common.docker: Improve OpenSSL and CMake install introducing helper scripts

To accommodate the requirements associated with x86 and x64 images, the
command building OpenSSL and CMake became overly complex and hard to
maintain.

This commit has multiple purposes:

(1) simplify common.docker

(2) fix the building of 64-bit shared libraries against the static openssl
libraries by passing the -fPIC flag.

(3) ensure [many]linux-x86 and [many]linux-x64 images have an up-to-date
OpenSSL install. Openssl static libraries are installed in /usr

(4) simplify and speedup CMake build avoiding the second build with
explicit -DCMAKE_USE_OPENSSL:BOOL=ON. Indeed, configuring CMake on Linux
already looks for OpenSSL.

(5) speedup download of CMake source directly downloading the archive
corresponding to the revision.

(6) test CMake by:
  - running CMake.FileDownload test
  - trying to download a file served over https
This commit is contained in:
Jean-Christophe Fillion-Robin
2016-11-21 06:08:30 -05:00
parent 70de0f9856
commit 0552c37fea
7 changed files with 198 additions and 34 deletions

83
imagefiles/install-openssl.sh Executable file
View File

@ -0,0 +1,83 @@
#!/bin/bash
#
# Configure, build and install OpenSSL
#
# Usage:
#
# install-openssl.sh [-32]
#
# Options:
#
# -32 Build OpenSSL as a 32-bit library
#
# Notes:
#
# * build directory is /usr/src/openssl-$OPENSSL_VERSION
#
# * install directory is /usr
#
# * after installation, build directory and archive are removed
#
set -e
set -o pipefail
WRAPPER=""
CONFIG_FLAG="-fPIC"
SUFFIX=64
while [ $# -gt 0 ]; do
case "$1" in
-32)
WRAPPER="linux32"
CONFIG_FLAG="-m32"
SUFFIX=32
;;
*)
echo "Usage: Usage: ${0##*/} [-32]"
exit 1
;;
esac
shift
done
OPENSSL_VERSION=1.0.2j
OPENSSL_SHA256=e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431
cd /usr/src
# Download
if [ ! -f ./openssl-$OPENSSL_VERSION.tar.gz ]; then
wget https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz
else
rm -rf ./openssl-$OPENSSL_VERSION
fi
# Verify
sha256_openssl=`sha256sum ./openssl-$OPENSSL_VERSION.tar.gz | awk '{ print $1 }'`
if [ "$sha256_openssl" != "$OPENSSL_SHA256" ]
then
echo "SHA256 mismatch. Problem downloading OpenSSL."
echo " current [$sha256_openssl]"
echo " expected[$OPENSSL_SHA256]"
exit 1
fi
# Extract
tar -xzvf openssl-$OPENSSL_VERSION.tar.gz
pushd openssl-$OPENSSL_VERSION
# Configure
${WRAPPER} ./config --prefix=/usr $CONFIG_FLAG
# Build & Install
${WRAPPER} make install
popd
# Clean
rm -rf ./openssl-$OPENSSL_VERSION*
rm -rf /usr/ssl/man