1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
+
-
+
-
-
-
+
+
+
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
+
-
-
-
-
+
-
-
-
-
+
-
-
+
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
-
-
-
-
-
-
-
+
+
-
-
-
-
+
+
+
+
+
+
-
-
-
+
-
-
-
+
+
+
-
-
+
+
-
-
-
-
-
+
-
-
-
-
+
+
+
-
-
-
-
-
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
-
-
-
-
-
-
-
-
+
-
-
-
+
+
-
-
+
-
-
-
+
-
-
-
-
-
-
-
-
+
|
# generated automatically by aclocal 1.16.5 -*- Autoconf -*-
#
# Include the TEA standard macro set
#
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
builtin(include,tclconfig/tcl.m4)
# gives unlimited permission to copy and/or distribute it,
#
# Add here whatever m4 macros you want to define for your package
#
AC_DEFUN([TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER], [
dnl Determine if particular SSL version is enabled
if test "[$]$1" = "true" -o "[$]$1" = "force"; then
proto_check='true'
ifelse($5,, [
AC_CHECK_FUNC($2,, [
proto_check='false'
])
], [
AC_LANG_PUSH(C)
AC_MSG_CHECKING([for $3 protocol support])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
#include <openssl/ssl.h>
#include <openssl/opensslv.h>
#if (SSLEAY_VERSION_NUMBER >= 0x0907000L)
# include <openssl/conf.h>
#endif
], [
int x = $5;
])], [
AC_MSG_RESULT([yes])
], [
AC_MSG_RESULT([no])
# with or without modifications, as long as this notice is preserved.
proto_check='false'
])
AC_LANG_POP([C])
])
if test "$proto_check" = 'false'; then
if test "[$]$1" = "force"; then
AC_MSG_ERROR([Unable to enable $3])
fi
# This program is distributed in the hope that it will be useful,
$1='false'
fi
fi
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
if test "[$]$1" = "false"; then
AC_DEFINE($4, [1], [Define this to disable $3 in OpenSSL support])
fi
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
])
# PARTICULAR PURPOSE.
AC_DEFUN([TCLTLS_SSL_OPENSSL], [
openssldir=''
opensslpkgconfigdir=''
AC_ARG_WITH([openssl-dir],
AS_HELP_STRING(
[--with-openssl-dir=<dir>],
[path to root directory of OpenSSL or LibreSSL installation]
), [
openssldir="$withval"
]
)
AC_ARG_WITH([openssl-pkgconfig],
AS_HELP_STRING(
[--with-openssl-pkgconfig=<dir>],
m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])])
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT])
#
# DESCRIPTION
#
# Check whether the given FLAG works with the current language's compiler
# or gives an error. (Warnings, however, are ignored)
[path to root directory of OpenSSL or LibreSSL pkgconfigdir]
), [
opensslpkgconfigdir="$withval"
]
)
#
if test -n "$openssldir"; then
if test -e "$openssldir/libssl.$SHOBJEXT"; then
TCLTLS_SSL_LIBS="-L$openssldir -lssl -lcrypto"
openssldir="`AS_DIRNAME(["$openssldir"])`"
else
TCLTLS_SSL_LIBS="-L$openssldir/lib -lssl -lcrypto"
fi
# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
# success/failure.
TCLTLS_SSL_CFLAGS="-I$openssldir/include"
TCLTLS_SSL_CPPFLAGS="-I$openssldir/include"
fi
#
# If EXTRA-FLAGS is defined, it is added to the current language's default
# flags (e.g. CFLAGS) when the check is done. The check is thus made with
# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to
# force the compiler to issue an error when a bad flag is given.
#
pkgConfigExtraArgs=''
if test "$TCLEXT_BUILD" = "static" -o "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then
pkgConfigExtraArgs='--static'
# INPUT gives an alternative input source to AC_COMPILE_IFELSE.
fi
dnl Use pkg-config to find the libraries
#
# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
# macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG.
dnl Temporarily update PKG_CONFIG_PATH
PKG_CONFIG_PATH_SAVE="${PKG_CONFIG_PATH}"
#
# LICENSE
if test -n "${opensslpkgconfigdir}"; then
if ! test -f "${opensslpkgconfigdir}/openssl.pc"; then
AC_MSG_ERROR([Unable to locate ${opensslpkgconfigdir}/openssl.pc])
fi
#
PKG_CONFIG_PATH="${opensslpkgconfigdir}${PATH_SEPARATOR}${PKG_CONFIG_PATH}"
export PKG_CONFIG_PATH
fi
# Copyright (c) 2008 Guido U. Draheim <[email protected]>
# Copyright (c) 2011 Maarten Bosmans <[email protected]>
#
AC_ARG_VAR([TCLTLS_SSL_LIBS], [libraries to pass to the linker for OpenSSL or LibreSSL])
AC_ARG_VAR([TCLTLS_SSL_CFLAGS], [C compiler flags for OpenSSL or LibreSSL])
AC_ARG_VAR([TCLTLS_SSL_CPPFLAGS], [C preprocessor flags for OpenSSL or LibreSSL])
if test -z "$TCLTLS_SSL_LIBS"; then
TCLTLS_SSL_LIBS="`"${PKGCONFIG}" openssl --libs $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration])
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
fi
if test -z "$TCLTLS_SSL_CFLAGS"; then
TCLTLS_SSL_CFLAGS="`"${PKGCONFIG}" openssl --cflags-only-other $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration])
fi
if test -z "$TCLTLS_SSL_CPPFLAGS"; then
TCLTLS_SSL_CPPFLAGS="`"${PKGCONFIG}" openssl --cflags-only-I $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration])
fi
PKG_CONFIG_PATH="${PKG_CONFIG_PATH_SAVE}"
if test "$TCLEXT_BUILD" = "static"; then
dnl If we are doing a static build, save the linker flags for other programs to consume
rm -f tcltls.${AREXT}.linkadd
AS_ECHO(["$TCLTLS_SSL_LIBS"]) > tcltls.${AREXT}.linkadd
fi
#serial 6
dnl If we have been asked to statically link to the SSL library, specifically tell the linker to do so
if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then
dnl Don't bother doing this if we aren't actually doing the runtime linking
if test "$TCLEXT_BUILD" != "static"; then
dnl Split the libraries into SSL and non-SSL libraries
new_TCLTLS_SSL_LIBS_normal=''
new_TCLTLS_SSL_LIBS_static=''
for arg in $TCLTLS_SSL_LIBS; do
case "${arg}" in
-L*)
new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
;;
-ldl|-lrt|-lc|-lpthread|-lm|-lcrypt|-lidn|-lresolv|-lgcc|-lgcc_s)
new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
;;
-l*)
new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
;;
*)
new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
;;
esac
done
SHOBJ_DO_STATIC_LINK_LIB([OpenSSL], [$new_TCLTLS_SSL_LIBS_static], [new_TCLTLS_SSL_LIBS_static])
TCLTLS_SSL_LIBS="${new_TCLTLS_SSL_LIBS_normal} ${new_TCLTLS_SSL_LIBS_static}"
fi
fi
dnl Save compile-altering variables we are changing
SAVE_LIBS="${LIBS}"
SAVE_CFLAGS="${CFLAGS}"
SAVE_CPPFLAGS="${CPPFLAGS}"
dnl Update compile-altering variables to include the OpenSSL libraries
LIBS="${TCLTLS_SSL_LIBS} ${SAVE_LIBS} ${TCLTLS_SSL_LIBS}"
CFLAGS="${TCLTLS_SSL_CFLAGS} ${SAVE_CFLAGS} ${TCLTLS_SSL_CFLAGS}"
CPPFLAGS="${TCLTLS_SSL_CPPFLAGS} ${SAVE_CPPFLAGS} ${TCLTLS_SSL_CPPFLAGS}"
dnl Verify that basic functionality is there
AC_LANG_PUSH(C)
AC_MSG_CHECKING([if a basic OpenSSL program works])
AC_DEFUN([AX_CHECK_COMPILE_FLAG],
[AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF
AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl
AC_LINK_IFELSE([AC_LANG_PROGRAM([
#include <openssl/ssl.h>
#include <openssl/opensslv.h>
#include <openssl/conf.h>
], [
SSL_library_init();
SSL_load_error_strings();
])], [
AC_MSG_RESULT([yes])
], [
AC_MSG_RESULT([no])
AC_MSG_ERROR([Unable to compile a basic program using OpenSSL])
AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [
])
AC_LANG_POP([C])
AC_CHECK_FUNCS([TLS_method])
ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS
_AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1"
AC_COMPILE_IFELSE([m4_default([$5],[AC_LANG_PROGRAM()])],
TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_ssl2], [SSLv2_method], [sslv2], [NO_SSL2])
TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_ssl3], [SSLv3_method], [sslv3], [NO_SSL3])
TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_0], [TLSv1_method], [tlsv1.0], [NO_TLS1])
TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_1], [TLSv1_1_method], [tlsv1.1], [NO_TLS1_1])
TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_2], [TLSv1_2_method], [tlsv1.2], [NO_TLS1_2])
TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_3], [], [tlsv1.3], [NO_TLS1_3], [SSL_OP_NO_TLSv1_3])
AC_CACHE_VAL([tcltls_cv_func_tlsext_hostname], [
AC_LANG_PUSH(C)
[AS_VAR_SET(CACHEVAR,[yes])],
[AS_VAR_SET(CACHEVAR,[no])])
_AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags])
AC_MSG_CHECKING([for SSL_set_tlsext_host_name])
AC_LINK_IFELSE([AC_LANG_PROGRAM([
#include <openssl/ssl.h>
#include <openssl/conf.h>
], [
(void)SSL_set_tlsext_host_name((void *) 0, (void *) 0);
])], [
AC_MSG_RESULT([yes])
AS_VAR_IF(CACHEVAR,yes,
tcltls_cv_func_tlsext_hostname='yes'
], [
AC_MSG_RESULT([no])
[m4_default([$2], :)],
[m4_default([$3], :)])
tcltls_cv_func_tlsext_hostname='no'
])
AS_VAR_POPDEF([CACHEVAR])dnl
AC_LANG_POP([C])
])
])dnl AX_CHECK_COMPILE_FLAGS
if test "$tcltls_cv_func_tlsext_hostname" = 'no'; then
AC_DEFINE([OPENSSL_NO_TLSEXT], [1], [Define this if your OpenSSL does not support the TLS Extension for SNI])
fi
dnl Restore compile-altering variables
LIBS="${SAVE_LIBS}"
CFLAGS="${SAVE_CFLAGS}"
CPPFLAGS="${SAVE_CPPFLAGS}"
])
m4_include([acinclude.m4])
|