Check-in [e2c7a97b27]
Overview
Comment:Updated TLS package to 1.6.7, still needs lots of testing since the new TLS package is apparently really broken
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:e2c7a97b27fa4475e7be406a6bfc4af73f558b30
User & Date: rkeene on 2015-10-28 15:28:53
Other Links: manifest | tags
Context
2015-10-28
15:49
More patches to try to make TLS 1.6.7 work check-in: cdcb07f969 user: rkeene tags: trunk
15:28
Updated TLS package to 1.6.7, still needs lots of testing since the new TLS package is apparently really broken check-in: e2c7a97b27 user: rkeene tags: trunk
15:28
Updated to pass "--enable-threads" to sub-projects if a threaded Tcl is built, unless otherwise requested check-in: da8fac4446 user: rkeene tags: trunk
Changes

Modified build/make-kit-win32 from [248a24bff3] to [b64eb2dc53].

     2      2   
     3      3   AR=i586-mingw32msvc-ar
     4      4   CC=i586-mingw32msvc-gcc
     5      5   CXX=i586-mingw32msvc-g++
     6      6   RANLIB=i586-mingw32msvc-ranlib
     7      7   RC=i586-mingw32msvc-windres
     8      8   STRIP="${STRIP:-i586-mingw32msvc-strip}"
     9         -export AR CC CXX RANLIB RC STRIP
            9  +TEA_PLATFORM='windows'
           10  +KC_TLS_LINKADD='-lws2_32 -lgdi32'
           11  +export AR CC CXX RANLIB RC STRIP TEA_PLATFORM KC_TLS_LINKADD
    10     12   
    11     13   ./kitcreator "$@" --host=i586-mingw32msvc

Modified tls/build.sh from [f6144b21a4] to [6f7681a2e1].

     7      7   fi
     8      8   if [ -z "${TCLVERS}" ]; then
     9      9   	echo 'ERROR: The TCLVERS environment variable is not set' >&2
    10     10   
    11     11   	exit 1
    12     12   fi
    13     13   
    14         -TLSVERS="1.6"
           14  +TLSVERS="1.6.7"
    15     15   SRC="src/tls-${TLSVERS}.tar.gz"
    16     16   SRCURL="http://sourceforge.net/projects/tls/files/tls/${TLSVERS}/tls${TLSVERS}-src.tar.gz"
    17     17   BUILDDIR="$(pwd)/build/tls${TLSVERS}"
    18     18   OUTDIR="$(pwd)/out"
    19     19   INSTDIR="$(pwd)/inst"
    20     20   PATCHDIR="$(pwd)/patches"
    21     21   export TLSVERS SRC SRCURL BUILDDIR OUTDIR INSTDIR PATCHDIR
................................................................................
    55     55   		cp -rp ../buildsrc/* './'
    56     56   	fi
    57     57   
    58     58   	# Determine SSL directory
    59     59   	if [ -z "${CPP}" ]; then
    60     60   		CPP="${CC} -E"
    61     61   	fi
           62  +
           63  +	if [ -n "${KC_TLS_SSLDIR}" ]; then
           64  +		SSLDIR="${KC_TLS_SSLDIR}"
           65  +	else
    62     66   	SSLDIR="$(echo '#include <openssl/ssl.h>' 2>/dev/null | ${CPP} - | awk '/# 1 "\/.*\/ssl\.h/{ print $3; exit }' | sed 's@^"@@;s@"$@@;s@/include/openssl/ssl\.h$@@')"
           67  +		if [ -z "${SSLDIR}" ]; then
           68  +			echo "Unable to find OpenSSL, aborting." >&2
           69  +
           70  +			exit 1
           71  +		fi
           72  +	fi
    63     73   
    64     74   	# Apply required patches
    65     75   	cd "${BUILDDIR}" || exit 1
    66     76   	for patch in "${PATCHDIR}/all"/tls-${TLSVERS}-*.diff "${PATCHDIR}/${TCL_VERSION}"/tls-${TLSVERS}-*.diff; do
    67     77   		if [ ! -f "${patch}" ]; then
    68     78   			continue
    69     79   		fi
................................................................................
   127    137   			echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\""
   128    138   			${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" || exit 1
   129    139   
   130    140   			echo "Running: ${MAKE:-make} tcllibdir=\"${INSTDIR}/lib\" AR=\"${AR:-ar}\" RANLIB=\"${RANLIB:-ranlib}\" install"
   131    141   			${MAKE:-make} tcllibdir="${INSTDIR}/lib" AR="${AR:-ar}" RANLIB="${RANLIB:-ranlib}" install || exit 1
   132    142   		) || continue
   133    143   
          144  +		# Determine SSL library directory
          145  +		SSL_LIB_DIR="$(${MAKE:-make} --print-data-base | awk '/^SSL_LIB_DIR = /{ print }' | sed 's@^SSL_LIB_DIR = *@@')"
          146  +
          147  +		echo "SSL_LIB_DIR = ${SSL_LIB_DIR}"
          148  +
   134    149   		break
   135    150   	done
   136    151   
   137    152   	# Create pkgIndex if needed
   138    153   	if [ ! -e "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl" ]; then
   139    154   		cat << _EOF_ > "${INSTDIR}/lib/tls${TLSVERS}/pkgIndex.tcl"
   140    155   package ifneeded tls ${TLSVERS} \
   141    156       "[list source [file join \$dir tls.tcl]] ; \
   142    157        [list load {} tls]"
   143    158   _EOF_
   144    159   	fi
   145    160   
          161  +	# Determine name of static object
          162  +	LINKADDFILE="$(find "${INSTDIR}" -name '*.a' | head -n 1).linkadd"
          163  +
   146    164   	## XXX: TODO: Determine what we actually need to link against
   147         -	addlibs="-lssl -lcrypto"
          165  +	addlibs="-L${SSL_LIB_DIR:-/lib} -lssl -lcrypto ${KC_TLS_LINKADD}"
          166  +	addlibs_staticOnly=""
   148    167   	if [ "${KC_TLS_LINKSSLSTATIC}" = '1' ]; then
   149         -		echo "-Wl,-Bstatic ${addlibs} -Wl,-Bdynamic"
          168  +		echo "-Wl,-Bstatic ${addlibs} ${addlibs_staticOnly} -Wl,-Bdynamic"
   150    169   	else
   151    170   		echo "${addlibs}"
   152         -	fi > "${INSTDIR}/lib/tls${TLSVERS}/libtls${TLSVERS}.a.linkadd"
          171  +	fi > "${LINKADDFILE}"
   153    172   
   154    173   	# Install files needed by installation
   155    174   	cp -r "${INSTDIR}/lib" "${OUTDIR}" || exit 1
   156    175   	find "${OUTDIR}" -name '*.a' -type f | xargs -n 1 rm -f --
   157    176   
   158    177   	exit 0
   159    178   ) || exit 1
   160    179   
   161    180   exit 0

Added tls/patches/all/tls-1.6.7-fixcrosscompile.diff version [91ef31212c].

            1  +diff -uNr tls1.6.7.orig/configure tls1.6.7-fixcrosscompile/configure
            2  +--- tls1.6.7.orig/configure	2015-07-07 12:16:02.000000000 -0500
            3  ++++ tls1.6.7-fixcrosscompile/configure	2015-10-28 09:59:25.414214000 -0500
            4  +@@ -1387,7 +1387,9 @@
            5  + fi
            6  + 
            7  + 	    EXEEXT=".exe"
            8  +-	    TEA_PLATFORM="windows"
            9  ++		if [ -z "${TEA_PLATFORM}" ]; then
           10  ++			TEA_PLATFORM="windows"
           11  ++		fi
           12  + 	    ;;
           13  + 	*CYGWIN_*)
           14  + 	    CYGPATH=echo
           15  +@@ -1397,7 +1399,9 @@
           16  + 	*)
           17  + 	    CYGPATH=echo
           18  + 	    EXEEXT=""
           19  +-	    TEA_PLATFORM="unix"
           20  ++		if [ -z "${TEA_PLATFORM}" ]; then
           21  ++			TEA_PLATFORM="unix"
           22  ++		fi
           23  + 	    ;;
           24  +     esac
           25  + 
           26  +@@ -1682,13 +1686,17 @@
           27  + echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6
           28  + 	    case ${TCL_EXTRA_CFLAGS} in
           29  + 		*-mwin32*|*-mno-cygwin*)
           30  +-		    TEA_PLATFORM="windows"
           31  ++			if [ -z "${TEA_PLATFORM}" ]; then
           32  ++				TEA_PLATFORM="windows"
           33  ++			fi
           34  + 		    CFLAGS="$CFLAGS -mwin32"
           35  + 		    echo "$as_me:$LINENO: result: win32" >&5
           36  + echo "${ECHO_T}win32" >&6
           37  + 		    ;;
           38  + 		*)
           39  +-		    TEA_PLATFORM="unix"
           40  ++			if [ -z "${TEA_PLATFORM}" ]; then
           41  ++				TEA_PLATFORM="unix"
           42  ++			fi
           43  + 		    echo "$as_me:$LINENO: result: unix" >&5
           44  + echo "${ECHO_T}unix" >&6
           45  + 		    ;;

Added tls/patches/all/tls-1.6.7-peercertificate.diff version [99b020c0ab].

            1  +diff -uNr tls1.6.7.orig/tlsX509.c tls1.6.7-peercertificate/tlsX509.c
            2  +--- tls1.6.7.orig/tlsX509.c	2004-06-29 05:58:08.000000000 -0500
            3  ++++ tls1.6.7-peercertificate/tlsX509.c	2015-10-28 10:19:04.914214000 -0500
            4  +@@ -100,12 +100,14 @@
            5  +     char serial[BUFSIZ];
            6  +     char notBefore[BUFSIZ];
            7  +     char notAfter[BUFSIZ];
            8  ++    char certStr[BUFSIZ];
            9  + #ifndef NO_SSL_SHA
           10  +     int shai;
           11  +     char sha_hash[SHA_DIGEST_LENGTH*2];
           12  +     const char *shachars="0123456789ABCDEF";
           13  + #endif
           14  + 
           15  ++    certStr[0] = 0;
           16  +     if ((bio = BIO_new(BIO_s_mem())) == NULL) {
           17  + 	subject[0] = 0;
           18  + 	issuer[0]  = 0;
           19  +@@ -132,6 +134,13 @@
           20  + 	serial[n] = 0;
           21  + 	BIO_flush(bio);
           22  + 
           23  ++        if (PEM_write_bio_X509(bio, cert)) {
           24  ++            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
           25  ++            n = max(n, 0);
           26  ++            certStr[n] = 0;
           27  ++            BIO_flush(bio);
           28  ++        }
           29  ++
           30  + 	BIO_free(bio);
           31  +     }
           32  + 
           33  +@@ -175,5 +184,10 @@
           34  +     Tcl_ListObjAppendElement( interp, certPtr,
           35  + 	    Tcl_NewStringObj( serial, -1) );
           36  + 
           37  ++    Tcl_ListObjAppendElement( interp, certPtr,
           38  ++	    Tcl_NewStringObj( "certificate", -1) );
           39  ++    Tcl_ListObjAppendElement( interp, certPtr,
           40  ++	    Tcl_NewStringObj( certStr, -1) );
           41  ++
           42  +     return certPtr;
           43  + }