-
-
Save geoff-nixon/cb894defa60705d2b522 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env sh -x # put this in openssl-REV/MacOS and ./MacOS/X.sh | |
CLANGV=$(clang -v 2>&1 | head -1 | grep 3. | sed -e's|.*3\.\(.\).*|\1|') || : | |
[ $(uname -r|cut -c 1-2) -lt 11 ] && echo "OS version too old." >&2 && exit 1 | |
# [ $CLANGV -lt 4 ] && echo "Clang 3.4+ is required." >&2 && exit 1 | |
[ ! -d MacOS ] && echo "Execute from OpenSSL base directory." >&2 && exit 1 | |
BASE=$PWD; export PATH="$BASE:$PATH" | |
RAND=$(od -XN16 </dev/urandom | sed -e's| ||g' -e's|^0000000.||' | head -1) | |
export MAKEFLAGS="-j $(sysctl -n hw.ncpu)" | |
# export CFLAGS="-Ofast -flto -fvectorize -fslp-vectorize" | |
# export CFLAGS="$CFLAGS -fslp-vectorize-aggressive -fPIC -g0" | |
export CFLAGS="$CFLAGS -Wno-unused-const-variable -Qunused-arguments" | |
export CFLAGS="$CFLAGS -Wno-unused-command-line-argument-hard-error-in-future" | |
export CC=clang; export CPPFLAGS=$CFLAGS | |
if [ -"$PREFIX"- = -""- ]; then # mkdir -p /usr/local/bin 2>/dev/null | |
# [ -w /usr/local/bin ] && PREFIX=/usr/local || PREFIX=/tmp/openssl | |
# echo "PREFIX is unset; using $PREFIX." >&2 | |
: | |
fi; ACTUALPREFIX=$PREFIX; PREFIX=/tmp/openssl | |
OPENSSLDIR="$PREFIX/etc/openssl" | |
# EXPERIMENTAL="experimental-jpake experimental-multiblock experimental-store" | |
SSLFLAGS="threads zlib enable-md2 enable-rc5 enable-rfc3779 enable-ssl-trace" | |
BASEFLAGS="--prefix=$PREFIX --openssldir=$OPENSSLDIR $SSLFLAGS $EXPERIMENTAL" | |
FLAGS32="$BASEFLAGS darwin-i386-cc" | |
FLAGS64="$BASEFLAGS enable-ec_nistp_64_gcc_128 darwin64-x86_64-cc" | |
envshebang(){ for script in $(find * -type f | xargs grep -l \/bin\/sh); do | |
sed -i '' 's|\/bin\/sh|\/usr\/bin\/env sh|' "$script" 2>/dev/null; done ;} | |
fixmakedepend(){ cd "$BASE" # Easier than a patch. | |
echo 'H4sIAHDEKFMCA2VQy06DQBTd+xVHmFg1DiMLV4jGADHGtjRtFyZGzRSmhUgHAtPWRP13L6 | |
Ktj9XcyXncc4+9L1ZNLWa5Fkqv0WR7to3JqqrK2iAppF5AIJT1Jtc43GR5kiGTDSRmMsVSPqtUVU | |
qnIFiUlRF3rtuaHTl7wD04CwIOH5zjAQcHCAI/SQiZxiOfuR6ty+fGI6LFXIt4Fh+EVkf9hNphcH | |
UbhdEoGoYk2SJkklQYUIB5Xqjt4DRyrTyYckVBGa0Rz/XszMk8yHrR+JZFOrqCFPdgNvjC4BQPHt | |
LyO8R+m4J/hehErH1A4DZwWmpFTo1KwRV64tFGGGMYTxFG/WgaOcfihKU9nO8SXuwymmVFYpVkJX | |
p/hG1Tbav4qrV7GpQauXF6uPhnQw2Dh4ipoMmk/xTGN8Prp11n4AN0+f9I8fYG9ZIbuK3J6yga99 | |
+7xlYmL0RSKKl5t96pih+XfIp/eGm1IYdx4LNLD/USfP6L6mG5/kXefrxuPxsHH9YplO2FAgAA'| | |
base64 -D | gzcat > ./util/domd; chmod +x ./util/domd ;} | |
alias makelibs=: # comment out for homebrew | |
# makelibs(){ cd "$BASE/MacOS"; echo 'Getting mksh, bmake, and zlib...' >&2 | |
# curl -L\# https://www.mirbsd.org/MirOS/dist/mir/mksh/mksh-R49.tgz | tar x | |
# curl -L\# http://www.crufty.net/ftp/pub/sjg/bmake.tar.gz | tar x | |
# curl -L\# http://zlib.net/zlib-1.2.8.tar.gz | tar x; mv zlib* zlib | |
# cd mksh; sh Build.sh -Q -r 2>/dev/null | |
# cp mksh ../..; cd ../..; ln -s mksh sh | |
# cd "$BASE"; envshebang; cd MacOS/bmake; ./boot-strap --prefix=$PWD --install | |
# cd "$BASE"; #ln -s MacOS/bmake/bin/bmake .; ln -s make make | |
# cd MacOS/zlib; ./configure --static; make; mv libz.a .libz.a; XCC=$CC | |
# CC="$CC -m32"; make distclean; ./configure --static; make; CC=$XCC | |
# lipo -create libz.a .libz.a -output $BASE/libz.a; cd $BASE | |
# } | |
doit(){ set -ex; sh -c "./Configure $FLAGS" | |
make depend && make -j1 build_libs && make && make -j 1 test; set +e ;} | |
thirtytwo()( export CPPFLAGS="$CPPFLAGS -fno-slp-vectorize-aggressive" | |
cd "$BASE/32"; FLAGS=$FLAGS32; doit ;) | |
sixtyfour()( cd "$BASE"; FLAGS=$FLAGS64; doit ;) | |
cd "$BASE"; fixmakedepend; makelibs; mkdir -p /tmp/$RAND | |
tar -cf - -C . . | tar -xpf - -C /tmp/$RAND; mv /tmp/$RAND 32 | |
sixtyfour & thirtytwo | |
wait && make -j 1 install | |
cd "$OPENSSLDIR/certs" | |
cert=/Library/Keychains/System.keychain | |
security find-certificate -ap "$cert" > cert.pem | |
cert=/System/Library/Keychains/SystemRootCertificates.keychain | |
security find-certificate -ap "$cert" >> cert.pem | |
cd "$BASE/32"; for lib in libcrypto.a libssl.a; do | |
lipo -create $lib "$PREFIX/lib/$lib" -output "$PREFIX/lib/$lib" | |
done | |
lipo -create apps/openssl "$PREFIX/bin/openssl" -output "$PREFIX/bin/openssl" | |
for pc in $(ls $PREFIX/lib/pkgconfig/*); do | |
sed -i '' "s|prefix=.*|prefix=$ACTUALPREFIX|" "$pc" | |
sed -i '' 's|Libs: |Libs: -L${libdir}/openssl -lz |' "$pc" | |
sed -i '' 's|-beta.*||' "$pc" 2>/dev/null || : | |
done | |
cd "$PREFIX"; rm -rf ssl; mkdir -p share; mv "$OPENSSLDIR/man" share | |
# mkdir -p "$PREFIX/etc"; mv "$OPENSSLDIR" "$PREFIX/etc/openssl" | |
# mkdir -p "$PREFIX/lib/openssl"; cp "$BASE/libz.a" "$PREFIX/lib/openssl" | |
# mv "$PREFIX/bin" "$PREFIX/sbin"; mkdir "$PREFIX/bin"; cd "$PREFIX/bin" | |
# | |
# for bin in c_rehash openssl; do | |
# fprint(){ command printf "$@\n" >> "$bin" ;} | |
# fprint '#!/usr/bin/env sh' | |
# fprint | |
# fprint 'DIR="$(dirname $0)"; WHAT="$DIR/../sbin/$(basename "$0")"' | |
# fprint "OPENSSLDIR=$OPENSSLDIR" | |
# fprint | |
# fprint '[ ! -e "$OPENSSLDIR" ] && cp -R "$DIR/../etc/openssl" "$OPENSSLDIR"' | |
# fprint | |
# fprint 'COMMAND=exec; [ ! -$ARCHPREFERENCE- = -- ] &&' | |
# fprint '[ -x "$(command -v "$WHAT")" ] && file -b "$(command -v "$WHAT")" |' | |
# fprint ' grep -q Mach && COMMAND="$COMMAND /usr/bin/arch -$ARCHPREFERENCE"' | |
# fprint | |
# fprint '$COMMAND "$WHAT" "$@"' | |
# fprint | |
# done | |
# chmod +x *; xattr -rc "$PREFIX" >/dev/null 2>&1; mkdir -p "$ACTUALPREFIX" | |
# tar -cf - -C "$PREFIX" . | tar --numeric-owner -xpf - -C "$ACTUALPREFIX" | |
cd "$ACTUALPREFIX/bin"; ./c_rehash | |
# rm -rf "$PREFIX" "$OPENSSLDIR"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment