Last active
March 22, 2024 11:33
-
-
Save sunnyyoung/68450a1988d7649afa68a3fe2b70c05f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# shellcheck disable=2016,2046,SC2086 | |
VERSION="20220613" | |
SRC=$(pwd)/boringssl | |
DST=$(pwd)/boringssl.builds | |
PLATFORMS="macosx iphoneos iphonesimulator appletvos appletvsimulator xros xrsimulator" | |
set -e | |
echo "Checking out boringssl..." | |
if [ -d "$SRC" ] || [ -d "$DST" ]; then | |
echo "Source or Destination folder not empty." && exit 1 | |
else | |
git clone https://boringssl.googlesource.com/boringssl --depth 1 --branch fips-$VERSION | |
fi | |
echo "Patching boringssl..." | |
echo ' | |
diff --git a/CMakeLists.txt b/CMakeLists.txt | |
index aadcb9b..ee78304 100644 | |
--- a/CMakeLists.txt | |
+++ b/CMakeLists.txt | |
@@ -149,7 +149,7 @@ if(CMAKE_COMPILER_IS_GNUCXX OR CLANG) | |
set(C_CXX_FLAGS "${C_CXX_FLAGS} -ggdb") | |
endif() | |
- set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wall -fvisibility=hidden -fno-common") | |
+ set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wall -fno-common") | |
endif() | |
if(CLANG) | |
diff --git a/include/openssl/asn1_mac.h b/include/openssl/asn1_mac.h | |
index 666e569..45a1a6c 100644 | |
--- a/include/openssl/asn1_mac.h | |
+++ b/include/openssl/asn1_mac.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "asn1.h" | |
+#include <openssl/asn1.h> | |
diff --git a/include/openssl/buffer.h b/include/openssl/buffer.h | |
index c6b721c..d497bd5 100644 | |
--- a/include/openssl/buffer.h | |
+++ b/include/openssl/buffer.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "buf.h" | |
+#include <openssl/buf.h> | |
diff --git a/include/openssl/cpu.h b/include/openssl/cpu.h | |
index d865020..107bd5b 100644 | |
--- a/include/openssl/cpu.h | |
+++ b/include/openssl/cpu.h | |
@@ -15,4 +15,4 @@ | |
// This header is provided for compatibility with older revisions of BoringSSL. | |
// TODO(davidben): Remove this header. | |
-#include "crypto.h" | |
+#include <openssl/crypto.h> | |
diff --git a/include/openssl/err.h b/include/openssl/err.h | |
index 28ba250..f51f0aa 100644 | |
--- a/include/openssl/err.h | |
+++ b/include/openssl/err.h | |
@@ -427,13 +427,13 @@ OPENSSL_EXPORT void ERR_clear_system_error(void); | |
// OPENSSL_PUT_ERROR is used by OpenSSL code to add an error to the error | |
// queue. | |
#define OPENSSL_PUT_ERROR(library, reason) \ | |
- ERR_put_error(ERR_LIB_##library, 0, reason, __FILE__, __LINE__) | |
+ ERR_put_error(ERR_LIB_##library, 0, reason, __FILE_NAME__, __LINE__) | |
// OPENSSL_PUT_SYSTEM_ERROR is used by OpenSSL code to add an error from the | |
// operating system to the error queue. | |
// TODO(fork): include errno. | |
#define OPENSSL_PUT_SYSTEM_ERROR() \ | |
- ERR_put_error(ERR_LIB_SYS, 0, 0, __FILE__, __LINE__); | |
+ ERR_put_error(ERR_LIB_SYS, 0, 0, __FILE_NAME__, __LINE__); | |
// ERR_put_error adds an error to the error queue, dropping the least recent | |
// error if necessary for space reasons. | |
diff --git a/include/openssl/evp.h b/include/openssl/evp.h | |
index e195907..d78d009 100644 | |
--- a/include/openssl/evp.h | |
+++ b/include/openssl/evp.h | |
@@ -1038,7 +1038,7 @@ OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY(EC_KEY **out, const uint8_t **inp, | |
// need for them over time. | |
#define EVPerr(function, reason) \ | |
- ERR_put_error(ERR_LIB_EVP, 0, reason, __FILE__, __LINE__) | |
+ ERR_put_error(ERR_LIB_EVP, 0, reason, __FILE_NAME__, __LINE__) | |
// Private structures. | |
diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h | |
index e7ccadc..fe16627 100644 | |
--- a/include/openssl/obj_mac.h | |
+++ b/include/openssl/obj_mac.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "nid.h" | |
+#include <openssl/nid.h> | |
diff --git a/include/openssl/objects.h b/include/openssl/objects.h | |
index dd6556f..bd18ee3 100644 | |
--- a/include/openssl/objects.h | |
+++ b/include/openssl/objects.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "obj.h" | |
+#include <openssl/obj.h> | |
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h | |
index a3555d4..c7b90a6 100644 | |
--- a/include/openssl/opensslv.h | |
+++ b/include/openssl/opensslv.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "crypto.h" | |
+#include <openssl/crypto.h> | |
diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h | |
index c2b3fe7..b0f4591 100644 | |
--- a/include/openssl/ossl_typ.h | |
+++ b/include/openssl/ossl_typ.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "base.h" | |
+#include <openssl/base.h> | |
diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h | |
index b5e9516..be0774a 100644 | |
--- a/include/openssl/pkcs12.h | |
+++ b/include/openssl/pkcs12.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "pkcs8.h" | |
+#include <openssl/pkcs8.h> | |
diff --git a/include/openssl/srtp.h b/include/openssl/srtp.h | |
index 39f6a85..c7b964d 100644 | |
--- a/include/openssl/srtp.h | |
+++ b/include/openssl/srtp.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "ssl.h" | |
+#include <openssl/ssl.h> | |
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h | |
index f0ca7f7..206e8cd 100644 | |
--- a/include/openssl/ssl.h | |
+++ b/include/openssl/ssl.h | |
@@ -5110,7 +5110,7 @@ OPENSSL_EXPORT uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *cipher); | |
// need for them over time. | |
#define SSLerr(function, reason) \ | |
- ERR_put_error(ERR_LIB_SSL, 0, reason, __FILE__, __LINE__) | |
+ ERR_put_error(ERR_LIB_SSL, 0, reason, __FILE_NAME__, __LINE__) | |
// Preprocessor compatibility section (hidden). | |
diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h | |
index 04bc8dd..38fde75 100644 | |
--- a/include/openssl/x509_vfy.h | |
+++ b/include/openssl/x509_vfy.h | |
@@ -15,4 +15,4 @@ | |
/* This header is provided in order to make compiling against code that expects | |
OpenSSL easier. */ | |
-#include "x509.h" | |
+#include <openssl/x509.h> | |
' > boringssl.patch | |
git -C "$SRC" apply ../boringssl.patch | |
for PLATFORM in $PLATFORMS; do | |
case $PLATFORM in | |
macosx) | |
DEPLOYMENT_TARGET=10.11 | |
ARCHS="arm64 x86_64" | |
;; | |
iphoneos) | |
DEPLOYMENT_TARGET=9.0 | |
ARCHS="arm64" | |
;; | |
iphonesimulator) | |
DEPLOYMENT_TARGET=9.0 | |
ARCHS="arm64 x86_64" | |
;; | |
appletvos) | |
DEPLOYMENT_TARGET=9.0 | |
ARCHS="arm64" | |
;; | |
appletvsimulator) | |
DEPLOYMENT_TARGET=9.0 | |
ARCHS="arm64 x86_64" | |
;; | |
xros) | |
DEPLOYMENT_TARGET=1.0 | |
ARCHS="arm64" | |
;; | |
xrsimulator) | |
DEPLOYMENT_TARGET=1.0 | |
ARCHS="arm64 x86_64" | |
;; | |
esac | |
for ARCH in $ARCHS; do | |
echo "Building for $PLATFORM-$ARCH..." | |
cmake \ | |
-DCMAKE_BUILD_TYPE=Release \ | |
-DCMAKE_OSX_SYSROOT="$PLATFORM" \ | |
-DCMAKE_OSX_DEPLOYMENT_TARGET="$DEPLOYMENT_TARGET" \ | |
-DCMAKE_OSX_ARCHITECTURES="$ARCH" \ | |
-GXcode \ | |
-S "$SRC" \ | |
-B "$DST/$PLATFORM-$ARCH" | |
pushd "$DST/$PLATFORM-$ARCH" | |
xcodebuild \ | |
-project BoringSSL.xcodeproj \ | |
-target ALL_BUILD \ | |
-configuration Release \ | |
CODE_SIGNING_ALLOWED=NO \ | |
GCC_WARN_INHIBIT_ALL_WARNINGS=YES \ | |
clean \ | |
build | |
cmake --install . --prefix . | |
popd | |
done | |
mkdir -p "$DST/libs/$PLATFORM" | |
libtool -static $(find $DST/$PLATFORM-*/lib -name libssl.a -o -name libcrypto.a -o -name libdecrepit.a) -o "$DST/libs/$PLATFORM/libopenssl.a" | |
done | |
echo "Copying headers..." | |
rsync -a \ | |
--include="*/" \ | |
--include="*.h" \ | |
--exclude='*' \ | |
"$SRC/include" \ | |
"$DST" | |
echo "Creating xcframework..." | |
pushd "$DST" | |
XCFRAMEWORK_ARGS="" | |
for PLATFORM in $PLATFORMS; do | |
XCFRAMEWORK_ARGS="$XCFRAMEWORK_ARGS -library $DST/libs/$PLATFORM/libopenssl.a -headers $SRC/include" | |
done | |
xcodebuild -create-xcframework $XCFRAMEWORK_ARGS -output libopenssl.xcframework | |
zip -ry9 libopenssl.xcframework.zip libopenssl.xcframework | |
popd | |
echo "Creating framework..." | |
echo " | |
name: boringssl | |
options: | |
deploymentTarget: | |
macOS: 10.11 | |
iOS: 9.0 | |
tvOS: 9.0 | |
visionOS: 1.0 | |
targets: | |
openssl: | |
type: framework | |
supportedDestinations: [ | |
macOS, | |
iOS, | |
tvOS, | |
visionOS | |
] | |
settings: | |
DEFINES_MODULE: NO | |
SKIP_INSTALL: NO | |
CODE_SIGNING_ALLOWED: NO | |
GENERATE_INFOPLIST_FILE: YES | |
BUILD_LIBRARY_FOR_DISTRIBUTION: YES | |
OTHER_LDFLAGS: -all_load | |
MARKETING_VERSION: $VERSION | |
PRODUCT_BUNDLE_IDENTIFIER: framework.openssl | |
sources: | |
- path: include | |
buildPhase: headers | |
headerVisibility: public | |
dependencies: | |
- framework: libopenssl.xcframework | |
aggregateTargets: | |
aggregate: | |
buildScripts: | |
- name: Create xcframework | |
script: | | |
xcodebuild archive \ | |
-scheme openssl \ | |
-destination 'generic/platform=macOS' \ | |
-archivePath Archives/openssl_macOS.xcarchive | |
xcodebuild archive \ | |
-scheme openssl \ | |
-destination 'generic/platform=iOS' \ | |
-archivePath Archives/openssl_iOS.xcarchive | |
xcodebuild archive \ | |
-scheme openssl \ | |
-destination 'generic/platform=iOS Simulator' \ | |
-archivePath Archives/openssl_iOS_Simulator.xcarchive | |
xcodebuild archive \ | |
-scheme openssl \ | |
-destination 'generic/platform=tvOS' \ | |
-archivePath Archives/openssl_tvOS.xcarchive | |
xcodebuild archive \ | |
-scheme openssl \ | |
-destination 'generic/platform=tvOS Simulator' \ | |
-archivePath Archives/openssl_tvOS_Simulator.xcarchive | |
xcodebuild archive \ | |
-scheme openssl \ | |
-destination 'generic/platform=visionOS' \ | |
-archivePath Archives/openssl_visionOS.xcarchive | |
xcodebuild archive \ | |
-scheme openssl \ | |
-destination 'generic/platform=visionOS Simulator' \ | |
-archivePath Archives/openssl_visionOS_Simulator.xcarchive | |
xcodebuild -create-xcframework \ | |
-archive 'Archives/openssl_macOS.xcarchive' -framework openssl.framework \ | |
-archive 'Archives/openssl_iOS.xcarchive' -framework openssl.framework \ | |
-archive 'Archives/openssl_iOS_Simulator.xcarchive' -framework openssl.framework \ | |
-archive 'Archives/openssl_tvOS.xcarchive' -framework openssl.framework \ | |
-archive 'Archives/openssl_tvOS_Simulator.xcarchive' -framework openssl.framework \ | |
-archive 'Archives/openssl_visionOS.xcarchive' -framework openssl.framework \ | |
-archive 'Archives/openssl_visionOS_Simulator.xcarchive' -framework openssl.framework \ | |
-output openssl.xcframework | |
" > "$DST/project.yml" | |
pushd "$DST" | |
xcodegen && xcodebuild build -scheme aggregate | |
zip -ry9 openssl.xcframework.zip openssl.xcframework | |
popd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment