Check-in [9e6949c7b4]
Overview
Comment:Added TLS optional package
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:9e6949c7b4be9216f28d50d2405de9f39603eb82
User & Date: rkeene on 2013-09-14 04:51:00
Other Links: manifest | tags
Context
2013-09-15
04:13
Updated to allow statically linking the Thread extension to the tclkit (excludes 8.6.0 for now) check-in: b781586ff9 user: rkeene tags: trunk
2013-09-14
04:51
Added TLS optional package check-in: 9e6949c7b4 user: rkeene tags: trunk
2013-09-11
13:36
Reflect the latest changes in the README file. check-in: a0175128eb user: schelte tags: trunk
Changes

Added tls/build.sh version [a1f308b67a].

            1  +#! /usr/bin/env bash
            2  +
            3  +if [ ! -f 'build.sh' ]; then
            4  +	echo 'ERROR: This script must be run from the directory it is in' >&2
            5  +
            6  +	exit 1
            7  +fi
            8  +if [ -z "${TCLVERS}" ]; then
            9  +	echo 'ERROR: The TCLVERS environment variable is not set' >&2
           10  +
           11  +	exit 1
           12  +fi
           13  +
           14  +TLSVERS="1.6"
           15  +SRC="src/tls-${TLSVERS}.tar.gz"
           16  +SRCURL="http://sourceforge.net/projects/tls/files/tls/${TLSVERS}/tls${TLSVERS}-src.tar.gz"
           17  +BUILDDIR="$(pwd)/build/tls${TLSVERS}"
           18  +OUTDIR="$(pwd)/out"
           19  +INSTDIR="$(pwd)/inst"
           20  +PATCHDIR="$(pwd)/patches"
           21  +export TLSVERS SRC SRCURL BUILDDIR OUTDIR INSTDIR PATCHDIR
           22  +
           23  +# Set configure options for this sub-project
           24  +LDFLAGS="${KC_TLS_LDFLAGS}"
           25  +CFLAGS="${KC_TLS_CFLAGS}"
           26  +CPPFLAGS="${KC_TLS_CPPFLAGS}"
           27  +LIBS="${KC_TLS_LIBS}"
           28  +export LDFLAGS CFLAGS CPPFLAGS LIBS
           29  +
           30  +rm -rf 'build' 'out' 'inst'
           31  +mkdir 'build' 'out' 'inst' || exit 1
           32  +
           33  +TCL_VERSION="unknown"
           34  +if [ -f "${TCLCONFIGDIR}/tclConfig.sh" ]; then
           35  +        source "${TCLCONFIGDIR}/tclConfig.sh"
           36  +fi
           37  +export TCL_VERSION
           38  +
           39  +if [ ! -f "${SRC}" ]; then
           40  +	mkdir 'src' >/dev/null 2>/dev/null
           41  +
           42  +	if [ ! -d 'buildsrc' ]; then
           43  +		rm -f "${SRC}.tmp"
           44  +		wget -O "${SRC}.tmp" "${SRCURL}" || exit 1
           45  +		mv "${SRC}.tmp" "${SRC}"
           46  +	fi
           47  +fi
           48  +
           49  +(
           50  +	cd 'build' || exit 1
           51  +
           52  +	if [ ! -d '../buildsrc' ]; then
           53  +		gzip -dc "../${SRC}" | tar -xf -
           54  +	else    
           55  +		cp -rp ../buildsrc/* './'
           56  +	fi
           57  +
           58  +	# Apply required patches
           59  +	cd "${BUILDDIR}" || exit 1
           60  +	for patch in "${PATCHDIR}/all"/tls-${TLSVERS}-*.diff "${PATCHDIR}/${TCL_VERSION}"/tls-${TLSVERS}-*.diff; do
           61  +		if [ ! -f "${patch}" ]; then
           62  +			continue
           63  +		fi
           64  +
           65  +		echo "Applying: ${patch}"
           66  +		${PATCH:-patch} -p1 < "${patch}"
           67  +	done
           68  +
           69  +	cd "${BUILDDIR}" || exit 1
           70  +
           71  +	# Try to build as a shared object if requested
           72  +	if [ "${STATICTLS}" = "0" ]; then
           73  +		tryopts="--enable-shared --disable-shared"
           74  +	elif [ "${STATICTLS}" = "-1" ]; then
           75  +		tryopts="--enable-shared"
           76  +	else
           77  +		tryopts="--disable-shared"
           78  +	fi
           79  +
           80  +	SAVE_CFLAGS="${CFLAGS}"
           81  +	for tryopt in $tryopts __fail__; do
           82  +		# Clean up, if needed
           83  +		make distclean >/dev/null 2>/dev/null
           84  +		rm -rf "${INSTDIR}"
           85  +		mkdir "${INSTDIR}"
           86  +
           87  +		if [ "${tryopt}" = "__fail__" ]; then
           88  +			exit 1
           89  +		fi
           90  +
           91  +		if [ "${tryopt}" == "--enable-shared" ]; then
           92  +			isshared="1"
           93  +		else
           94  +			isshared="0"
           95  +		fi
           96  +
           97  +		# If build a static TLS for KitDLL, ensure that we use PIC
           98  +		# so that it can be linked into the shared object
           99  +		if [ "${isshared}" = "0" -a "${KITTARGET}" = "kitdll" ]; then
          100  +			CFLAGS="${SAVE_CFLAGS} -fPIC"
          101  +		else
          102  +			CFLAGS="${SAVE_CFLAGS}"
          103  +		fi
          104  +		export CFLAGS
          105  +
          106  +		if [ "${isshared}" = '0' ]; then
          107  +			sed 's@USE_TCL_STUBS@XXX_TCL_STUBS@g' configure > configure.new
          108  +		else
          109  +			sed 's@XXX_TCL_STUBS@USE_TCL_STUBS@g' configure > configure.new
          110  +		fi
          111  +		cat configure.new > configure
          112  +		rm -f configure.new
          113  +
          114  +		(
          115  +			echo "Running: ./configure $tryopt --prefix=\"${INSTDIR}\" --exec-prefix=\"${INSTDIR}\" --libdir=\"${INSTDIR}/lib\" --with-tcl=\"${TCLCONFIGDIR}\" ${CONFIGUREEXTRA}"
          116  +			./configure $tryopt --prefix="${INSTDIR}" --exec-prefix="${INSTDIR}" --libdir="${INSTDIR}/lib" --with-tcl="${TCLCONFIGDIR}" ${CONFIGUREEXTRA}
          117  +
          118  +			echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\""
          119  +			${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" || exit 1
          120  +
          121  +			echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\" install"
          122  +			${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" install || exit 1
          123  +		) || continue
          124  +
          125  +		break
          126  +	done
          127  +
          128  +	# Create pkgIndex if needed
          129  +	if [ ! -e "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl" ]; then
          130  +		cat << _EOF_ > "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl"
          131  +package ifneeded tls ${TLSVERS} \
          132  +    "[list source [file join \$dir tls.tcl]] ; \
          133  +     [list load {} tls]"
          134  +_EOF_
          135  +	fi
          136  +
          137  +	# Install files needed by installation
          138  +	cp -r "${INSTDIR}/lib" "${OUTDIR}" || exit 1
          139  +	find "${OUTDIR}" -name '*.a' -type f | xargs -n 1 rm -f --
          140  +
          141  +	## XXX: TODO: Determine what we actually need to link against
          142  +	echo '-lssl -lcrypto' > "${INSTDIR}/lib/tls${TLSVERS}/libtls${TLSVERS}.a.linkadd"
          143  +
          144  +	exit 0
          145  +) || exit 1
          146  +
          147  +exit 0

Added tls/patches/all/tls-1.6-fixmemleak-bugid3041925.diff version [13a18a6baa].

            1  +diff -uNr tls1.6.orig/tls.c tls1.6-fixmemleak-bugid3041925/tls.c
            2  +--- tls1.6.orig/tls.c	2008-03-19 17:06:13.000000000 -0500
            3  ++++ tls1.6-fixmemleak-bugid3041925/tls.c	2010-10-08 13:03:39.000000000 -0500
            4  +@@ -1156,6 +1156,8 @@
            5  + 	peer	= SSL_get_certificate(statePtr->ssl);
            6  +     if (peer) {
            7  + 	objPtr = Tls_NewX509Obj(interp, peer);
            8  ++
            9  ++	if (objc == 2) X509_free(peer);
           10  +     } else {
           11  + 	objPtr = Tcl_NewListObj(0, NULL);
           12  +     }

Added tls/patches/all/tls-1.6-peercertificate-1rsk.diff version [aa51f17273].

            1  +diff -uNr tls1.6/tlsX509.c tls1.6-patched/tlsX509.c
            2  +--- tls1.6/tlsX509.c	2005-02-07 14:51:03.000000000 -0500
            3  ++++ tls1.6-patched/tlsX509.c	2013-01-07 00:47:59.000000000 -0500
            4  +@@ -100,12 +100,14 @@
            5  +     char serial[BUFSIZ];
            6  +     char notBefore[BUFSIZ];
            7  +     char notAfter[BUFSIZ];
            8  ++    char certStr[BUFSIZ];
            9  + #ifndef NO_SSL_SHA
           10  +     int shai;
           11  +     char sha_hash[SHA_DIGEST_LENGTH*2];
           12  +     const char *shachars="0123456789ABCDEF";
           13  + #endif
           14  + 
           15  ++    certStr[0] = 0;
           16  +     if ((bio = BIO_new(BIO_s_mem())) == NULL) {
           17  + 	subject[0] = 0;
           18  + 	issuer[0]  = 0;
           19  +@@ -132,6 +134,13 @@
           20  + 	serial[n] = 0;
           21  + 	BIO_flush(bio);
           22  + 
           23  ++        if (PEM_write_bio_X509(bio, cert)) {
           24  ++            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
           25  ++            n = max(n, 0);
           26  ++            certStr[n] = 0;
           27  ++            BIO_flush(bio);
           28  ++        }
           29  ++
           30  + 	BIO_free(bio);
           31  +     }
           32  + 
           33  +@@ -175,5 +184,10 @@
           34  +     Tcl_ListObjAppendElement( interp, certPtr,
           35  + 	    Tcl_NewStringObj( serial, -1) );
           36  + 
           37  ++    Tcl_ListObjAppendElement( interp, certPtr,
           38  ++	    Tcl_NewStringObj( "certificate", -1) );
           39  ++    Tcl_ListObjAppendElement( interp, certPtr,
           40  ++	    Tcl_NewStringObj( certStr, -1) );
           41  ++
           42  +     return certPtr;
           43  + }