# Compile Apache 2.0.55 with OpenSSL 0.9.8a for Windows using Microsoft Visual C++
# Copyright (c) 2005 Ross Smith. All Rights Reserved.
# $Id$
# inspiration: http://www.devside.net/web/server/windows/apache-ssl-deflate
APACHE_VER?=2.0.55
OPENSSL_VER?=0.9.8a
ZLIB_VER?=1.2.2
# Cygwin's awk causes wierd errors, so we'll use gnuwin32's version
GAWK_VER?=3.1.3-2
APACHE_ZLIB_PATCH?=httpd-2.0.54_zlib-1.2.2.patch
APACHE_OPENSSL_PATCH?=httpd-2.0.54_openssl-0.9.8.patch
ZLIB_122_PATCH?=zlib-1.2.2-inftrees.c.diff
# use forward slashes for the following patches
OUTDIR?=C:/www/Apache2
# 6.0, 7.0 or .NET
MSVC_DIR_WIN?=C:/Program Files/Microsoft Visual Studio/VC98
# required for ml.exe, this may be provided if you have Visual Studio .NET
# NASM may also work, haven't tried it...
ASM_DIR_WIN?=C:/Program Files/NTDDK
# Must use ActiveState's perl, not Cygwin's perl
PERL_DIR_WIN?=C:/perl
SERVERNAME?=localhost
# preface @'s with backslashes (e.g., enter ex@ex.com as ex\@ex.com)
SERVERADMIN?=webmaster\@example.com
PORT?=80
SSL_PORT?=443
SSL_INPUT_PASSWORD?=aaaa
SSL_OUTPUT_PASSWORD?=${SSL_INPUT_PASSWORD}
SSL_COUNTRY?=US
SSL_STATE?=CA
SSL_LOCALITY?=Santa Monica
SSL_ORG?=Ross Smith
SSL_ORG_UNIT?=
SSL_COMMON_NAME?=Ross Smith
# preface @'s with backslashes (e.g., enter ex@ex.com as ex\@ex.com)
SSL_EMAIL?=${SERVERADMIN}
SSL_PASSWD_MIN?=0
SSL_UNSTRUCTURED_NAME?=
WGET?=wget -N
APACHE?=httpd-${APACHE_VER}
APACHE_ZIP?=${APACHE}-win32-src.zip
APACHE_URL?=http://www.apache.org/dist/httpd/${APACHE_ZIP}
# http://apache.oc1.mirrors.redwire.net/httpd/httpd-2.0.55-win32-src.zip
APACHE_DIR?=${APACHE}
ZLIB?=zlib-${ZLIB_VER}
ZLIB_GZ?=${ZLIB}.tar.gz
ZLIB_URL?=http://www.zlib.net/${ZLIB_GZ}
OPENSSL?=openssl-${OPENSSL_VER}
OPENSSL_GZ?=${OPENSSL}.tar.gz
OPENSSL_URL?=http://www.openssl.org/source/${OPENSSL_GZ}
GAWK?=gawk-${GAWK_VER}
GAWK_ZIP?=${GAWK}-bin.zip
GAWK_URL?=http://easynews.dl.sourceforge.net/sourceforge/gnuwin32/${GAWK_ZIP}
GAWK_DEP_ZIP?=gawk-${GAWK_VER}-dep.zip
GAWK_DEP_URL?=http://easynews.dl.sourceforge.net/sourceforge/gnuwin32/${GAWK_DEP_ZIP}
APACHE_ZLIB_PATCH_URL?=http://smithii.com/files/$(APACHE_ZLIB_PATCH)
APACHE_OPENSSL_PATCH_URL?=http://smithii.com/files/$(APACHE_OPENSSL_PATCH)
ZLIB_122_PATCH_URL?=http://linuce.free.fr/$(ZLIB_122_PATCH)
SRCLIB=${APACHE_DIR}/srclib
ZLIB_DIR=${SRCLIB}/zlib
OPENSSL_DIR=${SRCLIB}/openssl
APACHE_CONF_TOUCH=${APACHE_ZIP}_conf.touch
APACHE_NMAKE_TOUCH=${APACHE_ZIP}_nmake.touch
APACHE_OPENSSL_PATCH_TOUCH=${APACHE_OPENSSL_PATCH}.touch
APACHE_ZIP_TOUCH=${APACHE_ZIP}.touch
APACHE_ZLIB_PATCH_TOUCH=${APACHE_ZLIB_PATCH}.touch
GAWK_DEP_ZIP_TOUCH=${GAWK_DEP_ZIP}.touch
GAWK_ZIP_TOUCH=${GAWK_ZIP}.touch
OPENSSL_CNF_TOUCH=${OPENSSL_GZ}_cnf.touch
OPENSSL_CONFIGURE_TOUCH=${OPENSSL_GZ}_configure.touch
OPENSSL_DO_MASM_TOUCH=${OPENSSL_GZ}_do_masm.touch
OPENSSL_GZ_TOUCH=${OPENSSL_GZ}.touch
OPENSSL_KEY_SETUP_TOUCH=${OPENSSL_GZ}_key_setup.touch
OPENSSL_NMAKE_TOUCH=${OPENSSL_GZ}_nmake.touch
ZLIB_122_PATCH_TOUCH=$(ZLIB_122_PATCH).touch
ZLIB_GZ_TOUCH=${ZLIB_GZ}.touch
BINDIR=${OUTDIR}/bin
CONFDIR=${OUTDIR}/conf
OPENSSL_CNF=${BINDIR}/openssl.cnf
BUILD_DIR=${shell pwd}
define unix2dos
$(shell cygpath -w "$(1)" | sed -e 's|/|\\|g')
endef
define dos2unix
$(shell cygpath $(1) | sed -e 's/ /\\ /g')
endef
OUTDIR_WIN=$(call unix2dos,"$(OUTDIR)")
MSVC_DIR=$(call dos2unix,"$(MSVC_DIR_WIN)")
ASM_DIR=$(call dos2unix,"$(ASM_DIR_WIN)")
PERL_DIR=$(call dos2unix,"$(PERL_DIR_WIN)")
CMD_EXE=$(call dos2unix,"$(COMSPEC)")
.PHONY: all
all: config_ssl
${APACHE_ZIP}:
${WGET} ${APACHE_URL}
${APACHE_ZIP_TOUCH}: ${APACHE_ZIP}
unzip -o $<
touch $@
.PHONY: apache_zip
apache_zip: ${APACHE_ZIP_TOUCH}
$(APACHE_ZLIB_PATCH):
$(WGET) $(APACHE_ZLIB_PATCH_URL)
${APACHE_ZLIB_PATCH_TOUCH}: ${APACHE_ZLIB_PATCH} ${APACHE_ZIP_TOUCH}
cd ${APACHE_DIR} && \
patch --unified --batch --ignore-whitespace -p1 <../$<
touch $@
$(APACHE_OPENSSL_PATCH):
$(WGET) $(APACHE_OPENSSL_PATCH_URL)
${APACHE_OPENSSL_PATCH_TOUCH}: ${APACHE_OPENSSL_PATCH} ${APACHE_ZIP_TOUCH}
cd ${APACHE_DIR} && \
patch --unified --batch --ignore-whitespace -p1 <../$<
touch $@
.PHONY: apache_patches
apache_patches: ${APACHE_ZLIB_PATCH_TOUCH} ${APACHE_OPENSSL_PATCH_TOUCH}
${ZLIB_GZ}:
${WGET} ${ZLIB_URL}
${ZLIB_GZ_TOUCH}: ${ZLIB_GZ} ${APACHE_ZLIB_PATCH_TOUCH}
-mkdir -p ${SRCLIB}
tar -xvz -f $< --directory=${SRCLIB}
cd ${SRCLIB} && mv -f ${ZLIB} zlib
touch $@
$(ZLIB_122_PATCH):
$(WGET) $(ZLIB_122_PATCH_URL)
${ZLIB_122_PATCH_TOUCH}: ${ZLIB_122_PATCH} ${ZLIB_GZ_TOUCH}
cd ${SRCLIB}/zlib && \
patch --unified --batch --ignore-whitespace -p1 <../../../$<
touch $@
.PHONY: zlib
zlib: ${ZLIB_122_PATCH_TOUCH}
${OPENSSL_GZ}:
${WGET} ${OPENSSL_URL}
${OPENSSL_GZ_TOUCH}: ${OPENSSL_GZ} ${APACHE_ZLIB_PATCH_TOUCH}
-mkdir -p ${SRCLIB}
tar -xvz -f $< --directory=${SRCLIB}
cd ${SRCLIB} && mv -f ${OPENSSL} openssl
touch $@
${OPENSSL_CONFIGURE_TOUCH}: ${OPENSSL_GZ_TOUCH}
cd ${OPENSSL_DIR} && \
PATH=${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH \
${PERL_DIR}/bin/perl Configure --openssldir="${BINDIR}" VC-WIN32
touch $@
${OPENSSL_DO_MASM_TOUCH}: ${OPENSSL_CONFIGURE_TOUCH}
cd ${OPENSSL_DIR} && \
PATH=${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH \
${CMD_EXE} /c ms\\do_masm.bat
touch $@
${OPENSSL_NMAKE_TOUCH}: ${OPENSSL_DO_MASM_TOUCH}
cd ${OPENSSL_DIR} && \
MAKEFLAGS="" \
PATH=${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH \
${CMD_EXE} /c nmake /f ms\\ntdll.mak
chmod +x ${OPENSSL_DIR}/out32dll/openssl.exe
touch $@
.PHONY: openssl
openssl: ${OPENSSL_NMAKE_TOUCH}
${GAWK_DEP_ZIP}:
${WGET} ${GAWK_DEP_URL}
${GAWK_DEP_ZIP_TOUCH}: ${GAWK_DEP_ZIP}
unzip -o -d gawk $<
touch $@
${GAWK_ZIP}:
${WGET} ${GAWK_URL}
${GAWK_ZIP_TOUCH}: ${GAWK_ZIP} ${GAWK_DEP_ZIP_TOUCH}
unzip -o -d gawk $<
cp gawk/bin/gawk.exe gawk/bin/awk.exe
chmod +x gawk/bin/*.exe
touch $@
.PHONY: gawk
gawk: ${GAWK_ZIP_TOUCH}
${APACHE_NMAKE_TOUCH}: zlib ${APACHE_OPENSSL_PATCH_TOUCH} gawk
cd ${APACHE_DIR} && \
MAKEFLAGS="" \
PATH=${BUILD_DIR}/gawk/bin:${MSVC_DIR}/bin:${ASM_DIR}/bin:${PERL_DIR}/bin:$$PATH \
${CMD_EXE} /c nmake /f Makefile.win SERVERNAME="${SERVERNAME}" PORT=${PORT} INSTDIR="${OUTDIR_WIN}" installr
touch $@
${APACHE_CONF_TOUCH}: ${APACHE_NMAKE_TOUCH}
perl -pi.bak -e ' \
s~SSLMutex\s*file:logs/ssl_mutex~SSLMutex default~i; \
s~ServerName www.example.com~ServerName ${SERVERNAME}~i; \
s~ServerAdmin you@example.com~ServerAdmin ${SERVERADMIN}~i; \
s~443~${SSL_PORT}~; \
' ${CONFDIR}/ssl*.conf
perl -pi.bak -e ' \
s~.*LoadModule\s+headers_module\s+modules/mod_headers.so~LoadModule headers_module modules/mod_headers.so~i; \
s~.*LoadModule\s+ssl_module\s+modules/mod_ssl.so~LoadModule ssl_module modules/mod_ssl.so\nLoadModule deflate_module modules/mod_deflate.so~i; \
s~.*.*~\n AddOutputFilterByType DEFLATE text/html text/plain text/css\n Header append Vary User-Agent~i; \
s~^#.*~#\n\nBrowserMatch ^Mozilla/4 gzip-only-text/html\nBrowserMatch ^Mozilla/4\.0[678] no-gzip\nBrowserMatch \\bMSIE !no-gzip !gzip-only-text/html\n~i; \
s~^ServerAdmin \@\@ServerAdmin\@\@~ServerAdmin ${SERVERADMIN}~i; \
' ${CONFDIR}/httpd*.conf
.PHONY: apache
apache: ${APACHE_CONF_TOUCH}
${OPENSSL_CNF}: ${OPENSSL_NMAKE_TOUCH} ${APACHE_CONF_TOUCH}
cp -f ${OPENSSL_DIR}/apps/openssl.cnf "${BINDIR}"
${OPENSSL_CNF_TOUCH}: ${OPENSSL_CNF}
perl -pi.bak -e ' \
s~.*countryName_default\s*=.*~countryName_default=${SSL_COUNTRY}~i; \
s~.*stateOrProvinceName_default.*~stateOrProvinceName_default=${SSL_STATE}~i; \
s~.*localityName\s*=\s*(L.*)~localityName=\1\nlocalityName_default=${SSL_LOCALITY}~i; \
s~.*0.organizationName_default.*~0.organizationName_default=${SSL_ORG}~i; \
s~.*organizationalUnitName_default.*~organizationalUnitName_default=${SSL_ORG_UNIT}~i; \
s~.*commonName_max\s*=\s*(\d+).*~commonName_max=\1\ncommonName_default=${SSL_COMMON_NAME}~i; \
s~.*emailAddress_max\s*=\s*(\d+).*~emailAddress_max=\1\nemailAddress_default=${SSL_EMAIL}~i; \
s~.*challengePassword_min.*~challengePassword_min=${SSL_PASSWD_MIN}~i; \
s~.*unstructuredName\s*=\s*(A.*)~unstructuredName=\1\nunstructuredName_default=${SSL_UNSTRUCTURED_NAME}~i; \
s~.*input_password\s*=\s*\w+~input_password=${SSL_INPUT_PASSWORD}~i; \
s~.*output_password\s*=\s*\w+~output_password=${SSL_OUTPUT_PASSWORD}~i; \
' "${OPENSSL_CNF}"
${OPENSSL_KEY_SETUP_TOUCH}: ${OPENSSL_CNF_TOUCH}
mkdir -p "${CONFDIR}/ssl.crt"
mkdir -p "${CONFDIR}/ssl.key"
cd "${BINDIR}" && \
./openssl req -new -out server.csr
cd "${BINDIR}" && \
./openssl rsa -in privkey.pem -out server.key
cd "${BINDIR}" && \
./openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365
cd "${OUTDIR}" && \
mv -f bin/server.crt conf/ssl.crt
cd "${OUTDIR}" && \
mv -f bin/server.key conf/ssl.key
cd "${BINDIR}" && \
rm -fr .rnd privkey.pem server.csr
touch $@
.PHONY: config_ssl
config_ssl: ${OPENSSL_KEY_SETUP_TOUCH}
DIST_FILES=\
OPENSSL-README.txt \
OPENSSL-NEWS.txt \
bin/libeay32.dll \
bin/openssl.exe \
bin/ssleay32.dll \
bin/openssl.cnf \
conf/httpd.conf \
conf/ssl.conf \
conf/ssl.crt/server.crt \
conf/ssl.key/server.key \
modules/mod_ssl.so \
modules/mod_deflate.so
DIST_FILE=apache-${APACHE_VER}_openssl-${OPENSSL_VER}.zip
$(DIST_FILE): all
find ${OUTDIR} -name '*.exe' -o -name '*.dll' -o -name '*.so' | xargs chmod a+rx
cd ${OUTDIR} && zip -9q $(BUILD_DIR)/$(DIST_FILE) $(DIST_FILES)
.PHONY: dist
dist: $(DIST_FILE)
.PHONY: clean
clean:
rm -fr \
httpd*.touch \
gawk*.touch \
openssl*.touch \
gawk \
${APACHE_DIR}
.PHONY: realclean
realclean: clean
rm -fr \
${APACHE_ZIP} \
${ZLIB_GZ} \
${OPENSSL_GZ} \
${GAWK_ZIP} \
${GAWK_DEP_ZIP}