Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Several improvements to the discussion of building against OpenSSL in www/ssl.wiki. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
48b74fce3c504401c6ceb638e167b2b9 |
User & Date: | wyoung 2019-02-07 00:01:34.647 |
Context
2019-02-07
| ||
17:18 | Update the built-in SQLite to the official 3.27.0 release version. ... (check-in: c56fce69 user: drh tags: trunk) | |
00:01 | Several improvements to the discussion of building against OpenSSL in www/ssl.wiki. ... (check-in: 48b74fce user: wyoung tags: trunk) | |
2019-02-05
| ||
20:54 | Update the built-in SQLite to the latest 3.27.0 beta for testing. ... (check-in: 1dbf923c user: drh tags: trunk) | |
Changes
Changes to www/ssl.wiki.
︙ | ︙ | |||
23 24 25 26 27 28 29 | Fossil itself has built-in support for TLS on the client side only. That is to say, you can build it against [https://www.openssl.org/|the OpenSSL library], which will allow it to clone and sync with a remote Fossil repository via <tt>https</tt> URIs. | | > > > > | | | | 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | Fossil itself has built-in support for TLS on the client side only. That is to say, you can build it against [https://www.openssl.org/|the OpenSSL library], which will allow it to clone and sync with a remote Fossil repository via <tt>https</tt> URIs. <h3 id="openssl-bin">Building Against OpenSSL Automatically</h3> The <tt>configure</tt> script will attempt to find OpenSSL on your system automatically. It first tries asking the <tt>pkg-config</tt> system where the OpenSSL development files are, and if that fails, it falls back to looking through a list of likely directories. If it can't find the files it needs, the most common solution is to install the OpenSSL development package on your system via your OS's package manager. Examples: * <b>RHEL & Fedora</b>: <tt>sudo yum install openssl-devel</tt> * <b>Debian & Ubuntu</b>: <tt>sudo apt install libssl-dev</tt> * <b>FreeBSD</b>: <tt>su -c 'pkg install openssl'</tt> * <b>macOS</b>: <tt>sudo brew install openssl</tt> * <b>Cygwin</b>: Install <tt>openssl-devel</tt> via Cygwin's <tt>setup-*.exe</tt> program |
︙ | ︙ | |||
52 53 54 55 56 57 58 | use [https://brew.sh|Homebrew] on macOS to install OpenSSL as above. Fossil's build system will seek it out and use it automatically. <h3 id="openssl-src">Building Against a Non-Platform Version of OpenSSL</h3> | | < | | | < < | | | | | > | | | | > > > > | | > > | 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 | use [https://brew.sh|Homebrew] on macOS to install OpenSSL as above. Fossil's build system will seek it out and use it automatically. <h3 id="openssl-src">Building Against a Non-Platform Version of OpenSSL</h3> The Fossil build system has a few other methods for finding OpenSSL when the automatic methods fail or when you'd prefer that Fossil use a different version of OpenSSL than the one Fossil's build system picks on its own. A good reason to do this is when the Fossil build system finds a functioning version of OpenSSL which is nevertheless unsuitable. One common case is that your OS is sufficiently outdated that the platform version of OpenSSL can no longer communicate with remote systems adhering to the latest advice on secure communications. An old OpenSSL might not support any of the [https://en.wikipedia.org/wiki/Cipher_suite|cipher suites] the remote Fossil repository's HTTPS proxy is willing to offer, for example, so that even though both sides are speaking a variant of TLS/SSL, the peers cannot come to an agreement on the cryptography. If you've installed the OpenSSL development files somewhere that Fossil's build system cannot find on its own, you can clue it in by passing the <tt>--with-openssl</tt> option to the <tt>configure</tt> script. Type <tt>./configure --help</tt> for details. Another option is to download the source code to OpenSSL and build Fossil against that private version of OpenSSL: <pre> cd compat # relative to the Fossil source tree root tar xf /path/to/openssl-*.tar.gz ln -fs openssl-x.y.z openssl cd openssl ./config # or, e.g. ./Configure darwin64-x86_64-cc make -j11 cd ../.. ./configure --with-openssl=tree make -j11 </pre> |
︙ | ︙ |