324 lines
12 KiB
Plaintext
324 lines
12 KiB
Plaintext
|
|
INSTALLATION ON THE WIN32 PLATFORM
|
|
----------------------------------
|
|
|
|
Heres a few comments about building OpenSSL in Windows environments. Most of
|
|
this is tested on Win32 but it may also work in Win 3.1 with some
|
|
modification. See the end of this file for Eric's original comments.
|
|
|
|
You need Perl for Win32 (available from http://www.activestate.com/ActivePerl)
|
|
and one of the following C compilers:
|
|
|
|
* Visual C++
|
|
* Borland C
|
|
* GNU C (Mingw32 or Cygwin32)
|
|
|
|
If you want to compile in the assembly language routines with Visual C++ then
|
|
you will need an assembler. This is worth doing because it will result in
|
|
faster code: for example it will typically result in a 2 times speedup in the
|
|
RSA routines. Currently the following assemblers are supported:
|
|
|
|
* Microsoft MASM (aka "ml")
|
|
* Free Netwide Assembler NASM.
|
|
|
|
MASM was I believe distributed in the past with VC++ and it is also part of
|
|
the MSDN SDKs. It is no longer distributed as part of VC++ and can be hard
|
|
to get hold of. It can be purchased: see Microsoft's site for details at:
|
|
http://www.microsoft.com/
|
|
|
|
NASM is freely available. Version 0.98 was used during testing: other versions
|
|
may also work. It is available from many places, see for example:
|
|
http://www.kernel.org/pub/software/devel/nasm/binaries/win32/
|
|
The NASM binary nasmw.exe needs to be installed anywhere on your PATH.
|
|
|
|
If you are compiling from a tarball or a CVS snapshot then the Win32 files
|
|
may well be not up to date. This may mean that some "tweaking" is required to
|
|
get it all to work. See the trouble shooting section later on for if (when?)
|
|
it goes wrong.
|
|
|
|
Visual C++
|
|
----------
|
|
|
|
Firstly you should run Configure:
|
|
|
|
> perl Configure VC-WIN32
|
|
|
|
Next you need to build the Makefiles and optionally the assembly language
|
|
files:
|
|
|
|
- If you are using MASM then run:
|
|
|
|
> ms\do_masm
|
|
|
|
- If you are using NASM then run:
|
|
|
|
> ms\do_nasm
|
|
|
|
- If you don't want to use the assembly language files at all then run:
|
|
|
|
> ms\do_ms
|
|
|
|
If you get errors about things not having numbers assigned then check the
|
|
troubleshooting section: you probably wont be able to compile it as it
|
|
stands.
|
|
|
|
Then from the VC++ environment at a prompt do:
|
|
|
|
> nmake -f ms\ntdll.mak
|
|
|
|
If all is well it should compile and you will have some DLLs and executables
|
|
in out32dll. If you want to try the tests then do:
|
|
|
|
> cd out32dll
|
|
> ..\ms\test
|
|
|
|
Tweaks:
|
|
|
|
There are various changes you can make to the Win32 compile environment. By
|
|
default the library is not compiled with debugging symbols. If you add 'debug'
|
|
to the mk1mk.pl lines in the do_* batch file then debugging symbols will be
|
|
compiled in.
|
|
|
|
The default Win32 environment is to leave out any Windows NT specific
|
|
features.
|
|
|
|
If you want to enable the NT specific features of OpenSSL (currently only the
|
|
logging BIO) follow the instructions above but call the batch file do_nt.bat
|
|
instead of do_ms.bat.
|
|
|
|
You can also build a static version of the library using the Makefile
|
|
ms\nt.mak
|
|
|
|
Borland C++ builder 3 and 4
|
|
---------------------------
|
|
|
|
* Setup PATH. First must be GNU make then bcb4/bin
|
|
|
|
* Run ms\bcb4.bat
|
|
|
|
* Run make:
|
|
> make -f bcb.mak
|
|
|
|
GNU C (Mingw32)
|
|
---------------
|
|
|
|
To build OpenSSL, you need the Mingw32 package and GNU make.
|
|
|
|
* Compiler installation:
|
|
|
|
Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/
|
|
mingw32/egcs-1.1.2/egcs-1.1.2-mingw32.zip>. GNU make is at
|
|
<ftp://agnes.dida.physik.uni-essen.de/home/janjaap/mingw32/binaries/
|
|
make-3.76.1.zip>. Install both of them in C:\egcs-1.1.2 and run
|
|
C:\egcs-1.1.2\mingw32.bat to set the PATH.
|
|
|
|
* Compile OpenSSL:
|
|
|
|
> perl Configure Mingw32
|
|
> ms\mw.bat
|
|
|
|
This will create the library and binaries in out.
|
|
|
|
libcrypto.a and libssl.a are the static libraries. To use the DLLs,
|
|
link with libeay32.a and libssl32.a instead.
|
|
|
|
See troubleshooting if you get error messages about functions not having
|
|
a number assigned.
|
|
|
|
* You can now try the tests:
|
|
|
|
> cd out
|
|
> ..\ms\test
|
|
|
|
Troubleshooting
|
|
---------------
|
|
|
|
Since the Win32 build is only occasionally tested it may not always compile
|
|
cleanly. If you get an error about functions not having numbers assigned
|
|
when you run ms\do_ms then this means the Win32 ordinal files are not up to
|
|
date. You can do:
|
|
|
|
> perl util\mkdef.pl crypto ssl update
|
|
|
|
then ms\do_XXX should not give a warning any more. However the numbers that
|
|
get assigned by this technique may not match those that eventually get
|
|
assigned in the CVS tree: so anything linked against this version of the
|
|
library may need to be recompiled.
|
|
|
|
If you get errors about unresolved externals then this means that either you
|
|
didn't read the note above about functions not having numbers assigned or
|
|
someone forgot to add a function to the header file.
|
|
|
|
In this latter case check out the header file to see if the function is
|
|
defined in the header file.
|
|
|
|
If you get warnings in the code then the compilation will halt.
|
|
|
|
The default Makefile for Win32 halts whenever any warnings occur. Since VC++
|
|
has its own ideas about warnings which don't always match up to other
|
|
environments this can happen. The best fix is to edit the file with the
|
|
warning in and fix it. Alternatively you can turn off the halt on warnings by
|
|
editing the CFLAG line in the Makefile and deleting the /WX option.
|
|
|
|
You might get compilation errors. Again you will have to fix these or report
|
|
them.
|
|
|
|
One final comment about compiling applications linked to the OpenSSL library.
|
|
If you don't use the multithreaded DLL runtime library (/MD option) your
|
|
program will almost certainly crash: see the original SSLeay description
|
|
below for more details.
|
|
|
|
--------------------------------------------------------------------------------
|
|
The orignal Windows build instructions from SSLeay follow.
|
|
Note: some of this may be out of date and no longer applicable. In particular
|
|
the Crypto_malloc_init() comment appears to be wrong: you always need to use
|
|
the same runtime library as the DLL itself.
|
|
--------------------------------------------------------------------------------
|
|
|
|
The Microsoft World.
|
|
|
|
The good news, to build SSLeay for the Microsft World
|
|
|
|
Windows 3.1 DLL's
|
|
perl Configure VC-WIN16
|
|
nmake -f ms\w31dll.mak
|
|
|
|
Windows NT/95 DLL's
|
|
perl Configure VC-WIN32
|
|
nmake -f ms\ntdll.mak
|
|
|
|
Now the bad news
|
|
All builds were done using Microsofts Visual C++ 1.52c and [45].x.
|
|
If you are a borland person, you are probably going to have to help me
|
|
finish the stuff in util/pl/BC*pl
|
|
|
|
All builds were made under Windows NT - this means long filenames, so
|
|
you may have problems under Windows 3.1 but probably not under 95.
|
|
|
|
Because file pointers don't work in DLL's under Windows 3.1 (well at
|
|
least stdin/stdout don't and I don't like having to differentiate
|
|
between these and other file pointers), I now use the BIO file-pointer
|
|
module, which needs to be linked into your application. You can either
|
|
use the memory buffer BIO for IO, or compile bss_file.c into your
|
|
application, it is in the apps directory and is just a copy of
|
|
crypto/buffer/bss_file.c with #define APPS_WIN16 added.
|
|
I have not yet automated the makefile to automatically copy it into 'out'
|
|
for a win 3.1 build....
|
|
|
|
All callbacks passed into SSLeay for Windows 3.1 need to be of type
|
|
_far _loadds.
|
|
|
|
I don't support building with the pascal calling convention.
|
|
|
|
The DLL and static builds are large memory model.
|
|
|
|
To build static libraries for NT/95 or win 3.1
|
|
|
|
perl util/mk1mf.pl VC-WIN32 > mf-stat.nt
|
|
perl util/mk1mf.pl VC-WIN16 > mf-stat.w31
|
|
for DLL's
|
|
perl util/mk1mf.pl dll VC-WIN32 > mf-dll.nt
|
|
perl util/mk1mf.pl dll VC-WIN16 > mf-dll.w31
|
|
|
|
Again you will notice that if you dont have perl, you cannot do this.
|
|
|
|
Now the next importaint issue. Running Configure!
|
|
I have small assember code files for critical big number library operation
|
|
in crypto/bn/asm. There is, asm code, object files and uuencode
|
|
object files. They are
|
|
x86nt32.asm - 32bit flat memory model assember - suitable Win32
|
|
x86w16.asm - 16bit assember - used in the msdos build.
|
|
x86w32.asm - 32bit assember, win 3.1 segments, used for win16 build.
|
|
|
|
If you feel compelled to build the 16bit maths routines in the windows 3.1
|
|
build,
|
|
perl Configure VC-W31-16
|
|
perl util/mk1mf.pl dll VC-W31-16 > mf-dll.w31
|
|
|
|
If you hate assember and don't want anything to do with it,
|
|
perl util/mk1mf.pl no-asm VC-WIN16 > mf-dll.w31
|
|
will work for any of the makefile generations.
|
|
|
|
There are more options to mk1mf.pl but these all leave the temporary
|
|
files in 'tmp' and the output files in 'out' by default.
|
|
|
|
The NT build is done for console mode.
|
|
|
|
The Windows 3.1 version of SSLeay uses quickwin, the interface is ugly
|
|
but it is better than nothing. If you want ugly, try doing anything
|
|
that involves getting a password. I decided to be ugly instead of
|
|
echoing characters. For Windows 3.1 I would just sugest using the
|
|
msdos version of the ssleay application for command line work.
|
|
The QuickWin build is primarily for testing.
|
|
|
|
For both NT and Windows 3.1, I have not written the code so that
|
|
s_client, s_server can take input from the keyboard. You can happily
|
|
start applications up in separate windows, watch them handshake, and then sit
|
|
there for-ever. I have not had the time to get this working, and I've
|
|
been able to test things from a unix box to the NT box :-).
|
|
Try running ssleay s_server on the windows box
|
|
(with either -cert ../apps/server.pem -www)
|
|
and run ssleay s_time from another window.
|
|
This often stuffs up on Windows 3.1, but I'm not worried since this is
|
|
probably a problem with my demo applications, not the libraries.
|
|
|
|
After a build of one of the version of microsoft SSLeay,
|
|
'cd ms' and then run 'test'. This should check everything out and
|
|
even does a trial run of generating certificates.
|
|
'test.bat' requires that perl be install, you be in the ms directory
|
|
(not the test directory, thats for unix so stay out :-) and that the
|
|
build output directory be ../out
|
|
|
|
On a last note, you will probably get division by zero errors and
|
|
stuff after a build. This is due to your own inability to follow
|
|
instructions :-).
|
|
|
|
The reasons for the problem is probably one of the following.
|
|
|
|
1) You did not run Configure. This is critical for windows 3.1 when
|
|
using assember. The values in crypto/bn/bn.h must match the
|
|
ones requred for the assember code. (remember that if you
|
|
edit crypto/bn/bn.h by hand, it will be clobered the next time
|
|
you run Configure by the contents of crypto/bn/bn.org).
|
|
SSLeay version -o will list the compile options.
|
|
For VC-WIN32 you need bn(64,32) or bn(32,32)
|
|
For VC-W31-32/VC-WIN16 you need bn(32,32)
|
|
For VC-W31-16 you need bn(32,16) or bn(16,16)
|
|
For VC-MSDOS you need bn(32,16) or bn(16,16).
|
|
|
|
The first number will be 2 times bigger than the second if
|
|
BN_LLONG is defined in bn.h and the size of the second number
|
|
depends on the 'bits' defined at the start of bn.h. Have a
|
|
look, it's all reasonably clear.
|
|
If you want to start messing with 8 bit builds and things like
|
|
that, build without the assember by re-generating a makefile
|
|
via 'perl util/mk1mf.pl no-asm'.
|
|
2) You tried to build under MS-DOS or Windows 3.1 using the /G3
|
|
option. Don't. It is buggy (thats why you just got that
|
|
error) and unless you want to work out which optimising flag
|
|
to turn off, I'm not going to help you :-). I also noticed
|
|
that code often ran slower when compiled with /G3.
|
|
3) Under NT/95, malloc goes stupid. You are probably linking with
|
|
the wrong library, there are problems if you mix the threaded
|
|
and non-threaded libraries (due to the DLL being staticly
|
|
linked with one and the applicaion using another.
|
|
|
|
Well hopefully thats most of the MS issues handled, see you in ssl-users :-).
|
|
|
|
eric 30-Aug-1996
|
|
|
|
SSLeay 0.6.5
|
|
For Windows 95/NT, add CRYPTO_malloc_init() to your program before any
|
|
calls to the SSLeay libraries. This function will insert callbacks so that
|
|
the SSLeay libraries will use the same malloc(), free() and realloc() as
|
|
your application so 'problem 3)' mentioned above will go away.
|
|
|
|
There is now DES assember for Windows NT/95. The file is
|
|
crypto/des/asm/win32.asm and replaces crypto/des/des_enc.c in the build.
|
|
|
|
There is also Blowfish assember for Windows NT/95. The file is
|
|
crypto/bf/asm/win32.asm and replaces crypto/bf/bf_enc.c in the build.
|
|
|
|
eric 25-Jun-1997
|
|
|