From 9fa7ebd52e062de7e9004e31d25cc8e54eb40294 Mon Sep 17 00:00:00 2001 From: "Dr. David von Oheimb" Date: Sat, 19 Oct 2024 21:24:07 +0200 Subject: [PATCH] fixup! Makefile_{v1,src},OpenSSL_version.{mk,c},README.md: major update with improved diagnostics --- Makefile_src | 59 +++++++------- Makefile_v1 | 195 ++++++++++++++++++++++++++------------------- OpenSSL_version.c | 1 + OpenSSL_version.mk | 91 ++++++++++++++------- README.md | 7 +- cmpossl | 2 +- libsecutils | 2 +- 7 files changed, 216 insertions(+), 141 deletions(-) diff --git a/Makefile_src b/Makefile_src index 326a0d79..78086d63 100644 --- a/Makefile_src +++ b/Makefile_src @@ -1,11 +1,11 @@ #!/bin/make # Optional LPATH defines where to find any pre-installed libsecutils and UTA libraries, e.g., /usr/lib # Optional OPENSSL_DIR defines where to find the OpenSSL installation, defaulting to LPATH/.. if set, else ROOTFS/usr -# Optional OPENSSL_LIB defines where to find the OpenSSL library installation (default: ROOTFS/usr/lib or "."). +# Optional OPENSSL_LIB defines where to find the OpenSSL library installation (default: OPENSSL_DIR/lib or OPENSSL_DIR). # Optional OUT_DIR defines where libgencmp shall be placed, defaulting to LPATH if set, else '.' # BIN_DIR defines where the CLI application shall be placed, unless it is empty or unset. # Optional LIBCMP_INC defines the directory of the libcmp header files, must be non-empty if and only if libcmp is used (USE_LIBCMP). -# All these paths may be absolute or relative to the dir containing this Makefile. +# All paths may be absolute or relative to the directory containing this Makefile. # With USE_LIBCMP, setting STATIC_LIBCMP leads to static linking with libcmp.a . # Optional DEBUG_FLAGS may set to prepend to local CFLAGS and LDFLAGS (default see below). # OSSL_VERSION_QUIRKS maybe be needed to provide for setting OpenSSL compilation version quirks. @@ -49,7 +49,7 @@ ifeq ($(LPATH),) ifeq ($(OUT_DIR),) override OUT_DIR = . endif - OPENSSL_DIR ?= $(ROOTFS)/usr + override OPENSSL_DIR ?= $(ROOTFS)/usr LIBCMP_DIR_=cmpossl LIBCMP_DIR=$(PREFIX)$(LIBCMP_DIR_) SECUTILS_DIR_=libsecutils @@ -58,23 +58,19 @@ else ifeq ($(OUT_DIR),) override OUT_DIR = $(LPATH) endif - OPENSSL_DIR ?= $(LPATH)/.. + override OPENSSL_DIR ?= $(LPATH)/.. SECUTILS_LIB=$(PREFIX)$(LPATH)/libsecutils$(DLL) endif ifeq ($(shell echo $(OPENSSL_DIR) | grep "^/"),) # $(OPENSSL_DIR) is relative path PREFIX_OPENSSL_DIR=$(PREFIX)$(OPENSSL_DIR) - ifeq ($(OPENSSL_LIB),) - override OPENSSL_LIB = $(PREFIX_OPENSSL_DIR) - endif + override OPENSSL_LIB ?= $(PREFIX_OPENSSL_DIR) # OPENSSL_RPATH=$(OPENSSL_DIR) # OPENSSL_RPATH_LIB=$(OPENSSL_DIR) else # $(OPENSSL_DIR) is absolute path PREFIX_OPENSSL_DIR=$(OPENSSL_DIR) - ifeq ($(OPENSSL_LIB),) - override OPENSSL_LIB = $(PREFIX_OPENSSL_DIR)/$(LIB) - endif + override OPENSSL_LIB ?= $(PREFIX_OPENSSL_DIR)/$(LIB) # OPENSSL_RPATH=$(PREFIX_OPENSSL_DIR) # OPENSSL_RPATH_LIB=$(OPENSSL_LIB) endif @@ -84,10 +80,10 @@ OPENSSL_DLLS = *{crypto,ssl}*.dll CC ?= gcc ifdef NDEBUG - DEBUG_FLAGS ?= -O2 + override DEBUG_FLAGS ?= -O2 override DEBUG_FLAGS += -DNDEBUG=1 -Werror else - DEBUG_FLAGS ?= -g -O0 -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all # not every compiler(version) supports -Og + override DEBUG_FLAGS ?= -g -O0 -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all # not every compiler(version) supports -Og endif override CFLAGS += $(DEBUG_FLAGS) -fstack-protector -fno-omit-frame-pointer # override CFLAGS += -std=gnu90 # TODO maybe clean up code and re-enable flag @@ -144,27 +140,32 @@ ifeq ($(LPATH),) # ifeq ($(PREFIX),) # TODO maybe better use absolute path here, as done by CMake override LDFLAGS += -Wl,-rpath,$(OUT_DIR) -Wl,-rpath,$(SECUTILS_DIR) - ifndef NDEBUG - override LDFLAGS += -Wl,-rpath,$(OUT_DIR)/../../../.. -Wl,-rpath,$(OUT_DIR)/../../../../$(SECUTILS_DIR) # for CLI-based tests - endif - ifneq ($(LIBCMP_INC),) - override LDFLAGS += -Wl,-rpath,$(LIBCMP_DIR) - ifndef NDEBUG - override LDFLAGS += -Wl,-rpath,$(OUT_DIR)/../../../../$(LIBCMP_DIR) # for CLI-based tests - endif + ifndef NDEBUG # for CLI-based tests + override LDFLAGS += -Wl,-rpath,$(OUT_DIR)/../../../.. +# not needed due to OUT_DIR set also for libsecutils: +# override LDFLAGS += -Wl,-rpath,$(OUT_DIR)/../../../../$(SECUTILS_DIR) endif +# not needed due to OUT_DIR set also for cmpossl: +# ifneq ($(LIBCMP_INC),) +# override LDFLAGS += -Wl,-rpath,$(LIBCMP_DIR) +# ifndef NDEBUG +# override LDFLAGS += -Wl,-rpath,$(OUT_DIR)/../../../../$(LIBCMP_DIR) # for CLI-based tests +# endif +# endif # endif endif - override LDFLAGS += -L $(SECUTILS_DIR) - ifneq ($(LIBCMP_INC),) - override LDFLAGS += -L $(LIBCMP_DIR) - endif +# not needed due to OUT_DIR set also for libsecutils and cmpossl: +# override LDFLAGS += -L $(SECUTILS_DIR) +# ifneq ($(LIBCMP_INC),) +# override LDFLAGS += -L $(LIBCMP_DIR) +# endif ifeq ($(DEB_TARGET_ARCH),) # not during Debian packaging ifneq ($(PREFIX),) - override LDFLAGS += -Wl,-rpath,$(SECUTILS_DIR_) - ifneq ($(LIBCMP_INC),) - override LDFLAGS += -Wl,-rpath,$(LIBCMP_DIR_) - endif +# not needed due to OUT_DIR set also for libsecutils and cmpossl: +# override LDFLAGS += -Wl,-rpath,$(SECUTILS_DIR_) +# ifneq ($(LIBCMP_INC),) +# override LDFLAGS += -Wl,-rpath,$(LIBCMP_DIR_) +# endif endif endif override LDFLAGS += -L $(OPENSSL_LIB)# -L $(PREFIX_OPENSSL_DIR) @@ -179,7 +180,7 @@ else override LDFLAGS += -L $(LPATH) endif -OUTLIB_ ?= libgencmp +override OUTLIB_= libgencmp OUTLIB=$(OUTLIB_)$(DLL) ifeq ($(OS),MacOS) OUTLIBV=$(OUTLIB_).$(VERSION)$(DLL) diff --git a/Makefile_v1 b/Makefile_v1 index 79839620..cd5e77d2 100644 --- a/Makefile_v1 +++ b/Makefile_v1 @@ -2,16 +2,18 @@ # Optional USE_LIBCMP requires the use of the intermediate libcmp # Optional LPATH defines where to find any pre-installed libsecutils and UTA libraries, e.g., /usr/lib -# Optional OPENSSL_DIR defines where to find the OpenSSL installation with headers at include/openssl (default: will try, e.g., /usr). -# Optional OPENSSL_LIB defines where to find the OpenSSL library installation (default: will try, e.g., OPENSSL_DIR/lib). +# Optional OPENSSL_DIR defines where to find the OpenSSL installation +# with header files at include/openssl (default: will try, e.g., /usr). +# Optional OPENSSL_LIB defines where to find the OpenSSL libraries +# (default: will try, e.g., OPENSSL_DIR/lib). # Optional CFLAGS and LDFLAGS are appended by local settings. # Optional DEBUG_FLAGS may set to prepend to local CFLAGS and LDFLAGS. Also CFLAGS is passed to build goals. # Builds are done in release mode if optional NDEBUG is defined. -# Optional OUT_DIR defines where libsecutils, libgencmp, and (optional) libcmp shall be placed, defaulting to LPATH if set, else '.' +# Optional OUT_DIR defines where libsecutils, libgencmp, and (optional) libcmp shall be placed (default: LPATH if set, otherwise '.'). # Optional BIN_DIR defines where the CLI application shall be placed unless it is empty. It defaults to '.' if unset. # Optional DESTDIR defines a prefix for the installation target directories. -# All these paths may be absolute or relative to the dir containing this Makefile. # Optional OPENSSL specifies the OpenSSL CLI application (including path) to use +# All paths may be absolute or relative to the directory containing this Makefile. # By default, the Insta Demo CA ist used for demonstration purposes. ifeq ($(DEB_BUILD_ARCH),) @@ -57,78 +59,50 @@ VERSION=2.0 # PACKAGENAME=libgencmp # DIRNAME=$(PACKAGENAME)-$(VERSION) -ifeq ($(shell echo $(OUT_DIR) | grep "^/"),) - ifeq ($(OUT_DIR),) - OUT_DIR_REVERSE_DIR= - else # $(OUT_DIR) is relative path, assumed relative to ./ - ifeq ($(OUT_DIR),.) - OUT_DIR_REVERSE_DIR=.. - else - OUT_DIR_REVERSE_DIR=../$(OUT_DIR) - endif - endif -else # $(OUT_DIR) is absolute path - OUT_DIR_REVERSE_DIR=$(OUT_DIR) -endif - -ifeq ($(OPENSSL_DIR),) - OPENSSL_DIR=$(shell $(MAKE) -f OpenSSL_version.mk -s 2>/dev/null --no-print-directory dir) - ifeq ($(OPENSSL_DIR),) - $(error Error determining OPENSSL_DIR) - endif -endif -ifeq ($(OPENSSL_LIB),) - OPENSSL_LIB=$(shell $(MAKE) -f OpenSSL_version.mk -s 2>/dev/null --no-print-directory lib) - ifeq ($(OPENSSL_LIB),) - $(error Error determining OPENSSL_LIB) - endif -endif -HDR_NAME_PATTERN=include/openssl/cmp.h -ifeq ($(wildcard $(OPENSSL_DIR)/$(HDR_NAME_PATTERN)),) - $(error Error: cannot find OpenSSL header file $(OPENSSL_DIR)/$(HDR_NAME_PATTERN)) -endif -LIB_NAME_PATTERN=libcrypto*$(DLL)* -ifeq ($(wildcard $(OPENSSL_LIB)/$(LIB_NAME_PATTERN)),) - $(error Error: cannot find OpenSSL library $(LIB_NAME_PATTERN) at $(OPENSSL_LIB)/) -endif - ifeq ($(LPATH),) - ifeq ($(OUT_DIR),) - override OUT_DIR = . - endif + override OUT_DIR ?= . ifeq ($(BIN_DIR),) override BIN_DIR = . endif # ifneq ($(wildcard $(ROOTFS)/usr/local/include/openssl),) -# OPENSSL_DIR ?= $(ROOTFS)/usr/local -# else - ifeq ($(OPENSSL_DIR),) - override OPENSSL_DIR = /usr - endif +# override OPENSSL_DIR ?= $(ROOTFS)/usr/local # endif + # override OPENSSL_DIR ?= $(ROOTFS)/usr SECUTILS_DIR=libsecutils else - ifeq ($(OUT_DIR),) - override OUT_DIR = $(LPATH) - endif + override OUT_DIR ?= $(LPATH) ifeq ($(BIN_DIR),) override BIN_DIR = $(LPATH) endif - OPENSSL_DIR ?= $(LPATH)/.. + # override OPENSSL_DIR ?= $(LPATH)/.. # SECUTILS and SECUTILS_LIB not needed since pre-installed endif -ifeq ($(shell echo $(OPENSSL_DIR) | grep "^/"),) -# $(OPENSSL_DIR) is relative path, assumed relative to ./ - OPENSSL_REVERSE_DIR=../$(OPENSSL_DIR) -else -# $(OPENSSL_DIR) is absolute path - OPENSSL_REVERSE_DIR=$(OPENSSL_DIR) +ifeq ($(shell echo $(OUT_DIR) | grep "^/"),) + ifeq ($(OUT_DIR),) + OUT_REVERSE_DIR= + else # $(OUT_DIR) is relative path, assumed relative to ./ + ifeq ($(OUT_DIR),.) + OUT_REVERSE_DIR=.. + else + OUT_REVERSE_DIR=../$(OUT_DIR) + endif + endif +else # $(OUT_DIR) is absolute path + OUT_REVERSE_DIR=$(OUT_DIR) endif ifeq ($(shell echo $(DESTDIR) | grep "^/"),) -# $(DESTDIR) is relative path, assumed relative to ./ - DEST_REVERSE_DIR=../$(DESTDIR) + ifeq ($(DESTDIR),) + DEST_REVERSE_DIR= + else + # $(DESTDIR) is relative path, assumed relative to ./ + ifeq ($(DESTDIR),.) + DEST_REVERSE_DIR=.. + else + DEST_REVERSE_DIR=../$(DESTDIR) + endif + endif else # $(DESTDIR) is absolute path DEST_REVERSE_DIR=$(DESTDIR) @@ -136,10 +110,10 @@ endif #override CFLAGS += -DOPENSSL_FUNC=__func__ # workaround for pedantic C compiler #ifdef NDEBUG -# DEBUG_FLAGS ?= -O2 +# override DEBUG_FLAGS ?= -O2 # override DEBUG_FLAGS += -DNDEBUG=1 #else -# DEBUG_FLAGS ?= -g -O0 -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all # not every compiler(version) supports -Og +# override DEBUG_FLAGS ?= -g -O0 -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all # not every compiler(version) supports -Og #endif ifdef NDEBUG SET_NDEBUG=NDEBUG=1 @@ -162,13 +136,63 @@ OPENSSL ?= openssl$(EXE) MAKECMDGOALS ?= default ifneq ($(filter-out doc start stop doc doc_this doc/cmpClient.md doc/cmpClient.1.gz \ clean clean_config clean_all clean_this clean_test clean_submodules clean_openssl clean_uta clean_deb,$(MAKECMDGOALS)),) + + # export OPENSSL_DIR OPENSSL_LIB # gets ignored on MacOS, + # workaround is to explicitly pass them down to recursive calls when needed + GET_DIR=$(MAKE) -f OpenSSL_version.mk --no-print-directory dir OPENSSL_LIB="$(OPENSSL_LIB)" + ifeq ($(OPENSSL_DIR),) + OPENSSL_DIR := $(shell $(GET_DIR) 2>/dev/null) + ifeq ($(OPENSSL_DIR),) + $(shell $(GET_DIR)) + $(error Error determining OPENSSL_DIR) + endif + endif ifeq ($(wildcard $(OPENSSL_DIR)/include/openssl),) + $(shell $(GET_DIR)) $(error cannot find directory '$(OPENSSL_DIR)/include/openssl', check OPENSSL_DIR variable) endif - OPENSSL_VERSION=$(shell $(MAKE) -s 2>/dev/null --no-print-directory -f OpenSSL_version.mk SOURCE=header OPENSSL_DIR="$(OPENSSL_DIR)") - $(info in $(PWD):) - $(info detected OpenSSL directory $(OPENSSL_DIR)) - $(info detected OpenSSL version $(OPENSSL_VERSION)) + HDR_NAME_PATTERN=include/openssl/cmp.h + ifeq ($(wildcard $(OPENSSL_DIR)/$(HDR_NAME_PATTERN)),) + $(error Error: cannot find OpenSSL header file $(OPENSSL_DIR)/$(HDR_NAME_PATTERN)) + endif + # convert to absolute path + override OPENSSL_DIR := $(realpath $(OPENSSL_DIR)) + OPENSSL_REVERSE_DIR=$(OPENSSL_DIR) + + ifeq ($(OPENSSL_LIB),) + GET_LIB=$(MAKE) -f OpenSSL_version.mk -s --no-print-directory lib OPENSSL_DIR="$(OPENSSL_DIR)" + # https://stackoverflow.com/questions/1605623/how-can-i-affect-path-in-a-makefile-variable-why-is-my-example-not-working + # must use ":=" below to avoid error: Recursive variable `OPENSSL_LIB' references itself (eventually) + OPENSSL_LIB := $(shell $(GET_LIB) 2>/dev/null) + ifeq ($(OPENSSL_LIB),) + $(shell $(GET_LIB)) + $(error Error determining OPENSSL_LIB) + endif + endif + LIB_NAME_PATTERN=libcrypto*$(DLL)* + ifeq ($(wildcard $(OPENSSL_LIB)/$(LIB_NAME_PATTERN)),) + $(shell $(GET_LIB)) + $(error Error: cannot find OpenSSL library $(LIB_NAME_PATTERN) at $(OPENSSL_LIB)/) + endif + # convert to absolute path + override OPENSSL_LIB := $(realpath $(OPENSSL_LIB)) + OPENSSL_REVERSE_LIB=$(OPENSSL_LIB) +# ifeq ($(shell echo $(OPENSSL_DIR) | grep "^/"),) +# # $(OPENSSL_DIR) is relative path, assumed relative to ./ +# OPENSSL_REVERSE_DIR=../$(OPENSSL_DIR) +# else +# # $(OPENSSL_DIR) is absolute path +# OPENSSL_REVERSE_DIR=$(OPENSSL_DIR) +# endif +# ifeq ($(shell echo $(OPENSSL_LIB) | grep "^/"),) +# # $(OPENSSL_LIB) is relative path, assumed relative to ./ +# OPENSSL_REVERSE_LIB=../$(OPENSSL_LIB) +# else +# # $(OPENSSL_LIB) is absolute path +# OPENSSL_REVERSE_LIB=$(OPENSSL_LIB) +# endif + + OPENSSL_VERSION=$(shell $(MAKE) -s 2>/dev/null --no-print-directory -f OpenSSL_version.mk SOURCE=header OPENSSL_DIR="$(OPENSSL_DIR)" OPENSSL_LIB="$(OPENSSL_LIB)") ifeq ($(OPENSSL_VERSION),) $(warning WARNING: cannot determine version of OpenSSL in directory '$(OPENSSL_DIR)', assuming 3.0) OPENSSL_VERSION=3.0 @@ -214,7 +238,7 @@ endif # generic CMP Client library and CLI-based client ################################################################ -OUTLIB_ ?= libgencmp +override OUTLIB_= libgencmp OUTLIB=$(OUTLIB_)$(DLL) ifeq ($(OS),MacOS) OUTLIBV=$(OUTLIB_).$(VERSION)$(DLL) @@ -266,7 +290,7 @@ $(SECUTILS_DIR)/src/libsecutils/include: $(MAKE) -f Makefile_v1 update_secutils SECUTILS_LIB=libsecutils$(DLL) -ifeq ($(OUT_DIR_REVERSE_DIR),) +ifeq ($(OUT_REVERSE_DIR),) SECUTILS_OUT_LIB=$(SECUTILS_DIR)/$(SECUTILS_LIB) else SECUTILS_OUT_LIB=$(OUT_DIR)/$(SECUTILS_LIB) @@ -278,7 +302,7 @@ $(SECUTILS_OUT_LIB): update_secutils: git submodule update $(GIT_PROGRESS) --init --depth 1 $(SECUTILS_DIR) build_secutils: # not: update_secutils - $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 -s build_all $(SET_NDEBUG) $(SET_DEBUG_FLAGS) CFLAGS="$(CFLAGS) $(OSSL_VERSION_QUIRKS)" SECUTILS_USE_ICV=$(SECUTILS_USE_ICV) SECUTILS_USE_UTA=$(SECUTILS_USE_UTA) SECUTILS_NO_TLS=$(SECUTILS_NO_TLS) OPENSSL_DIR="$(OPENSSL_DIR)" OPENSSL_LIB="$(OPENSSL_LIB)" OUT_DIR="$(OUT_DIR_REVERSE_DIR)" + $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 -s build_all $(SET_NDEBUG) $(SET_DEBUG_FLAGS) CFLAGS="$(CFLAGS) $(OSSL_VERSION_QUIRKS)" SECUTILS_USE_ICV=$(SECUTILS_USE_ICV) SECUTILS_USE_UTA=$(SECUTILS_USE_UTA) SECUTILS_NO_TLS=$(SECUTILS_NO_TLS) OPENSSL_DIR="$(OPENSSL_REVERSE_DIR)" OPENSSL_LIB="$(OPENSSL_REVERSE_LIB)" OUT_DIR="$(OUT_REVERSE_DIR)" ifdef USE_LIBCMP $(LIBCMP_DIR)/include: @@ -287,7 +311,7 @@ endif ifdef USE_LIBCMP LIBCMP_LIB=libcmp$(DLL) - ifeq ($(OUT_DIR_REVERSE_DIR),) + ifeq ($(OUT_REVERSE_DIR),) LIBCMP_OUT_LIB=$(LIBCMP_DIR)/$(LIBCMP_LIB) else LIBCMP_OUT_LIB=$(OUT_DIR)/$(LIBCMP_LIB) @@ -302,7 +326,7 @@ update_cmpossl: build_cmpossl: # not: update_cmpossl @ # the old way to build with CMP was: buildCMPforOpenSSL ifdef USE_LIBCMP - $(MAKE) -C $(LIBCMP_DIR) -f Makefile_v1 -s build $(SET_NDEBUG) $(SET_DEBUG_FLAGS) CFLAGS="$(CFLAGS)" OPENSSL_DIR="$(OPENSSL_REVERSE_DIR)" OUT_DIR="$(OUT_DIR_REVERSE_DIR)" + $(MAKE) -C $(LIBCMP_DIR) -f Makefile_v1 -s build $(SET_NDEBUG) $(SET_DEBUG_FLAGS) CFLAGS="$(CFLAGS)" OPENSSL_DIR="$(OPENSSL_REVERSE_DIR)" OPENSSL_LIB="$(OPENSSL_REVERSE_LIB)" OUT_DIR="$(OUT_REVERSE_DIR)" PWD=$(PWD)/$(LIBCMP_DIR) endif clean_submodules: @@ -343,11 +367,17 @@ else @sed -i~ -e 's|#cmakedefine USE_LIBCMP|/* #undef USE_LIBCMP */|' $@ endif +ifneq ($(findstring build,$(MAKECMDGOALS))$(findstring default,$(MAKECMDGOALS)),) + $(info Build info: source directory is '$(PWD)') + $(info detected OpenSSL base directory '$(OPENSSL_DIR)') + $(info detected OpenSSL lib directory '$(OPENSSL_LIB)') + $(info detected OpenSSL version $(OPENSSL_VERSION)) +endif build_only: $(GENCMPCLIENT_CONFIG) $(MAKE) -f Makefile_src build OUT_DIR="$(OUT_DIR)" BIN_DIR="$(BIN_DIR)" LIB_NAME="$(OUTLIB)" VERSION="$(VERSION)" $(SET_NDEBUG) $(SET_DEBUG_FLAGS) CFLAGS="$(CFLAGS)" OPENSSL_DIR="$(OPENSSL_DIR)" OPENSSL_LIB="$(OPENSSL_LIB)" LIBCMP_INC="$(LIBCMP_INC)" OSSL_VERSION_QUIRKS="$(OSSL_VERSION_QUIRKS)" INSTALL_DEB_PKGS=$(INSTALL_DEB_PKGS) DEB_TARGET_ARCH=$(DEB_TARGET_ARCH) build_no_tls: - $(MAKE) -C libsecutils -f Makefile_v1 clean_config + $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 clean_config $(MAKE) -f Makefile_v1 build $(SET_NDEBUG) $(SET_DEBUG_FLAGS) CFLAGS="$(CFLAGS)" SECUTILS_NO_TLS=1 .phony: clean_test clean clean_config clean_uta clean_this @@ -365,16 +395,21 @@ OUT_DEV_DOC=Generic_CMP_client_API.pdf clean_this: clean_test $(MAKE) -f Makefile_src -s clean OUT_DIR="$(OUT_DIR)" BIN_DIR="$(BIN_DIR)" LIB_NAME="$(OUTLIB)" VERSION="$(VERSION)" rm -f libgencmp-*.zip - rm -f doc/*.1{,.gz} + rm -f doc/{*.1{,.gz},*.md} +ifeq ($(findstring clean_all,$(MAKECMDGOALS)),) + CLEAN=clean +else + CLEAN=clean_all +endif clean: clean_this clean_config ifeq ($(LPATH),) ifneq ($(wildcard $(SECUTILS_DIR)),) - $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 -s clean OPENSSL_DIR="$(OPENSSL_DIR)" OUT_DIR="$(OUT_DIR_REVERSE_DIR)" || true + $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 -s $(CLEAN) OUT_DIR="$(OUT_REVERSE_DIR)" endif # ifdef USE_LIBCMP # better always try cleaning cmpossl artifacts, which may have been produced earlier with USE_LIBCMP=1 ifneq ($(wildcard $(LIBCMP_DIR)/Makefile_v1),) - $(MAKE) -C $(LIBCMP_DIR) -f Makefile_v1 -s clean OPENSSL_DIR="$(OPENSSL_REVERSE_DIR)" OUT_DIR="$(OUT_DIR_REVERSE_DIR)" + $(MAKE) -C $(LIBCMP_DIR) -f Makefile_v1 -s $(CLEAN) OUT_DIR="$(OUT_REVERSE_DIR)" endif # endif endif @@ -617,7 +652,7 @@ test_all: test_Insta endif test: clean build_no_tls - $(MAKE) -C libsecutils -f Makefile_v1 clean_config + $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 clean_config @$(MAKE) -f Makefile_v1 clean $(OUT_DIR_BIN) demo_Insta $(SET_NDEBUG) $(SET_DEBUG_FLAGS) CFLAGS="$(CFLAGS)" # doc and zip ################################################################## @@ -769,15 +804,15 @@ endif install: remind_admin ifeq ($(LPATH),) ifneq ($(wildcard $(SECUTILS_DIR)),) - $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 doc install OUT_DIR="$(OUT_DIR_REVERSE_DIR)" DESTDIR="$(DEST_REVERSE_DIR)" + $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 doc install OUT_DIR="$(OUT_REVERSE_DIR)" DESTDIR="$(DEST_REVERSE_DIR)" endif ifdef USE_LIBCMP ifneq ($(wildcard $(LIBCMP_DIR)),) - $(MAKE) -C $(LIBCMP_DIR) -f Makefile_v1 install OUT_DIR="$(OUT_DIR_REVERSE_DIR)" DESTDIR="$(DEST_REVERSE_DIR)" + $(MAKE) -C $(LIBCMP_DIR) -f Makefile_v1 install OUT_DIR="$(OUT_REVERSE_DIR)" DESTDIR="$(DEST_REVERSE_DIR)" endif endif endif - mkdir -p $(DEST_LIB) + @mkdir -p $(DEST_LIB) install -D $(OUT_DIR)/$(OUTLIBV) $(DEST_LIB)/ ln -sf $(OUTLIBV) $(DEST_LIB)/$(OUTLIB) ifeq ($(DEB_TARGET_ARCH),) # not during Debian packaging @@ -804,11 +839,11 @@ endif uninstall: remind_admin ifeq ($(LPATH),) ifneq ($(wildcard $(SECUTILS_DIR)),) - $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 uninstall OUT_DIR="$(OUT_DIR_REVERSE_DIR)" DESTDIR="$(DEST_REVERSE_DIR)" + $(MAKE) -C $(SECUTILS_DIR) -f Makefile_v1 uninstall OUT_DIR="$(OUT_REVERSE_DIR)" DESTDIR="$(DEST_REVERSE_DIR)" endif ifdef USE_LIBCMP ifneq ($(wildcard $(LIBCMP_DIR)),) - $(MAKE) -C $(LIBCMP_DIR) -f Makefile_v1 uninstall OUT_DIR="$(OUT_DIR_REVERSE_DIR)" DESTDIR="$(DEST_REVERSE_DIR)" + $(MAKE) -C $(LIBCMP_DIR) -f Makefile_v1 uninstall OUT_DIR="$(OUT_REVERSE_DIR)" DESTDIR="$(DEST_REVERSE_DIR)" endif endif endif diff --git a/OpenSSL_version.c b/OpenSSL_version.c index 332c5c83..532f7007 100644 --- a/OpenSSL_version.c +++ b/OpenSSL_version.c @@ -1,6 +1,7 @@ /*!***************************************************************************** * @file OpenSSL_version.c * @brief OpenSSL version checking utility + * keep this file identical among genCMPClient and CMPforOpenSSL * * @author David von Oheimb, David.von.Oheimb@siemens.com * diff --git a/OpenSSL_version.mk b/OpenSSL_version.mk index 83d19ba7..fb7fdd0b 100644 --- a/OpenSSL_version.mk +++ b/OpenSSL_version.mk @@ -1,7 +1,22 @@ +#!/usr/bin/make +# +# keep this file identical among genCMPClient and CMPforOpenSSL +# +# target can be 'dir' (yielding OPENSSL_DIR), 'lib' (yielding OPENSSL_LIB), +# or by default the OpenSSL version will be detected. In this case: +# SOURCE can be 'app', 'header', a library file path name, or unset +# if 'app' or unset, leads to default behavior: build and run OpenSSL_version +# Optional OPENSSL_DIR defines where to find the OpenSSL installation +# with header files at include/openssl (default: will try, e.g., /usr). +# Optional OPENSSL_LIB defines where to find the OpenSSL libraries +# (default: will try, e.g., OPENSSL_DIR/lib). + +# variables #################################################################### + # https://stackoverflow.com/questions/714100/os-detecting-makefile ifeq ($(OS),Windows_NT) # strange but apparently this string is used also for all later versions OS=Windows - # USERS="\\Users\\" + USERS="\\Users\\" $(warning [DEBUG] OS is $(OS)) DLL = .dll EXE = .exe @@ -9,22 +24,24 @@ else OS = $(shell sh -c 'uname 2>/dev/null || echo Unknown') ifeq ($(shell uname -s),Darwin) OS = MacOS - # USERS="/Users/" + USERS="/Users/" DLL = .dylib $(warning [DEBUG] OS is Darwin ($(OS))) else $(warning [DEBUG] OS is supposed to be Unix-like: $(OS)) - # USERS="/home/" + USERS="/home/" DLL = .so endif EXE = endif -# https://stackoverflow.com/questions/17055773/how-to-synthesize-line-breaks-in-gnu-make-warnings-or-errors -define newline # the following two empty lines are essential +SOURCE ?= app -endef +# determine OPENSSL_DIR and OPENSSL_LIB ######################################## + +ifeq ($(filter-out app header,$(SOURCE))$(filter-out lib dir,$(MAKECMDGOALS)),) +# OPENSSL_DIR and OPENSSL_LIB not needed for detecting version from library file ifeq ($(OPENSSL_DIR),) # for convenience, use heuristics to determine OPENSSL_DIR ifeq ($(OS),MacOS) @@ -33,7 +50,7 @@ ifeq ($(OPENSSL_DIR),) # for convenience, use heuristics to determine OPENSSL_DI SYSTEM_INCLUDE_OPENSSL=/usr/include/openssl endif OPENSSL_INCLUDE_DIR = $(realpath $(SYSTEM_INCLUDE_OPENSSL)) - OPENSSL_DIR = $(realpath $(OPENSSL_INCLUDE_DIR)/../..) + override OPENSSL_DIR = $(realpath $(OPENSSL_INCLUDE_DIR)/../..) $(warning [DEBUG] OPENSSL_DIR is detected as $(OPENSSL_DIR)) else $(warning [DEBUG] OPENSSL_DIR is set to $(OPENSSL_DIR)) @@ -45,35 +62,38 @@ else LIB = lib endif -ifeq ($(OPENSSL_DIR),) - $(warning Warning: OPENSSL_DIR is emtpy or not set, and was unable to determine it, trying to continue anyway) +ifeq ($(OPENSSL_DIR),) # due to the above, always false + $(warning Warning: OPENSSL_DIR is empty or not set, and was unable to determine it, trying to continue anyway) else LIB_NAME_PATTERN=libcrypto*$(DLL)* OPENSSL_FULL_DIR = $(realpath $(OPENSSL_DIR)) - $(warning [DEBUG] OPENSSL_DIR expands to $(OPENSSL_FULL_DIR)) + ifneq ($(OPENSSL_FULL_DIR),$(OPENSSL_DIR)) + $(warning [DEBUG] OPENSSL_DIR expands to $(OPENSSL_FULL_DIR)) + endif ifeq ($(OPENSSL_FULL_DIR),) $(error OPENSSL_DIR appears to be an invalid path: $(OPENSSL_DIR)) endif ifeq ($(OPENSSL_LIB),) # for convenience, use heuristics to determine OPENSSL_LIB - OPENSSL_LIB = $(OPENSSL_DIR)/$(LIB) + override OPENSSL_LIB = $(OPENSSL_DIR)/$(LIB) ifeq ($(wildcard $(OPENSSL_LIB)/$(LIB_NAME_PATTERN)),) - $(warning Warning: cannot find OpenSSL libraries at determined location $(OPENSSL_LIB), now trying OPENSSL_DIR) - OPENSSL_LIB = $(OPENSSL_DIR) + $(warning Warning: cannot find OpenSSL libraries at determined typical location $(OPENSSL_LIB), now trying OPENSSL_DIR) + override OPENSSL_LIB = $(OPENSSL_DIR) ifeq ($(wildcard $(OPENSSL_LIB)/$(LIB_NAME_PATTERN)),) ifeq ($(OS),Linux) - OPENSSL_LIB_ = $(OPENSSL_LIB) - OPENSSL_LIB = $(wildcard /lib/*linux-gnu*) - $(warning Warning: cannot find OpenSSL libraries at $(OPENSSL_LIB_), now trying $(OPENSSL_LIB)) + ifeq ($(shell echo $(OPENSSL_FULL_DIR) | grep -E '^/(home|Users)'),) + override OPENSSL_LIB = $(wildcard /lib/*linux-gnu*) + $(warning Warning: cannot find OpenSSL libraries at $(OPENSSL_DIR), now trying $(OPENSSL_LIB)) + endif endif endif endif else ifeq ($(wildcard $(OPENSSL_LIB)/$(LIB_NAME_PATTERN)),) $(warning Warning: cannot find OpenSSL libraries at given OPENSSL_LIB $(OPENSSL_LIB), now trying OPENSSL_DIR) - OPENSSL_LIB = $(OPENSSL_DIR) + override OPENSSL_LIB = $(OPENSSL_DIR) endif endif - # ifeq ($(shell echo $(OPENSSL_FULL_DIR) | grep $(USERS)),) + # ifeq ($(findstring $(USERS),$(OPENSSL_FULL_DIR)),) # $(warning [DEBUG] OPENSSL_DIR is assumed to be an installation directory) # else # $(warning [DEBUG] OPENSSL_DIR is assumed to be a local build directory) @@ -82,12 +102,22 @@ else $(warning Warning: cannot find OpenSSL library $(LIB_NAME_PATTERN) at $(OPENSSL_LIB)/, trying to continue anyway) endif endif +endif # eq ($(filter-out app header,$(SOURCE))$(filter-out lib dir,$(MAKECMDGOALS)),) + + +# detect version ############################################################### + +# https://stackoverflow.com/questions/17055773/how-to-synthesize-line-breaks-in-gnu-make-warnings-or-errors +define newline # the following two empty lines are essential + + +endef ifneq ($(MAKECMDGOALS),dir) ifneq ($(MAKECMDGOALS),lib) $(warning [DEBUG] parameter SOURCE=$(SOURCE)) -ifeq ($(SOURCE),) - $(warning [DEBUG] SOURCE is empty (default)) +ifeq ($(SOURCE),app) + $(warning [DEBUG] SOURCE is app or unset (default)) LDFLAGS += -L$(OPENSSL_LIB) -Wl,-rpath,$(OPENSSL_LIB) CFLAGS += -isystem $(OPENSSL_DIR)/include @@ -169,12 +199,15 @@ else # $(SOURCE) is name of library file (libcrypto or libsecutils or libcmp) $(warning [TRACE] OPENSSL_VERSION=$(OPENSSL_VERSION)) endif # $(SOURCE) -endif #neq ($(MAKECMDGOALS),lib +endif #neq ($(MAKECMDGOALS),lib) endif #neq ($(MAKECMDGOALS),dir) -.PHONY: detect # must be the first rule in this sequence + +# report result ################################################################ + +.PHONY: detect # must be the first rule in this sequence to make it the default detect: -ifneq ($(SOURCE),) +ifneq ($(SOURCE),app) ifeq ($(shell echo "$(OPENSSL_VERSION)" | grep -E '^[[:digit:]]+(\.[[:digit:]]+)*$$'),) $(error Error detecting OpenSSL version from $(SOURCE)) endif @@ -183,17 +216,21 @@ endif .PHONY: dir dir: - ifeq ($(OPENSSL_DIR),) +ifeq ($(MAKECMDGOALS),dir) + ifeq ($(realpath $(OPENSSL_DIR)),) $(error Error determining OPENSSL_DIR) endif - @echo "$(OPENSSL_DIR)" +endif + @echo "$(realpath $(OPENSSL_DIR))" .PHONY: lib lib: fix_lib - ifeq ($(OPENSSL_LIB),) +ifeq ($(MAKECMDGOALS),dir) + ifeq ($(realpath $(OPENSSL_LIB)),) $(error Error determining OPENSSL_LIB) endif - @echo "$(OPENSSL_LIB)" +endif + @echo "$(realpath $(OPENSSL_LIB))" .PHONY: fix_lib fix_lib: diff --git a/README.md b/README.md index 2925a116..c3b13a02 100644 --- a/README.md +++ b/README.md @@ -189,7 +189,7 @@ including the C header files needed for development By default any OpenSSL installation available on the system is used. It is recommended to set the optional environment variable `OPENSSL_DIR` to specify -the absolute (or relative to `./`) path of the OpenSSL installation to use, +the absolute or relative path of the OpenSSL installation to use, or some heuristics will try to detect the location. This must point to the location in the file system from which the subdirectory `include/openssl` is directly accessible with this relative path name.\ @@ -197,6 +197,9 @@ In case its libraries are in a different location than in the subdirectory `lib` it is recommended to set also `OPENSSL_LIB`, or some heuristics will try to detect the location. +For all environment variables specifying a directory, relative paths such as `.` +are interpreted relative to the genCMPClient source directory. + ### Linux Here are examples for Linux: @@ -275,8 +278,6 @@ It defaults to the base directory of the respective library. If the environment variable `BIN_DIR` is not empty, the the CLI application `cmpClient` will be built and placed in `BIN_DIR`. If the variable is unset, `.` is used by default. -For all path variables, relative paths such as `.` are interpreted -relative to the directory of the genCMPClient module. The CC environment variable may be set as needed; it defaults to `gcc`. It is also possible to statically link with `libcmp.a`, by setting `STATIC_LIBCMP=1`. For further details on optional environment variables, diff --git a/cmpossl b/cmpossl index 27514484..9bec8326 160000 --- a/cmpossl +++ b/cmpossl @@ -1 +1 @@ -Subproject commit 275144848ea06c8c2e6ebb1efc1ab8b17229fbf5 +Subproject commit 9bec83265648fdce0d7435a10df76105161bfdbc diff --git a/libsecutils b/libsecutils index 7215ac31..d0750e81 160000 --- a/libsecutils +++ b/libsecutils @@ -1 +1 @@ -Subproject commit 7215ac31038f59471c0d868274356f73bbca4019 +Subproject commit d0750e81900b5ad0606b22ce631125623a0a7c1d