3 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
4 # Use of this source code is governed by a BSD-style license that can be
5 # found in the LICENSE file.
7 # Sanitize environment.
12 PROGDIR=$(dirname "$0")
13 PROGNAME=$(basename "$0")
18 . "$PROGDIR/openssl-chromium.config"
20 # Print error message and exit script.
28 # Output: variable value.
30 # NOTE: Don't use 'echo' here, it is sensitive to options like -n.
31 eval printf \"%s\\n\" \$$1
34 # Print a message if verbosity is sufficiently high.
35 # $1: Verbosity threshold, only if '$VERBOSE > $1' does this print.
40 if [ "$VERBOSE" -gt "$LEVEL" ]; then
45 # Print a message, unless --quiet was used.
50 # Print a message if --verbose was used.
55 # Print a message if --verbose --verbose was used.
60 # Run a command silently, unless --verbose is used.
62 # - By default, this runs the command but redirects its stdout/stderr
63 # to /dev/null to avoid printing anything.
64 # - If --verbose is used, this prints the command's name, and stderr
65 # will not be redirected.
66 # - If '--verbose --verbose' is used, this prints the commands and its
69 # Return: Command status
71 if [ "$VERBOSE" -gt 1 ]; then
87 # Support cleaning up stuff when the script exits, even in case of
92 local CLEANUPS CLEANUP
93 CLEANUPS=$_ALL_CLEANUPS
95 for CLEANUP in $CLEANUPS; do
101 trap "clean_atexit 0" EXIT
102 trap "clean_atexit \$?" HUP INT QUIT TERM
104 # Add a cleanup function to the list of cleanups that will be run when
107 # Prepend to ensure that the cleanup steps are performed in reverse
108 # order or registration.
109 _ALL_CLEANUPS="$* $_ALL_CLEANUPS"
112 # Support code to write into a gyp file
115 # Increment margin of gyp printer.
117 _GYP_MARGIN="$_GYP_MARGIN "
121 _GYP_MARGIN=$(echo "$_GYP_MARGIN" | cut --bytes=3-)
125 printf "%s%s\n" "$_GYP_MARGIN" "$@"
128 # This prints a list variable definition in a gyp file.
129 # $1: Variable name (e.g. 'openssl_common_defines')
130 # $2+: List items (e.g. defines)
131 print_gyp_variable () {
135 print_gyp "'$VARNAME': ["
137 print_gyp " '$VALUE',"
142 # Same as print_gyp_variable, but for source file lists, this
143 # prepends openssl/ as required by the Chromium build to each item
145 # $1: Variable name (e.g. 'openssl_common_sources')
146 # $2+: List items (source file names).
147 print_gyp_source_variable () {
151 print_gyp "'$VARNAME': ["
153 print_gyp " 'openssl/$VALUE',"
158 # Print usage instructions.
161 "Usage: $PROGNAME [options]
163 This script is used to regenerate the content of the Chromium
164 third_party/openssl/ directory according to the configuration file
165 named 'openssl-chromium.config'.
167 In particular, it will perform the following steps:
169 1) Download the Android sources from the AOSP git servers.
171 2) Add Chromium-specific patches to the Android source tree.
172 (they must be under patches.chromium/ in $PROGDIR).
174 3) Download a versioned openssl package from the official OpenSSL
175 servers, and check its MD5. The version is taken from the
176 'openssl.version' file in the Android source tree.
178 4) Run the Android 'import_openssl.sh' script that rebuilds all sources
181 5) Generate the 'openssl.gypi' that contains gyp-specific declarations
184 6) Generate 64-bit compatible opensslconf.h header.
186 Valid options are the following (defaults are in brackets):
188 --help|-h|-? Display this message.
189 --aosp-git=<url> Change git source for Android repository.
190 [$ANDROID_OPENSSL_GIT_SOURCE]
191 --aosp-commit=<name> Specify git commit or branch name [$ANDROID_OPENSSL_GIT_COMMIT]
192 --temp-dir=<path> Specify temporary directory, will not be cleaned.
193 [<random-temp-file-cleaned-on-exit>]
194 --verbose Increase verbosity.
195 --quiet Decrease verbosity.
200 # Parse command-line.
210 ANDROID_OPENSSL_GIT_COMMIT=${OPT#--aosp-commit=}
211 if [ -z "$ANDROID_OPENSSL_GIT_COMMIT" ]; then
212 panic "Missing option value: $OPT"
216 ANDROID_OPENSSL_GIT_SOURCE=${OPT#--aosp-git=}
217 if [ -z "$ANDROID_OPENSSL_GIT_SOURCE" ]; then
218 panic "Missing option value: $OPT"
222 TEMP_DIR=${OPT#--temp-dir=}
223 if [ -z "$TEMP_DIR" ]; then
224 panic "Missing option value: $OPT"
228 VERBOSE=$(( $VERBOSE - 1 ))
231 VERBOSE=$(( $VERBOSE + 1 ))
234 panic "Invalid option '$OPT', see --help for details."
237 panic "This script doesn't take parameters. See --help for details."
242 if [ "$DO_HELP" ]; then
246 # Create temporary directory. Ensure it's always cleaned up on exit.
247 if [ -z "$TEMP_DIR" ]; then
248 TEMP_DIR=$(mktemp -d)
253 log "Temporary directory created: $TEMP_DIR"
255 log "Using user-provided temp directory: $TEMP_DIR"
261 GIT_CLONE_FLAGS="--quiet"
262 GIT_CHECKOUT_FLAGS="--quiet"
267 GIT_CHECKOUT_FLAGS=""
271 GIT_CLONE_FLAGS="--verbose"
272 GIT_CHECKOUT_FLAGS=""
277 BUILD_DIR=$TEMP_DIR/build
278 mkdir -p "$BUILD_DIR" && rm -rf "$BUILD_DIR"/*
280 # Download the Android sources.
281 ANDROID_SRC_DIR=$BUILD_DIR/android-openssl
282 dump "Downloading Android sources"
283 log "Downloading branch $ANDROID_OPENSSL_GIT_COMMIT from: $ANDROID_OPENSSL_GIT_SOURCE"
285 run mkdir -p $ANDROID_SRC_DIR
286 run cd $ANDROID_SRC_DIR
287 run git clone $GIT_CLONE_FLAGS $ANDROID_OPENSSL_GIT_SOURCE .
288 run git checkout $GIT_CHECKOUT_FLAGS $ANDROID_OPENSSL_GIT_COMMIT
292 # Apply chromium-specific patches located in patches.chromium
293 CHROMIUM_PATCHES_DIR=$PROGDIR/patches.chromium
294 if [ ! -d "$CHROMIUM_PATCHES_DIR" ]; then
295 dump "No Chromium-specific patches to apply."
297 dump "Applying Chromium-specific patches:"
298 CHROMIUM_PATCHES=$(/bin/ls $CHROMIUM_PATCHES_DIR/*.patch 2>/dev/null)
299 for CHROMIUM_PATCH in $CHROMIUM_PATCHES; do
300 dump "Applying: $CHROMIUM_PATCH"
301 (cd $ANDROID_SRC_DIR && run patch -p1) < $CHROMIUM_PATCH
305 # Get the openssl version
306 . $ANDROID_SRC_DIR/openssl.version
307 if [ -z "$OPENSSL_VERSION" ]; then
308 panic "Could not find OPENSSL_VERSION definition from $ANDROID_SRC_DIR!"
310 dump "Found OpenSSL version: $OPENSSL_VERSION"
312 # Download OpenSSL package
313 DOWNLOAD_DIR=$BUILD_DIR/download
314 mkdir -p "$DOWNLOAD_DIR"
316 OPENSSL_PACKAGE=openssl-$OPENSSL_VERSION.tar.gz
317 dump "Downloading $OPENSSL_PACKAGE from $OPENSSL_TAR_SOURCE"
318 run curl $CURL_FLAGS -o $DOWNLOAD_DIR/$OPENSSL_PACKAGE $OPENSSL_TAR_SOURCE/$OPENSSL_PACKAGE
319 run curl $CURL_FLAGS -o $DOWNLOAD_DIR/$OPENSSL_PACKAGE.md5 $OPENSSL_TAR_SOURCE/$OPENSSL_PACKAGE.md5
321 OPENSSL_SHA1_DOWNLOADED=$(sha1sum $DOWNLOAD_DIR/$OPENSSL_PACKAGE | cut -d" " -f1)
322 OPENSSL_SHA1_EXPECTED=$OPENSSL_TAR_SHA1
323 if [ "$OPENSSL_SHA1_DOWNLOADED" != "$OPENSSL_SHA1_EXPECTED" ]; then
324 echo "ERROR: Content mismatch for downloaded OpenSSL package:"
325 echo " Downloaded SHA-1: $OPENSSL_SHA1_DOWNLOADED"
326 echo " Expected SHA-1 : $OPENSSL_SHA1_EXPECTED"
329 dump "Checking content of downloaded package: ok"
331 # The import_openssl.sh script will really remove the existing 'openssl'
332 # directory and replace it with something completely new. This is a problem
333 # when using subversion because this also gets rid of all .svn
334 # subdirectories. This makes it impossible to commit the right set of
335 # changes with "gcl commit".
337 # To work-around this, copy all the .svn subdirectories into a temporary
338 # tarball, which will be extracted after the import process.
340 dump "Saving .svn subdirectories"
341 SVN_LIST_FILE=$BUILD_DIR/svn-subdirs
342 run find . -type d -name ".svn" > $SVN_LIST_FILE
343 SAVED_SVN_TARBALL=$BUILD_DIR/saved-svn-subdirs.tar.gz
344 run tar czf $SAVED_SVN_TARBALL -T $SVN_LIST_FILE
346 # Re-run the import_openssl.sh script.
347 dump "Re-running the 'import_openssl.sh' script to reconfigure all sources."
350 run ./import_openssl.sh import $DOWNLOAD_DIR/$OPENSSL_PACKAGE
353 dump "Copying new Android sources to final location."
354 clean_openssl_new () {
355 rm -rf "$PROGDIR/openssl.new"
357 atexit clean_openssl_new
359 run cp -rp "$ANDROID_SRC_DIR" "$PROGDIR/openssl.new"
360 run mv "$PROGDIR/openssl" "$PROGDIR/openssl.old"
361 run mv "$PROGDIR/openssl.new" "$PROGDIR/openssl"
362 run rm -rf "$PROGDIR/openssl.old"
364 dump "Restoring .svn subdirectores"
365 run tar xzf $SAVED_SVN_TARBALL
367 # Extract list of source files or compiler defines from openssl.config
368 # variable definition. This assumes that the lists are in variables that
369 # are named as <prefix><suffix> or <prefix><suffix><arch>.
372 # get_gyp_list "FOO BAR" _SOURCES
373 # -> returns '$FOO_SOURCES $BAR_SOURCES'
375 # get_gyp_list FOO _SOURCES_ "arm x86"
376 # -> returns '$FOO_SOURCES_arm $FOO_SOURCES_x86"
378 # get_gyp_list "FOO BAR" _SOURCES_ "arm x86"
379 # -> returns '$FOO_SOURCES_arm $FOO_SOURCES_x86 $BAR_SOURCES_arm $BAR_SOURCES_x86'
381 # $1: list of variable prefixes
382 # $2: variable suffix
383 # $3: optional list of architectures.
385 local ALL_PREFIXES="$1"
388 local LIST PREFIX ARCH
389 for PREFIX in $ALL_PREFIXES; do
390 if [ "$ALL_ARCHS" ]; then
391 for ARCH in $ALL_ARCHS; do
392 LIST="$LIST $(var_value ${PREFIX}${SUFFIX}${ARCH})"
395 LIST="$LIST $(var_value ${PREFIX}${SUFFIX})"
401 generate_gyp_file () {
402 echo "# Auto-generated file - DO NOT EDIT"
403 echo "# To regenerate - run import_from_android.sh."
404 echo "# See 'import_from_android.sh --help' for details."
406 local ALL_PREFIXES="OPENSSL_CRYPTO OPENSSL_SSL"
407 local ALL_ARCHS="arm mips x86 x86_64 mac_ia32"
408 local PREFIX ARCH LIST
413 print_gyp "'variables': {"
416 # First, the common sources and defines
417 print_gyp_source_variable "openssl_common_sources" \
418 $(get_gyp_list "$ALL_PREFIXES" _SOURCES)
420 print_gyp_variable "openssl_common_defines" \
421 $(get_gyp_list "$ALL_PREFIXES" _DEFINES)
423 # Now, conditions section with add architecture-specific sub-sections.
424 for ARCH in $ALL_ARCHS; do
425 # Convert ARCH to gyp-specific architecture name
438 print_gyp_source_variable "openssl_${ARCH}_source_excludes" \
439 $(get_gyp_list "$ALL_PREFIXES" _SOURCES_EXCLUDES_ $ARCH)
441 print_gyp_source_variable "openssl_${ARCH}_sources" \
442 $(get_gyp_list "$ALL_PREFIXES" _SOURCES_ $ARCH)
444 print_gyp_variable "openssl_${ARCH}_defines" \
445 $(get_gyp_list "$ALL_PREFIXES" _DEFINES_ $ARCH)
450 print_gyp "}" # variables
453 print_gyp "}" # top-level dict.
456 dump "Generating 64-bit configuration header file."
457 mkdir -p $PROGDIR/config/x64/openssl/
459 -e 's|^#define RC4_INT unsigned char|#define RC4_INT unsigned int|g' \
460 -e 's|^#define BN_LLONG|#undef BN_LLONG|g' \
461 -e 's|^#define THIRTY_TWO_BIT|#undef THIRTY_TWO_BIT|g' \
462 -e 's|^#undef SIXTY_FOUR_BIT_LONG|#define SIXTY_FOUR_BIT_LONG|g' \
463 -e 's|^#define BF_PTR|#undef BF_PTR|g' \
464 $PROGDIR/openssl/include/openssl/opensslconf.h \
465 > $PROGDIR/config/x64/openssl/opensslconf.h
467 dump "Generating OS X 32-bit configuration header file."
468 mkdir -p $PROGDIR/config/mac/ia32/openssl/
470 -e '4a#ifndef OPENSSL_SYSNAME_MACOSX\n# define OPENSSL_SYSNAME_MACOSX\n#endif' \
471 -e 's|^#define RC4_INT unsigned char|#define RC4_INT unsigned int|g' \
472 -e 's|^#define DES_LONG unsigned int|#define DES_LONG unsigned long|g' \
473 $PROGDIR/openssl/include/openssl/opensslconf.h \
474 > $PROGDIR/config/mac/ia32/openssl/opensslconf.h
476 dump "Generating .gypi file."
477 . $ANDROID_SRC_DIR/openssl.config
478 generate_gyp_file > $PROGDIR/openssl.gypi.new
479 run mv $PROGDIR/openssl.gypi $PROGDIR/openssl.gypi.old
480 run mv $PROGDIR/openssl.gypi.new $PROGDIR/openssl.gypi
481 run rm $PROGDIR/openssl.gypi.old