diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5da973d7fd..f9a4c0b480 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,7 +35,7 @@ jobs: mkdir build cd build cmake .. - cmake --build . --target OpenSSL_Target + cmake --build . --target OpenSSL_Build - name: Initialize CodeQL uses: github/codeql-action/init@v1 diff --git a/CMakeLists.txt b/CMakeLists.txt index 556dd2806e..141502f05d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -138,6 +138,12 @@ set(QUIC_LIBRARY_NAME "msquic" CACHE STRING "Override the output library name") set(BUILD_SHARED_LIBS ${QUIC_BUILD_SHARED}) +# FindLTTngUST does not exist before CMake 3.6, so disable logging for older cmake versions +if (${CMAKE_VERSION} VERSION_LESS "3.6.0") + message(WARNING "Logging unsupported on this version of CMake. Please upgrade to 3.6 or later.") + set(QUIC_ENABLE_LOGGING OFF) +endif() + if (QUIC_PDBALTPATH AND MSVC) # Disabled in all cases because generation is broken. # file(READ ${CMAKE_CURRENT_LIST_DIR}/cmake/PdbAltPath.txt PDBALTPATH) @@ -466,21 +472,124 @@ else() #!WIN32 endif() if(QUIC_TLS STREQUAL "openssl") - add_library(OpenSSL INTERFACE) + if (WIN32) + add_library(OpenSSL INTERFACE) - include(FetchContent) + include(FetchContent) - FetchContent_Declare( - OpenSSLQuic - SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/submodules - CMAKE_ARGS "-DQUIC_USE_SYSTEM_LIBCRYPTO=${QUIC_USE_SYSTEM_LIBCRYPTO}" - ) - FetchContent_MakeAvailable(OpenSSLQuic) + FetchContent_Declare( + OpenSSLQuic + SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/submodules + CMAKE_ARGS "-DQUIC_BUILD_DIR=${QUIC_BUILD_DIR}" + ) + FetchContent_MakeAvailable(OpenSSLQuic) - target_link_libraries(OpenSSL - INTERFACE - OpenSSLQuic - ) + target_link_libraries(OpenSSL + INTERFACE + OpenSSLQuic::OpenSSLQuic + ) + else() + # Configure and build OpenSSL. + set(OPENSSL_DIR ${QUIC_BUILD_DIR}/openssl) + set(OPENSSL_CONFIG_FLAGS + enable-tls1_3 no-makedepend no-dgram no-ssl3 no-psk no-srp + + # + # The following line is needed for the 3.0 branch. + # + # no-uplink no-cmp no-acvp_tests no-fips no-padlockeng no-siv + + no-zlib no-egd no-idea no-rc5 no-rc4 no-afalgeng + no-comp no-cms no-ct no-srp no-srtp no-ts no-gost no-dso no-ec2m + no-tls1 no-tls1_1 no-tls1_2 no-dtls no-dtls1 no-dtls1_2 no-ssl + no-ssl3-method no-tls1-method no-tls1_1-method no-tls1_2-method no-dtls1-method no-dtls1_2-method + no-siphash no-whirlpool no-aria no-bf no-blake2 no-sm2 no-sm3 no-sm4 no-camellia no-cast no-md4 no-mdc2 no-ocb no-rc2 no-rmd160 no-scrypt + no-weak-ssl-ciphers no-shared no-tests --prefix=${OPENSSL_DIR}) + + if (QUIC_ENABLE_SANITIZERS) + list(APPEND OPENSSL_CONFIG_FLAGS enable-asan enable-ubsan) + endif() + if(CMAKE_SYSTEM_PROCESSOR STREQUAL arm) + set(OPENSSL_CONFIG_CMD ${CMAKE_CURRENT_SOURCE_DIR}/submodules/openssl/Configure + linux-armv4 -DL_ENDIAN + --cross-compile-prefix=${GNU_MACHINE}${FLOAT_ABI_SUFFIX}-) + list(APPEND OPENSSL_CONFIG_FLAGS -latomic) + elseif(CX_PLATFORM STREQUAL "darwin") + # need to build with Apple's compiler + if (CMAKE_OSX_ARCHITECTURES STREQUAL arm64) + set(OPENSSL_CONFIG_CMD ARCHFLAGS="-arch arm64" ${CMAKE_CURRENT_SOURCE_DIR}/submodules/openssl/Configure darwin64-arm64-cc) + elseif(CMAKE_OSX_ARCHITECTURES STREQUAL x86_64) + set(OPENSSL_CONFIG_CMD ARCHFLAGS="-arch x86_64" ${CMAKE_CURRENT_SOURCE_DIR}/submodules/openssl/Configure darwin64-x86_64-cc) + else() + set(OPENSSL_CONFIG_CMD ${CMAKE_CURRENT_SOURCE_DIR}/submodules/openssl/config) + endif() + list(APPEND OPENSSL_CONFIG_FLAGS -isysroot ${CMAKE_OSX_SYSROOT}) + elseif(ANDROID) + message(STATUS "${ANDROID_ABI}") + if(ANDROID_ABI STREQUAL "arm64-v8a") + set(OPENSSL_BUILD_TYPE android-arm64) + elseif(ANDROID_ABI STREQUAL "armeabi-v7a") + set(OPENSSL_BUILD_TYPE android-arm) + elseif(ANDROID_ABI STREQUAL "x86") + set(OPENSSL_BUILD_TYPE android-x86) + elseif(ANDROID_ABI STREQUAL "x86_64") + set(OPENSSL_BUILD_TYPE android-x86_64) + else() + message(FATAL_ERROR "Unknown android abi type") + endif() + set(OPENSSL_CONFIG_CMD ${CMAKE_CURRENT_SOURCE_DIR}/submodules/openssl/Configure + ${OPENSSL_BUILD_TYPE} + -D__ANDROID_API__=29) + else() + set(OPENSSL_CONFIG_CMD ${CMAKE_CURRENT_SOURCE_DIR}/submodules/openssl/config + CC=${CMAKE_C_COMPILER} CXX=${CMAKE_CXX_COMPILER}) + endif() + add_custom_target(mkdir_openssl_build + COMMAND mkdir -p ${QUIC_BUILD_DIR}/submodules/openssl) + add_custom_command( + DEPENDS mkdir_openssl_build + WORKING_DIRECTORY ${QUIC_BUILD_DIR}/submodules/openssl + OUTPUT ${OPENSSL_DIR}/lib/libcrypto${CMAKE_STATIC_LIBRARY_SUFFIX} + OUTPUT ${OPENSSL_DIR}/lib/libssl${CMAKE_STATIC_LIBRARY_SUFFIX} + COMMAND SYSTEM=${CMAKE_HOST_SYSTEM_NAME} + ${OPENSSL_CONFIG_CMD} ${OPENSSL_CONFIG_FLAGS} + COMMAND make -j$$(nproc) + COMMAND make install_dev) + add_custom_target(OpenSSL_Build + DEPENDS ${OPENSSL_DIR}/lib/libcrypto${CMAKE_STATIC_LIBRARY_SUFFIX} + DEPENDS ${OPENSSL_DIR}/lib/libssl${CMAKE_STATIC_LIBRARY_SUFFIX}) + + file(MAKE_DIRECTORY ${OPENSSL_DIR}/include) + + add_library(OpenSSL STATIC IMPORTED) + set_target_properties(OpenSSL PROPERTIES + IMPORTED_LOCATION ${OPENSSL_DIR}/lib/libssl${CMAKE_STATIC_LIBRARY_SUFFIX} + IMPORTED_LINK_INTERFACE_LANGUAGES "C") + + target_include_directories(OpenSSL INTERFACE ${OPENSSL_DIR}/include) + + if (QUIC_USE_SYSTEM_LIBCRYPTO) + include(FindOpenSSL) + if (OPENSSL_FOUND) + if (OPENSSL_VERSION VERSION_EQUAL 1.1.1) + target_link_libraries(OpenSSL INTERFACE OpenSSL::Crypto) + else() + message(FATAL_ERROR "OpenSSL 1.1.1 not found, found ${OPENSSL_VERSION}") + endif() + else() + message(FATAL_ERROR "System OpenSSL not found when requested") + endif() + else() + add_library(OpenSSL_Crypto STATIC IMPORTED) + set_target_properties(OpenSSL_Crypto PROPERTIES + IMPORTED_LOCATION ${OPENSSL_DIR}/lib/libcrypto${CMAKE_STATIC_LIBRARY_SUFFIX} + IMPORTED_LINK_INTERFACE_LANGUAGES "C") + + add_dependencies(OpenSSL_Crypto OpenSSL_Build) + target_link_libraries(OpenSSL INTERFACE OpenSSL_Crypto) + endif() + add_dependencies(OpenSSL OpenSSL_Build) + endif() endif() if(QUIC_CODE_CHECK) diff --git a/submodules/CMakeLists.txt b/submodules/CMakeLists.txt index 6db03637a0..42a6e0d161 100644 --- a/submodules/CMakeLists.txt +++ b/submodules/CMakeLists.txt @@ -5,264 +5,146 @@ cmake_minimum_required(VERSION 3.16) # This is a helper project to build OpenSSL as part of the CMake "superbuild" # pattern, which sidesteps issues managing a dependency graph within a single -# CMake project and enables smoother developer workflows. +# CMake project and enables smoother developer workflows. Currently, this only +# supports the Win32 platform # This file is intended to be included in the parent msquic project via FetchContent project(OpenSSLQuic) -set(QUIC_BUILD_DIR ${CMAKE_CURRENT_BINARY_DIR}) -set(OPENSSL_DIR ${QUIC_BUILD_DIR}/openssl) -option(QUIC_USE_SYSTEM_LIBCRYPTO "Use system libcrypto if openssl TLS" OFF) +set(QUIC_BUILD_DIR ${CMAKE_CURRENT_BINARY_DIR} CACHE STRING "QUIC build directory") +set(OPENSSL_DIR ${QUIC_BUILD_DIR}/openssl CACHE STRING "OpenSSL build directory") -set(OPENSSL_CONFIG_FLAGS - enable-tls1_3 no-makedepend no-dgram no-ssl3 no-psk no-srp - - # - # The following line is needed for the 3.0 branch. - # - # no-uplink no-cmp no-acvp_tests no-fips no-padlockeng no-siv - - no-zlib no-egd no-idea no-rc5 no-rc4 no-afalgeng - no-comp no-cms no-ct no-srp no-srtp no-ts no-gost no-dso no-ec2m - no-tls1 no-tls1_1 no-tls1_2 no-dtls no-dtls1 no-dtls1_2 no-ssl - no-ssl3-method no-tls1-method no-tls1_1-method no-tls1_2-method no-dtls1-method no-dtls1_2-method - no-siphash no-whirlpool no-aria no-bf no-blake2 no-sm2 no-sm3 no-sm4 no-camellia no-cast no-md4 no-mdc2 no-ocb no-rc2 no-rmd160 no-scrypt - no-weak-ssl-ciphers no-shared no-tests) - -if (WIN32) - - set(LIBSSL_DEBUG_PATH ${OPENSSL_DIR}/debug/lib/libssl${CMAKE_STATIC_LIBRARY_SUFFIX}) - set(LIBCRYPTO_DEBUG_PATH ${OPENSSL_DIR}/debug/lib/libcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}) - set(LIBSSL_PATH ${OPENSSL_DIR}/release/lib/libssl${CMAKE_STATIC_LIBRARY_SUFFIX}) - set(LIBCRYPTO_PATH ${OPENSSL_DIR}/release/lib/libcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}) +set(LIBSSL_DEBUG_PATH ${OPENSSL_DIR}/debug/lib/libssl${CMAKE_STATIC_LIBRARY_SUFFIX}) +set(LIBCRYPTO_DEBUG_PATH ${OPENSSL_DIR}/debug/lib/libcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}) +set(LIBSSL_PATH ${OPENSSL_DIR}/release/lib/libssl${CMAKE_STATIC_LIBRARY_SUFFIX}) +set(LIBCRYPTO_PATH ${OPENSSL_DIR}/release/lib/libcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}) - if (QUIC_UWP_BUILD) - # Translate target architecture into corresponding OpenSSL build flag - if (${SYSTEM_PROCESSOR} STREQUAL "arm64") - set(QUIC_OPENSSL_WIN_ARCH "VC-WIN64-ARM") - elseif (${SYSTEM_PROCESSOR} STREQUAL "arm") - set(QUIC_OPENSSL_WIN_ARCH "VC-WIN32-ARM") - elseif (${SYSTEM_PROCESSOR} STREQUAL "win32") - set(QUIC_OPENSSL_WIN_ARCH "VC-WIN32-ONECORE") - elseif (${SYSTEM_PROCESSOR} STREQUAL "x64" OR ${SYSTEM_PROCESSOR} STREQUAL "amd64") - set(QUIC_OPENSSL_WIN_ARCH "VC-WIN64A-ONECORE") - else() - message(FATAL_ERROR "Unknown Generator Platform ${SYSTEM_PROCESSOR}") - endif() - else() - # Translate target architecture into corresponding OpenSSL build flag - if (${SYSTEM_PROCESSOR} STREQUAL "arm64") - set(QUIC_OPENSSL_WIN_ARCH "VC-WIN64-ARM") - elseif (${SYSTEM_PROCESSOR} STREQUAL "arm") - set(QUIC_OPENSSL_WIN_ARCH "VC-WIN32-ARM") - elseif (${SYSTEM_PROCESSOR} STREQUAL "win32") - set(QUIC_OPENSSL_WIN_ARCH "VC-WIN32") - elseif (${SYSTEM_PROCESSOR} STREQUAL "x64" OR ${SYSTEM_PROCESSOR} STREQUAL "amd64") - set(QUIC_OPENSSL_WIN_ARCH "VC-WIN64A") - else() - message(FATAL_ERROR "Unknown Generator Platform ${SYSTEM_PROCESSOR}") - endif() - endif() - - set(OPENSSL_EXTRA_CONFIGURE_ARGS "") - - if(HAS_SPECTRE) - list(APPEND OPENSSL_EXTRA_CONFIGURE_ARGS /Qspectre) - endif() - - # guard:cf does not work on OpenSSL - # https://github.com/openssl/openssl/issues/16147 - # if(HAS_GUARDCF) - # list(APPEND OPENSSL_EXTRA_CONFIGURE_ARGS /guard:cf) - # endif() +if(NOT WIN32) + message(FATAL_ERROR "This subproject does not yet support non-Win32 platforms") +endif() - find_program(JOM_EXE jom) - if (JOM_EXE) - list(APPEND OPENSSL_EXTRA_CONFIGURE_ARGS /FS) - include(ProcessorCount) - ProcessorCount(NPROCS) - set(OPENSSL_RUN_COMMAND "${JOM_EXE}" -j${NPROCS}) +if (QUIC_UWP_BUILD) + # Translate target architecture into corresponding OpenSSL build flag + if (${SYSTEM_PROCESSOR} STREQUAL "arm64") + set(QUIC_OPENSSL_WIN_ARCH "VC-WIN64-ARM") + elseif (${SYSTEM_PROCESSOR} STREQUAL "arm") + set(QUIC_OPENSSL_WIN_ARCH "VC-WIN32-ARM") + elseif (${SYSTEM_PROCESSOR} STREQUAL "win32") + set(QUIC_OPENSSL_WIN_ARCH "VC-WIN32-ONECORE") + elseif (${SYSTEM_PROCESSOR} STREQUAL "x64" OR ${SYSTEM_PROCESSOR} STREQUAL "amd64") + set(QUIC_OPENSSL_WIN_ARCH "VC-WIN64A-ONECORE") else() - - set(OPENSSL_RUN_COMMAND nmake) - endif() - - list(APPEND OPENSSL_CONFIG_FLAGS - ${QUIC_OPENSSL_WIN_ARCH} ${OPENSSL_EXTRA_CONFIGURE_ARGS}) - - if (QUIC_UWP_BUILD) - list(APPEND OPENSSL_CONFIG_FLAGS no-async) + message(FATAL_ERROR "Unknown Generator Platform ${SYSTEM_PROCESSOR}") endif() - - # Create working and output directories as needed - file(MAKE_DIRECTORY ${OPENSSL_DIR}/debug/include) - file(MAKE_DIRECTORY ${OPENSSL_DIR}/release/include) - file(MAKE_DIRECTORY ${QUIC_BUILD_DIR}/submodules/openssl/debug) - file(MAKE_DIRECTORY ${QUIC_BUILD_DIR}/submodules/openssl/release) - - # Configure steps for debug and release variants - add_custom_command( - WORKING_DIRECTORY $,${QUIC_BUILD_DIR}/submodules/openssl/debug,${QUIC_BUILD_DIR}/submodules/openssl/release> - OUTPUT $,${QUIC_BUILD_DIR}/submodules/openssl/debug/makefile,${QUIC_BUILD_DIR}/submodules/openssl/release/makefile> - COMMAND perl ${CMAKE_CURRENT_SOURCE_DIR}/openssl/Configure ${OPENSSL_CONFIG_FLAGS} $<$:--debug> $<$:--prefix=${OPENSSL_DIR}/debug> $<$>:--prefix=${OPENSSL_DIR}/release> - - COMMENT "OpenSSL configure" - ) - - # Compile/install commands for debug and release variants - add_custom_command( - OUTPUT $,${LIBSSL_DEBUG_PATH},${LIBSSL_PATH}> - OUTPUT $,${LIBCRYPTO_DEBUG_PATH},${LIBCRYPTO_PATH}> - DEPENDS $,${QUIC_BUILD_DIR}/submodules/openssl/debug/makefile,${QUIC_BUILD_DIR}/submodules/openssl/release/makefile> - WORKING_DIRECTORY $,${QUIC_BUILD_DIR}/submodules/openssl/debug,${QUIC_BUILD_DIR}/submodules/openssl/release> - COMMAND ${OPENSSL_RUN_COMMAND} install_dev - COMMENT "OpenSSL build" - ) - - # Named target depending on the final lib artifacts produced by custom commands - add_custom_target( - OpenSSL_Target - DEPENDS - $<$:${LIBSSL_DEBUG_PATH}> - $<$>:${LIBSSL_PATH}> - $<$:${LIBCRYPTO_DEBUG_PATH}> - $<$>:${LIBCRYPTO_PATH}> - ) - set_property(TARGET OpenSSL_Target PROPERTY FOLDER "${QUIC_FOLDER_PREFIX}helpers") - - # Target to export to parent project - add_library(OpenSSLQuic INTERFACE) - add_dependencies(OpenSSLQuic - OpenSSL_Target) - target_include_directories( - OpenSSLQuic - INTERFACE - $<$:${OPENSSL_DIR}/debug/include> - $<$>:${OPENSSL_DIR}/release/include> - ) - target_link_libraries( - OpenSSLQuic - INTERFACE - $<$:${LIBSSL_DEBUG_PATH}> - $<$:${LIBCRYPTO_DEBUG_PATH}> - $<$>:${LIBSSL_PATH}> - $<$>:${LIBCRYPTO_PATH}> - ) - else() - - set(LIBSSL_PATH ${OPENSSL_DIR}/lib/libssl${CMAKE_STATIC_LIBRARY_SUFFIX}) - set(LIBCRYPTO_PATH ${OPENSSL_DIR}/lib/libcrypto${CMAKE_STATIC_LIBRARY_SUFFIX}) - - list(APPEND OPENSSL_CONFIG_FLAGS --prefix=${OPENSSL_DIR}) - - if (QUIC_ENABLE_SANITIZERS) - list(APPEND OPENSSL_CONFIG_FLAGS enable-asan enable-ubsan) - endif() - if(CMAKE_SYSTEM_PROCESSOR STREQUAL arm) - set(OPENSSL_CONFIG_CMD ${CMAKE_CURRENT_SOURCE_DIR}/openssl/Configure - linux-armv4 -DL_ENDIAN - --cross-compile-prefix=${GNU_MACHINE}${FLOAT_ABI_SUFFIX}-) - list(APPEND OPENSSL_CONFIG_FLAGS -latomic) - elseif(CX_PLATFORM STREQUAL "darwin") - # need to build with Apple's compiler - if (CMAKE_OSX_ARCHITECTURES STREQUAL arm64) - set(OPENSSL_CONFIG_CMD ARCHFLAGS="-arch arm64" ${CMAKE_CURRENT_SOURCE_DIR}/openssl/Configure darwin64-arm64-cc) - elseif(CMAKE_OSX_ARCHITECTURES STREQUAL x86_64) - set(OPENSSL_CONFIG_CMD ARCHFLAGS="-arch x86_64" ${CMAKE_CURRENT_SOURCE_DIR}/openssl/Configure darwin64-x86_64-cc) - else() - set(OPENSSL_CONFIG_CMD ${CMAKE_CURRENT_SOURCE_DIR}/openssl/config) - endif() - list(APPEND OPENSSL_CONFIG_FLAGS -isysroot ${CMAKE_OSX_SYSROOT}) - elseif(ANDROID) - message(STATUS "${ANDROID_ABI}") - if(ANDROID_ABI STREQUAL "arm64-v8a") - set(OPENSSL_BUILD_TYPE android-arm64) - elseif(ANDROID_ABI STREQUAL "armeabi-v7a") - set(OPENSSL_BUILD_TYPE android-arm) - elseif(ANDROID_ABI STREQUAL "x86") - set(OPENSSL_BUILD_TYPE android-x86) - elseif(ANDROID_ABI STREQUAL "x86_64") - set(OPENSSL_BUILD_TYPE android-x86_64) - else() - message(FATAL_ERROR "Unknown android abi type") - endif() - set(OPENSSL_CONFIG_CMD ${CMAKE_CURRENT_SOURCE_DIR}/openssl/Configure - ${OPENSSL_BUILD_TYPE} - -D__ANDROID_API__=29) + # Translate target architecture into corresponding OpenSSL build flag + if (${SYSTEM_PROCESSOR} STREQUAL "arm64") + set(QUIC_OPENSSL_WIN_ARCH "VC-WIN64-ARM") + elseif (${SYSTEM_PROCESSOR} STREQUAL "arm") + set(QUIC_OPENSSL_WIN_ARCH "VC-WIN32-ARM") + elseif (${SYSTEM_PROCESSOR} STREQUAL "win32") + set(QUIC_OPENSSL_WIN_ARCH "VC-WIN32") + elseif (${SYSTEM_PROCESSOR} STREQUAL "x64" OR ${SYSTEM_PROCESSOR} STREQUAL "amd64") + set(QUIC_OPENSSL_WIN_ARCH "VC-WIN64A") else() - set(OPENSSL_CONFIG_CMD ${CMAKE_CURRENT_SOURCE_DIR}/openssl/config - CC=${CMAKE_C_COMPILER} CXX=${CMAKE_CXX_COMPILER}) + message(FATAL_ERROR "Unknown Generator Platform ${SYSTEM_PROCESSOR}") endif() +endif() + +set(OPENSSL_EXTRA_CONFIGURE_ARGS "") - # Create working and output directories as needed - file(MAKE_DIRECTORY ${OPENSSL_DIR}/include) - file(MAKE_DIRECTORY ${QUIC_BUILD_DIR}/submodules/openssl) +if(HAS_SPECTRE) + list(APPEND OPENSSL_EXTRA_CONFIGURE_ARGS /Qspectre) +endif() - # Configure steps for debug and release variants - add_custom_command( - WORKING_DIRECTORY ${QUIC_BUILD_DIR}/submodules/openssl - OUTPUT ${QUIC_BUILD_DIR}/submodules/openssl/makefile - COMMAND SYSTEM=${CMAKE_HOST_SYSTEM_NAME} - ${OPENSSL_CONFIG_CMD} ${OPENSSL_CONFIG_FLAGS} - COMMENT "OpenSSL configure" - ) +# guard:cf does not work on OpenSSL +# https://github.com/openssl/openssl/issues/16147 +# if(HAS_GUARDCF) +# list(APPEND OPENSSL_EXTRA_CONFIGURE_ARGS /guard:cf) +# endif() +find_program(JOM_EXE jom) +if (JOM_EXE) + list(APPEND OPENSSL_EXTRA_CONFIGURE_ARGS /FS) include(ProcessorCount) ProcessorCount(NPROCS) + set(OPENSSL_RUN_COMMAND "${JOM_EXE}" -j${NPROCS}) +else() - # Compile/install commands for debug and release variants - add_custom_command( - OUTPUT ${LIBSSL_PATH} - OUTPUT ${LIBCRYPTO_PATH} - DEPENDS ${QUIC_BUILD_DIR}/submodules/openssl/makefile - WORKING_DIRECTORY ${QUIC_BUILD_DIR}/submodules/openssl - COMMAND make install_dev -j${NPROCS} - COMMENT "OpenSSL build" - ) - - # Named target depending on the final lib artifacts produced by custom commands - add_custom_target( - OpenSSL_Target - DEPENDS - ${LIBSSL_PATH} - ${LIBCRYPTO_PATH} - ) - set_property(TARGET OpenSSL_Target PROPERTY FOLDER "${QUIC_FOLDER_PREFIX}helpers") - - # Target to export to parent project - add_library(OpenSSLQuic INTERFACE) - add_dependencies(OpenSSLQuic - OpenSSL_Target) - target_include_directories( - OpenSSLQuic - INTERFACE - ${OPENSSL_DIR}/include - ) + set(OPENSSL_RUN_COMMAND nmake) +endif() - target_link_libraries( - OpenSSLQuic - INTERFACE - ${LIBSSL_PATH} - ) +set(OPENSSL_CONFIG_FLAGS + enable-tls1_3 no-makedepend no-dgram no-ssl3 no-psk no-srp - if (QUIC_USE_SYSTEM_LIBCRYPTO) - include(FindOpenSSL) - if (OPENSSL_FOUND) - if (OPENSSL_VERSION VERSION_EQUAL 1.1.1) - target_link_libraries(OpenSSLQuic INTERFACE OpenSSL::Crypto) - else() - message(FATAL_ERROR "OpenSSL 1.1.1 not found, found ${OPENSSL_VERSION}") - endif() - else() - message(FATAL_ERROR "System OpenSSL not found when requested") - endif() - else() - target_link_libraries( - OpenSSLQuic - INTERFACE - ${LIBCRYPTO_PATH} - ) - endif() + # + # The following line is needed for the 3.0 branch. + # + # no-uplink no-cmp no-acvp_tests no-fips no-padlockeng no-siv + no-zlib no-egd no-idea no-rc5 no-rc4 no-afalgeng + no-comp no-cms no-ct no-srp no-srtp no-ts no-gost no-dso no-ec2m + no-tls1 no-tls1_1 no-tls1_2 no-dtls no-dtls1 no-dtls1_2 no-ssl + no-ssl3-method no-tls1-method no-tls1_1-method no-tls1_2-method no-dtls1-method no-dtls1_2-method + no-siphash no-whirlpool no-aria no-bf no-blake2 no-sm2 no-sm3 no-sm4 no-camellia no-cast no-md4 no-mdc2 no-ocb no-rc2 no-rmd160 no-scrypt + no-weak-ssl-ciphers no-shared no-tests ${QUIC_OPENSSL_WIN_ARCH} ${OPENSSL_EXTRA_CONFIGURE_ARGS}) +if (QUIC_UWP_BUILD) + list(APPEND OPENSSL_CONFIG_FLAGS no-async) endif() + +# Create working and output directories as needed +file(MAKE_DIRECTORY ${OPENSSL_DIR}/debug/include) +file(MAKE_DIRECTORY ${OPENSSL_DIR}/release/include) +file(MAKE_DIRECTORY ${QUIC_BUILD_DIR}/submodules/openssl/debug) +file(MAKE_DIRECTORY ${QUIC_BUILD_DIR}/submodules/openssl/release) + +# Configure steps for debug and release variants +add_custom_command( + WORKING_DIRECTORY $,${QUIC_BUILD_DIR}/submodules/openssl/debug,${QUIC_BUILD_DIR}/submodules/openssl/release> + OUTPUT $,${QUIC_BUILD_DIR}/submodules/openssl/debug/makefile,${QUIC_BUILD_DIR}/submodules/openssl/release/makefile> + COMMAND perl ${CMAKE_CURRENT_SOURCE_DIR}/openssl/Configure ${OPENSSL_CONFIG_FLAGS} $<$:--debug> $<$:--prefix=${OPENSSL_DIR}/debug> $<$>:--prefix=${OPENSSL_DIR}/release> + + COMMENT "OpenSSL configure" +) + +# Compile/install commands for debug and release variants +add_custom_command( + OUTPUT $,${LIBSSL_DEBUG_PATH},${LIBSSL_PATH}> + OUTPUT $,${LIBCRYPTO_DEBUG_PATH},${LIBCRYPTO_PATH}> + DEPENDS $,${QUIC_BUILD_DIR}/submodules/openssl/debug/makefile,${QUIC_BUILD_DIR}/submodules/openssl/release/makefile> + WORKING_DIRECTORY $,${QUIC_BUILD_DIR}/submodules/openssl/debug,${QUIC_BUILD_DIR}/submodules/openssl/release> + COMMAND ${OPENSSL_RUN_COMMAND} install_dev + COMMENT "OpenSSL build" +) + +# Named target depending on the final lib artifacts produced by custom commands +add_custom_target( + OpenSSL_Target + DEPENDS + $<$:${LIBSSL_DEBUG_PATH}> + $<$>:${LIBSSL_PATH}> + $<$:${LIBCRYPTO_DEBUG_PATH}> + $<$>:${LIBCRYPTO_PATH}> +) +set_property(TARGET OpenSSL_Target PROPERTY FOLDER "${QUIC_FOLDER_PREFIX}helpers") + +# Target to export to parent project +add_library(OpenSSLQuic INTERFACE) +add_dependencies(OpenSSLQuic + OpenSSL_Target) +target_include_directories( + OpenSSLQuic + INTERFACE + $<$:${OPENSSL_DIR}/debug/include> + $<$>:${OPENSSL_DIR}/release/include> +) +target_link_libraries( + OpenSSLQuic + INTERFACE + $<$:${LIBSSL_DEBUG_PATH}> + $<$:${LIBCRYPTO_DEBUG_PATH}> + $<$>:${LIBSSL_PATH}> + $<$>:${LIBCRYPTO_PATH}> +) + +add_library(OpenSSLQuic::OpenSSLQuic ALIAS OpenSSLQuic)