我想建立最新的OpenSSL为Android。当我按照该指令: 我设法建立静态库。
不过,我试图编译共享库。要做到这一点我运行:
./配置的Android的ARMv7共享
这编译。问题是,这将创建一个版本的lib像libssl.so.1.0.0,这是不支持的Android系统。只需重命名没有这样做,因为SONAME仍然是指向版本文件名。
不同的问题,我是想的时候创建库老armeabi平台。当我运行:
./配置的android共享
它创建静态库的老armeabi plattform,共享库不过是ARM-V7架构。
解决方案如何构建OpenSSL的作为没有版本控制共享库(Android版)?
有很多,因为它是一个交叉编译。你或许应该从这里开始(其OpenSSL的维基): OpenSSL和Android的
不过,我试图编译共享库。要做到这一点我运行:
./配置Android的ARMv7的共享
好了,你缺少了一些东西。至少,你应该使用Android NDK。这是从AOSP一个要求。我已经看到了一些因使用非NDK工具的小问题了多年。
和我相信你需要设置以下环境变量。这是一个要求的OpenSSL
86
出口机器= i686的
导出发行= 2.6.37
导出系统=机器人
出口ARCH = 86
出口CROSS_COMPILE =的i686-Linux的机器人 -
ARM:
出口机器= ARMv7的
导出发行= 2.6.37
导出系统=机器人
出口ARCH =手臂
两个:
出口ANDROID_DEV =$ ANDROID_NDK_ROOT /平台/ $ _ ANDROID_API / $ _ ANDROID_ARCH的/ usr
出口HOSTCC = GCC
ANDROID_DEV
将评估为类似的/ opt / Android的NDK-R9 /平台/ Android为14 /弓臂的/ usr
。
您需要提供编译至少一个文件的输出。但我希望你缺少 - SYSROOT
太。该参数 - SYSROOT
将类似于的/ opt / Android的NDK-R9 /平台/ Android为14 /弓臂
。
我会建议在如下 OpenSSL和Android的的说明。的第一件事说明,告诉你需要做的就是运行 setenv-android.sh
来设置适当的变量。
下面就是我的跑看起来像使用 OpenSSL和Android的。
$ CD的OpenSSL 1.0.1h
$。 ./setenv-android.sh
错误:FIPS_SIG不指定内建式模块。请编辑此脚本。
ANDROID_NDK_ROOT中:/ opt / Android的NDK-R9
ANDROID_EABI ARM-Linux的androideabi-4.6
ANDROID_API:机器人-14
ANDROID_SYSROOT中:/ opt / Android的NDK-R9 /平台/ Android为14 /弓臂
ANDROID_TOOLCHAIN:/opt/android-ndk-r9/toolchains/arm-linux-androideabi-4.6/$p$pbuilt/darwin-x86_64/bin
FIPS_SIG:
CROSS_COMPILE ARM-Linux的androideabi-
ANDROID_DEV中:/ opt / Android的NDK-R9 /平台/ Android为14 /弓臂的/ usr
$ ./config中共享没有SSL2没有SSL3无补偿无发动机没有硬件无-PSK没有SRP
操作系统:用于ARMv7-什么,机器人
配置为Android-的ARMv7
配置为Android-的ARMv7
无补偿[选项] OPENSSL_NO_COMP(跳过目录)
无ec_nistp_64_gcc_128 [默认] OPENSSL_NO_EC_NISTP_64_GCC_128(跳过目录)
没有发动机[选项] OPENSSL_NO_ENGINES(跳过目录)
...
无SRP [选项] OPENSSL_NO_SRP(跳过目录)
无SSL2 [选项] OPENSSL_NO_SSL2(跳过目录)
无SSL3 [选项] OPENSSL_NO_SSL3(跳过目录)
无店[实验] OPENSSL_NO_STORE(跳过目录)
无zlib的[默认]
没有zlib的动态[默认]
IsMK1MF = 0
CC = gcc的
...
$化妆
...
臂的Linux androideabi-gcc的-I。 -I .. -I ../包括-fPIC -DOPENSSL_PIC -DOPENSSL_THREADS
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa, - noexecstack -march =的ARMv7-A -mandroid
-mfloat-ABI = softfp -I /选择/ Android的NDK-R9 /平台/ Android为14 /弓臂/ usr / include目录
-B的/ opt / Android的NDK-R9 /平台/ Android为14 /弓臂/ usr / lib目录-Os -fomit帧指针
-Wall -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM
-DAES_ASM -DGHASH_ASM -c -o cryptlib.o cryptlib.c
...
您可以忽略错误:FIPS_SIG不指定内建式模块...
因为你的没有的建设FIPS有能力库。
...未受控的共享库(Android版)?
这将可能给你带来麻烦。我相信这样做的方式是提供各地的静态库的包装,并使用你的包装作为替代。所以,你从来不使用OpenSSL的共享对象和版本没有关系。
现在的问题是你的过程将叉从受精卵。受精卵已经有了OpenSSL的0.9.8映射到它的空间。因此,当受精卵叉子为您的过程,你的进程已经有0.9.8和你APK共享对象的不会的映射中,你会简单地使用现有的OpenSSL。这将导致模糊的问题。
我也相信有在OpenSSL的配置
的错误。首先,配置缺失 -mfloat-ABI = softfp
。这是一个AOSP的要求。其次, -O3
,而不使用 -Os
。这是对资源受限设备的移动需求。
您可能想打开的Makefile
并进行更改配置后。我这样做之前,我构建库。
I am trying to build the latest OpenSSL for Android. When I follow this instruction: I manage to build the static libs.
However I try to compile the shared libs. To do so I run:
./Configure android-armv7 shared
This compiles. Problem is that this creates a versioned lib like libssl.so.1.0.0, which is not supported by Android. Just rename does not do because of SONAME is still pointing to the versioned filename.
Different problem I have is when trying to the create the libs for old armeabi platform. When I run:
./Configure android shared
it creates the static libs for the old armeabi plattform, the shared libs however are arm-v7 architecture.
解决方案How to build OpenSSL as unversioned shared lib (for Android)?
There's a lot to it because its a cross compile. You should probably start here (its the OpenSSL wiki): OpenSSL and Android.
However I try to compile the shared libs. To do so I run:
./Configure android-armv7 shared
Ok, so you are missing a few things. At minimum, you should be using the Android NDK. This is a requirement from AOSP. I've seen a number of little problems over the years due to using non-NDK tools.
And I believe you need the following environmental variables set. This is an OpenSSL requirement.
x86:
export MACHINE=i686
export RELEASE=2.6.37
export SYSTEM=android
export ARCH=x86
export CROSS_COMPILE="i686-linux-android-"
ARM:
export MACHINE=armv7
export RELEASE=2.6.37
export SYSTEM=android
export ARCH=arm
Both:
export ANDROID_DEV="$ANDROID_NDK_ROOT/platforms/$_ANDROID_API/$_ANDROID_ARCH/usr"
export HOSTCC=gcc
ANDROID_DEV
will evaluate to something like /opt/android-ndk-r9/platforms/android-14/arch-arm/usr
.
You need to provide the output of compiling at least one file. But I expect you are missing --sysroot
too. The argument to --sysroot
will be something like /opt/android-ndk-r9/platforms/android-14/arch-arm
.
I would recommend following the instructions at OpenSSL and Android. The first thing the instructions tell you to do is run setenv-android.sh
to set the proper variables.
Here's what my run looks like using OpenSSL and Android.
$ cd openssl-1.0.1h
$ . ./setenv-android.sh
Error: FIPS_SIG does not specify incore module. Please edit this script.
ANDROID_NDK_ROOT: /opt/android-ndk-r9
ANDROID_EABI: arm-linux-androideabi-4.6
ANDROID_API: android-14
ANDROID_SYSROOT: /opt/android-ndk-r9/platforms/android-14/arch-arm
ANDROID_TOOLCHAIN: /opt/android-ndk-r9/toolchains/arm-linux-androideabi-4.6/prebuilt/darwin-x86_64/bin
FIPS_SIG:
CROSS_COMPILE: arm-linux-androideabi-
ANDROID_DEV: /opt/android-ndk-r9/platforms/android-14/arch-arm/usr
$ ./config shared no-ssl2 no-ssl3 no-comp no-engines no-hw no-psk no-srp
Operating system: armv7-whatever-android
Configuring for android-armv7
Configuring for android-armv7
no-comp [option] OPENSSL_NO_COMP (skip dir)
no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir)
no-engines [option] OPENSSL_NO_ENGINES (skip dir)
...
no-srp [option] OPENSSL_NO_SRP (skip dir)
no-ssl2 [option] OPENSSL_NO_SSL2 (skip dir)
no-ssl3 [option] OPENSSL_NO_SSL3 (skip dir)
no-store [experimental] OPENSSL_NO_STORE (skip dir)
no-zlib [default]
no-zlib-dynamic [default]
IsMK1MF=0
CC =gcc
...
$ make
...
arm-linux-androideabi-gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -march=armv7-a -mandroid
-mfloat-abi=softfp -I/opt/android-ndk-r9/platforms/android-14/arch-arm/usr/include
-B/opt/android-ndk-r9/platforms/android-14/arch-arm/usr/lib -Os -fomit-frame-pointer
-Wall -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM
-DAES_ASM -DGHASH_ASM -c -o cryptlib.o cryptlib.c
...
You can ignore Error: FIPS_SIG does not specify incore module...
because you are not building a FIPS Capable library.
... unversioned shared lib (for Android)?
This will probably get you in trouble. I believe the way to do it is to provide a wrapper around the static lib, and use your wrapper as a surrogate. So you never use the OpenSSL shared object, and versioning does not matter.
The problem is your process will fork from Zygote. Zygote already has OpenSSL 0.9.8 mapped into its space. So when Zygote forks for your process, your process will already have 0.9.8 and the shared object in your APK will not be mapped in. You will simply use the existing OpenSSL. That will lead to obscure problems.
I also believe there are bugs in OpenSSL's Configure
. First, the configuration is missing -mfloat-abi=softfp
. That's an AOSP requirement. Second, -O3
is used rather than -Os
. That's a mobile requirement on resource constrained devices.
You might want to open Makefile
and make the changes after you configure. I do the same before I build the library.
上一篇:有谁知道现有的code读取莫克文件(雷鸟地址簿)?雷鸟、有谁知道、地址、文件
下一篇:我如何prevent比例在Android中的ImageView?比例、prevent、ImageView、Android