Home/Code tips, Patches, Resources/Building OpenSSL dylibs for iOS simulator

Building OpenSSL dylibs for iOS simulator

Views:
141

NOTE: This article relates to using dylibs with iOS simulator only. If you’re building your app for iOS device, you should link against the static libraries. See this link.

Firstly, a couple of thanks: To Doron Adler, who created a fork of a script, of which mine is based on, and who gave some very helpful tips. Also to Jeremy Huddleston from Apple, who also gave some helpful advice.

If you’re like me, you still like to use Indy components for your network connectivity. They cover a wide range of protocols, and they work on Windows, OSX, iOS and Android.

I’m in the process of rebuilding a cross-platform newsreader I started some time ago, and as part of that process, I’m testing functionality on all platforms. For iOS, I prefer to test on simulator first, since I don’t have to have a physical device connected, and I can see how things look on any iOS device.

Somewhere along the line (perhaps when Xcode 7 was released), Apple stopped shipping OpenSSL dylibs that work on iOS simulator. This presents a problem as Indy uses OpenSSL for SSL connections. To add to the woes, the compiler for iOS simulator does not bind statically to .a files (think of them like .DCUs, but for OSX/iOS), so the only choice when using SSL and Indy became to test on the actual device.

Not satisfied with this situation, I set about finding out how to build dylibs for OpenSSL for iOS simulator. To cut a long story short, however many agonising hours later, I managed to come up with relatively painless solution.

Firstly, you should create a working folder somewhere on your Mac, eg /Users/<username>/Source/OpenSSLiOS, where <username> is the username you log into your Mac with.

SourceFolder

Into it, copy the script that you can download from here:

Download the OpenSSL source from here, or for older versions: here, and put it in the same folder as the script. Expand the OpenSSL .gz file, so now you will have a script file, the .gz file and a folder with the OpenSSL source.

SourceFolderOpenSSL

For the modifications that follow, I find Sublime Text is an excellent editor. You can just use TextEdit, if you so choose.

If you’re using a different version of OpenSSL from that which the script is built for, you’ll need to modify the OPENSSL_VERSION= line in the script to match.

NOTE: Some servers have not had their SSL updated (to protect against Logjam attacks <link>), and connecting to them using later versions of OpenSSL may fail. e.g. the SSL on Embarcadero’s news server (this may change after this article is published). In order to successfully connect to these I used version 1.0.2a of OpenSSL. The latest version (1.0.2g at time of writing) may work on other servers.

Next, modify the Makefile.shared file that’s in the root of the folder which contains the OpenSSL source.

Makefile.shared

The line that needs to be modified looks like this:

  SHAREDFLAGS="$$SHAREDFLAGS -install_name $(INSTALLTOP)/$(LIBDIR)/$$SHLIB$(SHLIB_EXT)"; \

Replace $(INSTALLTOP)/$(LIBDIR)/ with @executable_path, so that the line looks like this:

  SHAREDFLAGS="$$SHAREDFLAGS -install_name @executable_path/$$SHLIB$(SHLIB_EXT)"; \

The @executable_path value means that the system will expect the dylib to be in the same location as the executable. We’ll see why this is important when deployment is covered.

Next, the script needs to have its properties changed so that it can be executed. Using the Terminal app,

Terminal

change folder to the one created earlier to put the script in, e.g:

cd /Users/<username>/Documents/OpenSSLiOS

where <username> is the username you log into your Mac with, then use the following command:

chmod +x openssl-build-shared.sh

..and execute the script:

sudo ./openssl-build-shared.sh

ChmodExecute

This will take about 5-10 minutes depending on your machine. When it has finished successfully, the resulting dylibs will be in the lib/iOS folder, which is off of the folder where the script is located.

BuiltDylibs

If necessary, copy/move these files to a location where they can be included in your Delphi project to be deployed with your app. In my setup, I have a folder shared to a VirtualBox VM that has Delphi 10 Seattle installed, so I can share files between my Mac and the VM.

In your Delphi project, bring up the deployment manager. Click the Add files button

DeployDylibsAdd

Navigate to the folder containing the dylibs, select both of them and click OK

DeployDylibs

The remote path (.\) is the same folder as the application, so this does not need to be changed (same as the @executable_path in the makefile, described earlier)

DeployDylibsPaths

In your code, somewhere before it attempts to make an SSL connection you will need to set the OpenSSL search path for Indy, when compiling for the iOS simulator:

  IdOpenSSLSetLibPath(TPath.GetDirectoryName(ParamStr(0)));

This sets the path to the dylibs as the executable directory.

I hope this has been of some use. It was certainly satisfying for me to finally make this work, and I wanted to share it with others.

By | 2017-08-31T17:53:43+00:00 March 5, 2016 9:33 am|Code tips, Patches, Resources|15 Comments

About the Author:

15 Comments

  1. David M March 6, 2016 at 2:33 am - Reply

    Useful post, thanks. Unfortunately many of the image links are broken, so most images are not displayed. Could you fix those, please?

    • admin March 6, 2016 at 10:47 am - Reply

      I’m looking into what the problem is, however clicking on where the images should be shows the images as a popup

  2. Chee Wee March 14, 2016 at 1:13 pm - Reply

    Good write-up, Dave! 🙂

  3. S.L. Barth April 18, 2016 at 8:03 pm - Reply

    I’m in the same situation, and checking your script to see if it can help.

    In line 121, you check if the *.tar.gz file exists, and if not, proceed to download it. But since expansion of the tar.gz file is skipped, this step seems superfluous.
    Or am I missing something?

    • admin April 18, 2016 at 8:44 pm - Reply

      Yes, it is superfluous, however my version of the script is just slightly modified from the original

      • S.L. Barth April 19, 2016 at 12:23 am - Reply

        Thank you for the clarification!

  4. Bobby Ratliff May 3, 2016 at 5:18 am - Reply

    This doesn’t work in 10.1 Berlin. I have tried A and G, with and without the @executable_path edit (by skipping the Makefile edit and defining absolute lib path instead of adding it to deployment and defining relative lib path). Do you have any insight on this? I am using Indy 10.6.2.5341 also. Thank you.

    • admin June 18, 2016 at 8:43 am - Reply

      I’ll have a look at it over the weekend, thanks Bobby

    • admin August 4, 2016 at 1:08 pm - Reply

      Sorry for the delay, however I’ve done the same process as per my own documentation here and it works ok for me using Delphi 10.1 Berlin

  5. boesystems June 17, 2016 at 7:40 pm - Reply

    Like your blog but other than looking at the date of any comments I can’t see the blog post date, which is helpful in terms of determining relevance, versions of Delphi etc.

    • admin June 18, 2016 at 8:42 am - Reply

      Fixed the display of the date now, thanks! Also thanks for the heads up re: versions of Delphi that the posts apply to; I’ll keep it in mind for future posts

  6. Rohit August 31, 2017 at 12:24 pm - Reply

    Hi Dave – thanks for this resource… I am trying to follow this for building the libs for Tokyo 10.2.1 and OpenSSL 1.1.0f, but the script fails… Have you been able to successfully build the libraries for this configuration?

    • Dave August 31, 2017 at 12:30 pm - Reply

      I am yet to build with 1.1.0f. I can have a look in a couple of hours. In the meantime, what’s the error message(s), if any?

      • Rohit August 31, 2017 at 2:58 pm - Reply

        I have provided the log from Terminal below. I checked the /tmp/openssl-1.1.0f-i386 folder and there is no include directory there. Also – I am trying this on a Mac Mini running macOS Sierra (10.12.6).

  7. Rohit August 31, 2017 at 12:53 pm - Reply

    Here is the log from Terminal (in case that helps):

    —————————————-
    OpenSSL version: openssl-1.1.0f
    iOS SDK version: 10.3
    iOS deployment target: 7.0
    OS X deployment target: 10.7
    —————————————-

    Cleaning up
    Using openssl-1.1.0f.tar.gz
    Unpacking openssl
    Start Building openssl-1.1.0f for i386
    Configure
    make install
    make clean
    Done Building openssl-1.1.0f for i386
    Start Building openssl-1.1.0f for x86_64
    Configure
    make install
    make clean
    Done Building openssl-1.1.0f for x86_64
    Copying headers
    cp: /tmp/openssl-1.1.0f-i386/include/openssl/*: No such file or directory

Leave a Reply

Show Buttons
Hide Buttons