-
Notifications
You must be signed in to change notification settings - Fork 8
/
Makefile_src
274 lines (246 loc) · 9.36 KB
/
Makefile_src
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
#!/bin/make
# Optional LPATH defines where to find any pre-installed libsecutils and UTA libraries, e.g., /usr/lib
# Optional OPENSSL_DIR defines where to find the OpenSSL installation, defaulting to LPATH/.. if set, else ROOTFS/usr
# Optional OPENSSL_LIB defines where to find the OpenSSL library installation (default: OPENSSL_DIR/lib or OPENSSL_DIR).
# Optional OUT_DIR defines where libgencmp shall be placed, defaulting to LPATH if nonempty, else '.'
# BIN_DIR defines where the CLI application shall be placed, unless it is empty or unset.
# Optional LIBCMP_INC defines the directory of the libcmp header files, must be non-empty if and only if libcmp is used (USE_LIBCMP).
# All paths may be absolute or relative to the directory containing this Makefile.
# With USE_LIBCMP, setting STATIC_LIBCMP leads to static linking with libcmp.a .
# Optional DEBUG_FLAGS may set to prepend to local CFLAGS and LDFLAGS (default see below).
# OSSL_VERSION_QUIRKS maybe be needed to provide for setting OpenSSL compilation version quirks.
ifeq ($(DEB_TARGET_ARCH),)
SHELL=bash # bash is needed for supporting extended file name globbing
else # within Debian packaging
SHELL=LD_PRELOAD= bash
# LD_PRELOAD= is used to prevent Debian packaging give spurios
# ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD
# cannot be preloaded (cannot open shared object file): ignored.
# Unfortunately, cannot do this trick generally because otherwise,
# multi-line shell commands in rules with '\' will throw weird syntax error
endif
PREFIX=
PREFIX_DEST = $(PREFIX)
PREFIX_DEST ?= ./
ifeq ($(OS),Windows_NT)
override OS=Windows
EXE=.exe
DLL=.dll
OBJ=.obj
LIB=bin
else
EXE=
OBJ=.o
LIB=lib
override OS = $(shell sh -c 'uname 2>/dev/null || echo Unknown')
ifeq ($(shell uname -s),Darwin)
override OS=MacOS
DLL=.dylib
# see https://www.fullstaq.com/knowledge-hub/blogs/an-alternative-to-macos-dyld-library-path
SONAME=install_name,@rpath/
else # assuming other Unix-like
DLL=.so
SONAME=soname,
endif
endif
ifeq ($(LPATH),)
ifeq ($(OUT_DIR),)
override OUT_DIR = .
endif
override OPENSSL_DIR ?= $(ROOTFS)/usr
LIBCMP_DIR_=cmpossl
LIBCMP_DIR=$(PREFIX)$(LIBCMP_DIR_)
SECUTILS_DIR_=libsecutils
SECUTILS_DIR=$(PREFIX)$(SECUTILS_DIR_)
else
ifeq ($(OUT_DIR),)
override OUT_DIR = $(LPATH)
endif
override OPENSSL_DIR ?= $(LPATH)/..
SECUTILS_LIB=$(PREFIX)$(LPATH)/libsecutils$(DLL)
endif
ifeq ($(shell echo $(OPENSSL_DIR) | grep "^/"),)
# $(OPENSSL_DIR) is relative path
PREFIX_OPENSSL_DIR=$(PREFIX)$(OPENSSL_DIR)
override OPENSSL_LIB ?= $(PREFIX_OPENSSL_DIR)
# OPENSSL_RPATH=$(OPENSSL_DIR)
# OPENSSL_RPATH_LIB=$(OPENSSL_DIR)
else # $(OPENSSL_DIR) is absolute path
PREFIX_OPENSSL_DIR=$(OPENSSL_DIR)
override OPENSSL_LIB ?= $(PREFIX_OPENSSL_DIR)/$(LIB)
# OPENSSL_RPATH=$(PREFIX_OPENSSL_DIR)
# OPENSSL_RPATH_LIB=$(OPENSSL_LIB)
endif
ARCHIVE=$(PREFIX)bin # for Jenkins
OPENSSL_DLLS = *{crypto,ssl}*.dll
CC ?= gcc
ifdef NDEBUG
override DEBUG_FLAGS ?= -O2
override DEBUG_FLAGS += -DNDEBUG=1 -Werror
else
override DEBUG_FLAGS ?= -g -O0 -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all # not every compiler(version) supports -Og
endif
override CFLAGS += $(DEBUG_FLAGS) -fstack-protector -fno-omit-frame-pointer
# override CFLAGS += -std=gnu90 # TODO maybe clean up code and re-enable flag
override CFLAGS += \
-Wall -Woverflow -Wextra -Wswitch -Wmissing-prototypes -Wstrict-prototypes \
-Wformat -Wformat-security -Wtype-limits -Wundef -Wconversion \
-Wsign-compare -Wpointer-arith -Wunused-parameter -Wshadow \
-pedantic -DPEDANTIC
override CFLAGS +=-Wno-c99-extensions -Wno-language-extension-token -Wno-declaration-after-statement -Wno-expansion-to-defined \
-Wno-sign-conversion -Wno-shorten-64-to-32 -Wno-shadow # due to libsecutils
ifeq ($(LPATH),)
override CFLAGS += -I$(SECUTILS_DIR)/src/libsecutils/include
endif
ifneq ($(LIBCMP_INC),)
ifeq ($(DEB_TARGET_ARCH),) # not during Debian packaging
override CFLAGS += -isystem $(PREFIX)$(LIBCMP_INC)
else
ifeq ($(INSTALL_DEB_PKGS),) # Debian packaging without submodule packages installed
override CFLAGS += -isystem $(LIBCMP_INC)
else
override CFLAGS += -isystem /usr/include/cmp
endif
endif
# use of -isystem is important for taking precedence over any (older) OpenSSL CMP headers
override CFLAGS += -DUSE_LIBCMP
endif
override CFLAGS += -isystem $(PREFIX_OPENSSL_DIR)/include # use of -isystem is critical for selecting wanted OpenSSL version
override CFLAGS += -I$(PREFIX)include # for genericCMPClient.h
override CFLAGS += $(OSSL_VERSION_QUIRKS)
LIBCMP_A = libcmp.a
ifneq ($(LIBCMP_INC),)
ifeq ($(STATIC_LIBCMP),)
override LIBS += -lcmp
endif
endif
# important: place libcmp before libcrypto such that its contents are preferred
override LIBS += -lsecutils
ifdef SECUTILS_NO_TLS
override CFLAGS += -DSECUTILS_NO_TLS=1
else
override LIBS += -lssl
endif
override LIBS += -lcrypto
ifdef SECUTILS_USE_UTA
override LIBS += -luta
endif
override LDFLAGS += $(DEBUG_FLAGS) # needed for -fsanitize=...
ifeq ($(LPATH),)
override LDFLAGS += -L $(PREFIX)$(OUT_DIR)
ifeq ($(DEB_TARGET_ARCH),) # not during Debian packaging
# ifeq ($(PREFIX),)
# TODO maybe better use absolute path here, as done by CMake
override LDFLAGS += -Wl,-rpath,$(OUT_DIR) # no more needed: -Wl,-rpath,$(SECUTILS_DIR)
ifndef NDEBUG # for CLI-based tests
# override LDFLAGS += -Wl,-rpath,$(OUT_DIR)/../../../..
# not needed due to OUT_DIR set also for libsecutils:
# override LDFLAGS += -Wl,-rpath,$(OUT_DIR)/../../../../$(SECUTILS_DIR)
endif
# not needed due to OUT_DIR set also for cmpossl:
# ifneq ($(LIBCMP_INC),)
# override LDFLAGS += -Wl,-rpath,$(LIBCMP_DIR)
# ifndef NDEBUG
# override LDFLAGS += -Wl,-rpath,$(OUT_DIR)/../../../../$(LIBCMP_DIR) # for CLI-based tests
# endif
# endif
# endif
endif
# not needed due to OUT_DIR set also for libsecutils and cmpossl:
# override LDFLAGS += -L $(SECUTILS_DIR)
# ifneq ($(LIBCMP_INC),)
# override LDFLAGS += -L $(LIBCMP_DIR)
# endif
ifeq ($(DEB_TARGET_ARCH),) # not during Debian packaging
ifneq ($(PREFIX),)
# not needed due to OUT_DIR set also for libsecutils and cmpossl:
# override LDFLAGS += -Wl,-rpath,$(SECUTILS_DIR_)
# ifneq ($(LIBCMP_INC),)
# override LDFLAGS += -Wl,-rpath,$(LIBCMP_DIR_)
# endif
endif
endif
override LDFLAGS += -L $(OPENSSL_LIB)# -L $(PREFIX_OPENSSL_DIR)
ifeq ($(DEB_TARGET_ARCH),) # not during Debian packaging
# override LDFLAGS += -Wl,-rpath,$(OPENSSL_RPATH_LIB)
# ifneq ($(OPENSSL_RPATH_LIB),$(OPENSSL_RPATH))
# override LDFLAGS += -Wl,-rpath,$(OPENSSL_RPATH)
# endif
override LDFLAGS += -Wl,-rpath,$(OPENSSL_LIB)
endif
else
override LDFLAGS += -L $(LPATH)
endif
override OUTLIB_= libgencmp
OUTLIB=$(OUTLIB_)$(DLL)
ifeq ($(OS),MacOS)
OUTLIBV=$(OUTLIB_).$(VERSION)$(DLL)
else
OUTLIBV=$(OUTLIB).$(VERSION)
override CFLAGS += -D_FORTIFY_SOURCE=2
endif
OBJS = src/genericCMPClient$(OBJ) src/cmpClient$(OBJ)
SRCS = $(OBJS:$(OBJ)=.c)
DEPS = $(SRCS:.c=.d)
CMPCLIENT = $(PREFIX)$(BIN_DIR)/cmpClient$(EXE)
ifeq ($(BIN_DIR),)
BINARIES =
else
BINARIES = $(CMPCLIENT)
endif
########## rules and targets
.PHONY: build
build: $(OUT_DIR)/$(OUTLIB) $(BINARIES)
ifeq ($(OS),Windows_NT)
ifeq ($(LPATH),)
@echo "Copying OpenSSL DLLs to base directory for convenient use with Windows"
@cp --preserve=timestamps $(OPENSSL_LIB)/$(OPENSSL_DLLS) $(PREFIX_DEST)
endif
@echo "Copying SecUtils DLL to base directory for convenient use with Windows"
@cp --preserve=timestamps $(SECUTILS_LIB) $(PREFIX_DEST) # $(OPENSSL_LIB)/*{crypto,ssl}*.dll
endif
ifeq ($(findstring clean,$(MAKECMDGOALS)),)
-include $(DEPS)
endif
$(OBJS): %$(OBJ): %.c # | $(SECUTILS_LIB) # $(PREFIX)$(OUT_DIR)/libcmp$(DLL)
$(CC) $(CFLAGS) -c -fPIC $< -o $@
@$(CC) $(CFLAGS) -MM $< -MT $@ -MF $*.d
#%$(OBJ): %.c
# $(CC) $(CFLAGS) -o "$@" "$<"
.PHONY: clean_libcmp_a
clean_libcmp_a:
ifeq ($(OS),Linux)
@if [ -f ./$(LIBCMP_A) ]; then rm ./$(LIBCMP_A); fi # workaround for Linux: if ./libcmp.a exists with an unsuitable format (e.g., from MacOS),
@ # dynamic library filies libcmp.so* get ignored, leading to, e.g., "undefined reference to `OSSL_CMP_ITAV_get0_caCerts'"
endif
ifneq ($(LIBCMP_INC),)
ifeq ($(STATIC_LIBCMP),)
$(OUT_DIR)/$(OUTLIBV): | clean_libcmp_a
else
$(OUT_DIR)/$(OUTLIBV): $(OUT_DIR)/$(LIBCMP_A)
endif
endif
$(OUT_DIR)/$(OUTLIBV): src/genericCMPClient$(OBJ)
$(CC) $^ $(LDFLAGS) $(LIBS) -shared -o $@ -Wl,-$(SONAME)$(OUTLIBV)
$(OUT_DIR)/$(OUTLIB): $(OUT_DIR)/$(OUTLIBV)
ln -sf $(OUTLIBV) $(OUT_DIR)/$(OUTLIB)
$(OUT_DIR)/$(CMPCLIENT): src/cmpClient$(OBJ) $(OUT_DIR)/$(OUTLIB)
$(CC) $(LDFLAGS) $< -lgencmp $(LIBS) -o $@
.PHONY: all archive
all: build archive
ifneq ($(BIN_DIR),)
archive:
@mkdir 2>/dev/null $(ARCHIVEDIR) || true
@cp --preserve=timestamps $(BINARIES) $(ARCHIVE)
endif
.PHONY: clean
clean:
rm -fr $(OUT_DIR)/$(OUTLIB_)*$(DLL)*
rm -f $(BINARIES) $(DEPS) $(OBJS)
# $(OUT_DIR)/$(OUTLIB).$(VERSION)
ifeq ($(OS),Windows_NT)
ifeq ($(LPATH),)
rm -f $(PREFIX_DEST)$(OPENSSL_DLLS)
endif
rm -f $(PREFIX_DEST)$(SECUTILS_LIB)
endif