INSTALLATION ON THE WIN32 PLATFORM ---------------------------------- Heres a few comments about building OpenSSL in Windows environments. Most of this is tested on Win32 but it may also work in Win 3.1 with some modification. You need Perl for Win32 (available from http://www.activestate.com/ActivePerl) and one of the following C compilers: * Visual C++ * Borland C * GNU C (Mingw32 or Cygwin32) If you want to compile in the assembly language routines with Visual C++ then you will need an assembler. This is worth doing because it will result in faster code: for example it will typically result in a 2 times speedup in the RSA routines. Currently the following assemblers are supported: * Microsoft MASM (aka "ml") * Free Netwide Assembler NASM. MASM was at one point distributed with VC++. It is now distributed with some Microsoft DDKs, for example the Windows NT 4.0 DDK and the Windows 98 DDK. If you do not have either of these DDKs then you can just download the binaries for the Windows 98 DDK and extract and rename the two files XXXXXml.exe and XXXXXml.err, to ml.exe and ml.err and install somewhere on your PATH. Both DDKs can be downloaded from the Microsoft developers site www.msdn.com. NASM is freely available. Version 0.98 was used during testing: other versions may also work. It is available from many places, see for example: http://www.kernel.org/pub/software/devel/nasm/binaries/win32/ The NASM binary nasmw.exe needs to be installed anywhere on your PATH. If you are compiling from a tarball or a CVS snapshot then the Win32 files may well be not up to date. This may mean that some "tweaking" is required to get it all to work. See the trouble shooting section later on for if (when?) it goes wrong. Visual C++ ---------- Firstly you should run Configure: > perl Configure VC-WIN32 Next you need to build the Makefiles and optionally the assembly language files: - If you are using MASM then run: > ms\do_masm - If you are using NASM then run: > ms\do_nasm - If you don't want to use the assembly language files at all then run: > ms\do_ms If you get errors about things not having numbers assigned then check the troubleshooting section: you probably won't be able to compile it as it stands. Then from the VC++ environment at a prompt do: > nmake -f ms\ntdll.mak If all is well it should compile and you will have some DLLs and executables in out32dll. If you want to try the tests then do: > cd out32dll > ..\ms\test Tweaks: There are various changes you can make to the Win32 compile environment. By default the library is not compiled with debugging symbols. If you add 'debug' to the mk1mk.pl lines in the do_* batch file then debugging symbols will be compiled in. The default Win32 environment is to leave out any Windows NT specific features. If you want to enable the NT specific features of OpenSSL (currently only the logging BIO) follow the instructions above but call the batch file do_nt.bat instead of do_ms.bat. You can also build a static version of the library using the Makefile ms\nt.mak Borland C++ builder 3 and 4 --------------------------- * Setup PATH. First must be GNU make then bcb4/bin * Run ms\bcb4.bat * Run make: > make -f bcb.mak GNU C (Mingw32) --------------- To build OpenSSL, you need the Mingw32 package and GNU make. * Compiler installation: Mingw32 is available from . GNU make is at . Install both of them in C:\egcs-1.1.2 and run C:\egcs-1.1.2\mingw32.bat to set the PATH. * Compile OpenSSL: > ms\mingw32 This will create the library and binaries in out. In case any problems occur, try > ms\mingw32 no-asm instead. libcrypto.a and libssl.a are the static libraries. To use the DLLs, link with libeay32.a and libssl32.a instead. See troubleshooting if you get error messages about functions not having a number assigned. * You can now try the tests: > cd out > ..\ms\test GNU C (CygWin32) --------------- CygWin32 provides a bash shell and GNU tools environment running on NT 4.0, Windows 9x and Windows 2000. Consequently, a make of OpenSSL with CygWin is closer to a GNU bash environment such as Linux rather than other W32 makes that are based on a single makefile approach. CygWin32 implements Posix/Unix calls through cygwin1.dll, and is contrasted to Mingw32 which links dynamically to msvcrt.dll or crtdll.dll. To build OpenSSL using CygWin32: * Install CygWin32 (see http://sourceware.cygnus.com/cygwin) * Install Perl and ensure it is in the path (recent Cygwin perl or ActivePerl) * Run the CygWin bash shell * $ tar zxvf openssl-x.x.x.tar.gz $ cd openssl-x.x.x $ ./Configure no-threads CygWin32 [...] $ make [...] $ make test $ make install This will create a default install in /usr/local/ssl. CygWin32 Notes: "make test" and normal file operations may fail in directories mounted as text (i.e. mount -t c:\somewhere /home) due to CygWin stripping of carriage returns. To avoid this ensure that a binary mount is used, e.g. mount -b c:\somewhere /home. As of version 1.1.1 CygWin32 is relatively unstable in its handling of cr/lf issues. These make procedures succeeded with versions 1.1 and the snapshot 20000524 (Slow!). "bc" is not provided in the CygWin32 distribution. This causes a non-fatal error in "make test" but is otherwise harmless. If desired, GNU bc can be built with CygWin32 without change. Installation ------------ There's currently no real installation procedure for Win32. There are, however, some suggestions: - do nothing. The include files are found in the inc32/ subdirectory, all binaries are found in out32dll/ or out32/ depending if you built dynamic or static libraries. - do as is written in INSTALL.Win32 that comes with modssl: $ md c:\openssl $ md c:\openssl\bin $ md c:\openssl\lib $ md c:\openssl\include $ md c:\openssl\include\openssl $ copy /b inc32\* c:\openssl\include\openssl $ copy /b out32dll\ssleay32.lib c:\openssl\lib $ copy /b out32dll\libeay32.lib c:\openssl\lib $ copy /b out32dll\ssleay32.dll c:\openssl\bin $ copy /b out32dll\libeay32.dll c:\openssl\bin $ copy /b out32dll\openssl.exe c:\openssl\bin Of course, you can choose another device than c:. C: is used here because that's usually the first (and often only) harddisk device. Note: in the modssl INSTALL.Win32, p: is used rather than c:. Troubleshooting --------------- Since the Win32 build is only occasionally tested it may not always compile cleanly. If you get an error about functions not having numbers assigned when you run ms\do_ms then this means the Win32 ordinal files are not up to date. You can do: > perl util\mkdef.pl crypto ssl update then ms\do_XXX should not give a warning any more. However the numbers that get assigned by this technique may not match those that eventually get assigned in the CVS tree: so anything linked against this version of the library may need to be recompiled. If you get errors about unresolved symbols there are several possible causes. If this happens when the DLL is being linked and you have disabled some ciphers then it is possible the DEF file generator hasn't removed all the disabled symbols: the easiest solution is to edit the DEF files manually to delete them. The DEF files are ms\libeay32.def ms\ssleay32.def. Another cause is if you missed or ignored the errors about missing numbers mentioned above. If you get warnings in the code then the compilation will halt. The default Makefile for Win32 halts whenever any warnings occur. Since VC++ has its own ideas about warnings which don't always match up to other environments this can happen. The best fix is to edit the file with the warning in and fix it. Alternatively you can turn off the halt on warnings by editing the CFLAG line in the Makefile and deleting the /WX option. You might get compilation errors. Again you will have to fix these or report them. One final comment about compiling applications linked to the OpenSSL library. If you don't use the multithreaded DLL runtime library (/MD option) your program will almost certainly crash because malloc gets confused -- the OpenSSL DLLs are statically linked to one version, the application must not use a different one. You might be able to work around such problems by adding CRYPTO_malloc_init() to your program before any calls to the OpenSSL libraries: This tells the OpenSSL libraries to use the same malloc(), free() and realloc() as the application. However there are many standard library functions used by OpenSSL that call malloc() internally (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot rely on CRYPTO_malloc_init() solving your problem, and you should consistently use the multithreaded library.