|
|
|
@ -0,0 +1,64 @@
|
|
|
|
|
# OpenSSL notes
|
|
|
|
|
|
|
|
|
|
## Installation
|
|
|
|
|
|
|
|
|
|
### OpenBSD (6.3)
|
|
|
|
|
|
|
|
|
|
- The `pkg-config` command comes with the OS.
|
|
|
|
|
- The OS comes with LibreSSL 2.7.2.
|
|
|
|
|
- The `pkg-config --cflags --libs openssl` command works out of the
|
|
|
|
|
box and finds the system library.
|
|
|
|
|
|
|
|
|
|
### NetBSD (7.1)
|
|
|
|
|
|
|
|
|
|
- The `pkg-config` command needs to be installed separately with `sudo
|
|
|
|
|
pkg_add pkgconf` (or `sudo pkg_add pkg-config`).
|
|
|
|
|
- The OS comes with OpenSSL 1.0.1u.
|
|
|
|
|
- Even though the OS does not come with a pkg-config command, it does
|
|
|
|
|
ship with an openssl.pc file, so once you install pkg-config the
|
|
|
|
|
`pkg-config --cflags --libs openssl` finds the system library.
|
|
|
|
|
- However, the native OpenSSL 1.0.1 is older than the version 1.0.2
|
|
|
|
|
required by the Chicken egg. Users need to `sudo pkg_add libressl`
|
|
|
|
|
or `sudo pkg_add openssl` from the OS package manager.
|
|
|
|
|
- After doing that, `pkg-config --cflags --libs openssl` points to the
|
|
|
|
|
OpenSSL or LibreSSL version from the package manager, which
|
|
|
|
|
automatically overrides the native version for this purpose.
|
|
|
|
|
|
|
|
|
|
### FreeBSD (12.0) and DragonFlyBSD (5.6)
|
|
|
|
|
|
|
|
|
|
- The `pkg-config` command needs to be installed separately with `sudo
|
|
|
|
|
pkg install pkgconf`.
|
|
|
|
|
- The OS comes with OpenSSL 1.1.1a-freebsd (FreeBSD) or LibreSSL 2.9.1
|
|
|
|
|
(DragonFly) but neither FreeBSD nor DragonFly ships with a
|
|
|
|
|
complementary openssl.pc file for pkg-config.
|
|
|
|
|
- Therefore `pkg-config --cflags --libs openssl` still does not work.
|
|
|
|
|
- Easiest fix: tell people to `sudo pkg install libressl` or `sudo pkg
|
|
|
|
|
install openssl`.
|
|
|
|
|
- Then `pkg-config --cflags --libs openssl` finds that copy of
|
|
|
|
|
libressl or openssl.
|
|
|
|
|
|
|
|
|
|
### MacOS (10.14 "Mojave")
|
|
|
|
|
|
|
|
|
|
- The `pkg-config` command needs to be installed separately (Homebrew:
|
|
|
|
|
`brew install pkg-config`).
|
|
|
|
|
- The OS comes with LibreSSL 2.6.5 but does not ship with an
|
|
|
|
|
openssl.pc file. Also, the <openssl/ssl.h> and other necessary C
|
|
|
|
|
header files may not be installed even though the shared library is.
|
|
|
|
|
- Easiest fix: tell people to use Homebrew to install an
|
|
|
|
|
OpenSSL-compatible library: `brew install openssl` or `brew install
|
|
|
|
|
libressl`.
|
|
|
|
|
- `pkg-config --cflags --libs openssl` does not work even when you
|
|
|
|
|
have installed the separate package from Homebrew, because Homebrew
|
|
|
|
|
packages don't put their `.pc` files where pkg-config can find them.
|
|
|
|
|
- That can be remedied with:
|
|
|
|
|
|
|
|
|
|
export PKG_CONFIG_PATH="$(brew --prefix openssl)/lib/pkgconfig"
|
|
|
|
|
export PKG_CONFIG_PATH="$(brew --prefix libressl)/lib/pkgconfig"
|
|
|
|
|
|
|
|
|
|
- Then `pkg-config --cflags --libs openssl` finds that copy of
|
|
|
|
|
libressl or openssl.
|
|
|
|
|
|
|
|
|
|
IMPORTANT: In many of the above cases, the `openssl` shell command can
|
|
|
|
|
represent a different version of OpenSSL/LibreSSL than the library and
|
|
|
|
|
headers found by pkg-config. So `openssl` should not be invoked to
|
|
|
|
|
gather any version information in build scripts.
|