Skip to content

Commit 54aa9d5

Browse files
committed
Fix default installation paths on mingw
Mingw config targets assumed that resulting programs and libraries are installed in a Unix-like environment and the default installation prefix was therefore set to '/usr/local'. However, mingw programs are installed in a Windows environment, and the installation directories should therefore have Windows defaults, i.e. the same kind of defaults as the VC config targets. A difficulty is, however, that a "cross compiled" build can't figure out the system defaults from environment the same way it's done when building "natively", so we have to fall back to hard coded defaults in that case. Tests can still be performed when cross compiled on a non-Windows platform, since all tests only depend on the source and build directory, and otherwise relies on normal local paths. CVE-2019-1552 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #9400)
1 parent b4b42d4 commit 54aa9d5

File tree

4 files changed

+124
-0
lines changed

4 files changed

+124
-0
lines changed

Diff for: CHANGES

+7
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,13 @@
99

1010
Changes between 1.1.1c and 1.1.1d [xx XXX xxxx]
1111

12+
*) Use Windows installation paths in the mingw builds
13+
14+
Mingw isn't a POSIX environment per se, which means that Windows
15+
paths should be used for installation.
16+
(CVE-2019-1552)
17+
[Richard Levitte]
18+
1219
*) Changed DH parameters to generate the order q subgroup instead of 2q.
1320
Previously generated DH parameters are still accepted by DH_check
1421
but DH_generate_key works around that by clearing bit 0 of the

Diff for: Configurations/10-main.conf

+4
Original file line numberDiff line numberDiff line change
@@ -1397,6 +1397,10 @@ my %targets = (
13971397
shared_extension => ".dll",
13981398
multilib => "",
13991399
apps_aux_src => add("win32_init.c"),
1400+
# "WOW" stands for "Windows on Windows", and that word engages
1401+
# some installation path heuristics in unix-Makefile.tmpl...
1402+
build_scheme => add("WOW", { separator => undef }),
1403+
14001404
},
14011405
"mingw64" => {
14021406
# As for OPENSSL_USE_APPLINK. Applink makes it possible to use

Diff for: Configurations/unix-Makefile.tmpl

+98
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,26 @@
1414
our $dsoext = $target{dso_extension} || ".so";
1515
our $makedepprog = $disabled{makedepend} ? undef : $config{makedepprog};
1616

17+
# $mingw_installroot and $mingw_commonroot is relevant for mingw only.
18+
my $build_scheme = $target{build_scheme};
19+
my $install_flavour = $build_scheme->[$#$build_scheme]; # last element
20+
my $mingw_installenv = $install_flavour eq "WOW" ? "ProgramFiles(x86)"
21+
: "ProgramW6432";
22+
my $mingw_commonenv = $install_flavour eq "WOW" ? "CommonProgramFiles(x86)"
23+
: "CommonProgramW6432";
24+
our $mingw_installroot =
25+
defined($ENV{$mingw_installenv}) ? $mingw_installenv : 'ProgramFiles';
26+
our $mingw_commonroot =
27+
defined($ENV{$mingw_commonenv}) ? $mingw_commonenv : 'CommonProgramFiles';
28+
my $mingw_installdflt =
29+
$install_flavour eq "WOW" ? "C:/Program Files (x86)"
30+
: "C:/Program Files";
31+
my $mingw_commondflt = "$mingw_installdflt/Common Files";
32+
33+
# expand variables early
34+
$mingw_installroot = $ENV{$mingw_installroot} // $mingw_installdflt;
35+
$mingw_commonroot = $ENV{$mingw_commonroot} // $mingw_commondflt;
36+
1737
sub windowsdll { $config{target} =~ /^(?:Cygwin|mingw)/ }
1838

1939
# Shared AIX support is special. We put libcrypto[64].so.ver into
@@ -132,6 +152,7 @@ APPS_OPENSSL={- use File::Spec::Functions;
132152
# Normally it is left empty.
133153
DESTDIR=
134154

155+
{- output_off() if $config{target} =~ /^mingw/; "" -}
135156
# Do not edit these manually. Use Configure with --prefix or --openssldir
136157
# to change this! Short explanation in the top comment in Configure
137158
INSTALLTOP={- # $prefix is used in the OPENSSLDIR perl snippet
@@ -175,6 +196,83 @@ ENGINESDIR=$(libdir)/engines-{- $sover_dirname -}
175196
# Convenience variable for those who want to set the rpath in shared
176197
# libraries and applications
177198
LIBRPATH=$(libdir)
199+
{- output_on() if $config{target} =~ /^mingw/;
200+
output_off() if $config{target} !~ /^mingw/;
201+
"" -}
202+
# Do not edit these manually. Use Configure with --prefix or --openssldir
203+
# to change this! Short explanation in the top comment in Configure
204+
INSTALLTOP_dev={- # $prefix is used in the OPENSSLDIR perl snippet
205+
#
206+
use File::Spec::Win32;
207+
my $prefix_default = "$mingw_installroot/OpenSSL";
208+
our $prefix =
209+
File::Spec::Win32->canonpath($config{prefix}
210+
|| $prefix_default);
211+
our ($prefix_dev, $prefix_dir, $prefix_file) =
212+
File::Spec::Win32->splitpath($prefix, 1);
213+
$prefix =~ s|\\|/|g;
214+
$prefix_dir =~ s|\\|/|g;
215+
$prefix_dev -}
216+
INSTALLTOP_dir={- my $x = File::Spec::Win32->canonpath($prefix_dir);
217+
$x =~ s|\\|/|g;
218+
$x -}
219+
OPENSSLDIR_dev={- #
220+
# The logic here is that if no --openssldir was given,
221+
# OPENSSLDIR will get the value "$mingw_commonroot/SSL".
222+
# If --openssldir was given and the value is an absolute
223+
# path, OPENSSLDIR will get its value without change.
224+
# If the value from --openssldir is a relative path,
225+
# OPENSSLDIR will get $prefix with the --openssldir
226+
# value appended as a subdirectory.
227+
#
228+
use File::Spec::Win32;
229+
our $openssldir =
230+
$config{openssldir} ?
231+
(File::Spec::Win32->file_name_is_absolute($config{openssldir}) ?
232+
File::Spec::Win32->canonpath($config{openssldir})
233+
: File::Spec::Win32->catdir($prefix, $config{openssldir}))
234+
: File::Spec::Win32->canonpath("$mingw_commonroot/SSL");
235+
our ($openssldir_dev, $openssldir_dir, $openssldir_file) =
236+
File::Spec::Win32->splitpath($openssldir, 1);
237+
$openssldir =~ s|\\|/|g;
238+
$openssldir_dir =~ s|\\|/|g;
239+
$openssldir_dev -}
240+
OPENSSLDIR_dir={- my $x = File::Spec::Win32->canonpath($openssldir_dir);
241+
$x =~ s|\\|/|g;
242+
$x -}
243+
LIBDIR={- our $libdir = $config{libdir} || "lib";
244+
File::Spec::Win32->file_name_is_absolute($libdir) ? "" : $libdir -}
245+
ENGINESDIR_dev={- use File::Spec::Win32;
246+
our $enginesdir =
247+
File::Spec::Win32->catdir($prefix,$libdir,
248+
"engines-$sover_dirname");
249+
our ($enginesdir_dev, $enginesdir_dir, $enginesdir_file) =
250+
File::Spec::Win32->splitpath($enginesdir, 1);
251+
$enginesdir =~ s|\\|/|g;
252+
$enginesdir_dir =~ s|\\|/|g;
253+
$enginesdir_dev -}
254+
ENGINESDIR_dir={- my $x = File::Spec::Win32->canonpath($enginesdir_dir);
255+
$x =~ s|\\|/|g;
256+
$x -}
257+
# In a Windows environment, $(DESTDIR) is harder to contatenate with other
258+
# directory variables, because both may contain devices. What we do here is
259+
# to adapt INSTALLTOP, OPENSSLDIR and ENGINESDIR depending on if $(DESTDIR)
260+
# has a value or not, to ensure that concatenation will always work further
261+
# down.
262+
ifneq "$(DESTDIR)" ""
263+
INSTALLTOP=$(INSTALLTOP_dir)
264+
OPENSSLDIR=$(OPENSSLDIR_dir)
265+
ENGINESDIR=$(ENGINESDIR_dir)
266+
else
267+
INSTALLTOP=$(INSTALLTOP_dev)$(INSTALLTOP_dir)
268+
OPENSSLDIR=$(OPENSSLDIR_dev)$(OPENSSLDIR_dir)
269+
ENGINESDIR=$(ENGINESDIR_dev)$(ENGINESDIR_dir)
270+
endif
271+
272+
# $(libdir) is chosen to be compatible with the GNU coding standards
273+
libdir={- File::Spec::Win32->file_name_is_absolute($libdir)
274+
? $libdir : '$(INSTALLTOP)/$(LIBDIR)' -}
275+
{- output_on() if $config{target} !~ /^mingw/; "" -}
178276

179277
MANDIR=$(INSTALLTOP)/share/man
180278
DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)

Diff for: NOTES.WIN

+15
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,21 @@
109109
This naturally implies that you've installed corresponding add-on
110110
packages.
111111

112+
Independently of the method chosen to build for mingw, the installation
113+
paths are similar to those used when building with VC-* targets, except
114+
that in case the fallbacks mentioned there aren't possible (typically
115+
when cross compiling on Linux), the paths will be the following:
116+
117+
For mingw:
118+
119+
PREFIX: C:/Program Files (x86)/OpenSSL
120+
OPENSSLDIR C:/Program Files (x86)/Common Files/SSL
121+
122+
For mingw64:
123+
124+
PREFIX: C:/Program Files/OpenSSL
125+
OPENSSLDIR C:/Program Files/Common Files/SSL
126+
112127
Linking your application
113128
========================
114129

0 commit comments

Comments
 (0)