KitCreator: Check-in [9e6949c7b4]

Overview

Comment:	Added TLS optional package
Downloads:	Tarball \| ZIP archive \| SQL archive
Timelines:	family \| ancestors \| descendants \| both \| trunk
Files:	files \| file ages \| folders
SHA1:	9e6949c7b4be9216f28d50d2405de9f39603eb82
User & Date:	rkeene on 2013-09-14 04:51:00
Other Links:	manifest \| tags

Context

2013-09-15
04:13		Updated to allow statically linking the Thread extension to the tclkit (excludes 8.6.0 for now) check-in: b781586ff9 user: rkeene tags: trunk
2013-09-14
04:51		Added TLS optional package check-in: 9e6949c7b4 user: rkeene tags: trunk
2013-09-11
13:36		Reflect the latest changes in the README file. check-in: a0175128eb user: schelte tags: trunk

Changes

Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Added tls/build.sh version [a1f308b67a].

Added tls/patches/all/tls-1.6-fixmemleak-bugid3041925.diff version [13a18a6baa].

Added tls/patches/all/tls-1.6-peercertificate-1rsk.diff version [aa51f17273].



















































































































































1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147	+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +	#! /usr/bin/env bash if [ ! -f 'build.sh' ]; then echo 'ERROR: This script must be run from the directory it is in' >&2 exit 1 fi if [ -z "${TCLVERS}" ]; then echo 'ERROR: The TCLVERS environment variable is not set' >&2 exit 1 fi TLSVERS="1.6" SRC="src/tls-${TLSVERS}.tar.gz" SRCURL="http://sourceforge.net/projects/tls/files/tls/${TLSVERS}/tls${TLSVERS}-src.tar.gz" BUILDDIR="$(pwd)/build/tls${TLSVERS}" OUTDIR="$(pwd)/out" INSTDIR="$(pwd)/inst" PATCHDIR="$(pwd)/patches" export TLSVERS SRC SRCURL BUILDDIR OUTDIR INSTDIR PATCHDIR # Set configure options for this sub-project LDFLAGS="${KC_TLS_LDFLAGS}" CFLAGS="${KC_TLS_CFLAGS}" CPPFLAGS="${KC_TLS_CPPFLAGS}" LIBS="${KC_TLS_LIBS}" export LDFLAGS CFLAGS CPPFLAGS LIBS rm -rf 'build' 'out' 'inst' mkdir 'build' 'out' 'inst' \|\| exit 1 TCL_VERSION="unknown" if [ -f "${TCLCONFIGDIR}/tclConfig.sh" ]; then source "${TCLCONFIGDIR}/tclConfig.sh" fi export TCL_VERSION if [ ! -f "${SRC}" ]; then mkdir 'src' >/dev/null 2>/dev/null if [ ! -d 'buildsrc' ]; then rm -f "${SRC}.tmp" wget -O "${SRC}.tmp" "${SRCURL}" \|\| exit 1 mv "${SRC}.tmp" "${SRC}" fi fi ( cd 'build' \|\| exit 1 if [ ! -d '../buildsrc' ]; then gzip -dc "../${SRC}" \| tar -xf - else cp -rp ../buildsrc/* './' fi # Apply required patches cd "${BUILDDIR}" \|\| exit 1 for patch in "${PATCHDIR}/all"/tls-${TLSVERS}-.diff "${PATCHDIR}/${TCL_VERSION}"/tls-${TLSVERS}-.diff; do if [ ! -f "${patch}" ]; then continue fi echo "Applying: ${patch}" ${PATCH:-patch} -p1 < "${patch}" done cd "${BUILDDIR}" \|\| exit 1 # Try to build as a shared object if requested if [ "${STATICTLS}" = "0" ]; then tryopts="--enable-shared --disable-shared" elif [ "${STATICTLS}" = "-1" ]; then tryopts="--enable-shared" else tryopts="--disable-shared" fi SAVE_CFLAGS="${CFLAGS}" for tryopt in $tryopts __fail__; do # Clean up, if needed make distclean >/dev/null 2>/dev/null rm -rf "${INSTDIR}" mkdir "${INSTDIR}" if [ "${tryopt}" = "__fail__" ]; then exit 1 fi if [ "${tryopt}" == "--enable-shared" ]; then isshared="1" else isshared="0" fi # If build a static TLS for KitDLL, ensure that we use PIC # so that it can be linked into the shared object if [ "${isshared}" = "0" -a "${KITTARGET}" = "kitdll" ]; then CFLAGS="${SAVE_CFLAGS} -fPIC" else CFLAGS="${SAVE_CFLAGS}" fi export CFLAGS if [ "${isshared}" = '0' ]; then sed 's@USE_TCL_STUBS@XXX_TCL_STUBS@g' configure > configure.new else sed 's@XXX_TCL_STUBS@USE_TCL_STUBS@g' configure > configure.new fi cat configure.new > configure rm -f configure.new ( echo "Running: ./configure $tryopt --prefix=\"${INSTDIR}\" --exec-prefix=\"${INSTDIR}\" --libdir=\"${INSTDIR}/lib\" --with-tcl=\"${TCLCONFIGDIR}\" ${CONFIGUREEXTRA}" ./configure $tryopt --prefix="${INSTDIR}" --exec-prefix="${INSTDIR}" --libdir="${INSTDIR}/lib" --with-tcl="${TCLCONFIGDIR}" ${CONFIGUREEXTRA} echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\"" ${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" \|\| exit 1 echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\" install" ${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" install \|\| exit 1 ) \|\| continue break done # Create pkgIndex if needed if [ ! -e "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl" ]; then cat << _EOF_ > "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl" package ifneeded tls ${TLSVERS} \ "[list source [file join \$dir tls.tcl]] ; \ [list load {} tls]" _EOF_ fi # Install files needed by installation cp -r "${INSTDIR}/lib" "${OUTDIR}" \|\| exit 1 find "${OUTDIR}" -name '*.a' -type f \| xargs -n 1 rm -f -- ## XXX: TODO: Determine what we actually need to link against echo '-lssl -lcrypto' > "${INSTDIR}/lib/tls${TLSVERS}/libtls${TLSVERS}.a.linkadd" exit 0 ) \|\| exit 1 exit 0












1 2 3 4 5 6 7 8 9 10 11 12	+ + + + + + + + + + + +	diff -uNr tls1.6.orig/tls.c tls1.6-fixmemleak-bugid3041925/tls.c --- tls1.6.orig/tls.c 2008-03-19 17:06:13.000000000 -0500 +++ tls1.6-fixmemleak-bugid3041925/tls.c 2010-10-08 13:03:39.000000000 -0500 @@ -1156,6 +1156,8 @@ peer = SSL_get_certificate(statePtr->ssl); if (peer) { objPtr = Tls_NewX509Obj(interp, peer); + + if (objc == 2) X509_free(peer); } else { objPtr = Tcl_NewListObj(0, NULL); }











































1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43	+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +	diff -uNr tls1.6/tlsX509.c tls1.6-patched/tlsX509.c --- tls1.6/tlsX509.c 2005-02-07 14:51:03.000000000 -0500 +++ tls1.6-patched/tlsX509.c 2013-01-07 00:47:59.000000000 -0500 @@ -100,12 +100,14 @@ char serial[BUFSIZ]; char notBefore[BUFSIZ]; char notAfter[BUFSIZ]; + char certStr[BUFSIZ]; #ifndef NO_SSL_SHA int shai; char sha_hash[SHA_DIGEST_LENGTH2]; const char shachars="0123456789ABCDEF"; #endif + certStr[0] = 0; if ((bio = BIO_new(BIO_s_mem())) == NULL) { subject[0] = 0; issuer[0] = 0; @@ -132,6 +134,13 @@ serial[n] = 0; BIO_flush(bio); + if (PEM_write_bio_X509(bio, cert)) { + n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1)); + n = max(n, 0); + certStr[n] = 0; + BIO_flush(bio); + } + BIO_free(bio); } @@ -175,5 +184,10 @@ Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( serial, -1) ); + Tcl_ListObjAppendElement( interp, certPtr, + Tcl_NewStringObj( "certificate", -1) ); + Tcl_ListObjAppendElement( interp, certPtr, + Tcl_NewStringObj( certStr, -1) ); + return certPtr; }