Compiling XNU kernel 2050 - macos

I'm a bit confused on the best way to compile the latest version of the XNU kernel. I've seen lots of instructions for older kernels that came with Mac OS X 10.4 but the newer sources lack a lot of the things that the instructions contain. Just running make on the XNU kernel source brings a lot of errors about not finding ctfconvert, ctfmerge and ctfdump. Does anyone have a good "howto" to build a new kernel?


A new book by Wiley details the complete set of how-to in chapter 9.
Try this:
#
# Getting C++ filter
#
$ curl http://opensource.apple.com/tarballs/cxxfilt/cxxfilt-9.tar.gz > cxx.tar.gz
$ tar xvf cxx.tar.gz
$ cd cxxfilt-9
$ mkdir -p build obj sym
$ make install RC_ARCHS="i386 x86_64" RC_CFLAGS="-arch i386 -arch x86_64 -pipe" \
RC_OS=macos RC_RELEASE=Lion SRCROOT=$PWD OBJROOT=$PWD/obj \ SYMROOT=$PWD/sym DSTROOT=$PWD/build
#
# Getting DTrace – This is required for ctfconvert, a kernel build tool
#
$ curl http://opensource.apple.com/tarballs/dtrace/dtrace-90.tar.gz > dt.tar.gz
$ tar zxvf dt.tar.gz
$ cd dtrace-90
$ mkdir -p obj sym dst
$ xcodebuild install -target ctfconvert -target ctfdump -target ctfmerge \ ARCHS="i386 x86_64" SRCROOT=$PWD OBJROOT=$PWD/obj SYMROOT=$PWD/sym \ DSTROOT=$PWD/dst
#
# Getting Kext Tools
#
$ wget http://opensource.apple.com/tarballs/Kext_tools/Kext_tools-180.2.1.tar.gz \ > kt.tar.gz
$ tar xvf kt.tar.gz
$ cd Kext_tools-180.2.1
$ mkdir -p obj sym dst
$ xcodebuild install -target Kextsymboltool -target setsegname \ ARCHS="i386 x86_64" SRCROOT=$PWD OBJROOT=$PWD/obj SYMROOT=$PWD/sym \
DSTROOT=$PWD/dst
#
# Getting Bootstrap commands – newer versions are available, but would # force xcodebuild
#
$ curl http://opensource.apple.com/tarballs/bootstrap_cmds/bootstrap_cmds-72.tar.gz \ > bc.tar.gz
$ tar zxvf bc.tar.gz
$ cd bootstrap_cmds-84
$ mkdir -p obj sym dst
$ make install RC_ARCHS="i386" RC_CFLAGS="-arch i386 -pipe" RC_OS=macos \
RC_RELEASE=Lion SRCROOT=$PWD OBJROOT=$PWD/obj SYMROOT=$PWD/sym DSTROOT=$PWD/dst
The tar ball versions are now different (e.g. DTrace is 96, not 90) but this should work to satisfy dependencies. Once you have them, you just run the usual make (make ARCH_CONFIGS=" X86_64" KERNEL_CONFIGS="RELEASE"). You might want to add DEBUG, to get the great debug and trace messages which are disabled by default.
This works with XCode 4.4. Just tried it now, actually.


I don't think this will apply to Lion kernels, which will need a later version of XCode, but the way I got around the ctf* errors while building 10.6.8 kernels, was to use XCode 3.2.*
ctf* binaries are created during the "dtrace" compile.
Just run this script from a directory without any spaces, (eg ~/xnu is perfect). The end result should be a working 10.6.8 kernel. The later (and indeed, earlier) kernels are all simpler than 10.6.8.
#!/usr/bin/env bash
# Builds 10.6.8 kernel - most other builds are easier, this one needs a little patching.
# Script assembled by sfinktah
# Invaluable source: slice - http://www.projectosx.com/forum/lofiversion/index.php/t1922.html
# Note, two (got this down to one) patches necessary to build 10.6.8 - source: http://www.insanelymac.com/forum/index.php?showtopic=261736
# This is automatically applied, but I will detail here:
#
# You will have to do this: (Automated now, but just in case)
# Define CPUFAMILY_INTEL_SANDYBRIDGE in ~/xnu-1504.15.3/osfmk/mach/machine.h
# #define CPUFAMILY_INTEL_SANDYBRIDGE 0x5490b78c
#
# Skipped this step, seemed not to be needed (eventually). Leaving notes in, just in case.
# Add line 1 in ~/xnu-1504.15.3/makedefs/MakeInc.def:
# export BUILD_STABS = 1
#
# You should probaby use a local proxy, since this script makes no effort not to redownload
# existing items. Uncomment this line accordingly.
# export http_proxy=192.168.1.6:3128
export PATH="/usr/local/bin:$PATH"
CURL="curl -O "
echo "Download the build tools source(s)"
KEXT=kext_tools-180.2.1
BOOTSTRAP=bootstrap_cmds-79
DTRACE=dtrace-90
CXXFILT=cxxfilt-9
KERNEL=xnu-1504.15.3
CCTOOLS=cctools-806
# DYLD=dyld-132.13
# LD64=ld64-95.2.12
$CURL http://www.opensource.apple.com/tarballs/cxxfilt/$CXXFILT.tar.gz \
&& $CURL http://www.opensource.apple.com/tarballs/dtrace/$DTRACE.tar.gz \
&& $CURL http://www.opensource.apple.com/tarballs/kext_tools/$KEXT.tar.gz \
&& $CURL http://www.opensource.apple.com/tarballs/bootstrap_cmds/$BOOTSTRAP.tar.gz \
&& $CURL http://www.opensource.apple.com/tarballs/cctools/$CCTOOLS.tar.gz &&
# && # $CURL http://www.opensource.apple.com/tarballs/dyld/$DYLD.tar.gz
# && # $CURL http://www.opensource.apple.com/tarballs/ld64/$LD64.tar.gz
echo "Unpack the tools" \
&&
tar zxf $CXXFILT.tar.gz \
&& tar zxf $DTRACE.tar.gz \
&& tar zxf $KEXT.tar.gz \
&& tar zxf $BOOTSTRAP.tar.gz \
&& tar zxf $CCTOOLS.tar.gz &&
# && # tar zxf $LD64.tar.gz
# && # tar zxf $DYLD.tar.gz
# Copy folder cctools-8xx/include/mach-o/ to /usr/include/mach-o/
sudo cp -a $CCTOOLS/include/mach-o /usr/include/ \
&&
echo "Build cxxfilt" \
&&
cd $CXXFILT \
&& mkdir -p obj sym dst \
&& make install RC_ARCHS="i386 x86_64" RC_CFLAGS="-arch i386 -arch x86_64 -pipe" RC_OS=macos RC_RELEASE=SnowLeopard SRCROOT=$PWD OBJROOT=$PWD/obj SYMROOT=$PWD/sym DSTROOT=$PWD/dst \
&& sudo ditto $PWD/dst/usr/local /usr/local \
&& cd .. \
&&
echo "Build dtrace" \
&&
cd $DTRACE \
&& mkdir -p obj sym dst \
&& xcodebuild install -target ctfconvert -target ctfdump -target ctfmerge ARCHS="i386 x86_64" SRCROOT=$PWD OBJROOT=$PWD/obj SYMROOT=$PWD/sym DSTROOT=$PWD/dst \
&& sudo ditto $PWD/dst/usr/local /usr/local \
&& cd .. \
&&
echo "Build kext_tools" \
&&
cd $KEXT \
&& mkdir -p obj sym dst \
&& xcodebuild install -target kextsymboltool -target setsegname ARCHS="i386 x86_64" SRCROOT=$PWD OBJROOT=$PWD/obj SYMROOT=$PWD/sym DSTROOT=$PWD/dst \
&& sudo ditto $PWD/dst/usr/local /usr/local \
&& cd .. \
&&
echo "Build bootstrap_cmds" \
&&
cd $BOOTSTRAP \
&& mkdir -p obj sym dst \
&& make install RC_ARCHS="i386" RC_CFLAGS="-arch i386 -pipe" RC_OS=macos RC_RELEASE=SnowLeopard SRCROOT=$PWD OBJROOT=$PWD/obj SYMROOT=$PWD/sym DSTROOT=$PWD/dst \
&& sudo ditto $PWD/dst/usr/local /usr/local \
&& cd .. \
&&
echo "Download the xnu source" \
&&
$CURL http://www.opensource.apple.com/tarballs/xnu/$KERNEL.tar.gz \
&&
echo "Unpack xnu" \
&&
tar zxf $KERNEL.tar.gz \
&&
echo "Build xnu" \
&&
cd $KERNEL \
&& sed -i -e '1s/.*/#define CPUFAMILY_INTEL_SANDYBRIDGE 0x5490b78c \/*/' osfmk/mach/machine.h \
&& make ARCH_CONFIGS="I386 X86_64" KERNEL_CONFIGS="RELEASE" \
&& file BUILD/obj/RELEASE_*/mach_kernel &&
# && # Removing AppleProfileFamily.kext - http://lists.apple.com/archives/darwin-kernel/2009/Dec/msg00000.html
echo "Complete. Remember to remove /System/Library/Extensions/AppleProfileFamily.kext from target." \
|| echo "Failed"
# vim: set ts=180 sts=0 sw=3 noet:

Related

Error loading shared library libresolv.so.2 : No such file or directory (needed by /lib/libclntsh.so)

I get this Error everytime i try to connect to the Oracle DB:
DPI-1047: Cannot locate a 64-bit Oracle Client library: "Error loading shared library libnsl.so.1: N
o such file or directory (needed by /lib/libclntsh.so)". See https://oracle.github.io/node-oracledb/INSTALL.html for help
Node-oracledb installation instructions: https://oracle.github.io/node-oracledb/INSTALL.html
You must have 64-bit Oracle client libraries in LD_LIBRARY_PATH, or configured with ldconfig.
If you do not have Oracle Database on this computer, then install the Instant Client Basic or Basic Light package from
http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html
And in my Dockerfile i have this code in it:
ENV LD_LIBRARY_PATH=/lib
RUN curl -OL https://download.oracle.com/otn_software/linux/instantclient/19600/instantclient-basic-linux.x64-19.6.0.0.0dbru.zip && \
unzip instantclient-basic-linux.x64-19.6.0.0.0dbru.zip && \
cp -r instantclient_19_6/* /lib && \
rm -rf instantclient-basic-linux.x64-19.6.0.0.0dbru.zip && \
apk add --no-cache libaio && \
apk add --no-cache libaio libnsl libc6-compat && \
cd /lib && \
# Linking ld-linux-x86-64.so.2 to the lib/ location (Update accordingly)
ln -s /lib64/* /lib && \
ln -s libnsl.so.2 /usr/lib/libnsl.so.1 && \
ln -s libc.so.6 /usr/lib/libresolv.so.2
What am i doing wrong? I also tried ln -s libc.so /usr/lib/libresolv.so.2
It seems, it can't find libresolv.so.2

I fixed the problem
RUN chmod 755 /usr/local/bin/docker-entrypoint.sh && \
mkdir /opt/oracle && \
cd /opt/oracle && \
curl -OL https://download.oracle.com/otn_software/linux/instantclient/19600/instantclient-basic-linux.x64-19.6.0.0.0dbru.zip && \
unzip instantclient-basic-linux.x64-19.6.0.0.0dbru.zip && \
rm -rf instantclient-basic-linux.x64-19.6.0.0.0dbru.zip && \
cd /opt/oracle/instantclient_19_6 && \
ln -s /usr/lib/libnsl.so.2 /usr/lib/libnsl.so.1 && \
ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \
apk add --no-cache libaio libnsl libc6-compat && \
echo "export LD_LIBRARY_PATH=/opt/oracle/instantclient_19_6:/lib64:$LD_LIBRARY_PATH" >> /etc/profile.d/oracle_client.sh && \
echo "export PATH=/opt/oracle/instantclient_19_6:$PATH" >> /etc/profile.d/oracle_client.sh

Singularity 3.6.2 Installation

I have problems with installation of singularity 3.6.2 in linux mint, I followed the instructions of https://sylabs.io/guides/3.0/user-guide/installation.html.
I installed the dependencies and Go.
Then I run the command for install the latest version:
export VERSION=3.6.2 && # adjust this as necessary \
mkdir -p $GOPATH/src/github.com/sylabs && \
cd $GOPATH/src/github.com/sylabs && \
wget https://github.com/sylabs/singularity/releases/download/v${VERSION}/singularity-${VERSION}.tar.gz && \
tar -xzf singularity-${VERSION}.tar.gz && \
cd ./singularity && \
./mconfig
The error is:
Configuring for project `singularity' with languages: C, Golang
=> running pre-basechecks project specific checks ...
=> running base system checks ...
checking: host C compiler... cc
checking: host C++ compiler... c++
checking: host Go compiler (at least version 1.13)... not found!
mconfig: could not complete configuration
I have go (go version)
go version go1.15.2 linux/amd64
I don't know what happend!
Thanks so much!

I was struggling with the same error. All the suggestions say that probably you have an older version of Go and that's why. But turned out it's even more important to place Go and Singularity in the right locations.
I found these docs https://github.com/hpcng/singularity/blob/release-3.5/INSTALL.md are the most useful and correct about where to put what in terms of directories.
The key is to clone Singularity in a directory which is GOPATH:
You won't have this directory by default so create it first
$ mkdir -p ${GOPATH}/src/github.com/sylabs && \
cd ${GOPATH}/src/github.com/sylabs && \
git clone https://github.com/sylabs/singularity.git && \
cd singularity
Make sure your singularity is here: {GOPATH}/src/github.com/sylabs/singularity
To summarize:
The Go itself is located here /usr/local/go
GOPATH would be something like home/your_username/go and the singularity will be located inside in e.g. home/your_username/go/src/github.com/sylabs/singularity

The issue was reported in 5099.
# 5320 also mentions:
I deleted the PPO python 3.6 and this worked fine!
Make sure nothing is executed as root, which would have a $PATH different from your current user.

If someone faces this issue, follow this installation guide.
sudo apt-get update && \
sudo apt-get install -y build-essential \
libseccomp-dev pkg-config squashfs-tools cryptsetup
sudo rm -r /usr/local/go
export VERSION=1.13.15 OS=linux ARCH=amd64 # change this as you need
wget -O /tmp/go${VERSION}.${OS}-${ARCH}.tar.gz https://dl.google.com/go/go${VERSION}.${OS}-${ARCH}.tar.gz && \
sudo tar -C /usr/local -xzf /tmp/go${VERSION}.${OS}-${ARCH}.tar.gz
echo 'export GOPATH=${HOME}/go' >> ~/.bashrc && \
echo 'export PATH=/usr/local/go/bin:${PATH}:${GOPATH}/bin' >> ~/.bashrc && \
source ~/.bashrc
curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh |
sh -s -- -b $(go env GOPATH)/bin v1.21.0
mkdir -p ${GOPATH}/src/github.com/sylabs && \
cd ${GOPATH}/src/github.com/sylabs && \
git clone https://github.com/sylabs/singularity.git && \
cd singularity
git checkout v3.6.3
cd ${GOPATH}/src/github.com/sylabs/singularity && \
./mconfig && \
cd ./builddir && \
make && \
sudo make install
singularity version

Command `source` doesn't work in Dockerfile

I want build my images, here is my Dockerfile:
FROM ubuntu:16.04
MAINTAINER 'hulei886#aliyun.com'
ENV PHANTOMJS_VERSION 2.1.1
ENV PYTHON_VERSION 3.6.3
# install python3.6.3
RUN apt-get update \
&& apt-get install -y build-essential \
git \
curl \
libssl-dev \
zlib1g-dev \
libncurses5-dev \
libncursesw5-dev \
libreadline-dev \
libsqlite3-dev \
&& apt-get install -y libgdbm-dev \
libdb5.3-dev \
libbz2-dev \
libexpat1-dev \
liblzma-dev \
tk-dev \
&& cd ~ \
&& git clone https://github.com/pyenv/pyenv.git .pyenv \
&& echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.bashrc \
&& echo 'export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.bashrc \
&& echo 'eval "$(pyenv init -)"' >> ~/.bashrc \
&& source ~/.bashrc \
&& curl -L https://raw.githubusercontent.com/yyuu/pyenv- installer/master/bin/pyenv-installer | bash \
&& pyenv install PYTHON_VERSION \
&& pyenv global PYTHON_VERSION \
&& cd .. \
CMD [python]
but when i run "docker build . -t [mytag]",
git clone command didn't clone anything,here is screenshot:
I need help to fix this problem,thanks!

The error message is pretty clear:
/bin/sh: 1: source: not found
No problem with git clone but with source in a /bin/sh shell. You need to use the . (dot) command instead.
When writing a Dockerfile, it's better to test the commands in a container with /bin/sh shell.
In your case, after the source error, there are other errors:
space in the curl URL
env variable wrongly used: missing $ prefix
useless cd ~: only WORKDIR instruction will change the current directory when running containers from the resulting image
CMD instruction wrongly inserted in the RUN instruction
A fixed version would be:
[...]
&& git clone https://github.com/pyenv/pyenv.git .pyenv \
&& echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.bashrc \
&& echo 'export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.bashrc \
&& echo 'eval "$(pyenv init -)"' >> ~/.bashrc \
&& . ~/.bashrc \
&& curl -L https://raw.githubusercontent.com/yyuu/pyenv-installer/master/bin/pyenv-installer | bash \
&& pyenv install $PYTHON_VERSION \
&& pyenv global $PYTHON_VERSION
WORKDIR /root
CMD [python]

You have to use source alternative in bash. You can do something like
. somefile
instead of
source somefile

How to comment cmake code in ruby

I need to comment a line in this Ruby code (I'm using Atom to edit files ... )
The line is the follow .. -DPROJ4_LIBRARY:FILEPATH=#{prefix_dir}/lib/libproj.so and here you're the code ...
bash 'build-and-install-libgeotiff' do
user "root"
code <<-EOH
cd "/tmp"
tar xzf libgeotiff-#{version}.tar.gz
cd libgeotiff-#{version}
export MAKEFLAGS='-j2'
[ -d build ] || mkdir build
cd build
cmake3 .. \
-DCMAKE_INSTALL_PREFIX=#{prefix_dir} \
-DWITH_JPEG=ON \
-DWITH_ZLIB=ON \
-DWITH_PROJ4=ON \
-DPROJ4_INCLUDE_DIR:PATH=#{prefix_dir}/include \
-DPROJ4_LIBRARY:FILEPATH=#{prefix_dir}/lib/libproj.so
-DPROJ4_LIBRARY:FILEPATH=/usr/lib64/libproj.so
make && make install
EOH
I've tried to use # but it seems not right because my editor put automatically #{} ... here you're the transformed code ...
bash 'build-and-install-libgeotiff' do
user "root"
code <<-EOH
cd "/tmp"
tar xzf libgeotiff-#{version}.tar.gz
cd libgeotiff-#{version}
export MAKEFLAGS='-j2'
[ -d build ] || mkdir build
cd build
cmake3 .. \
-DCMAKE_INSTALL_PREFIX=#{prefix_dir} \
-DWITH_JPEG=ON \
-DWITH_ZLIB=ON \
-DWITH_PROJ4=ON \
-DPROJ4_INCLUDE_DIR:PATH=#{prefix_dir}/include \
#{}-DPROJ4_LIBRARY:FILEPATH=#{prefix_dir}/lib/libproj.so
-DPROJ4_LIBRARY:FILEPATH=/usr/lib64/libproj.so
make && make install
EOH
How may I comment my line in this code?

In Bash, if you comment out something in a sequence of lines joined by \, you comment out everything after the #.
Here's a quick and dirty workaround.
code <<-EOH
cd "/tmp"
tar xzf libgeotiff-#{version}.tar.gz
cd libgeotiff-#{version}
export MAKEFLAGS='-j2'
[ -d build ] || mkdir build
cd build
so_arg="-DPROJ4_LIBRARY:FILEPATH=#{prefix_dir}/lib/libproj.so"
cmake3 .. \
-DCMAKE_INSTALL_PREFIX=#{prefix_dir} \
-DWITH_JPEG=ON \
-DWITH_ZLIB=ON \
-DWITH_PROJ4=ON \
-DPROJ4_INCLUDE_DIR:PATH=#{prefix_dir}/include \
$so_arg \
-DPROJ4_LIBRARY:FILEPATH=/usr/lib64/libproj.so
make && make install
EOH
Now, you can simply sed -i s/so_arg=/\1#/' file to comment it out.

Getting libcrypto ar error while compiling OpenSSL for Mac

I have been able to compile a specific version of OpenSSL for iOS devices, and I am now trying to compile for Mac OSX. However, when I run my bash script (provided below) I am getting the following error:
ar r ../../libcrypto.a o_names.o obj_dat.o obj_lib.o obj_err.o obj_xref.o
ar: ../../libcrypto.a is a fat file (use libtool(1) or lipo(1) and ar(1) on it)
ar: ../../libcrypto.a: Inappropriate file type or format
When I run lipo -info libcrypto.a I get the following result:
Architectures in the fat file: libcrypto.a are: i386 x86_64
This does not make any sense, as my bash script is only configuring OpenSSL for i386 (I was looping to do both, but removed x86_64 once I started getting these problems).
I have tried following the answers for similar SO questions here and here. However, those yielded the same results. Additionally, the Mac installation instructions on the OpenSSL Wiki were of no help either.
My scripts:
Build.sh
projectDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
ARCHS=("i386")
FIPS_VERSION="2.0.12"
OPENSSL_VERSION="1.0.2g"
rm -rf openssl* fips*
if [ -d "out" ]; then
rm -rf out
fi
mkdir out
source ./Build-FIPS.sh
cd $projectDir
source ./Build-OpenSSL.sh
Build-OpenSSL.sh
set -e
function main() {
verifyopenssl
for ((i=0; i < ${#ARCHS[#]}; i++))
do
makeopenssl "${ARCHS[i]}"
done
}
function verifyopenssl() {
gpg --verify $projectDir/../Source/openssl-$OPENSSL_VERSION.tar.gz.asc
tar -zxf $projectDir/../Source/openssl-$OPENSSL_VERSION.tar.gz
cd openssl-$OPENSSL_VERSION
}
function makeopenssl() {
BUILD_ARCH=$1
SDK_NAME="macosx"
GCC=$(xcrun -sdk ${SDK_NAME} -find gcc)
SDK_PATH=$(xcrun -sdk ${SDK_NAME} --show-sdk-path)
MACHINE="darwin-i386-cc"
# BSD_ARCH="BSD-generic32"
CONFIG_ARGS="$MACHINE \
$BSD_ARCH \
--openssldir=$projectDir/out/openssl_${BUILD_ARCH} \
fips \
--with-fipsdir=${projectDir}/out/fips_${BUILD_ARCH} \
no-idea \
no-cast \
no-seed \
no-md2 \
no-sha0 \
no-whirlpool \
-DL_ENDIAN"
export CC="${GCC} -arch ${BUILD_ARCH}"
export CFLAGS="-isysroot ${SDK_PATH} -I ${projectDir}/out/fips_${BUILD_ARCH}/include"
export LDFLAGS="-arch $BUILD_ARCH"
./Configure ${CONFIG_ARGS}
make depend
make
# make install
# make clean && make dclean
}
main $#

Following #jww's answer, I found that changing the following line (around line 69) in the main Makefile (the one in the root folder) solved the ar linking problem that #jww mentioned:
AR= ar $(ARFLAGS) r to AR= libtool -o
Making this change did get me further along in the process. However, I began having other problems. Further "research" led me to the OpenSSL FAQ page which had a question talking about OpenSSL failing to build on Mac. It pointed me to the PROBLEMS file in the root directory of the OpenSSL source code. That file said that there is a MAC ld problem:
This is really a misfeature in ld, which seems to look for .dylib
libraries along the whole library path before it bothers looking for
.a libraries. This means that -L switches won't matter unless OpenSSL
is built with shared library support.
The workaround may be to change the following lines in apps/Makefile
and test/Makefile:
LIBCRYPTO=-L.. -lcrypto
LIBSSL=-L.. -lssl
to:
LIBCRYPTO=../libcrypto.a
LIBSSL=../libssl.a
With this information, I created a patch file for the root Makefile and the Makefile in the apps folder. I also found that I had to comment out the instructions in the main Makefile and the apps/Makefile to build the openssl binary / executable. This should only be necessary if you want to run make install.
The patch files exists at the same level as the Build.sh script. And after fiddling around with my Build-OpenSSL.sh script I was finally able to get it to build for both i386 and x86_64.
For future reference, I am including the complete contents of the two patch files, and the original two script files below.
Build.sh
#!/bin/bash
#
projectDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
ARCHS=("i386" "x86_64")
FIPS_VERSION="2.0.12"
OPENSSL_VERSION="1.0.2g"
rm -rf openssl*
if [ -d "out" ]; then
rm -rf out
fi
mkdir out
source ./Build-FIPS.sh
source ./Build-OpenSSL.sh
Build-OpenSSL.sh
#!/bin/bash
#
set -e
function main() {
verifyopenssl
for ((i=0; i < ${#ARCHS[#]}; i++))
do
makeopenssl "${ARCHS[i]}"
done
}
function verifyopenssl() {
gpg --verify $projectDir/../Source/openssl-$OPENSSL_VERSION.tar.gz.asc
tar -zxf $projectDir/../Source/openssl-$OPENSSL_VERSION.tar.gz
cd openssl-$OPENSSL_VERSION
}
function makeopenssl() {
BUILD_ARCH=$1
SDK_NAME="macosx"
GCC=$(xcrun -sdk ${SDK_NAME} -find gcc)
SDK_PATH=$(xcrun -sdk ${SDK_NAME} --show-sdk-path)
if [[ $BUILD_ARCH = "i386" ]]; then
MACHINE="darwin-i386-cc"
NISTP=""
elif [[ $BUILD_ARCH = "x86_64" ]]; then
MACHINE="darwin64-x86_64-cc"
NISTP="enable-ec_nistp_64_gcc_128"
else
exit
fi
CONFIG_ARGS="$MACHINE \
$NISTP \
--openssldir=$projectDir/out/openssl_${BUILD_ARCH} \
fips \
--with-fipsdir=${projectDir}/out/fips_${BUILD_ARCH} \
no-idea \
no-cast \
no-seed \
no-md2 \
no-sha0 \
no-whirlpool \
-DL_ENDIAN"
./Configure ${CONFIG_ARGS}
patch Makefile < ../MainMake.patch
patch apps/Makefile < ../AppMake.patch
make depend
make build_libcrypto build_libssl
make install_sw
make clean && make dclean
patch -R Makefile < ../MainMake.patch
patch -R apps/Makefile < ../AppMake.patch
}
main $#
AppMake.patch
--- apps/Makefile 2016-03-01 06:36:53.000000000 -0700
+++ ../Makefile 2016-05-06 13:00:16.000000000 -0600
## -26,8 +26,8 ##
DLIBCRYPTO=../libcrypto.a
DLIBSSL=../libssl.a
-LIBCRYPTO=-L.. -lcrypto
-LIBSSL=-L.. -lssl
+LIBCRYPTO=../libcrypto.a
+LIBSSL=../libssl.a
PROGRAM= openssl
## -101,24 +101,24 ##
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
install:
- #[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- #set -e; for i in $(EXE); \
- do \
- (echo installing $$i; \
- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
- chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
- done;
- #set -e; for i in $(SCRIPTS); \
- do \
- (echo installing $$i; \
- cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
- chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
- mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
- done
- #cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
- chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
- mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
+ # #[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+ # #set -e; for i in $(EXE); \
+ # do \
+ # (echo installing $$i; \
+ # cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ # chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+ # mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+ # done;
+ # #set -e; for i in $(SCRIPTS); \
+ # do \
+ # (echo installing $$i; \
+ # cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+ # chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+ # mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+ # done
+ # #cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+ # chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+ # mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
tags:
ctags $(SRC)
MainMake.patch
--- Makefile 2016-05-06 13:06:11.000000000 -0600
+++ ../Makefile 2016-05-06 13:06:44.000000000 -0600
## -602,8 +602,8 ##
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
- cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+ # cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+ # chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
install_html_docs:
here="`pwd`"; \

ar r ../../libcrypto.a o_names.o obj_dat.o obj_lib.o obj_err.o obj_xref.o
ar: ../../libcrypto.a is a fat file (use libtool(1) or lipo(1) and ar(1) on it)
ar: ../../libcrypto.a: Inappropriate file type or format
ar, libtool and -arch is the reason the answer says "... supplying -arch x86_64 -arch i386 will result in a build failure because of the way OpenSSL's build system forms commands" at Build Multiarch OpenSSL on OS X.
You need to use Apple's libtool, and stop using ar. Apple's libtool knows about architectures, ar does not.
Another small wrinkle is the makefile does something like this, if I recall correctly. It makes it difficult to simply use Apple's libtool, and stop using ar:
$(AR) $(ARFLAGS) $# ...
In many makefiles you can simply make AR="libtool -o", but this case is different because the command comes out libtool -o r libcrypto.a or similar. I also seem to recall something like make AR="libtool" ARFLAGS="r -o $#" does not work well either.
I used to patch the makefile after config to do it.

Resources