-
Notifications
You must be signed in to change notification settings - Fork 33
Building OpenSSL
OpenSSL is required for intercepting, filtering and re-encrypting secure traffic. This guide will cover compiling both 32 and 64 bit shared libraries for openSSL. There are some special requirements for doing this, so ensure that you've satisfied all of the requirements listed on the Collecting And Building Dependencies page.
Download the latest version of openSSL. Keeping current is recommended as new releases frequently patch security holes. At the time of writing, the latest version is 1.0.2d and you can get it here, however you should check to see if a later version is available.
Extract the contents of the downloaded archive to HTTPFILTERINGENGINE_BASE_DIR\deps\openssl. Your directory structure should look something like HTTPFILTERINGENGINE_BASE_DIR\deps\openssl\openssl-1.0.2d.
Now you'll want to take all of the sources etc inside HTTPFILTERINGENGINE_BASE_DIR\deps\openssl\openssl-1.0.2d and move them into a folder called x86, creating a directory structure like HTTPFILTERINGENGINE_BASE_DIR\deps\openssl\openssl-1.0.2d\x86\SOURCES. Duplicate the x86 folder and rename it to x64. The reason for this is that the configuration process generates target specific files and scripts, so two directories is necessary.
In the end, you should have the following:
HTTPFILTERINGENGINE_BASE_DIR\deps\openssl\openssl-1.0.2d\x86\SOURCES
HTTPFILTERINGENGINE_BASE_DIR\deps\openssl\openssl-1.0.2d\x64\SOURCES
At this point, you can run the scripts build-openssl-noweak-nopatents-msvc-x86.bat and build-openssl-noweak-nopatents-msvc-x64.bat, which will generate resulting binaries and includes for both 32 and 64 bit targets respectively. Note that the scripts contain a variable called OPENSSL_VERSION, which you must modify to accurately reflect the version of openSSL you're working with. The scripts will prompt you to do so if you have not already. Also if you've decided to install Visual Studio 2015 somewhere non-standard, you'll need to modify the scripts to point to your chosen directory, you rebel you.
NASM must be installed before running these scripts (for the 32 bit version only) but does not have to be added to the %PATH% variable, as the x86 script will do this automatically, temporarily. Whatever flavor of Perl you're using must be added to the %PATH% variable, but the install should have taken care of this for you.
The scripts are well documented in comments, so if you're curious about their inner workings, you should find everything you could want to know in the comments.
Next, build Mozilla NSS.