/lib/libcrypto.a" \
"/tmp/${OPENSSL_VERSION}-iOS-x86_64/lib/libcrypto.a" \
-create -output lib/iOS/libcrypto.a
lipo \
"/tmp/${OPENSSL_VERSION}-iOS-armv7/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-arm64/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-i386/lib/libssl.a" \
"/tmp/${OPENSSL_VERSION}-iOS-x86_64/lib/libssl.a" \
-create -output lib/iOS/libssl.a
echo "Cleaning up"
rm -rf /tmp/${OPENSSL_VERSION}-*
rm -rf ${OPENSSL_VERSION}
echo "Done"
@fbartolom
Copy link

It stops at:
fbartolom$ ./build3-openssl.sh
Cleaning up
Downloading openssl-1.0.1h.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 4370k 100 4370k 0 0 745k 0 0:00:05 0:00:05 --:--:-- 830k
Unpacking openssl
Building openssl-1.0.1h for i386

and creates nothing in the lib directory. I have OS X Maverick.

@fbartolom
Copy link

the log reports:
make: *** No rule to make target `install'. Stop.

@fbartolom
Copy link

The log reports:
installing man7/des_modes.7
installing man3/dh.3
installing man3/dsa.3
installing man3/ecdsa.3
installing man3/engine.3
installing man3/err.3
installing man3/evp.3
installing man3/hmac.3
/bin/sh: /tmp/openssl-1.0.1h-i386/man/man3/hmac.3: Too many levels of symbolic links
make: *** [install_docs] Error 1

@fbartolom
Copy link

The problem is that the script is looking for:
clang: warning: no such sysroot directory: '/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS7.1.sdk'

While my directory contains iPhoneOS8.1.sdk'. Passing 8.1 as a -z parameter does not work. What to do?

@fbartolom
Copy link

I added a symbolic link to the actual SDK from the file it searched. At any rate I keep getting errors, seemingly starting from:
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(ecp_nistp521.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(ecp_nistputil.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(rand_win.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(rand_os2.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(rand_nw.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(e_rc5.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(m_md2.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(evp_fips.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(v3_asid.o) has no symbols
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ranlib: file: ../../libcrypto.a(v3_addr.o) has no symbols

Anyway now the program terminated without errors, even if not writing Done; this is the output:
Unpacking openssl
Building openssl-1.0.1h for i386
Building openssl-1.0.1h for x86_64
Copying headers
Building Mac libraries
Building openssl-1.0.1h for iPhoneOS 7.1 armv7
Building openssl-1.0.1h for iPhoneOS 7.1 armv7s
Building openssl-1.0.1h for iPhoneOS 7.1 arm64
Building openssl-1.0.1h for iPhoneSimulator 7.1 x86_64
Yet the lib directory just has the two mac files, where have the libcrypto_iOS.a” and “libssl_iOS.a" files finished?

@fbartolom
Copy link

Just to convince you I am using your script, this is the tail for the beginning of the logs you might be able to recognize:
tail openssl-1.0.1h-i386.log
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_int.o a_int.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_octet.o a_octet.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_print.o a_print.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_type.o a_type.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_set.o a_set.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_dup.o a_dup.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_d2i_fp.o a_d2i_fp.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_i2d_fp.o a_i2d_fp.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_enum.o a_enum.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o a_utf8.o a_utf8.c

@fbartolom
Copy link

/Applications/Xcode.app/Contents/Developer/usr/bin/gcc -arch x86_64 -I. -I.. -I../include -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator7.1.sdk -miphoneos-version-min=7.1 -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o cryptlib.o cryptlib.c
clang: warning: no such sysroot directory: '/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator7.1.sdk'
In file included from cryptlib.c:117:
./cryptlib.h:62:10: fatal error: 'stdlib.h' file not found

include <stdlib.h>

     ^

1 error generated.
make[1]: *** [cryptlib.o] Error 1
make: *** [build_crypto] Error 1

@fbartolom
Copy link

My present problem is importing: openssl/bio.h, Xcode does not seem to find it, even after having included the libraries, and I need it to process the new inApp receipts.

@fbartolom
Copy link

Ok, I fixed it by #import /usr/include/openssl/bio.h, it must have been a problem of path.

@cjkindel
Copy link

cjkindel commented Jul 6, 2015

Anyone able to get the script working for iOS 9 beta? I can't seem to get it properly working but I want to confirm that noone else can get it running.

@Norod
Copy link

Norod commented Jul 29, 2015

I made a fork (https://gist.github.com/Norod/2f3ef9b6e3758dfc1433) with some changes:

  • Updated built OpenSSL version to openssl-1.0.2d
  • The script will now deduce the iOS SDK version by itself
  • Added some additional log traces
  • Embed bitcode (Xcode 7)

If you find anything useful in there, feel free to merge 😄
Thank you for this script! 👍

@parisoe
Copy link

parisoe commented Oct 2, 2015

Where is ./Configure supposed to come from?

@welemski
Copy link

Thanks!

@sidney9111
Copy link

how to use this script? need openssl source code or just dump from macos lib?

@tmmass
Copy link

tmmass commented Jan 2, 2017

When was the last time was updated or even tested..?

This is the 3rd "github" script I've tried...
None of them have worked...

It's virtually identical to 2 other Github openssl / curl projects.

This one makes it to:

Cleaning up
Using openssl-1.1.0c.tar.gz
Unpacking openssl
Building openssl-1.1.0c for i386
-- abruptly ends ---
$ Oh, back to command prompt...

@donaldking
Copy link

For anyone interested. You can try this repo https://github.com/sinofool/build-openssl-ios I've had success with this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment