1 | |
---|
2 | INSTALLATION ON THE WIN32 PLATFORM |
---|
3 | ---------------------------------- |
---|
4 | |
---|
5 | Heres a few comments about building OpenSSL in Windows environments. Most of |
---|
6 | this is tested on Win32 but it may also work in Win 3.1 with some |
---|
7 | modification. |
---|
8 | |
---|
9 | You need Perl for Win32 (available from http://www.activestate.com/ActivePerl) |
---|
10 | and one of the following C compilers: |
---|
11 | |
---|
12 | * Visual C++ |
---|
13 | * Borland C |
---|
14 | * GNU C (Mingw32 or Cygwin32) |
---|
15 | |
---|
16 | If you want to compile in the assembly language routines with Visual C++ then |
---|
17 | you will need an assembler. This is worth doing because it will result in |
---|
18 | faster code: for example it will typically result in a 2 times speedup in the |
---|
19 | RSA routines. Currently the following assemblers are supported: |
---|
20 | |
---|
21 | * Microsoft MASM (aka "ml") |
---|
22 | * Free Netwide Assembler NASM. |
---|
23 | |
---|
24 | MASM was at one point distributed with VC++. It is now distributed with some |
---|
25 | Microsoft DDKs, for example the Windows NT 4.0 DDK and the Windows 98 DDK. If |
---|
26 | you do not have either of these DDKs then you can just download the binaries |
---|
27 | for the Windows 98 DDK and extract and rename the two files XXXXXml.exe and |
---|
28 | XXXXXml.err, to ml.exe and ml.err and install somewhere on your PATH. Both |
---|
29 | DDKs can be downloaded from the Microsoft developers site www.msdn.com. |
---|
30 | |
---|
31 | NASM is freely available. Version 0.98 was used during testing: other versions |
---|
32 | may also work. It is available from many places, see for example: |
---|
33 | http://www.kernel.org/pub/software/devel/nasm/binaries/win32/ |
---|
34 | The NASM binary nasmw.exe needs to be installed anywhere on your PATH. |
---|
35 | |
---|
36 | If you are compiling from a tarball or a CVS snapshot then the Win32 files |
---|
37 | may well be not up to date. This may mean that some "tweaking" is required to |
---|
38 | get it all to work. See the trouble shooting section later on for if (when?) |
---|
39 | it goes wrong. |
---|
40 | |
---|
41 | Visual C++ |
---|
42 | ---------- |
---|
43 | |
---|
44 | Firstly you should run Configure: |
---|
45 | |
---|
46 | > perl Configure VC-WIN32 |
---|
47 | |
---|
48 | Next you need to build the Makefiles and optionally the assembly language |
---|
49 | files: |
---|
50 | |
---|
51 | - If you are using MASM then run: |
---|
52 | |
---|
53 | > ms\do_masm |
---|
54 | |
---|
55 | - If you are using NASM then run: |
---|
56 | |
---|
57 | > ms\do_nasm |
---|
58 | |
---|
59 | - If you don't want to use the assembly language files at all then run: |
---|
60 | |
---|
61 | > ms\do_ms |
---|
62 | |
---|
63 | If you get errors about things not having numbers assigned then check the |
---|
64 | troubleshooting section: you probably won't be able to compile it as it |
---|
65 | stands. |
---|
66 | |
---|
67 | Then from the VC++ environment at a prompt do: |
---|
68 | |
---|
69 | > nmake -f ms\ntdll.mak |
---|
70 | |
---|
71 | If all is well it should compile and you will have some DLLs and executables |
---|
72 | in out32dll. If you want to try the tests then do: |
---|
73 | |
---|
74 | > cd out32dll |
---|
75 | > ..\ms\test |
---|
76 | |
---|
77 | Tweaks: |
---|
78 | |
---|
79 | There are various changes you can make to the Win32 compile environment. By |
---|
80 | default the library is not compiled with debugging symbols. If you add 'debug' |
---|
81 | to the mk1mk.pl lines in the do_* batch file then debugging symbols will be |
---|
82 | compiled in. |
---|
83 | |
---|
84 | The default Win32 environment is to leave out any Windows NT specific |
---|
85 | features. |
---|
86 | |
---|
87 | If you want to enable the NT specific features of OpenSSL (currently only the |
---|
88 | logging BIO) follow the instructions above but call the batch file do_nt.bat |
---|
89 | instead of do_ms.bat. |
---|
90 | |
---|
91 | You can also build a static version of the library using the Makefile |
---|
92 | ms\nt.mak |
---|
93 | |
---|
94 | Borland C++ builder 3 and 4 |
---|
95 | --------------------------- |
---|
96 | |
---|
97 | * Setup PATH. First must be GNU make then bcb4/bin |
---|
98 | |
---|
99 | * Run ms\bcb4.bat |
---|
100 | |
---|
101 | * Run make: |
---|
102 | > make -f bcb.mak |
---|
103 | |
---|
104 | GNU C (Mingw32) |
---|
105 | --------------- |
---|
106 | |
---|
107 | To build OpenSSL, you need the Mingw32 package and GNU make. |
---|
108 | |
---|
109 | * Compiler installation: |
---|
110 | |
---|
111 | Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/ |
---|
112 | gnu-win32/mingw32/gcc-2.95.2/gcc-2.95.2-msvcrt.exe>. GNU make is at |
---|
113 | <ftp://agnes.dida.physik.uni-essen.de/home/janjaap/mingw32/binaries/ |
---|
114 | make-3.76.1.zip>. Install both of them in C:\egcs-1.1.2 and run |
---|
115 | C:\egcs-1.1.2\mingw32.bat to set the PATH. |
---|
116 | |
---|
117 | * Compile OpenSSL: |
---|
118 | |
---|
119 | > ms\mingw32 |
---|
120 | |
---|
121 | This will create the library and binaries in out. In case any problems |
---|
122 | occur, try |
---|
123 | > ms\mingw32 no-asm |
---|
124 | instead. |
---|
125 | |
---|
126 | libcrypto.a and libssl.a are the static libraries. To use the DLLs, |
---|
127 | link with libeay32.a and libssl32.a instead. |
---|
128 | |
---|
129 | See troubleshooting if you get error messages about functions not having |
---|
130 | a number assigned. |
---|
131 | |
---|
132 | * You can now try the tests: |
---|
133 | |
---|
134 | > cd out |
---|
135 | > ..\ms\test |
---|
136 | |
---|
137 | GNU C (CygWin32) |
---|
138 | --------------- |
---|
139 | |
---|
140 | CygWin32 provides a bash shell and GNU tools environment running on |
---|
141 | NT 4.0, Windows 9x and Windows 2000. Consequently, a make of OpenSSL |
---|
142 | with CygWin is closer to a GNU bash environment such as Linux rather |
---|
143 | than other W32 makes that are based on a single makefile approach. |
---|
144 | CygWin32 implements Posix/Unix calls through cygwin1.dll, and is |
---|
145 | contrasted to Mingw32 which links dynamically to msvcrt.dll or |
---|
146 | crtdll.dll. |
---|
147 | |
---|
148 | To build OpenSSL using CygWin32: |
---|
149 | |
---|
150 | * Install CygWin32 (see http://sourceware.cygnus.com/cygwin) |
---|
151 | |
---|
152 | * Install Perl and ensure it is in the path |
---|
153 | |
---|
154 | * Run the CygWin bash shell |
---|
155 | |
---|
156 | * $ tar zxvf openssl-x.x.x.tar.gz |
---|
157 | $ cd openssl-x.x.x |
---|
158 | $ ./Configure no-threads CygWin32 |
---|
159 | [...] |
---|
160 | $ make |
---|
161 | [...] |
---|
162 | $ make test |
---|
163 | $ make install |
---|
164 | |
---|
165 | This will create a default install in /usr/local/ssl. |
---|
166 | |
---|
167 | CygWin32 Notes: |
---|
168 | |
---|
169 | "make test" and normal file operations may fail in directories |
---|
170 | mounted as text (i.e. mount -t c:\somewhere /home) due to CygWin |
---|
171 | stripping of carriage returns. To avoid this ensure that a binary |
---|
172 | mount is used, e.g. mount -b c:\somewhere /home. |
---|
173 | |
---|
174 | As of version 1.1.1 CygWin32 is relatively unstable in its handling |
---|
175 | of cr/lf issues. These make procedures succeeded with versions 1.1 and |
---|
176 | the snapshot 20000524 (Slow!). |
---|
177 | |
---|
178 | "bc" is not provided in the CygWin32 distribution. This causes a |
---|
179 | non-fatal error in "make test" but is otherwise harmless. If |
---|
180 | desired, GNU bc can be built with CygWin32 without change. |
---|
181 | |
---|
182 | |
---|
183 | Installation |
---|
184 | ------------ |
---|
185 | |
---|
186 | There's currently no real installation procedure for Win32. There are, |
---|
187 | however, some suggestions: |
---|
188 | |
---|
189 | - do nothing. The include files are found in the inc32/ subdirectory, |
---|
190 | all binaries are found in out32dll/ or out32/ depending if you built |
---|
191 | dynamic or static libraries. |
---|
192 | |
---|
193 | - do as is written in INSTALL.Win32 that comes with modssl: |
---|
194 | |
---|
195 | $ md c:\openssl |
---|
196 | $ md c:\openssl\bin |
---|
197 | $ md c:\openssl\lib |
---|
198 | $ md c:\openssl\include |
---|
199 | $ md c:\openssl\include\openssl |
---|
200 | $ copy /b inc32\* c:\openssl\include\openssl |
---|
201 | $ copy /b out32dll\ssleay32.lib c:\openssl\lib |
---|
202 | $ copy /b out32dll\libeay32.lib c:\openssl\lib |
---|
203 | $ copy /b out32dll\ssleay32.dll c:\openssl\bin |
---|
204 | $ copy /b out32dll\libeay32.dll c:\openssl\bin |
---|
205 | $ copy /b out32dll\openssl.exe c:\openssl\bin |
---|
206 | |
---|
207 | Of course, you can choose another device than c:. C: is used here |
---|
208 | because that's usually the first (and often only) harddisk device. |
---|
209 | Note: in the modssl INSTALL.Win32, p: is used rather than c:. |
---|
210 | |
---|
211 | |
---|
212 | Troubleshooting |
---|
213 | --------------- |
---|
214 | |
---|
215 | Since the Win32 build is only occasionally tested it may not always compile |
---|
216 | cleanly. If you get an error about functions not having numbers assigned |
---|
217 | when you run ms\do_ms then this means the Win32 ordinal files are not up to |
---|
218 | date. You can do: |
---|
219 | |
---|
220 | > perl util\mkdef.pl crypto ssl update |
---|
221 | |
---|
222 | then ms\do_XXX should not give a warning any more. However the numbers that |
---|
223 | get assigned by this technique may not match those that eventually get |
---|
224 | assigned in the CVS tree: so anything linked against this version of the |
---|
225 | library may need to be recompiled. |
---|
226 | |
---|
227 | If you get errors about unresolved symbols there are several possible |
---|
228 | causes. |
---|
229 | |
---|
230 | If this happens when the DLL is being linked and you have disabled some |
---|
231 | ciphers then it is possible the DEF file generator hasn't removed all |
---|
232 | the disabled symbols: the easiest solution is to edit the DEF files manually |
---|
233 | to delete them. The DEF files are ms\libeay32.def ms\ssleay32.def. |
---|
234 | |
---|
235 | Another cause is if you missed or ignored the errors about missing numbers |
---|
236 | mentioned above. |
---|
237 | |
---|
238 | If you get warnings in the code then the compilation will halt. |
---|
239 | |
---|
240 | The default Makefile for Win32 halts whenever any warnings occur. Since VC++ |
---|
241 | has its own ideas about warnings which don't always match up to other |
---|
242 | environments this can happen. The best fix is to edit the file with the |
---|
243 | warning in and fix it. Alternatively you can turn off the halt on warnings by |
---|
244 | editing the CFLAG line in the Makefile and deleting the /WX option. |
---|
245 | |
---|
246 | You might get compilation errors. Again you will have to fix these or report |
---|
247 | them. |
---|
248 | |
---|
249 | One final comment about compiling applications linked to the OpenSSL library. |
---|
250 | If you don't use the multithreaded DLL runtime library (/MD option) your |
---|
251 | program will almost certainly crash because malloc gets confused -- the |
---|
252 | OpenSSL DLLs are statically linked to one version, the application must |
---|
253 | not use a different one. You might be able to work around such problems |
---|
254 | by adding CRYPTO_malloc_init() to your program before any calls to the |
---|
255 | OpenSSL libraries: This tells the OpenSSL libraries to use the same |
---|
256 | malloc(), free() and realloc() as the application. However there are many |
---|
257 | standard library functions used by OpenSSL that call malloc() internally |
---|
258 | (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot |
---|
259 | rely on CYRPTO_malloc_init() solving your problem, and you should |
---|
260 | consistently use the multithreaded library. |
---|