lili/qt5
1
0
Fork 0
mirror of git://code.qt.io/qt/qt5.git synced 2026-03-17 01:36:32 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
5579337dde17536128484e8d7fa327c4d69e26cb
qt5/coin/provisioning/common/unix/install-openssl.sh
Tero Heikkinen 4f405340c5 openSUSE 16.0: Upgrade openSSL from 3.0.7 to 3.5.4 (LTS) 
openSSL 3.2.0 or newer required for libcurl in openSUSE 16.0

This solution has possibility to leave default openSSL
version into use for others, and openSUSE 16.0 (or others)
can move to a newer version if needed.

There are currently two tests failing in this update,
but as openSUSE 16.0 is non-blocking in the CI, it
doesn't get blocked.

Tickets created to fix those:
  - QTBUG-141722
  - QTBUG-141723

Task-number: QTQAINFRA-7502
Task-number: QTQAINFRA-7455
Task-number: QTQAINFRA-7452
Change-Id: Ie9995a3afcdb09d091d75651528a94f71f5ece2a
Reviewed-by: Elias Toivola <elias.toivola@qt.io>
Reviewed-by: Simo Fält <simo.falt@qt.io>
2025-11-20 08:34:40 +02:00

112 lines
4.0 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Copyright (C) 2022 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
# This script install OpenSSL from sources.
# Requires GCC and Perl to be in PATH.
set -ex
os="$1"
version=${2:-"3.0.7"}
sha=${3:-"f20736d6aae36bcbfa9aba0d358c71601833bf27"}
SCRIPT_DIR="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
# shellcheck source=../unix/DownloadURL.sh
source "${BASH_SOURCE%/*}/../unix/DownloadURL.sh"
# shellcheck source=../unix/SetEnvVar.sh
source "${BASH_SOURCE%/*}/../unix/SetEnvVar.sh"
officialUrl="https://github.com/openssl/openssl/releases/download/openssl-$version/openssl-$version.tar.gz"
cachedUrl="http://ci-files01-hki.ci.qt.io/input/openssl/openssl-$version.tar.gz"
targetFile="/tmp/openssl-$version.tar.gz"
opensslHome="${HOME}/openssl-${version}"
opensslSource="${opensslHome}-src"
DownloadURL "$cachedUrl" "$officialUrl" "$sha" "$targetFile"
mkdir -p "$opensslSource"
tar -xzf "$targetFile" --strip 1 -C "$opensslSource"
cd "$opensslSource"
pwd
if [[ "$os" == "linux" ]]; then
if [ $(uname -m) = aarch64 ]; then
arch=$(uname -m)
else
arch="x86_64"
fi
./Configure --prefix="$opensslHome" shared enable-ec_nistp_64_gcc_128 "linux-$arch" "-Wa,--noexecstack"
make && make install_sw install_ssldirs
SetEnvVar "OPENSSL_HOME" "$opensslHome"
SetEnvVar "PATH" "\"$opensslHome/bin:\$PATH\""
if uname -a |grep -q "Debian"; then
SetEnvVar "LD_LIBRARY_PATH" "\"$opensslHome/lib:$LD_LIBRARY_PATH\""
else
SetEnvVar "LD_LIBRARY_PATH" "\"$opensslHome/lib64:$LD_LIBRARY_PATH\""
fi
elif [ "$os" == "macos" ] || [ "$os" == "macos-universal" ]; then
# Below target location has been hard coded into Coin.
# QTQAINFRA-1195
echo "prefix=$prefix"
if [[ -z "$prefix" ]]; then
prefix="/usr/local"
fi
openssl_install_dir="$prefix/openssl-$version"
opensslTargetLocation="$prefix/opt/openssl"
commonFlags=(no-tests shared no-ssl3-method enable-ec_nistp_64_gcc_128 "-Wa,--noexecstack")
export MACOSX_DEPLOYMENT_TARGET=12
opensslBuild="${opensslHome}-build"
opensslDestdir="${opensslHome}-destdir"
mkdir -p "$opensslBuild"
if [ "$os" == "macos-universal" ]; then
archs="x86_64 arm64"
else
archs="$(uname -m)"
fi
for arch in $archs; do
cd "$opensslBuild"
echo "Configuring OpenSSL for $arch"
mkdir -p "$arch" && cd "$arch"
"$opensslSource/Configure" --prefix="$openssl_install_dir" "${commonFlags[@]}" "darwin64-$arch-cc"
echo "Building OpenSSL for $arch in $PWD"
make >> /tmp/openssl_make.log 2>&1
echo "Installing OpenSSL for $arch"
if [ "$os" == "macos-universal" ]; then
destdir="$opensslDestdir/$arch"
else
destdir=""
fi
# shellcheck disable=SC2024
sudo make install_sw install_ssldirs DESTDIR="$destdir" >> /tmp/openssl_make_install.log 2>&1
done
if [ "$os" == "macos-universal" ]; then
echo "Making universal OpenSSL package"
# shellcheck disable=SC2024
sudo rm -Rf "$openssl_install_dir"
sudo "${SCRIPT_DIR}/../macos/makeuniversal.sh" "$opensslDestdir/x86_64" "$opensslDestdir/arm64"
fi
path=$(echo "$opensslTargetLocation" | sed -E 's/(.*)\/.*$/\1/')
sudo mkdir -p "$path"
sudo ln -s "$openssl_install_dir" "$opensslTargetLocation"
SetEnvVar "PATH" "\"$opensslTargetLocation/bin:\$PATH\""
SetEnvVar "MANPATH" "\"$opensslTargetLocation/share/man:\$MANPATH\""
SetEnvVar "OPENSSL_DIR" "\"$openssl_install_dir\""
SetEnvVar "OPENSSL_INCLUDE" "\"$openssl_install_dir/include\""
SetEnvVar "OPENSSL_LIB" "\"$openssl_install_dir/lib\""
security find-certificate -a -p /Library/Keychains/System.keychain | sudo tee -a "$opensslTargetLocation/ssl/cert.pem" > /dev/null
security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain | sudo tee -a "$opensslTargetLocation/ssl/cert.pem" > /dev/null
fi
echo "OpenSSL = $version" >> ~/versions.txt
Reference in New Issue View Git Blame Copy Permalink