This is a totally external CMake project for building OpenSSL.
This branch is for OpenSSL 3.0 series.
This project includes a full OpenSSL source code tree.
The OpenSSL part of source is not made by me and I have no control of them. I just wrote build system for them.
For any problem caused by OpenSSL please consult the responsible person for them, not me.
I am not responsible for any problem caused by original OpenSSL.
Also this project is using the Unlicense. Please check the LICENSE file for details of this license.
Recently I have received E-mails about the security problem and licensing issue of this project, in which I should register some kinds of VIP account for checking them out.
I believe that the problems should comes with the OpenSSL part since this project includes EOL versions of OpenSSL in branches of past version (currently 1.1.1 and before).
So stop checking this project for security issues since it always exists, where I can do nothing for it. Also stop bothering me with this kinds of E-mail with registration wall, I have no interest for registering VIP for any site.
If problem is occuring in my part, file an issue here on GitHub, or E-mailing me with clear information. E-mails with registration walls will be simply ignored.
OpenSSL itself originally comes with its hand-craft Perl-based Makefile generator. Developers of OpenSSL say that it satisfies their need of building this project on their supported platforms.
But things do not as that simple as they thought. There are some points people need but they do not pay attention of:
- This generator have an assumed and fixed environment, toolchain and make tool combination. E.g., building for MinGW needs MSYS environment with MSYS make. cmd won't work.
- Multi-process build progress on some platform is not ever considered. E.g., only Nmake is supported on MSVC which always runs commands one by one.
- Command line instruction is confusing. No warning or error are populated to user even if wrong argument is provided. But instead it passes the unrecognized arguments directly to compiler or linker.
- No IDE support for this hand-craft Makefile generator
There have been since a lot of people requesting OpenSSL team switch to a common and widely used Makefile generator they still won't. The reason is that any widely used one they have been told don't support all platforms OpenSSL is developing against. See openssl/openssl#10902 and openssl/openssl#16812 for details.
Since OpenSSL build system is not that perfect I decided to write another build system for it. In order not to touch OpenSSL source tree we'd build it externally.
- CMake is widely used in open source projects. It supports a majority of common platforms and is easy for users to using it.
- I'm slightly more familiar with CMake than other Makefile generators.
- CMake itself is also a full-featured script interpretor with a lot of common file operations built-in (cmake -P / -E). With CMake one can create a simple runnable script on its own and does not depends on any other script interpretor.
Not using autotools is because it has poor support on Windows. It depends on full unix instructions even if the target platform is Microsoft Visual Studio. Not using other generators is because I have never used them before.
(I hate using Gradle! But Android application development needs it)
There are currently some CMake project for OpenSSL on GitHub. But I don't think either of them is a full-featured Makefile generator.
The woes I spotted were:
- Some of them use ExternalProject for downloads on build .
- One of them calls
git config --globalwhich modifies global property of git (which makes it unusable for public) - Some of them use original Perl-based configure script and make instructions (instead of replacing it)
- Some of them include only a subset of files of OpenSSL.
- Some of them only builds using a fixed set of options, not configurable.
- One of them is made for replacing
FindOpenSSL.cmakeby building it (which is not what I thinks of a CMake project) - Some of them cannot build ASM. Mainly the ones which want to kill Perl dependency.
What is my CMake project:
- A CMake project which aims for supporting all the features provided by the original Perl-based hand-crafted build system
- A more IDE-friendly alternative project file
- A faster build method to build OpenSSL on some platforms
What is NOT my CMake project:
- An alternative project which kills or tries to kill Perl dependency
- A wrapper which calls original Perl-based configure tool
- A CMake project which downloads stuff during build
Perl is used in generating ASM / documentation and some other source code for OpenSSL. I personally don't mind that building software needs other tools, if using tools can make software better.
Perl is a language good at text manipulation thanks for its builtin regular expressions support. I think that's why OpenSSL team decided to use Perl for code generation.
I'm using original OpenSSL as subproject and won't fix any problem which original OpenSSL have.
It does not build on macOS on 1.0.2 branch and got removed on 1.1.1.
They are not even released to users. Maybe they are some kinds of internal test run by OpenSSL developers. I don't care if and how the internal tests passes.
Just typical CMake procedure will work. See Mapping.md for argument mapping for OpenSSL original build parameters and CMake one.
Sort by priority
make checksupport
- Support for loongson64, riscv64 and arm (32/64) Linux (mips has lots of variant so temporarily ignore it)
- Support for BSDs (Other than x86_64)
- Check how to test on cross built platforms
- 1.0.1 series support
- 1.0.0 series support
- 0.9.8 series support
- Other uncommon platform
Note: I won't support building ON OpenVMS provided CMake can't be run on it. However cross build for OpenVMS should be supported when I start working on uncommon platform.