Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement relocatable binaries for windows installer #550

Open
2 tasks done
Tracked by #129
, #643
...
nhorman opened this issue May 13, 2024 · 5 comments · May be fixed by openssl/installer#6 or openssl/openssl#24450
Open
2 tasks done
Tracked by #129
, #643
...

Implement relocatable binaries for windows installer #550

nhorman opened this issue May 13, 2024 · 5 comments · May be fixed by openssl/installer#6 or openssl/openssl#24450
Assignees
@nhorman
Milestone
3.4.0

Comments

@nhorman
Copy link
Contributor

nhorman commented May 13, 2024
edited
Loading

Our OpenSSL build anchors several paths at build time using the OPENSSLDIR/ENGINESDIR/MODULESDIR variables (and subordonate paths based on them),which is unworkable as on windows, with an installer, the selection of the install location is separated from the build time selections. We need to be able to select those paths at install time and have the openssl binaries read them at run time. We should use registry keys to store these paths on a per-installation basis.

  • Modify the installer to add the appropriate environment variable keys during install (see below)
  • Modify the installer to add the appropriate hklm variables that are read only to installer

Note: This is dependent on #129
This was referenced May 13, 2024
Open
Closed
@nhorman
Copy link
Contributor Author

nhorman commented May 14, 2024

Currently OPENSSLDIR is used in the construction of the following variables/macros:

  • X509_CERT_AREA - only used in construction of the default config path, and is overridden by OPENSSL_CONF env var
  • X509_CERT_DIR - used bin by_store_ctrl_ex and is overridden by OPENSSL_CONF env var
  • X509_CERT_FILE - default certificate file, overridden by SSL_CERT_FILE env var
  • X509_PRIVATE_DIR - only used by X509_get_default_private_dir which is undocumented and deprecated
  • CTLOG_FILE - overridden by CTLOG_FILE env var

given this set of use cases I think it would be sufficient to simply store default values for these environment variables in the register for all users

@mattcaswell
Copy link
Member

Other things to consider are MODULESDIR and ENGINESDIR

@nhorman
Copy link
Contributor Author

nhorman commented May 14, 2024

agreed, I do need to deal with those, but they are fortunately likewise specify-able at run time with environment variables

@mattcaswell
Copy link
Member

agreed, I do need to deal with those, but they are fortunately likewise specify-able at run time with environment variables

Right - but if they are not specified they have a built-in default which should probably come from the registry

@nhorman nhorman linked a pull request May 14, 2024 that will close this issue
Add env variables to windows installer openssl/installer#6
Open
@nhorman
Copy link
Contributor Author

nhorman commented May 14, 2024

Right, thats the interesting bit though. As I'm reading about this, I've discovered that environment variables in windows are in fact just Registry keys. specifically they are stored in:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager/Evinronment

@nhorman nhorman linked a pull request May 21, 2024 that will close this issue
read OPENSSLDIR from registry openssl/openssl#24450
Open
@nhorman nhorman mentioned this issue Jun 3, 2024
Open
@nhorman nhorman self-assigned this Jun 13, 2024
@nhorman nhorman added this to the 3.4.0 milestone Jun 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nhorman nhorman

Labels
None yet
Projects
Project Board
Status: Awaits review
Project Board 3.4.0 planning
Status: In Progress
Milestone
3.4.0
2 participants
@nhorman @mattcaswell