import_openssl.sh - platform/external/openssl - Git at Google

 #!/bin/bash
 #
 # Copyright (C) 2009 The Android Open Source Project
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #

 #
 # This script imports new versions of OpenSSL (http://openssl.org/source) into the
 # Android source tree.  To run, (1) fetch the appropriate tarball from the OpenSSL repository,
 # (2) check the gpg/pgp signature, and then (3) run:
 #   ./import_openssl.sh openssl-*.tar.gz
 #
 # IMPORTANT: See README.android for additional details.

 # turn on exit on error as well as a warning when it happens
 set -e
 trap  "echo WARNING: Exiting on non-zero subprocess exit code" ERR;

 function die() {
   declare -r message=$1

   echo $message
   exit 1
 }

 function usage() {
   declare -r message=$1

   if [ ! "$message" = "" ]; then
     echo $message
   fi
   echo "Usage:"
   echo "  ./import_openssl.sh import /path/to/openssl-*.tar.gz"
   echo "  ./import_openssl.sh regenerate patch/*.patch"
   exit 1
 }

 function main() {
   if [ ! -f openssl.config ]; then
     die "openssl.config not found"
   fi

   if [ ! -f openssl.version ]; then
     die "openssl.version not found"
   fi

   if [ ! -d patches ]; then
     die "OpenSSL patch directory patches/ not found"
   fi

   source openssl.config
   source openssl.version

   if [ "$CONFIGURE_ARGS" == "" ]; then
     die "Invalid openssl.config; see README.android for more information"
   fi

   declare -r command=$1
   shift || usage "No command specified. Try import or regenerate."
   if [ "$command" = "import" ]; then
     declare -r tar=$1
     shift || usage "No tar file specified."
     import $tar
   elif [ "$command" = "regenerate" ]; then
     declare -r patch=$1
     shift || usage "No patch file specified."
     regenerate $patch
   else
     usage "Unknown command specified $command. Try import or regenerate."
   fi
 }

 function import() {
   declare -r OPENSSL_SOURCE=$1

   declare -r NEW_OPENSSL_VERSION=`expr match "$OPENSSL_SOURCE" '.*-\(.*\).tar.gz' || true`
   if [ "$NEW_OPENSSL_VERSION" == "" ]; then
     die "Invalid openssl source filename: $OPENSSL_SOURCE"
   fi

   # Remove old source
   if [ "$OPENSSL_VERSION" == "" ]; then
     die "OPENSSL_VERSION not declared in openssl.version"
   else
     rm -rf openssl-$OPENSSL_VERSION.orig/
     rm -rf openssl-$OPENSSL_VERSION/
   fi

   # Process new source
   OPENSSL_VERSION=$NEW_OPENSSL_VERSION
   rm -rf openssl-$OPENSSL_VERSION/     # remove stale files
   tar -zxf $OPENSSL_SOURCE
   mv openssl-$OPENSSL_VERSION openssl-$OPENSSL_VERSION.orig
   find openssl-$OPENSSL_VERSION.orig -type f -print0 | xargs -0 chmod a-w
   tar -zxf $OPENSSL_SOURCE
   cd openssl-$OPENSSL_VERSION

   # Apply appropriate patches
   for i in $OPENSSL_PATCHES; do
     echo "Applying patch $i"
     patch -p1 < ../patches/$i || die "Could not apply patches/$i. Fix source and run: $0 regenerate patches/$i"
   done

   # Cleanup patch output
   find . -type f -name "*.orig" -print0 | xargs -0 rm -f

   # Configure source (and print Makefile defines for review, see README.android)
   ./Configure $CONFIGURE_ARGS
   echo
   echo BEGIN Makefile defines to compare with android-config.mk
   echo
   grep -e -D Makefile | grep -v CONFIGURE_ARGS= | grep -v OPTIONS= | grep -v -e -DOPENSSL_NO_DEPRECATED
   echo
   echo END Makefile defines to compare with android-config.mk
   echo

   # TODO(): Fixup android-config.mk

   cp -f LICENSE ../NOTICE
   touch ../MODULE_LICENSE_BSD_LIKE

   # Avoid checking in symlinks
   for i in `find include/openssl -type l`; do
     target=`readlink $i`
     rm -f $i
     if [ -f include/openssl/$target ]; then
       cp include/openssl/$target $i
     fi
   done

   # Copy Makefiles
   cp ../patches/apps_Android.mk apps/Android.mk
   cp ../patches/crypto_Android.mk crypto/Android.mk
   cp ../patches/ssl_Android.mk ssl/Android.mk

   # Generate asm
   perl crypto/aes/asm/aes-armv4.pl         > crypto/aes/asm/aes-armv4.s
   perl crypto/bn/asm/armv4-mont.pl         > crypto/bn/asm/armv4-mont.s
   perl crypto/sha/asm/sha1-armv4-large.pl  > crypto/sha/asm/sha1-armv4-large.s
   perl crypto/sha/asm/sha256-armv4.pl      > crypto/sha/asm/sha256-armv4.s
   perl crypto/sha/asm/sha512-armv4.pl      > crypto/sha/asm/sha512-armv4.s

   # Setup android.testssl directory
   mkdir android.testssl
   cat test/testssl | \
     sed 's#../util/shlib_wrap.sh ./ssltest#adb shell /system/bin/ssltest#' | \
     sed 's#../util/shlib_wrap.sh ../apps/openssl#adb shell /system/bin/openssl#' | \
     sed 's#adb shell /system/bin/openssl no-dh#[ `adb shell /system/bin/openssl no-dh` = no-dh ]#' | \
     sed 's#adb shell /system/bin/openssl no-rsa#[ `adb shell /system/bin/openssl no-rsa` = no-dh ]#' | \
     sed 's#../apps/server2.pem#/sdcard/android.testssl/server2.pem#' | \
     cat > \
     android.testssl/testssl
   chmod +x android.testssl/testssl
   cat test/Uss.cnf | sed 's#./.rnd#/sdcard/android.testssl/.rnd#' >> android.testssl/Uss.cnf
   cat test/CAss.cnf | sed 's#./.rnd#/sdcard/android.testssl/.rnd#' >> android.testssl/CAss.cnf
   cp apps/server2.pem android.testssl/
   cp ../patches/testssl.sh android.testssl/

   # Prune unnecessary sources
   rm -rf $UNNEEDED_SOURCES

   cd ..
   rm -rf include/
   cp -af openssl-$OPENSSL_VERSION/include .
   rm -rf apps/
   mv openssl-$OPENSSL_VERSION/apps .
   rm -rf ssl/
   mv openssl-$OPENSSL_VERSION/ssl .
   rm -rf crypto/
   mv openssl-$OPENSSL_VERSION/crypto .
   rm -rf android.testssl/
   mv openssl-$OPENSSL_VERSION/android.testssl .
   rm -f e_os.h e_os2.h
   mv openssl-$OPENSSL_VERSION/e_os.h openssl-$OPENSSL_VERSION/e_os2.h .
   rm -rf openssl-$OPENSSL_VERSION.orig/
   rm -rf openssl-$OPENSSL_VERSION/
 }

 function regenerate() {
   declare -r patch=$1

   declare -r variable_name=OPENSSL_PATCHES_`basename $patch .patch | sed s/-/_/`_SOURCES
   # http://tldp.org/LDP/abs/html/ivr.html
   eval declare -r sources=\$$variable_name
   rm -f $patch
   touch $patch
   for i in $sources; do
     diff -uap openssl-$OPENSSL_VERSION.orig/$i openssl-$OPENSSL_VERSION/$i >> $patch && die "ERROR: No diff for patch $path in file $i"
   done
 }

 main $@
	#!/bin/bash
	#
	# Copyright (C) 2009 The Android Open Source Project
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	#

	#
	# This script imports new versions of OpenSSL (http://openssl.org/source) into the
	# Android source tree. To run, (1) fetch the appropriate tarball from the OpenSSL repository,
	# (2) check the gpg/pgp signature, and then (3) run:
	# ./import_openssl.sh openssl-*.tar.gz
	#
	# IMPORTANT: See README.android for additional details.

	# turn on exit on error as well as a warning when it happens
	set -e
	trap "echo WARNING: Exiting on non-zero subprocess exit code" ERR;

	function die() {
	declare -r message=$1

	echo $message
	exit 1
	}

	function usage() {
	declare -r message=$1

	if [ ! "$message" = "" ]; then
	echo $message
	fi
	echo "Usage:"
	echo " ./import_openssl.sh import /path/to/openssl-*.tar.gz"
	echo " ./import_openssl.sh regenerate patch/*.patch"
	exit 1
	}

	function main() {
	if [ ! -f openssl.config ]; then
	die "openssl.config not found"
	fi

	if [ ! -f openssl.version ]; then
	die "openssl.version not found"
	fi

	if [ ! -d patches ]; then
	die "OpenSSL patch directory patches/ not found"
	fi

	source openssl.config
	source openssl.version

	if [ "$CONFIGURE_ARGS" == "" ]; then
	die "Invalid openssl.config; see README.android for more information"
	fi

	declare -r command=$1
	shift \|\| usage "No command specified. Try import or regenerate."
	if [ "$command" = "import" ]; then
	declare -r tar=$1
	shift \|\| usage "No tar file specified."
	import $tar
	elif [ "$command" = "regenerate" ]; then
	declare -r patch=$1
	shift \|\| usage "No patch file specified."
	regenerate $patch
	else
	usage "Unknown command specified $command. Try import or regenerate."
	fi
	}

	function import() {
	declare -r OPENSSL_SOURCE=$1

	declare -r NEW_OPENSSL_VERSION=`expr match "$OPENSSL_SOURCE" '.-\(.\).tar.gz' \|\| true`
	if [ "$NEW_OPENSSL_VERSION" == "" ]; then
	die "Invalid openssl source filename: $OPENSSL_SOURCE"
	fi

	# Remove old source
	if [ "$OPENSSL_VERSION" == "" ]; then
	die "OPENSSL_VERSION not declared in openssl.version"
	else
	rm -rf openssl-$OPENSSL_VERSION.orig/
	rm -rf openssl-$OPENSSL_VERSION/
	fi

	# Process new source
	OPENSSL_VERSION=$NEW_OPENSSL_VERSION
	rm -rf openssl-$OPENSSL_VERSION/ # remove stale files
	tar -zxf $OPENSSL_SOURCE
	mv openssl-$OPENSSL_VERSION openssl-$OPENSSL_VERSION.orig
	find openssl-$OPENSSL_VERSION.orig -type f -print0 \| xargs -0 chmod a-w
	tar -zxf $OPENSSL_SOURCE
	cd openssl-$OPENSSL_VERSION

	# Apply appropriate patches
	for i in $OPENSSL_PATCHES; do
	echo "Applying patch $i"
	patch -p1 < ../patches/$i \|\| die "Could not apply patches/$i. Fix source and run: $0 regenerate patches/$i"
	done

	# Cleanup patch output
	find . -type f -name "*.orig" -print0 \| xargs -0 rm -f

	# Configure source (and print Makefile defines for review, see README.android)
	./Configure $CONFIGURE_ARGS
	echo
	echo BEGIN Makefile defines to compare with android-config.mk
	echo
	grep -e -D Makefile \| grep -v CONFIGURE_ARGS= \| grep -v OPTIONS= \| grep -v -e -DOPENSSL_NO_DEPRECATED
	echo
	echo END Makefile defines to compare with android-config.mk
	echo

	# TODO(): Fixup android-config.mk

	cp -f LICENSE ../NOTICE
	touch ../MODULE_LICENSE_BSD_LIKE

	# Avoid checking in symlinks
	for i in `find include/openssl -type l`; do
	target=`readlink $i`
	rm -f $i
	if [ -f include/openssl/$target ]; then
	cp include/openssl/$target $i
	fi
	done

	# Copy Makefiles
	cp ../patches/apps_Android.mk apps/Android.mk
	cp ../patches/crypto_Android.mk crypto/Android.mk
	cp ../patches/ssl_Android.mk ssl/Android.mk

	# Generate asm
	perl crypto/aes/asm/aes-armv4.pl > crypto/aes/asm/aes-armv4.s
	perl crypto/bn/asm/armv4-mont.pl > crypto/bn/asm/armv4-mont.s
	perl crypto/sha/asm/sha1-armv4-large.pl > crypto/sha/asm/sha1-armv4-large.s
	perl crypto/sha/asm/sha256-armv4.pl > crypto/sha/asm/sha256-armv4.s
	perl crypto/sha/asm/sha512-armv4.pl > crypto/sha/asm/sha512-armv4.s

	# Setup android.testssl directory
	mkdir android.testssl
	cat test/testssl \| \
	sed 's#../util/shlib_wrap.sh ./ssltest#adb shell /system/bin/ssltest#' \| \
	sed 's#../util/shlib_wrap.sh ../apps/openssl#adb shell /system/bin/openssl#' \| \
	sed 's#adb shell /system/bin/openssl no-dh#[ `adb shell /system/bin/openssl no-dh` = no-dh ]#' \| \
	sed 's#adb shell /system/bin/openssl no-rsa#[ `adb shell /system/bin/openssl no-rsa` = no-dh ]#' \| \
	sed 's#../apps/server2.pem#/sdcard/android.testssl/server2.pem#' \| \
	cat > \
	android.testssl/testssl
	chmod +x android.testssl/testssl
	cat test/Uss.cnf \| sed 's#./.rnd#/sdcard/android.testssl/.rnd#' >> android.testssl/Uss.cnf
	cat test/CAss.cnf \| sed 's#./.rnd#/sdcard/android.testssl/.rnd#' >> android.testssl/CAss.cnf
	cp apps/server2.pem android.testssl/
	cp ../patches/testssl.sh android.testssl/

	# Prune unnecessary sources
	rm -rf $UNNEEDED_SOURCES

	cd ..
	rm -rf include/
	cp -af openssl-$OPENSSL_VERSION/include .
	rm -rf apps/
	mv openssl-$OPENSSL_VERSION/apps .
	rm -rf ssl/
	mv openssl-$OPENSSL_VERSION/ssl .
	rm -rf crypto/
	mv openssl-$OPENSSL_VERSION/crypto .
	rm -rf android.testssl/
	mv openssl-$OPENSSL_VERSION/android.testssl .
	rm -f e_os.h e_os2.h
	mv openssl-$OPENSSL_VERSION/e_os.h openssl-$OPENSSL_VERSION/e_os2.h .
	rm -rf openssl-$OPENSSL_VERSION.orig/
	rm -rf openssl-$OPENSSL_VERSION/
	}

	function regenerate() {
	declare -r patch=$1

	declare -r variable_name=OPENSSL_PATCHES_`basename $patch .patch \| sed s/-/_/`_SOURCES
	# http://tldp.org/LDP/abs/html/ivr.html
	eval declare -r sources=\$$variable_name
	rm -f $patch
	touch $patch
	for i in $sources; do
	diff -uap openssl-$OPENSSL_VERSION.orig/$i openssl-$OPENSSL_VERSION/$i >> $patch && die "ERROR: No diff for patch $path in file $i"
	done
	}

	main $@