"Fossies" - the Fresh Open Source Software Archive

Member "SAOImageDS9/openssl/INSTALL" (13 Nov 2019, 15311 Bytes) of package /linux/misc/ds9.8.1.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 
    2  INSTALLATION ON THE UNIX PLATFORM
    3  ---------------------------------
    4 
    5  [Installation on DOS (with djgpp), Windows, OpenVMS, MacOS (before MacOS X)
    6   and NetWare is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS,
    7   INSTALL.MacOS and INSTALL.NW.
    8   
    9   This document describes installation on operating systems in the Unix
   10   family.]
   11 
   12  To install OpenSSL, you will need:
   13 
   14   * make
   15   * Perl 5
   16   * an ANSI C compiler
   17   * a development environment in form of development libraries and C
   18     header files
   19   * a supported Unix operating system
   20 
   21  Quick Start
   22  -----------
   23 
   24  If you want to just get on with it, do:
   25 
   26   $ ./config
   27   $ make
   28   $ make test
   29   $ make install
   30 
   31  [If any of these steps fails, see section Installation in Detail below.]
   32 
   33  This will build and install OpenSSL in the default location, which is (for
   34  historical reasons) /usr/local/ssl. If you want to install it anywhere else,
   35  run config like this:
   36 
   37   $ ./config --prefix=/usr/local --openssldir=/usr/local/openssl
   38 
   39 
   40  Configuration Options
   41  ---------------------
   42 
   43  There are several options to ./config (or ./Configure) to customize
   44  the build:
   45 
   46   --prefix=DIR  Install in DIR/bin, DIR/lib, DIR/include/openssl.
   47 	        Configuration files used by OpenSSL will be in DIR/ssl
   48                 or the directory specified by --openssldir.
   49 
   50   --openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
   51                 the library files and binaries are also installed there.
   52 
   53   no-threads    Don't try to build with support for multi-threaded
   54                 applications.
   55 
   56   threads       Build with support for multi-threaded applications.
   57                 This will usually require additional system-dependent options!
   58                 See "Note on multi-threading" below.
   59 
   60   no-zlib       Don't try to build with support for zlib compression and
   61                 decompression.
   62 
   63   zlib          Build with support for zlib compression/decompression.
   64 
   65   zlib-dynamic  Like "zlib", but has OpenSSL load the zlib library dynamically
   66                 when needed.  This is only supported on systems where loading
   67                 of shared libraries is supported.  This is the default choice.
   68 
   69   no-shared     Don't try to create shared libraries.
   70 
   71   shared        In addition to the usual static libraries, create shared
   72                 libraries on platforms where it's supported.  See "Note on
   73                 shared libraries" below.
   74 
   75   no-asm        Do not use assembler code.
   76 
   77   386           In 32-bit x86 builds, when generating assembly modules,
   78                 use the 80386 instruction set only (the default x86 code
   79                 is more efficient, but requires at least a 486). Note:
   80                 This doesn't affect code generated by compiler, you're
   81                 likely to complement configuration command line with
   82                 suitable compiler-specific option.
   83 
   84   no-sse2       Exclude SSE2 code paths from 32-bit x86 assembly modules.
   85                 Normally SSE2 extension is detected at run-time, but the
   86                 decision whether or not the machine code will be executed
   87                 is taken solely on CPU capability vector. This means that
   88                 if you happen to run OS kernel which does not support SSE2
   89                 extension on Intel P4 processor, then your application
   90                 might be exposed to "illegal instruction" exception.
   91                 There might be a way to enable support in kernel, e.g.
   92                 FreeBSD kernel can  be compiled with CPU_ENABLE_SSE, and
   93                 there is a way to disengage SSE2 code paths upon application
   94                 start-up, but if you aim for wider "audience" running
   95                 such kernel, consider no-sse2. Both the 386 and
   96                 no-asm options imply no-sse2.
   97 
   98   no-<cipher>   Build without the specified cipher (bf, cast, des, dh, dsa,
   99                 hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
  100                 The crypto/<cipher> directory can be removed after running
  101                 "make depend".
  102 
  103   -Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
  104                 be passed through to the compiler to allow you to
  105                 define preprocessor symbols, specify additional libraries,
  106                 library directories or other compiler options. It might be
  107                 worth noting that some compilers generate code specifically
  108                 for processor the compiler currently executes on. This is
  109                 not necessarily what you might have in mind, since it might
  110                 be unsuitable for execution on other, typically older,
  111                 processor. Consult your compiler documentation.
  112 
  113   -DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
  114 		BSD. Useful if you are running ocf-linux or something
  115 		similar. Once enabled you can also enable the use of
  116 		cryptodev digests, which is usually slower unless you have
  117 		large amounts data. Use -DUSE_CRYPTODEV_DIGESTS to force
  118 		it.
  119 
  120  Installation in Detail
  121  ----------------------
  122 
  123  1a. Configure OpenSSL for your operation system automatically:
  124 
  125        $ ./config [options]
  126 
  127      This guesses at your operating system (and compiler, if necessary) and
  128      configures OpenSSL based on this guess. Run ./config -t to see
  129      if it guessed correctly. If you want to use a different compiler, you
  130      are cross-compiling for another platform, or the ./config guess was
  131      wrong for other reasons, go to step 1b. Otherwise go to step 2.
  132 
  133      On some systems, you can include debugging information as follows:
  134 
  135        $ ./config -d [options]
  136 
  137  1b. Configure OpenSSL for your operating system manually
  138 
  139      OpenSSL knows about a range of different operating system, hardware and
  140      compiler combinations. To see the ones it knows about, run
  141 
  142        $ ./Configure
  143 
  144      Pick a suitable name from the list that matches your system. For most
  145      operating systems there is a choice between using "cc" or "gcc".  When
  146      you have identified your system (and if necessary compiler) use this name
  147      as the argument to ./Configure. For example, a "linux-elf" user would
  148      run:
  149 
  150        $ ./Configure linux-elf [options]
  151 
  152      If your system is not available, you will have to edit the Configure
  153      program and add the correct configuration for your system. The
  154      generic configurations "cc" or "gcc" should usually work on 32 bit
  155      systems.
  156 
  157      Configure creates the file Makefile.ssl from Makefile.org and
  158      defines various macros in crypto/opensslconf.h (generated from
  159      crypto/opensslconf.h.in).
  160 
  161   2. Build OpenSSL by running:
  162 
  163        $ make
  164 
  165      This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the
  166      OpenSSL binary ("openssl"). The libraries will be built in the top-level
  167      directory, and the binary will be in the "apps" directory.
  168 
  169      If the build fails, look at the output.  There may be reasons
  170      for the failure that aren't problems in OpenSSL itself (like
  171      missing standard headers).  If you are having problems you can
  172      get help by sending an email to the openssl-users email list (see
  173      https://www.openssl.org/community/mailinglists.html for details). If
  174      it is a bug with OpenSSL itself, please open an issue on GitHub, at
  175      https://github.com/openssl/openssl/issues. Please review the existing
  176      ones first; maybe the bug was already reported or has already been
  177      fixed.
  178 
  179      (If you encounter assembler error messages, try the "no-asm"
  180      configuration option as an immediate fix.)
  181 
  182      Compiling parts of OpenSSL with gcc and others with the system
  183      compiler will result in unresolved symbols on some systems.
  184 
  185   3. After a successful build, the libraries should be tested. Run:
  186 
  187        $ make test
  188 
  189      If a test fails, look at the output.  There may be reasons for
  190      the failure that isn't a problem in OpenSSL itself (like a missing
  191      or malfunctioning bc).  If it is a problem with OpenSSL itself,
  192      try removing any compiler optimization flags from the CFLAG line
  193      in Makefile.ssl and run "make clean; make". Please send a bug
  194      report to <openssl-bugs@openssl.org>, including the output of
  195      "make report" in order to be added to the request tracker at
  196      http://www.openssl.org/support/rt.html.
  197 
  198   4. If everything tests ok, install OpenSSL with
  199 
  200        $ make install
  201 
  202      This will create the installation directory (if it does not exist) and
  203      then the following subdirectories:
  204 
  205        certs           Initially empty, this is the default location
  206                        for certificate files.
  207        man/man1        Manual pages for the 'openssl' command line tool
  208        man/man3        Manual pages for the libraries (very incomplete)
  209        misc            Various scripts.
  210        private         Initially empty, this is the default location
  211                        for private key files.
  212 
  213      If you didn't choose a different installation prefix, the
  214      following additional subdirectories will be created:
  215 
  216        bin             Contains the openssl binary and a few other 
  217                        utility programs. 
  218        include/openssl Contains the header files needed if you want to
  219                        compile programs with libcrypto or libssl.
  220        lib             Contains the OpenSSL library files themselves.
  221 
  222      Use "make install_sw" to install the software without documentation,
  223      and "install_docs_html" to install HTML renditions of the manual
  224      pages.
  225 
  226      Package builders who want to configure the library for standard
  227      locations, but have the package installed somewhere else so that
  228      it can easily be packaged, can use
  229 
  230        $ make INSTALL_PREFIX=/tmp/package-root install
  231 
  232      (or specify "--install_prefix=/tmp/package-root" as a configure
  233      option).  The specified prefix will be prepended to all
  234      installation target filenames.
  235 
  236 
  237   NOTE: The header files used to reside directly in the include
  238   directory, but have now been moved to include/openssl so that
  239   OpenSSL can co-exist with other libraries which use some of the
  240   same filenames.  This means that applications that use OpenSSL
  241   should now use C preprocessor directives of the form
  242 
  243        #include <openssl/ssl.h>
  244 
  245   instead of "#include <ssl.h>", which was used with library versions
  246   up to OpenSSL 0.9.2b.
  247 
  248   If you install a new version of OpenSSL over an old library version,
  249   you should delete the old header files in the include directory.
  250 
  251   Compatibility issues:
  252 
  253   *  COMPILING existing applications
  254 
  255      To compile an application that uses old filenames -- e.g.
  256      "#include <ssl.h>" --, it will usually be enough to find
  257      the CFLAGS definition in the application's Makefile and
  258      add a C option such as
  259 
  260           -I/usr/local/ssl/include/openssl
  261 
  262      to it.
  263 
  264      But don't delete the existing -I option that points to
  265      the ..../include directory!  Otherwise, OpenSSL header files
  266      could not #include each other.
  267 
  268   *  WRITING applications
  269 
  270      To write an application that is able to handle both the new
  271      and the old directory layout, so that it can still be compiled
  272      with library versions up to OpenSSL 0.9.2b without bothering
  273      the user, you can proceed as follows:
  274 
  275      -  Always use the new filename of OpenSSL header files,
  276         e.g. #include <openssl/ssl.h>.
  277 
  278      -  Create a directory "incl" that contains only a symbolic
  279         link named "openssl", which points to the "include" directory
  280         of OpenSSL.
  281         For example, your application's Makefile might contain the
  282         following rule, if OPENSSLDIR is a pathname (absolute or
  283         relative) of the directory where OpenSSL resides:
  284 
  285         incl/openssl:
  286         	-mkdir incl
  287         	cd $(OPENSSLDIR) # Check whether the directory really exists
  288         	-ln -s `cd $(OPENSSLDIR); pwd`/include incl/openssl
  289 
  290         You will have to add "incl/openssl" to the dependencies
  291         of those C files that include some OpenSSL header file.
  292 
  293      -  Add "-Iincl" to your CFLAGS.
  294 
  295      With these additions, the OpenSSL header files will be available
  296      under both name variants if an old library version is used:
  297      Your application can reach them under names like <openssl/foo.h>,
  298      while the header files still are able to #include each other
  299      with names of the form <foo.h>.
  300 
  301 
  302  Note on multi-threading
  303  -----------------------
  304 
  305  For some systems, the OpenSSL Configure script knows what compiler options
  306  are needed to generate a library that is suitable for multi-threaded
  307  applications.  On these systems, support for multi-threading is enabled
  308  by default; use the "no-threads" option to disable (this should never be
  309  necessary).
  310 
  311  On other systems, to enable support for multi-threading, you will have
  312  to specify at least two options: "threads", and a system-dependent option.
  313  (The latter is "-D_REENTRANT" on various systems.)  The default in this
  314  case, obviously, is not to include support for multi-threading (but
  315  you can still use "no-threads" to suppress an annoying warning message
  316  from the Configure script.)
  317 
  318 
  319  Note on shared libraries
  320  ------------------------
  321 
  322  Shared libraries have certain caveats.  Binary backward compatibility
  323  can't be guaranteed before OpenSSL version 1.0.  The only reason to
  324  use them would be to conserve memory on systems where several programs
  325  are using OpenSSL.
  326 
  327  For some systems, the OpenSSL Configure script knows what is needed to
  328  build shared libraries for libcrypto and libssl.  On these systems,
  329  the shared libraries are currently not created by default, but giving
  330  the option "shared" will get them created.  This method supports Makefile
  331  targets for shared library creation, like linux-shared.  Those targets
  332  can currently be used on their own just as well, but this is expected
  333  to change in future versions of OpenSSL.
  334 
  335  Note on random number generation
  336  --------------------------------
  337 
  338  Availability of cryptographically secure random numbers is required for
  339  secret key generation. OpenSSL provides several options to seed the
  340  internal PRNG. If not properly seeded, the internal PRNG will refuse
  341  to deliver random bytes and a "PRNG not seeded error" will occur.
  342  On systems without /dev/urandom (or similar) device, it may be necessary
  343  to install additional support software to obtain random seed.
  344  Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(),
  345  and the FAQ for more information.
  346 
  347  Note on support for multiple builds
  348  -----------------------------------
  349 
  350  OpenSSL is usually built in its source tree.  Unfortunately, this doesn't
  351  support building for multiple platforms from the same source tree very well.
  352  It is however possible to build in a separate tree through the use of lots
  353  of symbolic links, which should be prepared like this:
  354 
  355 	mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
  356 	cd objtree/"`uname -s`-`uname -r`-`uname -m`"
  357 	(cd $OPENSSL_SOURCE; find . -type f) | while read F; do
  358 		mkdir -p `dirname $F`
  359 		rm -f $F; ln -s $OPENSSL_SOURCE/$F $F
  360 		echo $F '->' $OPENSSL_SOURCE/$F
  361 	done
  362 	make -f Makefile.org clean
  363 
  364  OPENSSL_SOURCE is an environment variable that contains the absolute (this
  365  is important!) path to the OpenSSL source tree.
  366 
  367  Also, operations like 'make update' should still be made in the source tree.