1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
-
-
-
-
-
+
-
-
-
-
-
-
-
-
+
+
-
-
-
+
+
-
-
-
-
-
+
+
+
+
-
+
+
-
+
+
+
-
-
-
-
+
-
+
+
-
-
-
+
+
+
+
+
-
-
-
+
+
+
-
-
-
-
-
+
-
-
+
-
-
+
-
-
-
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
+
+
+
-
-
-
-
+
+
+
+
+
-
-
-
+
+
+
+
+
+
-
+
+
+
+
+
+
+
-
-
-
-
+
+
+
+
-
+
-
-
-
-
+
-
-
+
-
+
-
-
-
-
-
+
-
-
-
+
-
-
+
-
-
+
-
+
+
+
+
+
-
-
+
+
-
-
-
+
-
-
+
-
-
+
-
-
-
-
-
-
-
+
-
-
-
-
-
-
+
+
+
-
-
+
+
+
-
-
-
-
+
+
+
+
-
+
+
+
-
-
+
-
-
+
-
-
+
-
-
+
-
-
+
-
-
-
-
+
-
-
-
-
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
+
-
-
-
-
-
-
-
+
-
-
+
-
-
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
+
+
-
-
-
+
+
+
-
-
-
+
+
+
+
-
-
-
-
-
-
-
-
-
+
+
-
-
+
-
-
-
+
+
+
+
+
+
+
-
+
|
#!/bin/bash -norc
dnl This file is an input file used by the GNU "autoconf" program to
dnl generate the file "configure", which is run during Tcl installation
dnl to configure the system for the local environment.
dnl
dnl Define ourselves
dnl This file contains code to generate "tls" using either the
dnl OpenSSL libraries or libraries from the commercial BSAFE SSL-C
dnl product from RSA Security. In the United States, it is necessary
dnl to use the RSA BSAFE libraries for any product developed for
dnl commercial use. Licensing information for BSAFE SSL-C may be
dnl obtained from RSA Data Scurity Inc., San Mateo, California, USA.
dnl Their home page on the web is "www.rsasecurity.com".
#
AC_INIT(tcltls, 1.7.0)
# RCS: @(#) $Id: configure.in,v 1.31 2015/07/07 17:16:02 andreas_kupries Exp $
dnl Checks for programs.
AC_PROG_CC
#--------------------------------------------------------------------
# macro used to verify that the configure script can find the sources
#--------------------------------------------------------------------
AC_INIT([tls], [1.6.7])
AC_PROG_MAKE_SET
AC_PROG_INSTALL
AC_GNU_SOURCE
dnl Determine system information
TEA_INIT([3.8])
DC_CHK_OS_INFO
dnl Look for appropriate headers
AC_CONFIG_AUX_DIR(tclconfig)
AC_CHECK_HEADERS(unistd.h stdlib.h string.h strings.h)
dnl Perform Tcl Extension required stuff
TCLEXT_INIT
#--------------------------------------------------------------------
# Load the tclConfig.sh file
#--------------------------------------------------------------------
TEA_PATH_TCLCONFIG
if test "$TCLEXT_BUILD" != 'static'; then
TEA_LOAD_TCLCONFIG
dnl Determine how to make shared objects
DC_GET_SHOBJFLAGS
#-----------------------------------------------------------------------
# Handle the --prefix=... option by defaulting to what Tcl gave.
# Must be called after TEA_LOAD_TCLCONFIG and before TEA_SETUP_COMPILER.
EXTENSION_TARGET="tcltls.${SHOBJEXT}"
else
AC_CHECK_TOOL([AR], [ar], [false])
AC_CHECK_TOOL([RANLIB], [ranlib], [:])
EXTENSION_TARGET="tcltls.a"
#-----------------------------------------------------------------------
TEA_PREFIX
fi
AC_SUBST(EXTENSION_TARGET)
AC_SUBST(TCLEXT_BUILD)
#-----------------------------------------------------------------------
# Standard compiler checks.
# This sets up CC by using the CC env var, or looks for gcc otherwise.
# This also calls AC_PROG_CC, AC_PROG_INSTALL and a few others to create
# the basic setup necessary to compile executables.
dnl Determine what SSL library to link with
#-----------------------------------------------------------------------
AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=<name>], [name of ssl library to build against (openssl, libressl, nss, auto)]), [
TEA_SETUP_COMPILER
if test "$withval" = "no"; then
#-----------------------------------------------------------------------
# __CHANGE__
# Specify the C source files to compile in TEA_ADD_SOURCES,
AC_MSG_ERROR([You may not specify --without-ssl])
fi
# public headers that need to be installed in TEA_ADD_HEADERS,
# stub library C source files to compile in TEA_ADD_STUB_SOURCES,
# and runtime Tcl library files in TEA_ADD_TCL_SOURCES.
# This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS
# and PKG_TCL_SOURCES.
#-----------------------------------------------------------------------
TEA_ADD_SOURCES([])
TEA_ADD_HEADERS([])
TEA_ADD_INCLUDES([])
TEA_ADD_LIBS([])
TEA_ADD_CFLAGS([])
TEA_ADD_STUB_SOURCES([])
TEA_ADD_TCL_SOURCES([])
if test "$withval" = "yes"; then
#--------------------------------------------------------------------
# A few miscellaneous platform-specific items:
#
AC_MSG_ERROR([If you specify --with-ssl then you must provide a value])
fi
# Define a special symbol for Windows (BUILD_sample in this case) so
# that we create the export library with the dll. See sha1.h on how
# to use this.
#
tcltls_ssl_lib="$withval"
], [
tcltls_ssl_lib='auto'
])
# Windows creates a few extra files that need to be cleaned up.
# You can add more files to clean if your extension creates any extra
# files.
dnl Enable support for building the same library every time
tcltls_deterministic='false'
AC_ARG_ENABLE([deterministic], AS_HELP_STRING([--enable-deterministic], [enable deterministic parameters]), [
if test "$enableval" = "yes"; then
tcltls_deterministic='true'
fi
#
])
if test "$tcltls_deterministic" = 'true'; then
GEN_DH_PARAMS_ARGS='fallback'
else
GEN_DH_PARAMS_ARGS=''
fi
AC_SUBST(GEN_DH_PARAMS_ARGS)
# Define any extra compiler flags in the PACKAGE_CFLAGS variable.
# These will be appended to the current set of compiler flags for
# your system.
#--------------------------------------------------------------------
dnl Allow the user to manually disable protocols
dnl ## SSLv2: Disabled by default
tcltls_ssl_ssl2='false'
AC_ARG_ENABLE([sslv2], AS_HELP_STRING([--enable-sslv2], [enable SSLv2 protocol]), [
if test "${TEA_PLATFORM}" = "windows" ; then
if test "$enableval" = "yes"; then
AC_DEFINE(BUILD_tls)
AC_DEFINE(WINDOWS)
CLEANFILES="pkgIndex.tcl *.lib *.dll *.exp *.ilk *.pdb vc*.pch"
else
tcltls_ssl_ssl2='force'
CLEANFILES="pkgIndex.tcl"
fi
fi
AC_SUBST(CLEANFILES)
])
#--------------------------------------------------------------------
# Choose which headers you need. Extension authors should try very
# hard to only rely on the Tcl public header files. Internal headers
# contain private data structures and are subject to change without
# notice.
dnl ## SSLv3: Disabled by default
# This MUST be called after TEA_LOAD_TCLCONFIG / TEA_LOAD_TKCONFIG
#--------------------------------------------------------------------
tcltls_ssl_ssl3='false'
TEA_PUBLIC_TCL_HEADERS
AC_ARG_ENABLE([sslv3], AS_HELP_STRING([--enable-sslv3], [enable SSLv3 protocol]), [
#--------------------------------------------------------------------
# Check whether --enable-threads or --disable-threads was given.
if test "$enableval" = "yes"; then
#--------------------------------------------------------------------
tcltls_ssl_ssl3='force'
fi
])
dnl ## TLSv1.0: Enabled by default
tcltls_ssl_tls1_0='true'
TEA_ENABLE_THREADS
AC_ARG_ENABLE([tlsv1.0], AS_HELP_STRING([--disable-tlsv1.0], [disable TLSv1.0 protocol]), [
if test "$enableval" = "no"; then
#--------------------------------------------------------------------
# The statement below defines a collection of symbols related to
# building as a shared library instead of a static library.
tcltls_ssl_tls1_0='false'
#--------------------------------------------------------------------
fi
TEA_ENABLE_SHARED
])
#--------------------------------------------------------------------
# This macro figures out what flags to use with the compiler/linker
# when building shared/static debug/optimized objects. This information
# can be taken from the tclConfig.sh file, but this figures it all out.
#--------------------------------------------------------------------
TEA_CONFIG_CFLAGS
dnl ## TLSv1.1: Enabled by default
#--------------------------------------------------------------------
# Set the default compiler switches based on the --enable-symbols option.
#--------------------------------------------------------------------
TEA_ENABLE_SYMBOLS
tcltls_ssl_tls1_1='true'
AC_ARG_ENABLE([tlsv1.1], AS_HELP_STRING([--disable-tlsv1.1], [disable TLSv1.1 protocol]), [
if test "$enableval" = "no"; then
#--------------------------------------------------------------------
# Everyone should be linking against the Tcl stub library. If you
tcltls_ssl_tls1_1='false'
fi
])
# can't for some reason, remove this definition. If you aren't using
# stubs, you also need to modify the SHLIB_LD_LIBS setting below to
# link against the non-stubbed Tcl library. Add Tk too if necessary.
#--------------------------------------------------------------------
dnl ## TLSv1.1: Enabled by default
tcltls_ssl_tls1_2='true'
AC_ARG_ENABLE([tlsv1.2], AS_HELP_STRING([--disable-tlsv1.2], [disable TLSv1.2 protocol]), [
if test "$enableval" = "no"; then
AC_DEFINE(USE_TCL_STUBS)
tcltls_ssl_tls1_2='false'
fi
])
#--------------------------------------------------------------------
# If the variable OPENSSL is set, we will build with the OpenSSL
dnl Enable support for a debugging build
# libraries. If it is not set, then we will use RSA BSAFE SSL-C
# libraries instead of the default OpenSSL libaries.
tcltls_debug='false'
#--------------------------------------------------------------------
AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging parameters]), [
OPENSSL="1"
if test "$enableval" = "yes"; then
TLS_CHECK_SSL
tcltls_debug='true'
#--------------------------------------------------------------------
# Determine if we should use the patented encryption code
#--------------------------------------------------------------------
fi
AC_ARG_ENABLE(patents, [ --enable-patents Use patented code. Default is enabled], PATENTS=${enableval}, PATENTS=yes)
if test ${PATENTS} = no; then
AC_DEFINE([NO_PATENTS])
])
if test "$tcltls_debug" = 'true'; then
AC_DEFINE(TCLEXT_TCLTLS_DEBUG, [1], [Enable debugging build])
fi
dnl Find "xxd" so we can build the tls.tcl.h file
AC_CHECK_PROG([XXD], [xxd], [xxd], [__xxd__not__found])
dnl Find "pkg-config" since we need to use it
AC_CHECK_TOOL([PKGCONFIG], [pkg-config], [false])
#--------------------------------------------------------------------
# This macro generates a line to use when building a library. It
# depends on values set by the TEA_ENABLE_SHARED, TEA_ENABLE_SYMBOLS,
# and TEA_LOAD_TCLCONFIG macros above.
#--------------------------------------------------------------------
TEA_MAKE_LIB
dnl XXX:TODO: Automatically determine the SSL library to use
#--------------------------------------------------------------------
# Shared libraries and static libraries have different names.
# Also, windows libraries and unix libraries have different names.
# For the OpenSSL version, I chose to use the same library names that
# OpenSSL uses as its default names.
#--------------------------------------------------------------------
dnl defaulting to OpenSSL for compatibility reasons
if test "${TEA_PLATFORM}" = "windows" ; then
if test "$GCC" = "yes"; then
if test "$tcltls_ssl_lib" = 'auto'; then
TEA_ADD_LIBS([-L${SSL_LIB_DIR_NATIVE}])
else
tcltls_ssl_lib='openssl'
TEA_ADD_LIBS([-libpath:${SSL_LIB_DIR_NATIVE}])
fi
if test -n "${OPENSSL}"; then
TEA_ADD_LIBS([ssleay32.lib libeay32.lib])
else
TEA_ADD_LIBS([sslc32.lib])
fi
else
# Subst runtime dir here, use -R and -L where necessary. [Bug 1742859]
fi
AC_MSG_CHECKING([which TLS library to use])
AC_MSG_RESULT([$tcltls_ssl_lib])
dnl Manually rewrite libressl to OpenSSL since we use the
dnl compatibility interface
if test "$tcltls_ssl_lib" = "libressl"; then
tcltls_ssl_lib='openssl'
fi
AS_CASE([$tcltls_ssl_lib],
LIB_RUNTIME_DIR=${SSL_LIB_DIR}
eval "LD_SEARCH_FLAGS=\"${LD_SEARCH_FLAGS}\""
if test -n "${OPENSSL}"; then
[openssl], [
TCLTLS_SSL_OPENSSL
TEA_ADD_LIBS([${LD_SEARCH_FLAGS} -L${SSL_LIB_DIR} -lssl -lcrypto ${GCCPATH} ${GCCLIB}])
else
TEA_ADD_LIBS([${LD_SEARCH_FLAGS} -L${SSL_LIB_DIR} -lsslc])
],
[nss], [
TCLTLS_SSL_LIBS=""
fi
fi
TCLTLS_SSL_CFLAGS=""
TCLTLS_SSL_CPPFLAGS=""
],
[
#--------------------------------------------------------------------
# Find tclsh so that we can run pkg_mkIndex to generate the pkgIndex.tcl
# file during the install process. Don't run the TCLSH_PROG through
# ${CYGPATH} because it's being used directly by make.
# Require that we use a tclsh shell version 8.2 or later since earlier
# versions have bugs in the pkg_mkIndex routine.
# Add WISH as well if this is a Tk extension.
#--------------------------------------------------------------------
AC_MSG_ERROR([Unsupported SSL library: $tcltls_ssl_lib])
]
TEA_PROG_TCLSH
)
#--------------------------------------------------------------------
# Finally, substitute all of the various values into the Makefile.
#--------------------------------------------------------------------
dnl Determine how to use this SSL library
AC_MSG_CHECKING([how to use $tcltls_ssl_lib])
LIBS="${LIBS} ${TCLTLS_SSL_LIBS}"
CFLAGS="${CFLAGS} ${TCLTLS_SSL_CFLAGS}"
CPPFLAGS="${CPPFLAGS} ${TCLTLS_SSL_CPPFLAGS}"
AC_MSG_RESULT([$TCLTLS_SSL_CPPFLAGS $TCLTLS_SSL_CFLAGS $TCLTLS_SSL_LIBS])
dnl Produce output
AC_OUTPUT([Makefile])
AC_OUTPUT(Makefile pkgIndex.tcl)
|