Websocket SSL 연결을 위해 OpenSSL을 Static 빌드해서 사용한다. 현재 Open SSL의 버전은 1.x.x와 3.x.x 가 존재한다.
아래 내용은 한글 윈도우즈 10에서 Visual Studio 2022 버전 환경 기반이다.
다른 버전에서도 크게 차이는 없을 것으로 판단됨.
Open SSL 소스 코드 다운로드 :
아래 사이트에서 다운로드 1,3 버전 중 선택해서 최신 안정화 버전으로 다운로드 한다.
https://github.com/openssl/openssl/releases
Perl 설치 :
두버전 모두 Perl이 설치되어야 빌드가 가능하다.
Perl 다운로드 : https://strawberryperl.com/
NASM 설치
nasm 다운로드 : https://www.nasm.us/pub/nasm/releasebuilds/?C=M;O=D
nasm 2.16.01 버전으로 설치해서 빌드
환경 변수 등록
빌드시에 VS의 CMD 창에서는 빌드가 안됨, 별도의 x86 툴로 빌드해야한다.
윈도우의 환경 변수로 아래 Path를 등록해준다
path nmake.exe C:\Program Files (x86)\Microsoft Visual Studio 14.0 \VC\bin path cl.exe C:\Program Files (x86)\Windows Kits\ 10 \bin\ 10.0 . 19041.0 \x86 |
한글 윈도우 터미널 창 코드 관련 문제
한글 코드 관련으로 빌드시에 오류가 발생할 수 있다. 오류 발생시 터미널 창에서 아래 명령으로 환경 설정을 해준다.
se터t LANG=C set LC_ALL=C |
Build 하기
configure 설정 만들기
터미널 창을 실행하고 소스가 저장된 디렉토리로 이동한다.
cd C:\Users\siseongahn\Develop\openssl\openssl- 1.1 .1v |
아래 명령어로 x86 툴로 64비트로 빌드하도록 설정한다.
call "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" x86_amd64 |
configure 설정 (디버그/ 릴리즈 모드)
perl Configure -MTd no-shared no-idea no-mdc2 no-rc5 debug-VC-WIN64A perl Configure -MT no-shared no-idea no-mdc2 no-rc5 VC-WIN64A |
빌드 실행
nmake clean nmake nmake install |
완료 후에 C:\Program Files\OpenSSL 폴더안에 빌드된 라이브러리와 Include 파일이 설치된다.
테스트 실행
1.1.1w 버전으로 pass 됨
Test 결과 1.1 .1w Microsoft(R) Program Maintenance Utility 버전 14.00 . 24247.2 Copyright (c) Microsoft Corporation. All rights reserved. mkdir .\test\test-runs set SRCTOP=. set BLDTOP=. set RESULT_D=.\test\test-runs set PERL=C:\Strawberry\perl\bin\perl.exe set OPENSSL_ENGINES=C:\Users\siseongahn\Develop\openssl\openssl- 1.1 .1w\engines set OPENSSL_DEBUG_MEMORY=on "C:\Strawberry\perl\bin\perl.exe" ".\test\run_tests.pl" test\recipes\ 01 -test_abort.t .................... ok test\recipes\ 01 -test_sanity.t ................... ok test\recipes\ 01 -test_symbol_presence.t .......... skipped: Only useful when building shared libraries test\recipes\ 01 -test_test.t ..................... ok test\recipes\ 02 -test_errstr.t ................... skipped: This is unsupported on MSYS/MinGW or MSWin32 test\recipes\ 02 -test_internal_ctype.t ........... ok test\recipes\ 02 -test_lhash.t .................... ok test\recipes\ 02 -test_ordinals.t ................. ok test\recipes\ 02 -test_stack.t .................... ok test\recipes\ 03 -test_exdata.t ................... ok test\recipes\ 03 -test_internal_asn1.t ............ ok test\recipes\ 03 -test_internal_chacha.t .......... ok test\recipes\ 03 -test_internal_curve448.t ........ ok test\recipes\ 03 -test_internal_ec.t .............. ok test\recipes\ 03 -test_internal_mdc2.t ............ skipped: mdc2 is not supported by this OpenSSL build test\recipes\ 03 -test_internal_modes.t ........... ok test\recipes\ 03 -test_internal_poly1305.t ........ ok test\recipes\ 03 -test_internal_siphash.t ......... ok test\recipes\ 03 -test_internal_sm2.t ............. ok test\recipes\ 03 -test_internal_sm4.t ............. ok test\recipes\ 03 -test_internal_ssl_cert_table.t .. ok test\recipes\ 03 -test_internal_x509.t ............ ok test\recipes\ 03 -test_ui.t ....................... ok test\recipes\ 04 -test_asn1_decode.t .............. ok test\recipes\ 04 -test_asn1_encode.t .............. ok test\recipes\ 04 -test_asn1_string_table.t ........ ok test\recipes\ 04 -test_bio_callback.t ............. ok test\recipes\ 04 -test_bioprint.t ................. ok test\recipes\ 04 -test_err.t ...................... ok test\recipes\ 04 -test_pem.t ...................... ok test\recipes\ 05 -test_bf.t ....................... ok test\recipes\ 05 -test_cast.t ..................... ok test\recipes\ 05 -test_cmac.t ..................... ok test\recipes\ 05 -test_des.t ...................... ok test\recipes\ 05 -test_hmac.t ..................... ok test\recipes\ 05 -test_idea.t ..................... skipped: idea is not supported by this OpenSSL build test\recipes\ 05 -test_md2.t ...................... skipped: md2 is not supported by this OpenSSL build test\recipes\ 05 -test_mdc2.t ..................... skipped: mdc2 is not supported by this OpenSSL build test\recipes\ 05 -test_rand.t ..................... ok test\recipes\ 05 -test_rc2.t ...................... ok test\recipes\ 05 -test_rc4.t ...................... ok test\recipes\ 05 -test_rc5.t ...................... skipped: rc5 is not supported by this OpenSSL build test\recipes\ 06 -test-rdrand.t ................... ok test\recipes\ 10 -test_bn.t ....................... ok test\recipes\ 10 -test_exp.t ...................... ok test\recipes\ 15 -test_dh.t ....................... ok test\recipes\ 15 -test_dsa.t ...................... ok test\recipes\ 15 -test_ec.t ....................... ok test\recipes\ 15 -test_ecdsa.t .................... ok test\recipes\ 15 -test_ecparam.t .................. ok test\recipes\ 15 -test_genec.t .................... ok test\recipes\ 15 -test_genrsa.t ................... ok test\recipes\ 15 -test_mp_rsa.t ................... ok test\recipes\ 15 -test_out_option.t ............... ok test\recipes\ 15 -test_rsa.t ...................... ok test\recipes\ 15 -test_rsapss.t ................... ok test\recipes\ 20 -test_dgst.t ..................... ok test\recipes\ 20 -test_enc.t ...................... ok test\recipes\ 20 -test_enc_more.t ................. ok test\recipes\ 20 -test_passwd.t ................... ok test\recipes\ 25 -test_crl.t ...................... ok test\recipes\ 25 -test_d2i.t ...................... ok test\recipes\ 25 -test_pkcs7.t .................... ok test\recipes\ 25 -test_req.t ...................... ok test\recipes\ 25 -test_sid.t ...................... ok test\recipes\ 25 -test_verify.t ................... ok test\recipes\ 25 -test_x509.t ..................... ok test\recipes\ 30 -test_afalg.t .................... skipped: test_afalg not supported for this build test\recipes\ 30 -test_engine.t ................... ok test\recipes\ 30 -test_evp.t ...................... ok test\recipes\ 30 -test_evp_extra.t ................ ok test\recipes\ 30 -test_pbelu.t .................... ok test\recipes\ 30 -test_pkey_meth.t ................ ok test\recipes\ 30 -test_pkey_meth_kdf.t ............ ok test\recipes\ 40 -test_rehash.t ................... skipped: test_rehash is not available on this platform test\recipes\ 60 -test_x509_check_cert_pkey.t ..... ok test\recipes\ 60 -test_x509_dup_cert.t ............ ok test\recipes\ 60 -test_x509_store.t ............... skipped: test_rehash is not available on this platform test\recipes\ 60 -test_x509_time.t ................ ok test\recipes\ 70 -test_asyncio.t .................. ok test\recipes\ 70 -test_bad_dtls.t ................. ok test\recipes\ 70 -test_clienthello.t .............. ok test\recipes\ 70 -test_comp.t ..................... skipped: test_comp needs the dynamic engine feature enabled test\recipes\ 70 -test_key_share.t ................ skipped: test_key_share needs the dynamic engine feature enabled test\recipes\ 70 -test_packet.t ................... ok test\recipes\ 70 -test_recordlen.t ................ ok test\recipes\ 70 -test_renegotiation.t ............ skipped: test_renegotiation needs the dynamic engine feature enabled test\recipes\ 70 -test_servername.t ............... ok test\recipes\ 70 -test_sslcbcpadding.t ............ skipped: test_sslcbcpadding needs the dynamic engine feature enabled test\recipes\ 70 -test_sslcertstatus.t ............ skipped: test_sslcertstatus needs the dynamic engine feature enabled test\recipes\ 70 -test_sslextension.t ............. skipped: test_sslextension needs the dynamic engine feature enabled test\recipes\ 70 -test_sslmessages.t .............. skipped: test_sslmessages needs the dynamic engine feature enabled test\recipes\ 70 -test_sslrecords.t ............... skipped: test_sslrecords needs the dynamic engine feature enabled test\recipes\ 70 -test_sslsessiontick.t ........... skipped: test_sslsessiontick needs the dynamic engine feature enabled test\recipes\ 70 -test_sslsigalgs.t ............... skipped: test_sslsigalgs needs the dynamic engine feature enabled test\recipes\ 70 -test_sslsignature.t ............. skipped: test_sslsignature needs the dynamic engine feature enabled test\recipes\ 70 -test_sslskewith0p.t ............. skipped: test_sslskewith0p needs the dynamic engine feature enabled test\recipes\ 70 -test_sslversions.t .............. skipped: test_sslversions needs the dynamic engine feature enabled test\recipes\ 70 -test_sslvertol.t ................ skipped: test_sslextension needs the dynamic engine feature enabled test\recipes\ 70 -test_tls13alerts.t .............. skipped: test_tls13alerts needs the dynamic engine feature enabled test\recipes\ 70 -test_tls13cookie.t .............. skipped: test_tls13cookie needs the dynamic engine feature enabled test\recipes\ 70 -test_tls13downgrade.t ........... skipped: test_tls13downgrade needs the dynamic engine feature enabled test\recipes\ 70 -test_tls13hrr.t ................. skipped: test_tls13hrr needs the dynamic engine feature enabled test\recipes\ 70 -test_tls13kexmodes.t ............ skipped: test_tls13kexmodes needs the dynamic engine feature enabled test\recipes\ 70 -test_tls13messages.t ............ skipped: test_tls13messages needs the dynamic engine feature enabled test\recipes\ 70 -test_tls13psk.t ................. skipped: test_tls13psk needs the dynamic engine feature enabled test\recipes\ 70 -test_tlsextms.t ................. skipped: test_tlsextms needs the dynamic engine feature enabled test\recipes\ 70 -test_verify_extra.t ............. ok test\recipes\ 70 -test_wpacket.t .................. ok test\recipes\ 80 -test_ca.t ....................... ok test\recipes\ 80 -test_cipherbytes.t .............. ok test\recipes\ 80 -test_cipherlist.t ............... ok test\recipes\ 80 -test_ciphername.t ............... ok test\recipes\ 80 -test_cms.t ...................... ok test\recipes\ 80 -test_cmsapi.t ................... ok test\recipes\ 80 -test_ct.t ....................... ok test\recipes\ 80 -test_dane.t ..................... ok test\recipes\ 80 -test_dtls.t ..................... ok test\recipes\ 80 -test_dtls_mtu.t ................. ok test\recipes\ 80 -test_dtlsv1listen.t ............. ok test\recipes\ 80 -test_ocsp.t ..................... ok test\recipes\ 80 -test_pkcs12.t ................... skipped: Non-Greek system locale test\recipes\ 80 -test_policy_tree.t .............. ok test\recipes\ 80 -test_ssl_new.t .................. ok test\recipes\ 80 -test_ssl_old.t .................. ok test\recipes\ 80 -test_ssl_test_ctx.t ............. ok test\recipes\ 80 -test_sslcorrupt.t ............... ok test\recipes\ 80 -test_tsa.t ...................... ok test\recipes\ 80 -test_x509aux.t .................. ok test\recipes\ 90 -test_asn1_time.t ................ ok test\recipes\ 90 -test_async.t .................... ok test\recipes\ 90 -test_bio_enc.t .................. ok test\recipes\ 90 -test_bio_memleak.t .............. ok test\recipes\ 90 -test_constant_time.t ............ ok test\recipes\ 90 -test_fatalerr.t ................. ok test\recipes\ 90 -test_gmdiff.t ................... ok test\recipes\ 90 -test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build test\recipes\ 90 -test_ige.t ...................... ok test\recipes\ 90 -test_includes.t ................. ok test\recipes\ 90 -test_memleak.t .................. ok test\recipes\ 90 -test_overhead.t ................. ok test\recipes\ 90 -test_secmem.t ................... ok test\recipes\ 90 -test_shlibload.t ................ skipped: Test only supported in a shared build test\recipes\ 90 -test_srp.t ...................... ok test\recipes\ 90 -test_sslapi.t ................... ok test\recipes\ 90 -test_sslbuffers.t ............... ok test\recipes\ 90 -test_store.t .................... ok test\recipes\ 90 -test_sysdefault.t ............... ok test\recipes\ 90 -test_threads.t .................. ok test\recipes\ 90 -test_time_offset.t .............. ok test\recipes\ 90 -test_tls13ccs.t ................. ok test\recipes\ 90 -test_tls13encryption.t .......... ok test\recipes\ 90 -test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build test\recipes\ 90 -test_v3name.t ................... ok test\recipes\ 95 -test_external_boringssl.t ....... skipped: No external tests in this configuration test\recipes\ 95 -test_external_krb5.t ............ skipped: No external tests in this configuration test\recipes\ 95 -test_external_pyca.t ............ skipped: No external tests in this configuration test\recipes\ 99 -test_ecstress.t ................. ok test\recipes\ 99 -test_fuzz.t ..................... ok All tests successful. Files= 159 , Tests= 2342 , 506 wallclock secs ( 0.53 usr + 0.99 sys = 1.52 CPU) Result: PASS |
이유는 터미널 창의 UTF8 코드 오류가 발생하는 것이 원인, 실제 사용에는 문제가 없을 것을 판단됨