@@ -36,6 +36,8 @@ echo_help()
3636 echo " --archs=\" ARCH ARCH ...\" Space-separated list of architectures to build"
3737 echo " Options: x86_64 i386 arm64 armv7s armv7 tv_x86_64 tv_arm64"
3838 echo " Note: The framework will contain include files from the architecture listed first"
39+ echo " --branch=BRANCH Select OpenSSL branch to build. The script will determine and download the latest release for that branch"
40+ echo " Note: This script does not yet work with OpenSSL 1.1.0"
3941 echo " --cleanup Clean up build directories (bin, include/openssl, lib, src) before starting build"
4042 echo " --ec-nistp-64-gcc-128 Enable config option enable-ec_nistp_64_gcc_128 for 64 bit builds"
4143 echo " -h, --help Print help (this message)"
@@ -95,6 +97,7 @@ check_status()
9597
9698# Init optional command line vars
9799ARCHS=" "
100+ BRANCH=" "
98101CLEANUP=" "
99102CONFIG_ENABLE_EC_NISTP_64_GCC_128=" "
100103IOS_SDKVERSION=" "
@@ -111,6 +114,10 @@ case $i in
111114 ARCHS=" ${i#* =} "
112115 shift
113116 ;;
117+ --branch=* )
118+ BRANCH=" ${i#* =} "
119+ shift
120+ ;;
114121 --cleanup)
115122 CLEANUP=" true"
116123 ;;
@@ -149,16 +156,51 @@ case $i in
149156esac
150157done
151158
152- # Preprocess/validate OpenSSL version
153- if [ -n " ${VERSION} " ; then
159+ # Don't mix version and branch
160+ if [[ -n " ${VERSION} " && -n " ${BRANCH} " ; then
161+ echo " Either select a branch (the script will determine and build the latest version) or select a specific version, but not both."
162+ exit 1
163+
164+ # Specific version: Verify version number format. Expected: dot notation
165+ elif [[ -n " ${VERSION} " && ! " ${VERSION} " =~ ^[0-9]+\. [0-9]+\. [0-9]+[a-z]* $ ]]; then
166+ echo " Unknown version number format. Examples: 1.0.2, 1.0.2h"
167+ exit 1
168+
169+ # Specific branch
170+ elif [ -n " ${BRANCH} " ; then
154171 # Verify version number format. Expected: dot notation
155- if [[ ! " ${VERSION } " =~ ^[0-9]+\. [0-9]+\. [0-9]+[a-z] * $ ]]; then
156- echo " Unknown version number format. Examples: 1.0.2, 1.0.2h "
172+ if [[ ! " ${BRANCH } " =~ ^[0-9]+\. [0-9]+\. [0-9]+$ ]]; then
173+ echo " Unknown branch version number format. Examples: 1.0.2, 1.0.1 "
157174 exit 1
175+
176+ # Valid version number, determine latest version
177+ else
178+ echo " Checking latest version of ${BRANCH} branch on GitHub..."
179+ # Request all git tags for the openssl repostory, get all tags that match the current branch version (with an optional alphabetic suffix), remove everything except the version number, sort the list and get the last item
180+ GITHUB_VERSION=$( curl -Ls https://api.github.com/repos/openssl/openssl/git/refs/tags | grep -Eo " \" ref\" : \" refs/tags/OpenSSL_${BRANCH// ./ _} [a-z]*\" " | sed -E ' s|^.*"refs/tags/OpenSSL_([^"]+)".*$|\1|g' | sort | tail -1)
181+
182+ # Verify result
183+ if [ -z " ${GITHUB_VERSION} " ; then
184+ echo " Could not determine latest version, please check https://github.com/openssl/openssl/releases and use --version option"
185+ exit 1
186+ fi
187+
188+ VERSION=" ${GITHUB_VERSION// _/ .} "
189+
190+ # Check whether download exists
191+ # -I = HEAD, -L follow Location header, -f fail silently for 4xx errors and return status 22, -s silent
192+ curl ${CURL_OPTIONS} -ILfs " https://github.com/openssl/openssl/archive/OpenSSL_${GITHUB_VERSION} .tar.gz" > /dev/null
193+
194+ # Check for success status
195+ if [ $? -ne 0 ]; then
196+ echo " Script determined latest version ${VERSION} , but the download archive does not seem to be available."
197+ echo " Please check https://github.com/openssl/openssl/releases and use --version option"
198+ exit 1
199+ fi
158200 fi
159201
160- # Default OpenSSL version
161- else
202+ # Script default
203+ elif [ -z " ${VERSION} " ] ; then
162204 VERSION=" ${DEFAULTVERSION} "
163205fi
164206
226268echo " Script directory and build location: ${CURRENTPATH} "
227269echo
228270
229- # -e Abort script at first error, when a command exits with non-zero status (except in until or while loops, if-tests, list constructs)
230- # -o pipefail Causes a pipeline to return the exit status of the last command in the pipe that returned a non-zero return value
231- set -eo pipefail
232-
233271# Download OpenSSL when not present
234272OPENSSL_ARCHIVE_BASE_NAME=OpenSSL_${GITHUB_VERSION}
235273OPENSSL_ARCHIVE_FILE_NAME=${OPENSSL_ARCHIVE_BASE_NAME} .tar.gz
236274if [ ! -e ${OPENSSL_ARCHIVE_FILE_NAME} ]; then
237275 echo " Downloading ${OPENSSL_ARCHIVE_FILE_NAME} ..."
238- curl ${CURL_OPTIONS} -L -O https://github.com/openssl/openssl/archive/${OPENSSL_ARCHIVE_FILE_NAME}
276+ OPENSSL_ARCHIVE_URL=" https://github.com/openssl/openssl/archive/${OPENSSL_ARCHIVE_FILE_NAME} "
277+ # -L follow Location header, -f fail silently for 4xx errors and return status 22, -O Use server-specified filename for download
278+ curl ${CURL_OPTIONS} -LfO " ${OPENSSL_ARCHIVE_URL} "
279+
280+ # Check for success status
281+ if [ $? -ne 0 ]; then
282+ echo " An error occured when trying to download OpenSSL ${VERSION} from ${OPENSSL_ARCHIVE_URL} ."
283+ echo " Please check cURL's error message and/or your network connection."
284+ exit 1
285+ fi
239286else
240287 echo " Using ${OPENSSL_ARCHIVE_FILE_NAME} "
241288fi
242289
290+ # -e Abort script at first error, when a command exits with non-zero status (except in until or while loops, if-tests, list constructs)
291+ # -o pipefail Causes a pipeline to return the exit status of the last command in the pipe that returned a non-zero return value
292+ set -eo pipefail
293+
243294# Clean up target directories if requested and present
244295if [ " ${CLEANUP} " == " true" ; then
245- if [ -d " ${CURRENTPATH} /bin" ; then
246- rm -r " ${CURRENTPATH} /bin"
247- fi
248- if [ -d " ${CURRENTPATH} /include/openssl" ; then
249- rm -r " ${CURRENTPATH} /include/openssl"
250- fi
251- if [ -d " ${CURRENTPATH} /lib" ; then
252- rm -r " ${CURRENTPATH} /lib"
253- fi
254- if [ -d " ${CURRENTPATH} /src" ; then
255- rm -r " ${CURRENTPATH} /src"
256- fi
296+ if [ -d " ${CURRENTPATH} /bin" ; then
297+ rm -r " ${CURRENTPATH} /bin"
298+ fi
299+ if [ -d " ${CURRENTPATH} /include/openssl" ; then
300+ rm -r " ${CURRENTPATH} /include/openssl"
301+ fi
302+ if [ -d " ${CURRENTPATH} /lib" ; then
303+ rm -r " ${CURRENTPATH} /lib"
304+ fi
305+ if [ -d " ${CURRENTPATH} /src" ; then
306+ rm -r " ${CURRENTPATH} /src"
307+ fi
257308fi
258309
259310# (Re-)create target directories
353404 else
354405 (./Configure ${LOCAL_CONFIG_OPTIONS} > " ${LOG} " 2>&1 ) & spinner
355406 fi
356-
407+
357408 # Check for error status
358409 check_status $? " Configure"
359410
0 commit comments