diff --git a/BUILD.md b/BUILD.md index 48ca0567..6ffa20ac 100644 --- a/BUILD.md +++ b/BUILD.md @@ -143,14 +143,6 @@ the number of jobs to use, which should ideally be specified to the number of threads your CPU has. You may also want to add that to your preset using the `jobs` property, see the [presets documentation][1] for more details. -## How to Build with OpenSSL - -Some features, like PKCS11, require OpenSSL. Mbed-TLS is more tolerate of legacy deployment scenarios. If you want to -build with OpenSSL, you can use the `ci-linux-x64-static-libssl` preset with the following modifications to substitute -`openssl` for `mbedtls`. - -Build with OpenSSL by running `./scripts/openssl-build.bash [x64|arm64|arm]`. - ## Cross-compile with Docker You can cross-compile the distribution-specific Linux package or the generic binary with Docker. Both approaches use an diff --git a/scripts/openssl-build.bash b/scripts/openssl-build.bash deleted file mode 100755 index 41c84a78..00000000 --- a/scripts/openssl-build.bash +++ /dev/null @@ -1,30 +0,0 @@ -#!/usr/bin/env bash - -BASENAME="$(basename "${0}")" -BASEDIR="$(cd "$(dirname "${0}")" && pwd)" # full path to scripts dir - -if [[ $* =~ -h|(--)?help ]]; then - echo -e "\nUsage: ${BASENAME} [x64|arm64|arm]"\ - "\n\nConfigures build preset for OpenSSL and"\ - "\nbuilds the x86_64 target if no ARCH is specified\n" - exit 0 -fi - -set -euxo pipefail; -TMPFILE=$(mktemp); - -# munge the preset to use openssl -jq '.dependencies |= map(if . == "mbedtls" then "openssl" else . end)' ./vcpkg.json > "$TMPFILE"; -mv "$TMPFILE" ./vcpkg.json; - -jq '.configurePresets |= map( - if .cacheVariables.TLSUV_TLSLIB == "mbedtls" then - .cacheVariables.TLSUV_TLSLIB |= "openssl" - else - . - end -) -' ./CMakePresets.json > "$TMPFILE"; -mv "$TMPFILE" ./CMakePresets.json; - -$BASEDIR/ziti-builder.sh -p ci-linux-${1:-x64}-static-libssl diff --git a/scripts/switchtls-build.bash b/scripts/switchtls-build.bash new file mode 100755 index 00000000..25177184 --- /dev/null +++ b/scripts/switchtls-build.bash @@ -0,0 +1,56 @@ +#!/usr/bin/env bash + +BASENAME="$(basename "${0}")" +BASEDIR="$(cd "$(dirname "${0}")" && pwd)" # full path to scripts dir + +if ! (( $# )) || [[ $* =~ -h|(--)?help ]]; then + echo -e "\nUsage: ${BASENAME} [openssl|mbedtls] [x64|arm64|arm]"\ + "\n\nConfigures build preset for OpenSSL or Mbed-TLS and"\ + "\nbuilds the binary if ARCH is specified\n" + exit 0 +fi + +set -euo pipefail; + +function switch_tls(){ + local old=$1; + local new=$2; + # munge the preset to use openssl + TMPFILE=$(mktemp); + jq --arg old $old --arg new $new '.dependencies |= map(if . == $old then $new else . end)' ./vcpkg.json > "$TMPFILE"; + mv "$TMPFILE" ./vcpkg.json; + + jq --arg old $old --arg new $new \ + '.configurePresets |= map( + if .cacheVariables.TLSUV_TLSLIB == $old then + .cacheVariables.TLSUV_TLSLIB |= $new + else + . + end + ) + ' ./CMakePresets.json > "$TMPFILE"; + mv "$TMPFILE" ./CMakePresets.json; +} + +TLSLIB=${1:-} +TARGETARCH=${2:-} + +if [[ $TLSLIB == "mbedtls" ]]; then + switch_tls "openssl" "mbedtls" + PRESET="ci-linux-${TARGETARCH}" +elif [[ $TLSLIB == "openssl" ]]; then + switch_tls "mbedtls" "openssl" + PRESET="ci-linux-${TARGETARCH}-static-libssl" +else + echo "Unknown TLS library: $TLSLIB" + exit 1 +fi + +if [[ -z $TARGETARCH ]]; then + echo "No architecture specified, only switching TLS library in vcpkg.json and CMakePresets.json" + exit 0 +elif [[ $TARGETARCH =~ ^(x64|arm(64))$ ]]; then + "$BASEDIR/ziti-builder.sh" -p "$PRESET" +else + echo "ERROR: Unknown architecture preset: $PRESET" +fi