Overview
| Comment: | Added TLS optional package |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | 9e6949c7b4be9216f28d50d2405de9f39603eb82 |
| User & Date: | rkeene on 2013-09-14 04:51:00 |
| Other Links: | manifest | tags |
Context
|
2013-09-15
| ||
| 04:13 | Updated to allow statically linking the Thread extension to the tclkit (excludes 8.6.0 for now) check-in: b781586ff9 user: rkeene tags: trunk | |
|
2013-09-14
| ||
| 04:51 | Added TLS optional package check-in: 9e6949c7b4 user: rkeene tags: trunk | |
|
2013-09-11
| ||
| 13:36 | Reflect the latest changes in the README file. check-in: a0175128eb user: schelte tags: trunk | |
Changes
Added tls/build.sh version [a1f308b67a].
1 +#! /usr/bin/env bash 2 + 3 +if [ ! -f 'build.sh' ]; then 4 + echo 'ERROR: This script must be run from the directory it is in' >&2 5 + 6 + exit 1 7 +fi 8 +if [ -z "${TCLVERS}" ]; then 9 + echo 'ERROR: The TCLVERS environment variable is not set' >&2 10 + 11 + exit 1 12 +fi 13 + 14 +TLSVERS="1.6" 15 +SRC="src/tls-${TLSVERS}.tar.gz" 16 +SRCURL="http://sourceforge.net/projects/tls/files/tls/${TLSVERS}/tls${TLSVERS}-src.tar.gz" 17 +BUILDDIR="$(pwd)/build/tls${TLSVERS}" 18 +OUTDIR="$(pwd)/out" 19 +INSTDIR="$(pwd)/inst" 20 +PATCHDIR="$(pwd)/patches" 21 +export TLSVERS SRC SRCURL BUILDDIR OUTDIR INSTDIR PATCHDIR 22 + 23 +# Set configure options for this sub-project 24 +LDFLAGS="${KC_TLS_LDFLAGS}" 25 +CFLAGS="${KC_TLS_CFLAGS}" 26 +CPPFLAGS="${KC_TLS_CPPFLAGS}" 27 +LIBS="${KC_TLS_LIBS}" 28 +export LDFLAGS CFLAGS CPPFLAGS LIBS 29 + 30 +rm -rf 'build' 'out' 'inst' 31 +mkdir 'build' 'out' 'inst' || exit 1 32 + 33 +TCL_VERSION="unknown" 34 +if [ -f "${TCLCONFIGDIR}/tclConfig.sh" ]; then 35 + source "${TCLCONFIGDIR}/tclConfig.sh" 36 +fi 37 +export TCL_VERSION 38 + 39 +if [ ! -f "${SRC}" ]; then 40 + mkdir 'src' >/dev/null 2>/dev/null 41 + 42 + if [ ! -d 'buildsrc' ]; then 43 + rm -f "${SRC}.tmp" 44 + wget -O "${SRC}.tmp" "${SRCURL}" || exit 1 45 + mv "${SRC}.tmp" "${SRC}" 46 + fi 47 +fi 48 + 49 +( 50 + cd 'build' || exit 1 51 + 52 + if [ ! -d '../buildsrc' ]; then 53 + gzip -dc "../${SRC}" | tar -xf - 54 + else 55 + cp -rp ../buildsrc/* './' 56 + fi 57 + 58 + # Apply required patches 59 + cd "${BUILDDIR}" || exit 1 60 + for patch in "${PATCHDIR}/all"/tls-${TLSVERS}-*.diff "${PATCHDIR}/${TCL_VERSION}"/tls-${TLSVERS}-*.diff; do 61 + if [ ! -f "${patch}" ]; then 62 + continue 63 + fi 64 + 65 + echo "Applying: ${patch}" 66 + ${PATCH:-patch} -p1 < "${patch}" 67 + done 68 + 69 + cd "${BUILDDIR}" || exit 1 70 + 71 + # Try to build as a shared object if requested 72 + if [ "${STATICTLS}" = "0" ]; then 73 + tryopts="--enable-shared --disable-shared" 74 + elif [ "${STATICTLS}" = "-1" ]; then 75 + tryopts="--enable-shared" 76 + else 77 + tryopts="--disable-shared" 78 + fi 79 + 80 + SAVE_CFLAGS="${CFLAGS}" 81 + for tryopt in $tryopts __fail__; do 82 + # Clean up, if needed 83 + make distclean >/dev/null 2>/dev/null 84 + rm -rf "${INSTDIR}" 85 + mkdir "${INSTDIR}" 86 + 87 + if [ "${tryopt}" = "__fail__" ]; then 88 + exit 1 89 + fi 90 + 91 + if [ "${tryopt}" == "--enable-shared" ]; then 92 + isshared="1" 93 + else 94 + isshared="0" 95 + fi 96 + 97 + # If build a static TLS for KitDLL, ensure that we use PIC 98 + # so that it can be linked into the shared object 99 + if [ "${isshared}" = "0" -a "${KITTARGET}" = "kitdll" ]; then 100 + CFLAGS="${SAVE_CFLAGS} -fPIC" 101 + else 102 + CFLAGS="${SAVE_CFLAGS}" 103 + fi 104 + export CFLAGS 105 + 106 + if [ "${isshared}" = '0' ]; then 107 + sed 's@USE_TCL_STUBS@XXX_TCL_STUBS@g' configure > configure.new 108 + else 109 + sed 's@XXX_TCL_STUBS@USE_TCL_STUBS@g' configure > configure.new 110 + fi 111 + cat configure.new > configure 112 + rm -f configure.new 113 + 114 + ( 115 + echo "Running: ./configure $tryopt --prefix=\"${INSTDIR}\" --exec-prefix=\"${INSTDIR}\" --libdir=\"${INSTDIR}/lib\" --with-tcl=\"${TCLCONFIGDIR}\" ${CONFIGUREEXTRA}" 116 + ./configure $tryopt --prefix="${INSTDIR}" --exec-prefix="${INSTDIR}" --libdir="${INSTDIR}/lib" --with-tcl="${TCLCONFIGDIR}" ${CONFIGUREEXTRA} 117 + 118 + echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\"" 119 + ${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" || exit 1 120 + 121 + echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\" install" 122 + ${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" install || exit 1 123 + ) || continue 124 + 125 + break 126 + done 127 + 128 + # Create pkgIndex if needed 129 + if [ ! -e "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl" ]; then 130 + cat << _EOF_ > "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl" 131 +package ifneeded tls ${TLSVERS} \ 132 + "[list source [file join \$dir tls.tcl]] ; \ 133 + [list load {} tls]" 134 +_EOF_ 135 + fi 136 + 137 + # Install files needed by installation 138 + cp -r "${INSTDIR}/lib" "${OUTDIR}" || exit 1 139 + find "${OUTDIR}" -name '*.a' -type f | xargs -n 1 rm -f -- 140 + 141 + ## XXX: TODO: Determine what we actually need to link against 142 + echo '-lssl -lcrypto' > "${INSTDIR}/lib/tls${TLSVERS}/libtls${TLSVERS}.a.linkadd" 143 + 144 + exit 0 145 +) || exit 1 146 + 147 +exit 0
Added tls/patches/all/tls-1.6-fixmemleak-bugid3041925.diff version [13a18a6baa].
1 +diff -uNr tls1.6.orig/tls.c tls1.6-fixmemleak-bugid3041925/tls.c 2 +--- tls1.6.orig/tls.c 2008-03-19 17:06:13.000000000 -0500 3 ++++ tls1.6-fixmemleak-bugid3041925/tls.c 2010-10-08 13:03:39.000000000 -0500 4 +@@ -1156,6 +1156,8 @@ 5 + peer = SSL_get_certificate(statePtr->ssl); 6 + if (peer) { 7 + objPtr = Tls_NewX509Obj(interp, peer); 8 ++ 9 ++ if (objc == 2) X509_free(peer); 10 + } else { 11 + objPtr = Tcl_NewListObj(0, NULL); 12 + }
Added tls/patches/all/tls-1.6-peercertificate-1rsk.diff version [aa51f17273].
1 +diff -uNr tls1.6/tlsX509.c tls1.6-patched/tlsX509.c 2 +--- tls1.6/tlsX509.c 2005-02-07 14:51:03.000000000 -0500 3 ++++ tls1.6-patched/tlsX509.c 2013-01-07 00:47:59.000000000 -0500 4 +@@ -100,12 +100,14 @@ 5 + char serial[BUFSIZ]; 6 + char notBefore[BUFSIZ]; 7 + char notAfter[BUFSIZ]; 8 ++ char certStr[BUFSIZ]; 9 + #ifndef NO_SSL_SHA 10 + int shai; 11 + char sha_hash[SHA_DIGEST_LENGTH*2]; 12 + const char *shachars="0123456789ABCDEF"; 13 + #endif 14 + 15 ++ certStr[0] = 0; 16 + if ((bio = BIO_new(BIO_s_mem())) == NULL) { 17 + subject[0] = 0; 18 + issuer[0] = 0; 19 +@@ -132,6 +134,13 @@ 20 + serial[n] = 0; 21 + BIO_flush(bio); 22 + 23 ++ if (PEM_write_bio_X509(bio, cert)) { 24 ++ n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1)); 25 ++ n = max(n, 0); 26 ++ certStr[n] = 0; 27 ++ BIO_flush(bio); 28 ++ } 29 ++ 30 + BIO_free(bio); 31 + } 32 + 33 +@@ -175,5 +184,10 @@ 34 + Tcl_ListObjAppendElement( interp, certPtr, 35 + Tcl_NewStringObj( serial, -1) ); 36 + 37 ++ Tcl_ListObjAppendElement( interp, certPtr, 38 ++ Tcl_NewStringObj( "certificate", -1) ); 39 ++ Tcl_ListObjAppendElement( interp, certPtr, 40 ++ Tcl_NewStringObj( certStr, -1) ); 41 ++ 42 + return certPtr; 43 + }