OLD | NEW |
1 | 1 |
2 INSTALLATION ON THE WIN32 PLATFORM | 2 INSTALLATION ON THE WIN32 PLATFORM |
3 ---------------------------------- | 3 ---------------------------------- |
4 | 4 |
5 [Instructions for building for Windows CE can be found in INSTALL.WCE] | 5 [Instructions for building for Windows CE can be found in INSTALL.WCE] |
6 [Instructions for building for Win64 can be found in INSTALL.W64] | 6 [Instructions for building for Win64 can be found in INSTALL.W64] |
7 | 7 |
8 Heres a few comments about building OpenSSL in Windows environments. Most | 8 Here are a few comments about building OpenSSL for Win32 environments, |
9 of this is tested on Win32 but it may also work in Win 3.1 with some | 9 such as Windows NT and Windows 9x. It should be noted though that |
10 modification. | 10 Windows 9x are not ordinarily tested. Its mention merely means that we |
| 11 attempt to maintain certain programming discipline and pay attention |
| 12 to backward compatibility issues, in other words it's kind of expected |
| 13 to work on Windows 9x, but no regression tests are actually performed. |
11 | 14 |
12 You need Perl for Win32. Unless you will build on Cygwin, you will need | 15 On additional note newer OpenSSL versions are compiled and linked with |
13 ActiveState Perl, available from http://www.activestate.com/ActivePerl. | 16 Winsock 2. This means that minimum OS requirement was elevated to NT 4 |
| 17 and Windows 98 [there is Winsock 2 update for Windows 95 though]. |
14 | 18 |
15 and one of the following C compilers: | 19 - you need Perl for Win32. Unless you will build on Cygwin, you will need |
| 20 ActiveState Perl, available from http://www.activestate.com/ActivePerl. |
| 21 |
| 22 - one of the following C compilers: |
16 | 23 |
17 * Visual C++ | 24 * Visual C++ |
18 * Borland C | 25 * Borland C |
19 * GNU C (Cygwin or MinGW) | 26 * GNU C (Cygwin or MinGW) |
20 | 27 |
| 28 - Netwide Assembler, a.k.a. NASM, available from http://nasm.sourceforge.net/ |
| 29 is required if you intend to utilize assembler modules. Note that NASM |
| 30 is now the only supported assembler. |
| 31 |
21 If you are compiling from a tarball or a CVS snapshot then the Win32 files | 32 If you are compiling from a tarball or a CVS snapshot then the Win32 files |
22 may well be not up to date. This may mean that some "tweaking" is required to | 33 may well be not up to date. This may mean that some "tweaking" is required to |
23 get it all to work. See the trouble shooting section later on for if (when?) | 34 get it all to work. See the trouble shooting section later on for if (when?) |
24 it goes wrong. | 35 it goes wrong. |
25 | 36 |
26 Visual C++ | 37 Visual C++ |
27 ---------- | 38 ---------- |
28 | 39 |
29 If you want to compile in the assembly language routines with Visual C++ then | 40 If you want to compile in the assembly language routines with Visual |
30 you will need an assembler. This is worth doing because it will result in | 41 C++, then you will need already mentioned Netwide Assembler binary, |
31 faster code: for example it will typically result in a 2 times speedup in the | 42 nasmw.exe or nasm.exe, to be available on your %PATH%. |
32 RSA routines. Currently the following assemblers are supported: | |
33 | 43 |
34 * Microsoft MASM (aka "ml") | 44 Firstly you should run Configure with platform VC-WIN32: |
35 * Free Netwide Assembler NASM. | |
36 | 45 |
37 MASM is distributed with most versions of VC++. For the versions where it is | 46 > perl Configure VC-WIN32 --prefix=c:\some\openssl\dir |
38 not included in VC++, it is also distributed with some Microsoft DDKs, for | |
39 example the Windows NT 4.0 DDK and the Windows 98 DDK. If you do not have | |
40 either of these DDKs then you can just download the binaries for the Windows | |
41 98 DDK and extract and rename the two files XXXXXml.exe and XXXXXml.err, to | |
42 ml.exe and ml.err and install somewhere on your PATH. Both DDKs can be | |
43 downloaded from the Microsoft developers site www.msdn.com. | |
44 | 47 |
45 NASM is freely available. Version 0.98 was used during testing: other versions | 48 Where the prefix argument specifies where OpenSSL will be installed to. |
46 may also work. It is available from many places, see for example: | |
47 http://www.kernel.org/pub/software/devel/nasm/binaries/win32/ | |
48 The NASM binary nasmw.exe needs to be installed anywhere on your PATH. | |
49 | 49 |
50 Firstly you should run Configure: | 50 Next you need to build the Makefiles and optionally the assembly |
51 | 51 language files: |
52 > perl Configure VC-WIN32 --prefix=c:/some/openssl/dir | |
53 | |
54 Where the prefix argument specifies where OpenSSL will be installed to. | |
55 | |
56 Next you need to build the Makefiles and optionally the assembly language | |
57 files: | |
58 | |
59 - If you are using MASM then run: | |
60 | |
61 > ms\do_masm | |
62 | 52 |
63 - If you are using NASM then run: | 53 - If you are using NASM then run: |
64 | 54 |
65 > ms\do_nasm | 55 > ms\do_nasm |
66 | 56 |
67 - If you don't want to use the assembly language files at all then run: | 57 - If you don't want to use the assembly language files at all then run: |
68 | 58 |
| 59 > perl Configure VC-WIN32 no-asm --prefix=c:/some/openssl/dir |
69 > ms\do_ms | 60 > ms\do_ms |
70 | 61 |
71 If you get errors about things not having numbers assigned then check the | 62 If you get errors about things not having numbers assigned then check the |
72 troubleshooting section: you probably won't be able to compile it as it | 63 troubleshooting section: you probably won't be able to compile it as it |
73 stands. | 64 stands. |
74 | 65 |
75 Then from the VC++ environment at a prompt do: | 66 Then from the VC++ environment at a prompt do: |
76 | 67 |
77 > nmake -f ms\ntdll.mak | 68 > nmake -f ms\ntdll.mak |
78 | 69 |
79 If all is well it should compile and you will have some DLLs and executables | 70 If all is well it should compile and you will have some DLLs and |
80 in out32dll. If you want to try the tests then do: | 71 executables in out32dll. If you want to try the tests then do: |
81 | 72 |
82 > nmake -f ms\ntdll.mak test | 73 > nmake -f ms\ntdll.mak test |
83 | 74 |
84 | 75 |
85 To install OpenSSL to the specified location do: | 76 To install OpenSSL to the specified location do: |
86 | 77 |
87 > nmake -f ms\ntdll.mak install | 78 > nmake -f ms\ntdll.mak install |
88 | 79 |
89 Tweaks: | 80 Tweaks: |
90 | 81 |
91 There are various changes you can make to the Win32 compile environment. By | 82 There are various changes you can make to the Win32 compile |
92 default the library is not compiled with debugging symbols. If you add 'debug' | 83 environment. By default the library is not compiled with debugging |
93 to the mk1mf.pl lines in the do_* batch file then debugging symbols will be | 84 symbols. If you use the platform debug-VC-WIN32 instead of VC-WIN32 |
94 compiled in. Note that mk1mf.pl expects the platform to be the last argument | 85 then debugging symbols will be compiled in. |
95 on the command line, so 'debug' must appear before that, as all other options. | |
96 | 86 |
97 | 87 By default in 1.0.0 OpenSSL will compile builtin ENGINES into the |
98 By default in 0.9.8 OpenSSL will compile builtin ENGINES into the libeay32.dll | 88 separate shared librariesy. If you specify the "enable-static-engine" |
99 shared library. If you specify the "no-static-engine" option on the command | 89 option on the command line to Configure the shared library build |
100 line to Configure the shared library build (ms\ntdll.mak) will compile the | 90 (ms\ntdll.mak) will compile the engines into libeay32.dll instead. |
101 engines as separate DLLs. | |
102 | 91 |
103 The default Win32 environment is to leave out any Windows NT specific | 92 The default Win32 environment is to leave out any Windows NT specific |
104 features. | 93 features. |
105 | 94 |
106 If you want to enable the NT specific features of OpenSSL (currently only the | 95 If you want to enable the NT specific features of OpenSSL (currently |
107 logging BIO) follow the instructions above but call the batch file do_nt.bat | 96 only the logging BIO) follow the instructions above but call the batch |
108 instead of do_ms.bat. | 97 file do_nt.bat instead of do_ms.bat. |
109 | 98 |
110 You can also build a static version of the library using the Makefile | 99 You can also build a static version of the library using the Makefile |
111 ms\nt.mak | 100 ms\nt.mak |
112 | 101 |
113 | 102 |
114 | |
115 Borland C++ builder 5 | 103 Borland C++ builder 5 |
116 --------------------- | 104 --------------------- |
117 | 105 |
118 * Configure for building with Borland Builder: | 106 * Configure for building with Borland Builder: |
119 > perl Configure BC-32 | 107 > perl Configure BC-32 |
120 | 108 |
121 * Create the appropriate makefile | 109 * Create the appropriate makefile |
122 > ms\do_nasm | 110 > ms\do_nasm |
123 | 111 |
124 * Build | 112 * Build |
125 > make -f ms\bcb.mak | 113 > make -f ms\bcb.mak |
126 | 114 |
127 Borland C++ builder 3 and 4 | 115 Borland C++ builder 3 and 4 |
128 --------------------------- | 116 --------------------------- |
129 | 117 |
130 * Setup PATH. First must be GNU make then bcb4/bin | 118 * Setup PATH. First must be GNU make then bcb4/bin |
131 | 119 |
132 * Run ms\bcb4.bat | 120 * Run ms\bcb4.bat |
133 | 121 |
134 * Run make: | 122 * Run make: |
135 > make -f bcb.mak | 123 > make -f bcb.mak |
136 | 124 |
137 GNU C (Cygwin) | 125 GNU C (Cygwin) |
138 -------------- | 126 -------------- |
139 | 127 |
140 Cygwin provides a bash shell and GNU tools environment running | 128 Cygwin implements a Posix/Unix runtime system (cygwin1.dll) on top of |
141 on NT 4.0, Windows 9x, Windows ME, Windows 2000, and Windows XP. | 129 Win32 subsystem and provides a bash shell and GNU tools environment. |
142 Consequently, a make of OpenSSL with Cygwin is closer to a GNU | 130 Consequently, a make of OpenSSL with Cygwin is virtually identical to |
143 bash environment such as Linux than to other the other Win32 | 131 Unix procedure. It is also possible to create Win32 binaries that only |
144 makes. | 132 use the Microsoft C runtime system (msvcrt.dll or crtdll.dll) using |
145 | 133 MinGW. MinGW can be used in the Cygwin development environment or in a |
146 Cygwin implements a Posix/Unix runtime system (cygwin1.dll). | 134 standalone setup as described in the following section. |
147 It is also possible to create Win32 binaries that only use the | |
148 Microsoft C runtime system (msvcrt.dll or crtdll.dll) using | |
149 MinGW. MinGW can be used in the Cygwin development environment | |
150 or in a standalone setup as described in the following section. | |
151 | 135 |
152 To build OpenSSL using Cygwin: | 136 To build OpenSSL using Cygwin: |
153 | 137 |
154 * Install Cygwin (see http://cygwin.com/) | 138 * Install Cygwin (see http://cygwin.com/) |
155 | 139 |
156 * Install Perl and ensure it is in the path. Both Cygwin perl | 140 * Install Perl and ensure it is in the path. Both Cygwin perl |
157 (5.6.1-2 or newer) and ActivePerl work. | 141 (5.6.1-2 or newer) and ActivePerl work. |
158 | 142 |
159 * Run the Cygwin bash shell | 143 * Run the Cygwin bash shell |
160 | 144 |
(...skipping 24 matching lines...) Expand all Loading... |
185 | 169 |
186 "make test" and normal file operations may fail in directories | 170 "make test" and normal file operations may fail in directories |
187 mounted as text (i.e. mount -t c:\somewhere /home) due to Cygwin | 171 mounted as text (i.e. mount -t c:\somewhere /home) due to Cygwin |
188 stripping of carriage returns. To avoid this ensure that a binary | 172 stripping of carriage returns. To avoid this ensure that a binary |
189 mount is used, e.g. mount -b c:\somewhere /home. | 173 mount is used, e.g. mount -b c:\somewhere /home. |
190 | 174 |
191 "bc" is not provided in older Cygwin distribution. This causes a | 175 "bc" is not provided in older Cygwin distribution. This causes a |
192 non-fatal error in "make test" but is otherwise harmless. If | 176 non-fatal error in "make test" but is otherwise harmless. If |
193 desired and needed, GNU bc can be built with Cygwin without change. | 177 desired and needed, GNU bc can be built with Cygwin without change. |
194 | 178 |
195 GNU C (MinGW) | 179 GNU C (MinGW/MSYS) |
196 ------------- | 180 ------------- |
197 | 181 |
198 * Compiler installation: | 182 * Compiler and shell environment installation: |
199 | 183 |
200 MinGW is available from http://www.mingw.org. Run the installer and | 184 MinGW and MSYS are available from http://www.mingw.org/, both are |
201 set the MinGW bin directory to the PATH in "System Properties" or | 185 required. Run the installers and do whatever magic they say it takes |
202 autoexec.bat. | 186 to start MSYS bash shell with GNU tools on its PATH. |
| 187 |
| 188 N.B. Since source tar-ball can contain symbolic links, it's essential |
| 189 that you use accompanying MSYS tar to unpack the source. It will |
| 190 either handle them in one way or another or fail to extract them, |
| 191 which does the trick too. Latter means that you may safely ignore all |
| 192 "cannot create symlink" messages, as they will be "re-created" at |
| 193 configure stage by copying corresponding files. Alternative programs |
| 194 were observed to create empty files instead, which results in build |
| 195 failure. |
203 | 196 |
204 * Compile OpenSSL: | 197 * Compile OpenSSL: |
205 | 198 |
206 > ms\mingw32 | 199 $ ./config |
| 200 [...] |
| 201 $ make |
| 202 [...] |
| 203 $ make test |
207 | 204 |
208 This will create the library and binaries in out. In case any problems | 205 This will create the library and binaries in root source directory |
209 occur, try | 206 and openssl.exe application in apps directory. |
210 > ms\mingw32 no-asm | 207 |
211 instead. | 208 It is also possible to cross-compile it on Linux by configuring |
| 209 with './Configure --cross-compile-prefix=i386-mingw32- mingw ...'. |
| 210 'make test' is naturally not applicable then. |
212 | 211 |
213 libcrypto.a and libssl.a are the static libraries. To use the DLLs, | 212 libcrypto.a and libssl.a are the static libraries. To use the DLLs, |
214 link with libeay32.a and libssl32.a instead. | 213 link with libeay32.a and libssl32.a instead. |
215 | 214 |
216 See troubleshooting if you get error messages about functions not having | 215 See troubleshooting if you get error messages about functions not |
217 a number assigned. | 216 having a number assigned. |
218 | |
219 * You can now try the tests: | |
220 | |
221 > cd out | |
222 > ..\ms\test | |
223 | |
224 | 217 |
225 Installation | 218 Installation |
226 ------------ | 219 ------------ |
227 | 220 |
228 If you used the Cygwin procedure above, you have already installed and | 221 If you used the Cygwin procedure above, you have already installed and |
229 can skip this section. For all other procedures, there's currently no real | 222 can skip this section. For all other procedures, there's currently no real |
230 installation procedure for Win32. There are, however, some suggestions: | 223 installation procedure for Win32. There are, however, some suggestions: |
231 | 224 |
232 - do nothing. The include files are found in the inc32/ subdirectory, | 225 - do nothing. The include files are found in the inc32/ subdirectory, |
233 all binaries are found in out32dll/ or out32/ depending if you built | 226 all binaries are found in out32dll/ or out32/ depending if you built |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
300 standard library functions used by OpenSSL that call malloc() internally | 293 standard library functions used by OpenSSL that call malloc() internally |
301 (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot | 294 (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot |
302 rely on CRYPTO_malloc_init() solving your problem, and you should | 295 rely on CRYPTO_malloc_init() solving your problem, and you should |
303 consistently use the multithreaded library. | 296 consistently use the multithreaded library. |
304 | 297 |
305 Linking your application | 298 Linking your application |
306 ------------------------ | 299 ------------------------ |
307 | 300 |
308 If you link with static OpenSSL libraries [those built with ms/nt.mak], | 301 If you link with static OpenSSL libraries [those built with ms/nt.mak], |
309 then you're expected to additionally link your application with | 302 then you're expected to additionally link your application with |
310 WSOCK32.LIB, ADVAPI32.LIB, GDI32.LIB and USER32.LIB. Those developing | 303 WS2_32.LIB, ADVAPI32.LIB, GDI32.LIB and USER32.LIB. Those developing |
311 non-interactive service applications might feel concerned about linking | 304 non-interactive service applications might feel concerned about linking |
312 with latter two, as they are justly associated with interactive desktop, | 305 with the latter two, as they are justly associated with interactive |
313 which is not available to service processes. The toolkit is designed | 306 desktop, which is not available to service processes. The toolkit is |
314 to detect in which context it's currently executed, GUI, console app | 307 designed to detect in which context it's currently executed, GUI, |
315 or service, and act accordingly, namely whether or not to actually make | 308 console app or service, and act accordingly, namely whether or not to |
316 GUI calls. | 309 actually make GUI calls. Additionally those who wish to |
| 310 /DELAYLOAD:GDI32.DLL and /DELAYLOAD:USER32.DLL and actually keep them |
| 311 off service process should consider implementing and exporting from |
| 312 .exe image in question own _OPENSSL_isservice not relying on USER32.DLL. |
| 313 E.g., on Windows Vista and later you could: |
| 314 |
| 315 » __declspec(dllexport) __cdecl BOOL _OPENSSL_isservice(void) |
| 316 » { DWORD sess; |
| 317 » if (ProcessIdToSessionId(GetCurrentProcessId(),&sess)) |
| 318 » return sess==0; |
| 319 » return FALSE; |
| 320 » } |
317 | 321 |
318 If you link with OpenSSL .DLLs, then you're expected to include into | 322 If you link with OpenSSL .DLLs, then you're expected to include into |
319 your application code small "shim" snippet, which provides glue between | 323 your application code small "shim" snippet, which provides glue between |
320 OpenSSL BIO layer and your compiler run-time. Look up OPENSSL_Applink | 324 OpenSSL BIO layer and your compiler run-time. Look up OPENSSL_Applink |
321 reference page for further details. | 325 reference page for further details. |
OLD | NEW |