Check-in [641eee5dc4]
Overview
Comment:Updated to latest version of TclTLS and update common build system to deal with more diverse Tcl configure scripts
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 641eee5dc4622271cab46d24a10a8dfaeccdb94c
User & Date: rkeene on 2016-12-13 19:32:50
Other Links: manifest | tags
Context
2016-12-13
19:33
Updated to latest release of LibreSSL check-in: 80d6f159a6 user: rkeene tags: trunk
19:32
Updated to latest version of TclTLS and update common build system to deal with more diverse Tcl configure scripts check-in: 641eee5dc4 user: rkeene tags: trunk
2016-12-09
15:00
Updated to latest version of tcc4tcl check-in: 05b1c2cb3a user: rkeene tags: trunk
Changes

Modified common/common.sh from [5226117d88] to [de80aa2117].

201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216











217
218

219
220
221
222
223
224
225
			CFLAGS="${save_cflags} -fPIC"
		else
			CFLAGS="${save_cflags}"
		fi
		export CFLAGS

		if [ "${isshared}" = '0' ]; then
			sed 's@USE_TCL_STUBS@XXX_TCL_STUBS@g' configure > configure.new

			pkg_configure_shared_build='0'
		else
			sed 's@XXX_TCL_STUBS@USE_TCL_STUBS@g' configure > configure.new

			pkg_configure_shared_build='1'
		fi












		cat configure.new > configure
		rm -f configure.new


		./configure $tryopt --prefix="${installdir}" --exec-prefix="${installdir}" --libdir="${installdir}/lib" --with-tcl="${TCLCONFIGDIR}" "${configure_extra[@]}" ${CONFIGUREEXTRA} && break
	done

	return 0
}








<
<


<
<



>
>
>
>
>
>
>
>
>
>
>
|
|
>







201
202
203
204
205
206
207


208
209


210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
			CFLAGS="${save_cflags} -fPIC"
		else
			CFLAGS="${save_cflags}"
		fi
		export CFLAGS

		if [ "${isshared}" = '0' ]; then


			pkg_configure_shared_build='0'
		else


			pkg_configure_shared_build='1'
		fi

		if [ "${isshared}" = '0' ]; then
			tryopt="${tryopt} --disable-stubs --enable-static"
		fi

		if ! grep '[-]-disable-stubs' configure >/dev/null 2>/dev/null; then
			if [ "${isshared}" = '0' ]; then
				sed 's@USE_TCL_STUBS@XXX_TCL_STUBS@g' configure > configure.new
			else
				sed 's@XXX_TCL_STUBS@USE_TCL_STUBS@g' configure > configure.new
			fi

			cat configure.new > configure
			rm -f configure.new
		fi

		./configure $tryopt --prefix="${installdir}" --exec-prefix="${installdir}" --libdir="${installdir}/lib" --with-tcl="${TCLCONFIGDIR}" "${configure_extra[@]}" ${CONFIGUREEXTRA} && break
	done

	return 0
}

Modified tls/build.sh from [e69d6c7eca] to [1916312581].

1
2
3
4
5
6
7

8
9
10
11
12
13
14
#! /usr/bin/env bash

# BuildCompatible: KitCreator

version="1.6.7"
url="http://sourceforge.net/projects/tls/files/tls/${TLSVERS}/tls${TLSVERS}-src.tar.gz"
sha256='5119de3e5470359b97a8a00d861c9c48433571ee0167af0a952de66c99d3a3b8'


function buildSSLLibrary() {
	local version url hash
	local archive

	version='2.4.2'
	url="http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${version}.tar.gz"




|
|
|
>







1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
#! /usr/bin/env bash

# BuildCompatible: KitCreator

version="1.7.8"
url="http://tcltls.rkeene.org/uv/tcltls-${version}.tar.gz"
sha256='30ee49330db795f86bc850487421ea923fba7d95d4758b2a61eef3baf0fe0f9e'
configure_extra=('--enable-deterministic')

function buildSSLLibrary() {
	local version url hash
	local archive

	version='2.4.2'
	url="http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${version}.tar.gz"
43
44
45
46
47
48
49
50



51
52

53
54
55
56
57
58
59
	@echo Nothing to do
_EOF_

		${MAKE:-make} V=1 || exit 1

		${MAKE:-make} V=1 install || exit 1
	) || return 1




	SSLDIR="$(pwd)/libressl-${version}/INST"
	addlibs_LOCALSSL="$(PKG_CONFIG_PATH="${SSLDIR}/lib/pkgconfig" "${PKG_CONFIG:-pkg-config}" libssl libcrypto --libs --static)"

}

function preconfigure() {
	# Determine SSL directory
	if [ -z "${CPP}" ]; then
		CPP="${CC:-cc} -E"
	fi








>
>
>

|
>







44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
	@echo Nothing to do
_EOF_

		${MAKE:-make} V=1 || exit 1

		${MAKE:-make} V=1 install || exit 1
	) || return 1

	PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:${SSLDIR}/lib/pkgconfig"
	export PKG_CONFIG_PATH

	SSLDIR="$(pwd)/libressl-${version}/INST"

	return 0
}

function preconfigure() {
	# Determine SSL directory
	if [ -z "${CPP}" ]; then
		CPP="${CC:-cc} -E"
	fi
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
			echo "Unable to find OpenSSL, aborting." >&2

			return 1
		fi
	fi

	# Add SSL library to configure options
	configure_extra=(--with-ssl-dir="${SSLDIR}")

	# Disable SSLv2, newer SSL libraries drop support for it entirely
	CFLAGS="${CFLAGS} -DNO_SSL2=1"

	# Disable SSLv3, newer SSL libraries drop support for it entirely
	CFLAGS="${CFLAGS} -DNO_SSL3=1"
	export CFLAGS
}

function postconfigure() {
	local linkaddfile
	local addlibs

	# Determine SSL library directory
	SSL_LIB_DIR="$(${MAKE:-make} --print-data-base | awk '/^SSL_LIB_DIR = /{ print }' | sed 's@^SSL_LIB_DIR = *@@')"

	echo "SSL_LIB_DIR = ${SSL_LIB_DIR}"
}

function postinstall() {
	# Create pkgIndex if needed
	if [ ! -e "${installdir}/lib/tls${version}/pkgIndex.tcl" ]; then
		cat << _EOF_ > "${installdir}/lib/tls${version}/pkgIndex.tcl"
package ifneeded tls ${version} \
    "[list source [file join \$dir tls.tcl]] ; \
     [list load {} tls]"
_EOF_
	fi

	# Determine name of static object
	linkaddfile="$(find "${installdir}" -name '*.a' | head -n 1)"
	if [ -n "${linkaddfile}" ]; then
		linkaddfile="${linkaddfile}.linkadd"

		if [ -n "${addlibs_LOCALSSL}" ]; then
			addlibs="${addlibs_LOCALSSL}"
		fi

		if [ -z "${addlibs}" ]; then
			if [ "${KC_TLS_LINKSSLSTATIC}" = '1' ]; then
				addlibs="$("${PKG_CONFIG:-pkg-config}" libssl libcrypto --libs --static)"
			else
				addlibs="$("${PKG_CONFIG:-pkg-config}" libssl libcrypto --libs)"
			fi
		fi

		if [ -z "${addlibs}" ]; then
			addlibs="-L${SSL_LIB_DIR:-/lib} -lssl -lcrypto"
			addlibs_staticOnly=""
		fi

		addlibs="${addlibs} ${KC_TLS_LINKADD}"

		if [ "${KC_TLS_LINKSSLSTATIC}" = '1' ]; then
			echo "#STATIC ${addlibs} ${addlibs_staticOnly}"
		else
			echo "${addlibs}"
		fi > "${linkaddfile}"
	fi
}







|
|
<
<

<
<
<
<
<
<
<
<
<
<
<
<
<
<
<

<
<
<
<
<
<
<
<
|
<
<
|
<
|
<
<


<
<
<
<
<
<
<
|
<
<
<
<
|
<
|
<
<
<
<
<
<
<
80
81
82
83
84
85
86
87
88


89















90








91


92

93


94
95







96




97

98







			echo "Unable to find OpenSSL, aborting." >&2

			return 1
		fi
	fi

	# Add SSL library to configure options
	configure_extra=("${configure_extra[@]}" --with-openssl-dir="${SSLDIR}")
}


















function postinstall() {








	for file in *.linkadd; do


		if [ ! -e "${file}" ]; then

			continue


		fi








		cp "${file}" "${installdir}/lib"/*/




	done

}







Deleted tls/patches/all/tls-1.6-eoffix.diff version [a489f87c5b].

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
diff -uNr tls1.6/tlsIO.c tls1.6-eof-1dgp/tlsIO.c
--- tls1.6/tlsIO.c	2008-03-17 19:59:02.000000000 -0500
+++ tls1.6-eof-1dgp/tlsIO.c	2014-07-07 22:41:14.017514735 -0500
@@ -729,6 +729,19 @@
 	statePtr->timer = (Tcl_TimerToken) NULL;
     }
 
+    if (statePtr->flags & TLS_TCL_CALLBACK) {
+	return 0;
+    }
+
+    if (statePtr->flags & TLS_TCL_INIT
+	    && !SSL_is_init_finished(statePtr->ssl)) {
+	int errorCode;
+	if (Tls_WaitForConnect(statePtr, &errorCode) <= 0
+		&& errorCode == EAGAIN) {
+	    return 0;
+	}
+    }
+
     return mask;
 }
 
@@ -900,6 +913,9 @@
 		    continue;
 		}
 	    } else if (err == 0) {
+		if (Tcl_Eof(statePtr->self)) {
+		    return 0;
+		}
 		dprintf(stderr,"CR! ");
 		*errorCodePtr = ECONNRESET;
 		return -1;
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<


































































Deleted tls/patches/all/tls-1.6-fixmemleak-bugid3041925.diff version [13a18a6baa].

1
2
3
4
5
6
7
8
9
10
11
12
diff -uNr tls1.6.orig/tls.c tls1.6-fixmemleak-bugid3041925/tls.c
--- tls1.6.orig/tls.c	2008-03-19 17:06:13.000000000 -0500
+++ tls1.6-fixmemleak-bugid3041925/tls.c	2010-10-08 13:03:39.000000000 -0500
@@ -1156,6 +1156,8 @@
 	peer	= SSL_get_certificate(statePtr->ssl);
     if (peer) {
 	objPtr = Tls_NewX509Obj(interp, peer);
+
+	if (objc == 2) X509_free(peer);
     } else {
 	objPtr = Tcl_NewListObj(0, NULL);
     }
<
<
<
<
<
<
<
<
<
<
<
<
























Deleted tls/patches/all/tls-1.6-peercertificate-1rsk.diff version [aa51f17273].

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
diff -uNr tls1.6/tlsX509.c tls1.6-patched/tlsX509.c
--- tls1.6/tlsX509.c	2005-02-07 14:51:03.000000000 -0500
+++ tls1.6-patched/tlsX509.c	2013-01-07 00:47:59.000000000 -0500
@@ -100,12 +100,14 @@
     char serial[BUFSIZ];
     char notBefore[BUFSIZ];
     char notAfter[BUFSIZ];
+    char certStr[BUFSIZ];
 #ifndef NO_SSL_SHA
     int shai;
     char sha_hash[SHA_DIGEST_LENGTH*2];
     const char *shachars="0123456789ABCDEF";
 #endif
 
+    certStr[0] = 0;
     if ((bio = BIO_new(BIO_s_mem())) == NULL) {
 	subject[0] = 0;
 	issuer[0]  = 0;
@@ -132,6 +134,13 @@
 	serial[n] = 0;
 	BIO_flush(bio);
 
+        if (PEM_write_bio_X509(bio, cert)) {
+            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
+            n = max(n, 0);
+            certStr[n] = 0;
+            BIO_flush(bio);
+        }
+
 	BIO_free(bio);
     }
 
@@ -175,5 +184,10 @@
     Tcl_ListObjAppendElement( interp, certPtr,
 	    Tcl_NewStringObj( serial, -1) );
 
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( "certificate", -1) );
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( certStr, -1) );
+
     return certPtr;
 }
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<






















































































Deleted tls/patches/all/tls-1.6.7-fixcrosscompile.diff version [66976acd97].

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
diff -uNr tls1.6.7.orig/Makefile.in tls1.6.7-fixcrosscompile/Makefile.in
--- tls1.6.7.orig/Makefile.in	2010-08-11 20:28:06.000000000 -0500
+++ tls1.6.7-fixcrosscompile/Makefile.in	2015-10-28 10:47:10.714214000 -0500
@@ -229,7 +229,7 @@
 $(PKG_LIB_FILE): $(PKG_OBJECTS)
 	-rm -f $(PKG_LIB_FILE)
 	${MAKE_LIB}
-	$(RANLIB) $(PKG_LIB_FILE)
+	-$(RANLIB) $(PKG_LIB_FILE)
 
 #========================================================================
 # We need to enumerate the list of .c to .o lines here.
diff -uNr tls1.6.7.orig/configure tls1.6.7-fixcrosscompile/configure
--- tls1.6.7.orig/configure	2015-07-07 12:16:02.000000000 -0500
+++ tls1.6.7-fixcrosscompile/configure	2015-10-28 10:42:09.324214000 -0500
@@ -1387,7 +1387,9 @@
 fi
 
 	    EXEEXT=".exe"
-	    TEA_PLATFORM="windows"
+		if [ -z "${TEA_PLATFORM}" ]; then
+			TEA_PLATFORM="windows"
+		fi
 	    ;;
 	*CYGWIN_*)
 	    CYGPATH=echo
@@ -1397,7 +1399,9 @@
 	*)
 	    CYGPATH=echo
 	    EXEEXT=""
-	    TEA_PLATFORM="unix"
+		if [ -z "${TEA_PLATFORM}" ]; then
+			TEA_PLATFORM="unix"
+		fi
 	    ;;
     esac
 
@@ -1682,13 +1686,17 @@
 echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6
 	    case ${TCL_EXTRA_CFLAGS} in
 		*-mwin32*|*-mno-cygwin*)
-		    TEA_PLATFORM="windows"
+			if [ -z "${TEA_PLATFORM}" ]; then
+				TEA_PLATFORM="windows"
+			fi
 		    CFLAGS="$CFLAGS -mwin32"
 		    echo "$as_me:$LINENO: result: win32" >&5
 echo "${ECHO_T}win32" >&6
 		    ;;
 		*)
-		    TEA_PLATFORM="unix"
+			if [ -z "${TEA_PLATFORM}" ]; then
+				TEA_PLATFORM="unix"
+			fi
 		    echo "$as_me:$LINENO: result: unix" >&5
 echo "${ECHO_T}unix" >&6
 		    ;;
@@ -10316,7 +10324,7 @@
     fi
     if test -n "${OPENSSL}"; then
 
-    vars="ssleay32.lib libeay32.lib"
+    vars="ssl.lib crypto.lib"
     for i in $vars; do
 	if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then
 	    # Convert foo.lib to -lfoo for GCC.  No-op if not *.lib
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<




































































































































Deleted tls/patches/all/tls-1.6.7-peercertificate.diff version [99b020c0ab].

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
diff -uNr tls1.6.7.orig/tlsX509.c tls1.6.7-peercertificate/tlsX509.c
--- tls1.6.7.orig/tlsX509.c	2004-06-29 05:58:08.000000000 -0500
+++ tls1.6.7-peercertificate/tlsX509.c	2015-10-28 10:19:04.914214000 -0500
@@ -100,12 +100,14 @@
     char serial[BUFSIZ];
     char notBefore[BUFSIZ];
     char notAfter[BUFSIZ];
+    char certStr[BUFSIZ];
 #ifndef NO_SSL_SHA
     int shai;
     char sha_hash[SHA_DIGEST_LENGTH*2];
     const char *shachars="0123456789ABCDEF";
 #endif
 
+    certStr[0] = 0;
     if ((bio = BIO_new(BIO_s_mem())) == NULL) {
 	subject[0] = 0;
 	issuer[0]  = 0;
@@ -132,6 +134,13 @@
 	serial[n] = 0;
 	BIO_flush(bio);
 
+        if (PEM_write_bio_X509(bio, cert)) {
+            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
+            n = max(n, 0);
+            certStr[n] = 0;
+            BIO_flush(bio);
+        }
+
 	BIO_free(bio);
     }
 
@@ -175,5 +184,10 @@
     Tcl_ListObjAppendElement( interp, certPtr,
 	    Tcl_NewStringObj( serial, -1) );
 
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( "certificate", -1) );
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( certStr, -1) );
+
     return certPtr;
 }
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<