Check-in [e2c7a97b27]
Overview
SHA1:e2c7a97b27fa4475e7be406a6bfc4af73f558b30
Date: 2015-10-28 15:28:53
User: rkeene
Comment:Updated TLS package to 1.6.7, still needs lots of testing since the new TLS package is apparently really broken
Timelines: family | ancestors | descendants | both | trunk
Downloads: Tarball | ZIP archive
Other Links: files | file ages | folders | manifest
Tags And Properties
Context
2015-10-28
15:49
[cdcb07f969] More patches to try to make TLS 1.6.7 work (user: rkeene, tags: trunk)
15:28
[e2c7a97b27] Updated TLS package to 1.6.7, still needs lots of testing since the new TLS package is apparently really broken (user: rkeene, tags: trunk)
15:28
[da8fac4446] Updated to pass "--enable-threads" to sub-projects if a threaded Tcl is built, unless otherwise requested (user: rkeene, tags: trunk)
Changes

Modified build/make-kit-win32 from [248a24bff3] to [b64eb2dc53].

2
3
4
5
6
7
8


9
10
11

AR=i586-mingw32msvc-ar
CC=i586-mingw32msvc-gcc
CXX=i586-mingw32msvc-g++
RANLIB=i586-mingw32msvc-ranlib
RC=i586-mingw32msvc-windres
STRIP="${STRIP:-i586-mingw32msvc-strip}"


export AR CC CXX RANLIB RC STRIP

./kitcreator "$@" --host=i586-mingw32msvc







>
>
|


2
3
4
5
6
7
8
9
10
11
12
13

AR=i586-mingw32msvc-ar
CC=i586-mingw32msvc-gcc
CXX=i586-mingw32msvc-g++
RANLIB=i586-mingw32msvc-ranlib
RC=i586-mingw32msvc-windres
STRIP="${STRIP:-i586-mingw32msvc-strip}"
TEA_PLATFORM='windows'
KC_TLS_LINKADD='-lws2_32 -lgdi32'
export AR CC CXX RANLIB RC STRIP TEA_PLATFORM KC_TLS_LINKADD

./kitcreator "$@" --host=i586-mingw32msvc

Modified tls/build.sh from [f6144b21a4] to [6f7681a2e1].

7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
..
55
56
57
58
59
60
61




62






63
64
65
66
67
68
69
...
127
128
129
130
131
132
133





134
135
136
137
138
139
140
141
142
143
144
145



146
147


148
149
150
151
152

153
154
155
156
157
158
159
160
161
fi
if [ -z "${TCLVERS}" ]; then
	echo 'ERROR: The TCLVERS environment variable is not set' >&2

	exit 1
fi

TLSVERS="1.6"
SRC="src/tls-${TLSVERS}.tar.gz"
SRCURL="http://sourceforge.net/projects/tls/files/tls/${TLSVERS}/tls${TLSVERS}-src.tar.gz"
BUILDDIR="$(pwd)/build/tls${TLSVERS}"
OUTDIR="$(pwd)/out"
INSTDIR="$(pwd)/inst"
PATCHDIR="$(pwd)/patches"
export TLSVERS SRC SRCURL BUILDDIR OUTDIR INSTDIR PATCHDIR
................................................................................
		cp -rp ../buildsrc/* './'
	fi

	# Determine SSL directory
	if [ -z "${CPP}" ]; then
		CPP="${CC} -E"
	fi




	SSLDIR="$(echo '#include <openssl/ssl.h>' 2>/dev/null | ${CPP} - | awk '/# 1 "\/.*\/ssl\.h/{ print $3; exit }' | sed 's@^"@@;s@"$@@;s@/include/openssl/ssl\.h$@@')"







	# Apply required patches
	cd "${BUILDDIR}" || exit 1
	for patch in "${PATCHDIR}/all"/tls-${TLSVERS}-*.diff "${PATCHDIR}/${TCL_VERSION}"/tls-${TLSVERS}-*.diff; do
		if [ ! -f "${patch}" ]; then
			continue
		fi
................................................................................
			echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\""
			${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" || exit 1

			echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\" install"
			${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" install || exit 1
		) || continue






		break
	done

	# Create pkgIndex if needed
	if [ ! -e "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl" ]; then
		cat << _EOF_ > "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl"
package ifneeded tls ${TLSVERS} \
    "[list source [file join \$dir tls.tcl]] ; \
     [list load {} tls]"
_EOF_
	fi




	## XXX: TODO: Determine what we actually need to link against
	addlibs="-lssl -lcrypto"


	if [ "${KC_TLS_LINKSSLSTATIC}" = '1' ]; then
		echo "-Wl,-Bstatic ${addlibs} -Wl,-Bdynamic"
	else
		echo "${addlibs}"
	fi > "${INSTDIR}/lib/tls${TLSVERS}/libtls${TLSVERS}.a.linkadd"


	# Install files needed by installation
	cp -r "${INSTDIR}/lib" "${OUTDIR}" || exit 1
	find "${OUTDIR}" -name '*.a' -type f | xargs -n 1 rm -f --

	exit 0
) || exit 1

exit 0







|







 







>
>
>
>
|
>
>
>
>
>
>







 







>
>
>
>
>












>
>
>

<
>
>

|


<
>









7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
..
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
...
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164

165
166
167
168
169
170

171
172
173
174
175
176
177
178
179
180
fi
if [ -z "${TCLVERS}" ]; then
	echo 'ERROR: The TCLVERS environment variable is not set' >&2

	exit 1
fi

TLSVERS="1.6.7"
SRC="src/tls-${TLSVERS}.tar.gz"
SRCURL="http://sourceforge.net/projects/tls/files/tls/${TLSVERS}/tls${TLSVERS}-src.tar.gz"
BUILDDIR="$(pwd)/build/tls${TLSVERS}"
OUTDIR="$(pwd)/out"
INSTDIR="$(pwd)/inst"
PATCHDIR="$(pwd)/patches"
export TLSVERS SRC SRCURL BUILDDIR OUTDIR INSTDIR PATCHDIR
................................................................................
		cp -rp ../buildsrc/* './'
	fi

	# Determine SSL directory
	if [ -z "${CPP}" ]; then
		CPP="${CC} -E"
	fi

	if [ -n "${KC_TLS_SSLDIR}" ]; then
		SSLDIR="${KC_TLS_SSLDIR}"
	else
		SSLDIR="$(echo '#include <openssl/ssl.h>' 2>/dev/null | ${CPP} - | awk '/# 1 "\/.*\/ssl\.h/{ print $3; exit }' | sed 's@^"@@;s@"$@@;s@/include/openssl/ssl\.h$@@')"
		if [ -z "${SSLDIR}" ]; then
			echo "Unable to find OpenSSL, aborting." >&2

			exit 1
		fi
	fi

	# Apply required patches
	cd "${BUILDDIR}" || exit 1
	for patch in "${PATCHDIR}/all"/tls-${TLSVERS}-*.diff "${PATCHDIR}/${TCL_VERSION}"/tls-${TLSVERS}-*.diff; do
		if [ ! -f "${patch}" ]; then
			continue
		fi
................................................................................
			echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\""
			${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" || exit 1

			echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\" install"
			${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" install || exit 1
		) || continue

		# Determine SSL library directory
		SSL_LIB_DIR="$(${MAKE:-make} --print-data-base | awk '/^SSL_LIB_DIR = /{ print }' | sed 's@^SSL_LIB_DIR = *@@')"

		echo "SSL_LIB_DIR = ${SSL_LIB_DIR}"

		break
	done

	# Create pkgIndex if needed
	if [ ! -e "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl" ]; then
		cat << _EOF_ > "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl"
package ifneeded tls ${TLSVERS} \
    "[list source [file join \$dir tls.tcl]] ; \
     [list load {} tls]"
_EOF_
	fi

	# Determine name of static object
	LINKADDFILE="$(find "${INSTDIR}" -name '*.a' | head -n 1).linkadd"

	## XXX: TODO: Determine what we actually need to link against

	addlibs="-L${SSL_LIB_DIR:-/lib} -lssl -lcrypto ${KC_TLS_LINKADD}"
	addlibs_staticOnly=""
	if [ "${KC_TLS_LINKSSLSTATIC}" = '1' ]; then
		echo "-Wl,-Bstatic ${addlibs} ${addlibs_staticOnly} -Wl,-Bdynamic"
	else
		echo "${addlibs}"

	fi > "${LINKADDFILE}"

	# Install files needed by installation
	cp -r "${INSTDIR}/lib" "${OUTDIR}" || exit 1
	find "${OUTDIR}" -name '*.a' -type f | xargs -n 1 rm -f --

	exit 0
) || exit 1

exit 0

Added tls/patches/all/tls-1.6.7-fixcrosscompile.diff version [91ef31212c].



























































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
diff -uNr tls1.6.7.orig/configure tls1.6.7-fixcrosscompile/configure
--- tls1.6.7.orig/configure	2015-07-07 12:16:02.000000000 -0500
+++ tls1.6.7-fixcrosscompile/configure	2015-10-28 09:59:25.414214000 -0500
@@ -1387,7 +1387,9 @@
 fi
 
 	    EXEEXT=".exe"
-	    TEA_PLATFORM="windows"
+		if [ -z "${TEA_PLATFORM}" ]; then
+			TEA_PLATFORM="windows"
+		fi
 	    ;;
 	*CYGWIN_*)
 	    CYGPATH=echo
@@ -1397,7 +1399,9 @@
 	*)
 	    CYGPATH=echo
 	    EXEEXT=""
-	    TEA_PLATFORM="unix"
+		if [ -z "${TEA_PLATFORM}" ]; then
+			TEA_PLATFORM="unix"
+		fi
 	    ;;
     esac
 
@@ -1682,13 +1686,17 @@
 echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6
 	    case ${TCL_EXTRA_CFLAGS} in
 		*-mwin32*|*-mno-cygwin*)
-		    TEA_PLATFORM="windows"
+			if [ -z "${TEA_PLATFORM}" ]; then
+				TEA_PLATFORM="windows"
+			fi
 		    CFLAGS="$CFLAGS -mwin32"
 		    echo "$as_me:$LINENO: result: win32" >&5
 echo "${ECHO_T}win32" >&6
 		    ;;
 		*)
-		    TEA_PLATFORM="unix"
+			if [ -z "${TEA_PLATFORM}" ]; then
+				TEA_PLATFORM="unix"
+			fi
 		    echo "$as_me:$LINENO: result: unix" >&5
 echo "${ECHO_T}unix" >&6
 		    ;;

Added tls/patches/all/tls-1.6.7-peercertificate.diff version [99b020c0ab].























































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
diff -uNr tls1.6.7.orig/tlsX509.c tls1.6.7-peercertificate/tlsX509.c
--- tls1.6.7.orig/tlsX509.c	2004-06-29 05:58:08.000000000 -0500
+++ tls1.6.7-peercertificate/tlsX509.c	2015-10-28 10:19:04.914214000 -0500
@@ -100,12 +100,14 @@
     char serial[BUFSIZ];
     char notBefore[BUFSIZ];
     char notAfter[BUFSIZ];
+    char certStr[BUFSIZ];
 #ifndef NO_SSL_SHA
     int shai;
     char sha_hash[SHA_DIGEST_LENGTH*2];
     const char *shachars="0123456789ABCDEF";
 #endif
 
+    certStr[0] = 0;
     if ((bio = BIO_new(BIO_s_mem())) == NULL) {
 	subject[0] = 0;
 	issuer[0]  = 0;
@@ -132,6 +134,13 @@
 	serial[n] = 0;
 	BIO_flush(bio);
 
+        if (PEM_write_bio_X509(bio, cert)) {
+            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
+            n = max(n, 0);
+            certStr[n] = 0;
+            BIO_flush(bio);
+        }
+
 	BIO_free(bio);
     }
 
@@ -175,5 +184,10 @@
     Tcl_ListObjAppendElement( interp, certPtr,
 	    Tcl_NewStringObj( serial, -1) );
 
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( "certificate", -1) );
+    Tcl_ListObjAppendElement( interp, certPtr,
+	    Tcl_NewStringObj( certStr, -1) );
+
     return certPtr;
 }