2003-04-03 20:24:31 +02:00
|
|
|
# makefile for use of: OpenSSH
|
|
|
|
# Date created: 31 May 2002
|
|
|
|
# Whom: dinoex
|
|
|
|
#
|
2004-11-23 07:16:27 +01:00
|
|
|
# $FreeBSD: /tmp/pcvs/ports/Mk/bsd.openssl.mk,v 1.19 2004-11-23 06:16:27 dinoex Exp $
|
2003-04-03 20:24:31 +02:00
|
|
|
#
|
2003-12-05 09:20:51 +01:00
|
|
|
# Use of 'USE_OPENSSL=yes' includes this Makefile after bsd.ports.pre.mk
|
2003-04-03 20:24:31 +02:00
|
|
|
#
|
|
|
|
# the user/port can now set this options in the makefiles.
|
|
|
|
#
|
2003-04-13 13:47:23 +02:00
|
|
|
# WITH_OPENSSL_BASE=yes - Use the version in the base system.
|
|
|
|
# WITH_OPENSSL_PORT=yes - Use the port, even if base if up to date
|
|
|
|
# WITH_OPENSSL_BETA=yes - Use a snapshot of recent openssl
|
2003-04-03 20:24:31 +02:00
|
|
|
#
|
2003-08-30 09:26:04 +02:00
|
|
|
# USE_OPENSSL_RPATH=yes - pass RFLAGS options in CFLAGS,
|
|
|
|
# needed for ports who don't use LDFLAGS
|
|
|
|
#
|
2003-04-16 16:49:26 +02:00
|
|
|
# Overrideable defaults:
|
|
|
|
#
|
|
|
|
# OPENSSL_SHLIBVER= 3
|
|
|
|
# OPENSSL_PORT= security/openssl
|
|
|
|
#
|
2003-04-03 20:24:31 +02:00
|
|
|
# The makefile sets this variables:
|
|
|
|
# OPENSSLBASE - "/usr" or ${LOCALBASE}
|
|
|
|
# OPENSSLDIR - path to openssl
|
|
|
|
# OPENSSLLIB - path to the libs
|
|
|
|
# OPENSSLINC - path to the matching includes
|
2003-08-30 09:26:04 +02:00
|
|
|
# OPENSSLRPATH - rpath for dynamic linker
|
2003-04-03 20:24:31 +02:00
|
|
|
#
|
|
|
|
# MAKE_ENV - extended with the variables above
|
2003-08-30 09:26:04 +02:00
|
|
|
# CONFIGURE_ENV - extended with LDFLAGS
|
2004-04-08 12:01:53 +02:00
|
|
|
# BUILD_DEPENDS - are added if needed
|
|
|
|
# RUN_DEPENDS - are added if needed
|
2003-04-03 20:24:31 +02:00
|
|
|
|
2003-08-27 12:30:40 +02:00
|
|
|
OpenSSL_Include_MAINTAINER= dinoex@FreeBSD.org
|
|
|
|
|
2003-04-13 13:47:23 +02:00
|
|
|
# honor obsolete options for a bit
|
|
|
|
.if defined(USE_OPENSSL_BASE) && !defined(WITH_OPENSSL_BASE)
|
|
|
|
WITH_OPENSSL_BASE=yes
|
|
|
|
.endif
|
|
|
|
.if defined(USE_OPENSSL_PORT) && !defined(WITH_OPENSSL_PORT)
|
|
|
|
WITH_OPENSSL_PORT=yes
|
|
|
|
.endif
|
|
|
|
|
2003-04-03 20:24:31 +02:00
|
|
|
# if no preference was set, check for an up to date base version
|
|
|
|
# but give an installed port preference over it.
|
2003-04-13 13:47:23 +02:00
|
|
|
.if !defined(WITH_OPENSSL_BASE) && \
|
|
|
|
!defined(WITH_OPENSSL_BETA) && \
|
|
|
|
!defined(WITH_OPENSSL_PORT) && \
|
2003-05-07 22:08:00 +02:00
|
|
|
!exists(${LOCALBASE}/lib/libcrypto.so) && \
|
|
|
|
exists(/usr/include/openssl/opensslv.h)
|
2004-03-18 14:30:47 +01:00
|
|
|
# Security: version in base must be 0.9.7d or have fixes
|
|
|
|
# http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssl/crypto/opensslv.h
|
2004-11-23 07:16:27 +01:00
|
|
|
OPENSSLVER!= ${AWK} '/OPENSSL_VERSION_TEXT/ { sub(/-fips/, ""); print $$4; exit }' \
|
2003-04-03 20:24:31 +02:00
|
|
|
/usr/include/openssl/opensslv.h
|
2003-09-03 06:26:36 +02:00
|
|
|
# check for safe versions in the base
|
2004-11-01 15:35:52 +01:00
|
|
|
.if ${OPENSSLVER} != "0.9.7a-p1" && ${OPENSSLVER} != "0.9.7c-p1" && ${OPENSSLVER} != "0.9.7d" && ${OPENSSLVER} != "0.9.7e"
|
2004-05-12 06:58:52 +02:00
|
|
|
check-depends::
|
|
|
|
@${ECHO_CMD} "Dependency warning: used OpenSSL version contains known vulnerabilities"
|
|
|
|
@${ECHO_CMD} "Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT"
|
|
|
|
@${FALSE}
|
2004-05-12 22:22:34 +02:00
|
|
|
.else
|
|
|
|
WITH_OPENSSL_BASE=yes
|
2003-04-03 20:24:31 +02:00
|
|
|
.endif
|
|
|
|
.endif
|
|
|
|
|
2003-04-13 13:47:23 +02:00
|
|
|
.if defined(WITH_OPENSSL_BASE)
|
2003-04-03 20:24:31 +02:00
|
|
|
OPENSSLBASE= /usr
|
|
|
|
OPENSSLDIR= /etc/ssl
|
|
|
|
|
|
|
|
.if !exists(/usr/lib/libcrypto.so)
|
2004-01-20 10:14:10 +01:00
|
|
|
check-depends::
|
|
|
|
@${ECHO_CMD} "Dependency error: this port requires the OpenSSL library, which is part of"
|
2003-04-03 20:24:31 +02:00
|
|
|
@${ECHO_CMD} "the FreeBSD crypto distribution but not installed on your"
|
|
|
|
@${ECHO_CMD} "machine. Please see the \"OpenSSL\" section in the handbook"
|
|
|
|
@${ECHO_CMD} "(at \"http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/openssl.html\", for instance)"
|
|
|
|
@${ECHO_CMD} "for instructions on how to obtain and install the FreeBSD"
|
|
|
|
@${ECHO_CMD} "OpenSSL distribution."
|
|
|
|
@${FALSE}
|
|
|
|
.endif
|
|
|
|
.if exists(${LOCALBASE}/lib/libcrypto.so)
|
2004-01-20 10:14:10 +01:00
|
|
|
check-depends::
|
|
|
|
@${ECHO_CMD} "Dependency error: this port wants the OpenSSL library from the FreeBSD"
|
2003-04-03 20:24:31 +02:00
|
|
|
@${ECHO_CMD} "base system. You can't build against it, while a newer"
|
2004-01-20 10:14:10 +01:00
|
|
|
@${ECHO_CMD} "version is installed by a port."
|
2003-04-13 13:47:23 +02:00
|
|
|
@${ECHO_CMD} "Please deinstall the port or undefine WITH_OPENSSL_BASE."
|
2003-04-03 20:24:31 +02:00
|
|
|
@${FALSE}
|
|
|
|
.endif
|
|
|
|
|
|
|
|
# OpenSSL in the base system may not include IDEA for patent licensing reasons.
|
|
|
|
.if defined(MAKE_IDEA) && !defined(OPENSSL_IDEA)
|
|
|
|
OPENSSL_IDEA= ${MAKE_IDEA}
|
|
|
|
.else
|
|
|
|
OPENSSL_IDEA?= NO
|
|
|
|
.endif
|
|
|
|
|
|
|
|
.if ${OPENSSL_IDEA} == "NO"
|
|
|
|
# XXX This is a hack to work around the fact that /etc/make.conf clobbers
|
|
|
|
# our CFLAGS. It might not be enough for all future ports.
|
|
|
|
.if defined(HAS_CONFIGURE)
|
|
|
|
CFLAGS+= -DNO_IDEA
|
|
|
|
.else
|
|
|
|
OPENSSL_CFLAGS+= -DNO_IDEA
|
|
|
|
.endif
|
|
|
|
MAKE_ARGS+= OPENSSL_CFLAGS="${OPENSSL_CFLAGS}"
|
|
|
|
.endif
|
2003-08-30 09:26:04 +02:00
|
|
|
OPENSSLRPATH= /usr/lib:${LOCALBASE}/lib
|
2003-04-03 20:24:31 +02:00
|
|
|
|
|
|
|
.else
|
|
|
|
|
|
|
|
OPENSSLBASE= ${LOCALBASE}
|
2003-04-13 13:47:23 +02:00
|
|
|
.if defined(WITH_OPENSSL_BETA)
|
2003-04-16 16:49:26 +02:00
|
|
|
OPENSSL_SHLIBVER?= 4
|
|
|
|
OPENSSL_PORT?= security/openssl-beta
|
2003-04-03 20:24:31 +02:00
|
|
|
.else
|
2003-04-16 16:49:26 +02:00
|
|
|
OPENSSL_SHLIBVER?= 3
|
|
|
|
OPENSSL_PORT?= security/openssl
|
2003-04-03 20:24:31 +02:00
|
|
|
.endif
|
2003-04-16 16:49:26 +02:00
|
|
|
OPENSSLDIR= ${OPENSSLBASE}/openssl
|
2004-04-08 07:17:37 +02:00
|
|
|
BUILD_DEPENDS+= ${LOCALBASE}/lib/libcrypto.so.${OPENSSL_SHLIBVER}:${PORTSDIR}/${OPENSSL_PORT}
|
|
|
|
RUN_DEPENDS+= ${LOCALBASE}/lib/libcrypto.so.${OPENSSL_SHLIBVER}:${PORTSDIR}/${OPENSSL_PORT}
|
2003-08-30 09:26:04 +02:00
|
|
|
OPENSSLRPATH= ${LOCALBASE}/lib
|
2003-04-03 20:24:31 +02:00
|
|
|
|
|
|
|
.endif
|
|
|
|
|
|
|
|
OPENSSLLIB= ${OPENSSLBASE}/lib
|
|
|
|
OPENSSLINC= ${OPENSSLBASE}/include
|
2003-08-30 09:26:04 +02:00
|
|
|
|
|
|
|
.if defined(USE_OPENSSL_RPATH)
|
|
|
|
CFLAGS+= -Wl,-rpath,${OPENSSLRPATH}
|
|
|
|
.endif
|
|
|
|
OPENSSL_LDFLAGS+= -rpath=${OPENSSLRPATH}
|
2003-04-03 20:24:31 +02:00
|
|
|
|
2003-08-31 05:28:27 +02:00
|
|
|
.if defined(LDFLAGS)
|
2003-04-16 16:49:26 +02:00
|
|
|
LDFLAGS+=${OPENSSL_LDFLAGS}
|
|
|
|
.else
|
|
|
|
LDFLAGS=${OPENSSL_LDFLAGS}
|
|
|
|
.endif
|
|
|
|
|
2003-08-30 09:26:04 +02:00
|
|
|
CONFIGURE_ENV+= LDFLAGS="${LDFLAGS}"
|
|
|
|
MAKE_ENV+= LDFLAGS="${LDFLAGS}"
|
|
|
|
MAKE_ENV+= OPENSSLLIB=${OPENSSLLIB} OPENSSLINC=${OPENSSLINC} \
|
|
|
|
OPENSSLBASE=${OPENSSLBASE} OPENSSLDIR=${OPENSSLDIR}
|
|
|
|
|
2003-04-03 20:24:31 +02:00
|
|
|
### crypto
|
|
|
|
#RESTRICTED= "Contains cryptography."
|
|
|
|
|