Check-in [641eee5dc4]
Overview
SHA1:641eee5dc4622271cab46d24a10a8dfaeccdb94c
Date: 2016-12-13 19:32:50
User: rkeene
Comment:Updated to latest version of TclTLS and update common build system to deal with more diverse Tcl configure scripts
Timelines: family | ancestors | descendants | both | trunk
Downloads: Tarball | ZIP archive
Other Links: files | file ages | folders | manifest
Tags And Properties
Context
2016-12-13
19:33
[80d6f159a6] Updated to latest release of LibreSSL (user: rkeene, tags: trunk)
19:32
[641eee5dc4] Updated to latest version of TclTLS and update common build system to deal with more diverse Tcl configure scripts (user: rkeene, tags: trunk)
2016-12-09
15:00
[05b1c2cb3a] Updated to latest version of tcc4tcl (user: rkeene, tags: trunk)
Changes

Modified common/common.sh from [5226117d88] to [de80aa2117].

201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216











217
218

219
220
221
222
223
224
225
			CFLAGS="${save_cflags} -fPIC"
		else
			CFLAGS="${save_cflags}"
		fi
		export CFLAGS

		if [ "${isshared}" = '0' ]; then
			sed 's@USE_TCL_STUBS@XXX_TCL_STUBS@g' configure > configure.new

			pkg_configure_shared_build='0'
		else
			sed 's@XXX_TCL_STUBS@USE_TCL_STUBS@g' configure > configure.new

			pkg_configure_shared_build='1'
		fi












		cat configure.new > configure
		rm -f configure.new


		./configure $tryopt --prefix="${installdir}" --exec-prefix="${installdir}" --libdir="${installdir}/lib" --with-tcl="${TCLCONFIGDIR}" "${configure_extra[@]}" ${CONFIGUREEXTRA} && break
	done

	return 0
}








<
<


<
<



>
>
>
>
>
>
>
>
>
>
>
|
|
>







201
202
203
204
205
206
207


208
209


210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
			CFLAGS="${save_cflags} -fPIC"
		else
			CFLAGS="${save_cflags}"
		fi
		export CFLAGS

		if [ "${isshared}" = '0' ]; then


			pkg_configure_shared_build='0'
		else


			pkg_configure_shared_build='1'
		fi

		if [ "${isshared}" = '0' ]; then
			tryopt="${tryopt} --disable-stubs --enable-static"
		fi

		if ! grep '[-]-disable-stubs' configure >/dev/null 2>/dev/null; then
			if [ "${isshared}" = '0' ]; then
				sed 's@USE_TCL_STUBS@XXX_TCL_STUBS@g' configure > configure.new
			else
				sed 's@XXX_TCL_STUBS@USE_TCL_STUBS@g' configure > configure.new
			fi

			cat configure.new > configure
			rm -f configure.new
		fi

		./configure $tryopt --prefix="${installdir}" --exec-prefix="${installdir}" --libdir="${installdir}/lib" --with-tcl="${TCLCONFIGDIR}" "${configure_extra[@]}" ${CONFIGUREEXTRA} && break
	done

	return 0
}

Modified tls/build.sh from [e69d6c7eca] to [1916312581].

1
2
3
4
5
6
7

8
9
10
11
12
13
14
..
43
44
45
46
47
48
49
50



51
52


53
54
55
56
57
58
59
..
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113

114
115
116
117
118

119
120
121
122
123
124
125
126
127


128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
#! /usr/bin/env bash

# BuildCompatible: KitCreator

version="1.6.7"
url="http://sourceforge.net/projects/tls/files/tls/${TLSVERS}/tls${TLSVERS}-src.tar.gz"
sha256='5119de3e5470359b97a8a00d861c9c48433571ee0167af0a952de66c99d3a3b8'


function buildSSLLibrary() {
	local version url hash
	local archive

	version='2.4.2'
	url="http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${version}.tar.gz"
................................................................................
	@echo Nothing to do
_EOF_

		${MAKE:-make} V=1 || exit 1

		${MAKE:-make} V=1 install || exit 1
	) || return 1




	SSLDIR="$(pwd)/libressl-${version}/INST"
	addlibs_LOCALSSL="$(PKG_CONFIG_PATH="${SSLDIR}/lib/pkgconfig" "${PKG_CONFIG:-pkg-config}" libssl libcrypto --libs --static)"


}

function preconfigure() {
	# Determine SSL directory
	if [ -z "${CPP}" ]; then
		CPP="${CC:-cc} -E"
	fi
................................................................................
			echo "Unable to find OpenSSL, aborting." >&2

			return 1
		fi
	fi

	# Add SSL library to configure options
	configure_extra=(--with-ssl-dir="${SSLDIR}")

	# Disable SSLv2, newer SSL libraries drop support for it entirely
	CFLAGS="${CFLAGS} -DNO_SSL2=1"

	# Disable SSLv3, newer SSL libraries drop support for it entirely
	CFLAGS="${CFLAGS} -DNO_SSL3=1"
	export CFLAGS
}

function postconfigure() {
	local linkaddfile
	local addlibs

	# Determine SSL library directory
	SSL_LIB_DIR="$(${MAKE:-make} --print-data-base | awk '/^SSL_LIB_DIR = /{ print }' | sed 's@^SSL_LIB_DIR = *@@')"

	echo "SSL_LIB_DIR = ${SSL_LIB_DIR}"
}

function postinstall() {
	# Create pkgIndex if needed
	if [ ! -e "${installdir}/lib/tls${version}/pkgIndex.tcl" ]; then
		cat << _EOF_ > "${installdir}/lib/tls${version}/pkgIndex.tcl"
package ifneeded tls ${version} \
    "[list source [file join \$dir tls.tcl]] ; \
     [list load {} tls]"
_EOF_
	fi

	# Determine name of static object
	linkaddfile="$(find "${installdir}" -name '*.a' | head -n 1)"

	if [ -n "${linkaddfile}" ]; then
		linkaddfile="${linkaddfile}.linkadd"

		if [ -n "${addlibs_LOCALSSL}" ]; then
			addlibs="${addlibs_LOCALSSL}"

		fi

		if [ -z "${addlibs}" ]; then
			if [ "${KC_TLS_LINKSSLSTATIC}" = '1' ]; then
				addlibs="$("${PKG_CONFIG:-pkg-config}" libssl libcrypto --libs --static)"
			else
				addlibs="$("${PKG_CONFIG:-pkg-config}" libssl libcrypto --libs)"
			fi
		fi



		if [ -z "${addlibs}" ]; then
			addlibs="-L${SSL_LIB_DIR:-/lib} -lssl -lcrypto"
			addlibs_staticOnly=""
		fi

		addlibs="${addlibs} ${KC_TLS_LINKADD}"

		if [ "${KC_TLS_LINKSSLSTATIC}" = '1' ]; then
			echo "#STATIC ${addlibs} ${addlibs_staticOnly}"
		else
			echo "${addlibs}"
		fi > "${linkaddfile}"
	fi
}




|
|
|
>







 








>
>
>

<
>
>







 







|
|
<
<

<
<
<
<
<
<
<
<
<
<
<
<
<
<
<

<
<
<
<
<
<
<
<
<
<
<
>
|
<
<
<
<
>


<
<
<
<
<
<
<
>
>
|
<
<
<
<
<
<
<
<
<
<
<
<
<
<
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
..
44
45
46
47
48
49
50
51
52
53
54
55

56
57
58
59
60
61
62
63
64
..
80
81
82
83
84
85
86
87
88


89















90











91
92




93
94
95







96
97
98














#! /usr/bin/env bash

# BuildCompatible: KitCreator

version="1.7.8"
url="http://tcltls.rkeene.org/uv/tcltls-${version}.tar.gz"
sha256='30ee49330db795f86bc850487421ea923fba7d95d4758b2a61eef3baf0fe0f9e'
configure_extra=('--enable-deterministic')

function buildSSLLibrary() {
	local version url hash
	local archive

	version='2.4.2'
	url="http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${version}.tar.gz"
................................................................................
	@echo Nothing to do
_EOF_

		${MAKE:-make} V=1 || exit 1

		${MAKE:-make} V=1 install || exit 1
	) || return 1

	PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:${SSLDIR}/lib/pkgconfig"
	export PKG_CONFIG_PATH

	SSLDIR="$(pwd)/libressl-${version}/INST"


	return 0
}

function preconfigure() {
	# Determine SSL directory
	if [ -z "${CPP}" ]; then
		CPP="${CC:-cc} -E"
	fi
................................................................................
			echo "Unable to find OpenSSL, aborting." >&2

			return 1
		fi
	fi

	# Add SSL library to configure options
	configure_extra=("${configure_extra[@]}" --with-openssl-dir="${SSLDIR}")
}


















function postinstall() {











	for file in *.linkadd; do
		if [ ! -e "${file}" ]; then




			continue
		fi








		cp "${file}" "${installdir}/lib"/*/
	done
}














Deleted tls/patches/all/tls-1.6-eoffix.diff version [a489f87c5b].

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
diff -uNr tls1.6/tlsIO.c tls1.6-eof-1dgp/tlsIO.c
--- tls1.6/tlsIO.c	2008-03-17 19:59:02.000000000 -0500
+++ tls1.6-eof-1dgp/tlsIO.c	2014-07-07 22:41:14.017514735 -0500
@@ -729,6 +729,19 @@
 	statePtr->timer = (Tcl_TimerToken) NULL;
     }
 
+    if (statePtr->flags & TLS_TCL_CALLBACK) {
+	return 0;
+    }
+
+    if (statePtr->flags & TLS_TCL_INIT
+	    && !SSL_is_init_finished(statePtr->ssl)) {
+	int errorCode;
+	if (Tls_WaitForConnect(statePtr, &errorCode) <= 0
+		&& errorCode == EAGAIN) {
+	    return 0;
+	}
+    }
+
     return mask;
 }
  
@@ -900,6 +913,9 @@
 		    continue;
 		}
 	    } else if (err == 0) {
+		if (Tcl_Eof(statePtr->self)) {
+		    return 0;
+		}
 		dprintf(stderr,"CR! ");
 		*errorCodePtr = ECONNRESET;
 		return -1;
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<


































































Deleted tls/patches/all/tls-1.6-fixmemleak-bugid3041925.diff version [13a18a6baa].

1
2
3
4
5
6
7
8
9
10
11
12
diff -uNr tls1.6.orig/tls.c tls1.6-fixmemleak-bugid3041925/tls.c
--- tls1.6.orig/tls.c	2008-03-19 17:06:13.000000000 -0500
+++ tls1.6-fixmemleak-bugid3041925/tls.c	2010-10-08 13:03:39.000000000 -0500
@@ -1156,6 +1156,8 @@
 	peer	= SSL_get_certificate(statePtr->ssl);
     if (peer) {
 	objPtr = Tls_NewX509Obj(interp, peer);
+
+	if (objc == 2) X509_free(peer);
     } else {
 	objPtr = Tcl_NewListObj(0, NULL);
     }
<
<
<
<
<
<
<
<
<
<
<
<
























Deleted tls/patches/all/tls-1.6-peercertificate-1rsk.diff version [aa51f17273].

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
diff -uNr tls1.6/tlsX509.c tls1.6-patched/tlsX509.c
--- tls1.6/tlsX509.c	2005-02-07 14:51:03.000000000 -0500
+++ tls1.6-patched/tlsX509.c	2013-01-07 00:47:59.000000000 -0500
@@ -100,12 +100,14 @@
     char serial[BUFSIZ];
     char notBefore[BUFSIZ];
     char notAfter[BUFSIZ];
+    char certStr[BUFSIZ];
 #ifndef NO_SSL_SHA
     int shai;
     char sha_hash[SHA_DIGEST_LENGTH*2];
     const char *shachars="0123456789ABCDEF";
 #endif
 
+    certStr[0] = 0;
     if ((bio = BIO_new(BIO_s_mem())) == NULL) {
 	subject[0] = 0;
 	issuer[0]  = 0;
@@ -132,6 +134,13 @@
 	serial[n] = 0;
 	BIO_flush(bio);
 
+        if (PEM_write_bio_X509(bio, cert)) {
+            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
+            n = max(n, 0);
+            certStr[n] = 0;
+            BIO_flush(bio);
+        }
+
 	BIO_free(bio);
     }
 
@@ -175,5 +184,10 @@
     Tcl_ListObjAppendElement( interp, certPtr,
 	    Tcl_NewStringObj( serial, -1) );
 
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( "certificate", -1) );
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( certStr, -1) );
+
     return certPtr;
 }
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<






















































































Deleted tls/patches/all/tls-1.6.7-fixcrosscompile.diff version [66976acd97].

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
diff -uNr tls1.6.7.orig/Makefile.in tls1.6.7-fixcrosscompile/Makefile.in
--- tls1.6.7.orig/Makefile.in	2010-08-11 20:28:06.000000000 -0500
+++ tls1.6.7-fixcrosscompile/Makefile.in	2015-10-28 10:47:10.714214000 -0500
@@ -229,7 +229,7 @@
 $(PKG_LIB_FILE): $(PKG_OBJECTS)
 	-rm -f $(PKG_LIB_FILE)
 	${MAKE_LIB}
-	$(RANLIB) $(PKG_LIB_FILE)
+	-$(RANLIB) $(PKG_LIB_FILE)
 
 #========================================================================
 # We need to enumerate the list of .c to .o lines here.
diff -uNr tls1.6.7.orig/configure tls1.6.7-fixcrosscompile/configure
--- tls1.6.7.orig/configure	2015-07-07 12:16:02.000000000 -0500
+++ tls1.6.7-fixcrosscompile/configure	2015-10-28 10:42:09.324214000 -0500
@@ -1387,7 +1387,9 @@
 fi
 
 	    EXEEXT=".exe"
-	    TEA_PLATFORM="windows"
+		if [ -z "${TEA_PLATFORM}" ]; then
+			TEA_PLATFORM="windows"
+		fi
 	    ;;
 	*CYGWIN_*)
 	    CYGPATH=echo
@@ -1397,7 +1399,9 @@
 	*)
 	    CYGPATH=echo
 	    EXEEXT=""
-	    TEA_PLATFORM="unix"
+		if [ -z "${TEA_PLATFORM}" ]; then
+			TEA_PLATFORM="unix"
+		fi
 	    ;;
     esac
 
@@ -1682,13 +1686,17 @@
 echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6
 	    case ${TCL_EXTRA_CFLAGS} in
 		*-mwin32*|*-mno-cygwin*)
-		    TEA_PLATFORM="windows"
+			if [ -z "${TEA_PLATFORM}" ]; then
+				TEA_PLATFORM="windows"
+			fi
 		    CFLAGS="$CFLAGS -mwin32"
 		    echo "$as_me:$LINENO: result: win32" >&5
 echo "${ECHO_T}win32" >&6
 		    ;;
 		*)
-		    TEA_PLATFORM="unix"
+			if [ -z "${TEA_PLATFORM}" ]; then
+				TEA_PLATFORM="unix"
+			fi
 		    echo "$as_me:$LINENO: result: unix" >&5
 echo "${ECHO_T}unix" >&6
 		    ;;
@@ -10316,7 +10324,7 @@
     fi
     if test -n "${OPENSSL}"; then
 
-    vars="ssleay32.lib libeay32.lib"
+    vars="ssl.lib crypto.lib"
     for i in $vars; do
 	if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then
 	    # Convert foo.lib to -lfoo for GCC.  No-op if not *.lib
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<




































































































































Deleted tls/patches/all/tls-1.6.7-peercertificate.diff version [99b020c0ab].

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
diff -uNr tls1.6.7.orig/tlsX509.c tls1.6.7-peercertificate/tlsX509.c
--- tls1.6.7.orig/tlsX509.c	2004-06-29 05:58:08.000000000 -0500
+++ tls1.6.7-peercertificate/tlsX509.c	2015-10-28 10:19:04.914214000 -0500
@@ -100,12 +100,14 @@
     char serial[BUFSIZ];
     char notBefore[BUFSIZ];
     char notAfter[BUFSIZ];
+    char certStr[BUFSIZ];
 #ifndef NO_SSL_SHA
     int shai;
     char sha_hash[SHA_DIGEST_LENGTH*2];
     const char *shachars="0123456789ABCDEF";
 #endif
 
+    certStr[0] = 0;
     if ((bio = BIO_new(BIO_s_mem())) == NULL) {
 	subject[0] = 0;
 	issuer[0]  = 0;
@@ -132,6 +134,13 @@
 	serial[n] = 0;
 	BIO_flush(bio);
 
+        if (PEM_write_bio_X509(bio, cert)) {
+            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
+            n = max(n, 0);
+            certStr[n] = 0;
+            BIO_flush(bio);
+        }
+
 	BIO_free(bio);
     }
 
@@ -175,5 +184,10 @@
     Tcl_ListObjAppendElement( interp, certPtr,
 	    Tcl_NewStringObj( serial, -1) );
 
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( "certificate", -1) );
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( certStr, -1) );
+
     return certPtr;
 }
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<