Google Git
Sign in
flutter / third_party / openssl / c74f1eb9bde5c66be3d6685dcc395f39a53add55 / . / INSTALL
blob: e18fdfcf55e2bdfac69104d0aadb4c269be314c3 [file] [log] [blame]
Installing OpenSSL on Unix
--------------------------
[For instructions for compiling OpenSSL on Windows systems, see
INSTALL.W32].
To install OpenSSL, you will need:
* Perl
* C compiler
* A supported operating system
Quick Start
-----------
If you want to just get on with it, do:
sh config [if this fails, go to step 1b below]
make -f Makefile.ssl links
make
make rehash
make test
make install
This will build and install OpenSSL in the default location, which is
/usr/local/ssl. If you want to install it anywhere else, do this
after running ./Configure <system>:
perl util/ssldir.pl /new/install/path
If anything goes wrong, follow the detailed instructions below. If
your operating system is not (yet) supported by OpenSSL, see the
section on porting to a new system.
Installation in Detail
----------------------
1a. Configure OpenSSL for your operation system automatically
Run
sh config
This guesses at your operating system (and compiler, if
necessary) and configures OpenSSL based on this guess. Check the
first line of output to see if it guessed correctly. If it did
not get it correct or you want to use a different compiler then
go to step 1b. Otherwise go to step 2.
1b. Configure OpenSSL for your operating system manually
OpenSSL knows about a range of different operating system, hardware
and compiler combinations. To see the ones it knows about, run
./Configure
Pick a suitable name from the list that matches your system. For
most operating systems there is a choice between using "cc" or
"gcc".
When you have identified your system (and if necessary compiler)
use this name as the argument to ./Configure. For example, a
"linux-elf" user would run:
./Configure linux-elf
If your system is not available, you will have to edit the Configure
program and add the correct configuration for your system.
Configure configures various files by converting an existing .org
file into the real file. If you edit any files, remember that if
a corresponding .org file exists them the next time you run
./Configure your changes will be lost when the file gets
re-created from the .org file. The files that are created from
.org files are:
Makefile.ssl
crypto/des/des.h
crypto/des/des_locl.h
crypto/md2/md2.h
crypto/rc4/rc4.h
crypto/rc4/rc4_enc.c
crypto/rc2/rc2.h
crypto/bf/bf_locl.h
crypto/idea/idea.h
crypto/bn/bn.h
2. Set the install directory
If the install directory will be the default of /usr/local/ssl,
skip to the next stage. Otherwise, run
perl util/ssldir.pl /new/install/path
This configures the installation location into the "install"
target of the top-level Makefile, and also updates some defines
in an include file so that the default certificate directory is
under the proper installation directory. It also updates a few
utility files used in the build process.
3. Build OpenSSL
Now run
make
This will build the OpenSSL libraries (libcrypto.a and libssl.a)
and the OpenSSL binary ("openssl"). The libraries will be built
in the top-level directory, and the binary will be in the "apps"
directory.
4. After a successful build, the libraries should be tested. Run
make rehash
make test
(The first line makes the test certificates in the "certs"
directory accessable via an hash name, which is required for some
of the tests).
5. If everything tests ok, install OpenSSL with
make install
This will create the installation directory (if it does not
exist) and then create the following subdirectories:
bin Contains the openssl binary and a few other utility
programs. It also contains symbolic links so
that openssl commands can be accessed directly
(e.g. so that "s_client" can be used instead of
"openssl s_client").
certs Initially empty, this is the default location
for certificate files.
include Contains the header files needed if you want to
compile programs with libcrypto or libssl.
lib Contains the library files themselves and the
OpenSSL configuration file "openssl.cnf".
private Initially empty, this is the default location
for private key files.
----------------------------------------------------------------------
Additional Compilation Notes
----------------------------
These notes come from SSLeay 0.9.1 and cover some more advanced
facilities (such as building a single makefile for use on Windows
systems).
# Installation of SSLeay.
# It depends on perl for a few bits but those steps can be skipped and
# the top level makefile edited by hand
# When bringing the SSLeay distribution back from the evil intel world
# of Windows NT, do the following to make it nice again under unix :-)
# You don't normally need to run this.
sh util/fixNT.sh # This only works for NT now - eay - 21-Jun-1996
# If you have perl, and it is not in /usr/local/bin, you can run
perl util/perlpath.pl /new/path
# and this will fix the paths in all the scripts. DO NOT put
# /new/path/perl, just /new/path. The build
# environment always run scripts as 'perl perlscript.pl' but some of the
# 'applications' are easier to usr with the path fixed.
# Edit crypto/cryptlib.h, tools/c_rehash, and Makefile.ssl
# to set the install locations if you don't like
# the default location of /usr/local/ssl
# Do this by running
perl util/ssldir.pl /new/ssl/home
# if you have perl, or by hand if not.
# If things have been stuffed up with the sym links, run
make -f Makefile.ssl links
# This will re-populate lib/include with symlinks and for each
# directory, link Makefile to Makefile.ssl
# Setup the machine dependent stuff for the top level makefile
# and some select .h files
# If you don't have perl, this will bomb, in which case just edit the
# top level Makefile.ssl
./Configure 'system type'
# The 'Configure' command contains default configuration parameters
# for lots of machines. Configure edits 5 lines in the top level Makefile
# It modifies the following values in the following files
Makefile.ssl CC CFLAG EX_LIBS BN_MULW
crypto/des/des.h DES_LONG
crypto/des/des_locl.h DES_PTR
crypto/md2/md2.h MD2_INT
crypto/rc4/rc4.h RC4_INT
crypto/rc4/rc4_enc.c RC4_INDEX
crypto/rc2/rc2.h RC2_INT
crypto/bf/bf_locl.h BF_INT
crypto/idea/idea.h IDEA_INT
crypto/bn/bn.h BN_LLONG (and defines one of SIXTY_FOUR_BIT,
SIXTY_FOUR_BIT_LONG, THIRTY_TWO_BIT,
SIXTEEN_BIT or EIGHT_BIT)
Please remember that all these files are actually copies of the file with
a .org extention. So if you change crypto/des/des.h, the next time
you run Configure, it will be runover by a 'configured' version of
crypto/des/des.org. So to make the changer the default, change the .org
files. The reason these files have to be edited is because most of
these modifications change the size of fundamental data types.
While in theory this stuff is optional, it often makes a big
difference in performance and when using assember, it is importaint
for the 'Bignum bits' match those required by the assember code.
A warning for people using gcc with sparc cpu's. Gcc needs the -mv8
flag to use the hardware multiply instruction which was not present in
earlier versions of the sparc CPU. I define it by default. If you
have an old sparc, and it crashes, try rebuilding with this flag
removed. I am leaving this flag on by default because it makes
things run 4 times faster :-)
# clean out all the old stuff
make clean
# Do a make depend only if you have the makedepend command installed
# This is not needed but it does make things nice when developing.
make depend
# make should build everything
make
# fix up the demo certificate hash directory if it has been stuffed up.
make rehash
# test everything
make test
# install the lot
make install
# It is worth noting that all the applications are built into the one
# program, ssleay, which is then has links from the other programs
# names to it.
# The applicatons can be built by themselves, just don't define the
# 'MONOLITH' flag. So to build the 'enc' program stand alone,
gcc -O2 -Iinclude apps/enc.c apps/apps.c libcrypto.a
# Other useful make options are
make makefile.one
# which generate a 'makefile.one' file which will build the complete
# SSLeay distribution with temp. files in './tmp' and 'installable' files
# in './out'
# Have a look at running
perl util/mk1mf.pl help
# this can be used to generate a single makefile and is about the only
# way to generate makefiles for windows.
# There is actually a final way of building SSLeay.
gcc -O2 -c -Icrypto -Iinclude crypto/crypto.c
gcc -O2 -c -Issl -Iinclude ssl/ssl.c
# and you now have the 2 libraries as single object files :-).
# If you want to use the assember code for your particular platform
# (DEC alpha/x86 are the main ones, the other assember is just the
# output from gcc) you will need to link the assember with the above generated
# object file and also do the above compile as
gcc -O2 -DBN_ASM -c -Icrypto -Iinclude crypto/crypto.c
This last option is probably the best way to go when porting to another
platform or building shared libraries. It is not good for development so
I don't normally use it.
To build shared libararies under unix, have a look in shlib, basically
you are on your own, but it is quite easy and all you have to do
is compile 2 (or 3) files.
For mult-threading, have a read of doc/threads.doc. Again it is quite
easy and normally only requires some extra callbacks to be defined
by the application.
The examples for solaris and windows NT/95 are in the mt directory.
have fun
eric 25-Jun-1997
IRIX 5.x will build as a 32 bit system with mips1 assember.
IRIX 6.x will build as a 64 bit system with mips3 assember. It conforms
to n32 standards. In theory you can compile the 64 bit assember under
IRIX 5.x but you will have to have the correct system software installed.