| ︙ | | | ︙ | |
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
|
--disable-tls1 disable TLS1 protocol
--disable-tls1_1 disable TLS1.1 protocol
--disable-tls1_2 disable TLS1.2 protocol
--disable-tls1_3 disable TLS1.3 protocol
--enable-deterministic enable deterministic DH parameters
--enable-ssl-fastpath enable using the underlying file descriptor for
talking directly to the SSL library
--disable-hardening disable hardening attempts
--enable-static-ssl enable statically linking to the specified SSL
library
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
--with-tcl directory containing tcl configuration
(tclConfig.sh)
--with-tcl8 Compile for Tcl8 in Tcl9 environment
--with-tclinclude directory containing the public Tcl header files
--with-openssl-dir=<dir>
path to root directory of OpenSSL or LibreSSL
installation
--with-openssl-pkgconfig=<dir>
path to root directory of OpenSSL or LibreSSL
pkgconfigdir
--with-builtin-dh-params-size=<bits>
specify the size of the built-in, precomputed, DH
params
Some influential environment variables:
CC C compiler command
CFLAGS C compiler flags
LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
nonstandard directory <lib dir>
LIBS libraries to pass to the linker, e.g. -l<library>
|
|
|
<
|
|
|
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
|
--disable-tls1 disable TLS1 protocol
--disable-tls1_1 disable TLS1.1 protocol
--disable-tls1_2 disable TLS1.2 protocol
--disable-tls1_3 disable TLS1.3 protocol
--enable-deterministic enable deterministic DH parameters
--enable-ssl-fastpath enable using the underlying file descriptor for
talking directly to the SSL library
--disable-hardening enable hardening attempts
--enable-static-ssl enable static linking to the SSL library
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
--with-tcl directory containing tcl configuration
(tclConfig.sh)
--with-tcl8 Compile for Tcl8 in Tcl9 environment
--with-tclinclude directory containing the public Tcl header files
--with-openssl-dir=<dir>
path to root directory of OpenSSL or LibreSSL
installation
--with-openssl-pkgconfig=<dir>
path to root directory of OpenSSL or LibreSSL
pkgconfigdir
--with-builtin-dh-params-size=<bits>
specify the size in bits of the built-in,
precomputed, DH params
Some influential environment variables:
CC C compiler command
CFLAGS C compiler flags
LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
nonstandard directory <lib dir>
LIBS libraries to pass to the linker, e.g. -l<library>
|
| ︙ | | | ︙ | |
8911
8912
8913
8914
8915
8916
8917
8918
8919
8920
8921
8922
8923
8924
8925
8926
8927
|
#--------------------------------------------------------------------
# This marco includes the TCL TLS specific functions to set the
# OpenSSL or LibreSSL config.
#--------------------------------------------------------------------
openssldir=''
opensslpkgconfigdir=''
# Check whether --with-openssl-dir was given.
if test ${with_openssl_dir+y}
then :
withval=$with_openssl_dir;
openssldir="$withval"
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
8910
8911
8912
8913
8914
8915
8916
8917
8918
8919
8920
8921
8922
8923
8924
8925
8926
8927
8928
8929
8930
8931
8932
8933
8934
8935
8936
8937
8938
8939
8940
8941
8942
8943
8944
8945
8946
8947
8948
8949
8950
8951
8952
8953
8954
8955
8956
8957
8958
8959
8960
8961
8962
8963
8964
8965
8966
8967
8968
8969
8970
8971
8972
8973
8974
8975
8976
8977
8978
8979
8980
8981
8982
8983
8984
8985
8986
8987
8988
8989
8990
8991
8992
8993
8994
8995
8996
8997
8998
8999
9000
9001
9002
9003
9004
9005
9006
9007
9008
9009
9010
9011
9012
9013
9014
9015
9016
9017
9018
9019
9020
9021
9022
9023
9024
9025
9026
9027
9028
9029
|
#--------------------------------------------------------------------
# This marco includes the TCL TLS specific functions to set the
# OpenSSL or LibreSSL config.
#--------------------------------------------------------------------
if test -n "$ac_tool_prefix"; then
# Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
printf %s "checking for $ac_word... " >&6; }
if test ${ac_cv_prog_PKGCONFIG+y}
then :
printf %s "(cached) " >&6
else $as_nop
if test -n "$PKGCONFIG"; then
ac_cv_prog_PKGCONFIG="$PKGCONFIG" # Let the user override the test.
else
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
case $as_dir in #(((
'') as_dir=./ ;;
*/) ;;
*) as_dir=$as_dir/ ;;
esac
for ac_exec_ext in '' $ac_executable_extensions; do
if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
ac_cv_prog_PKGCONFIG="${ac_tool_prefix}pkg-config"
printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
fi
fi
PKGCONFIG=$ac_cv_prog_PKGCONFIG
if test -n "$PKGCONFIG"; then
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG" >&5
printf "%s\n" "$PKGCONFIG" >&6; }
else
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
printf "%s\n" "no" >&6; }
fi
fi
if test -z "$ac_cv_prog_PKGCONFIG"; then
ac_ct_PKGCONFIG=$PKGCONFIG
# Extract the first word of "pkg-config", so it can be a program name with args.
set dummy pkg-config; ac_word=$2
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
printf %s "checking for $ac_word... " >&6; }
if test ${ac_cv_prog_ac_ct_PKGCONFIG+y}
then :
printf %s "(cached) " >&6
else $as_nop
if test -n "$ac_ct_PKGCONFIG"; then
ac_cv_prog_ac_ct_PKGCONFIG="$ac_ct_PKGCONFIG" # Let the user override the test.
else
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
case $as_dir in #(((
'') as_dir=./ ;;
*/) ;;
*) as_dir=$as_dir/ ;;
esac
for ac_exec_ext in '' $ac_executable_extensions; do
if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then
ac_cv_prog_ac_ct_PKGCONFIG="pkg-config"
printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
fi
fi
ac_ct_PKGCONFIG=$ac_cv_prog_ac_ct_PKGCONFIG
if test -n "$ac_ct_PKGCONFIG"; then
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_PKGCONFIG" >&5
printf "%s\n" "$ac_ct_PKGCONFIG" >&6; }
else
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
printf "%s\n" "no" >&6; }
fi
if test "x$ac_ct_PKGCONFIG" = x; then
PKGCONFIG="false"
else
case $cross_compiling:$ac_tool_warned in
yes:)
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
ac_tool_warned=yes ;;
esac
PKGCONFIG=$ac_ct_PKGCONFIG
fi
else
PKGCONFIG="$ac_cv_prog_PKGCONFIG"
fi
openssldir=''
opensslpkgconfigdir=''
# Check whether --with-openssl-dir was given.
if test ${with_openssl_dir+y}
then :
withval=$with_openssl_dir;
openssldir="$withval"
|
| ︙ | | | ︙ | |
9015
9016
9017
9018
9019
9020
9021
9022
9023
9024
9025
9026
9027
9028
9029
9030
9031
9032
9033
9034
9035
9036
9037
9038
9039
9040
9041
9042
9043
9044
9045
9046
9047
9048
9049
9050
9051
9052
9053
9054
9055
9056
9057
9058
9059
9060
9061
9062
9063
9064
9065
9066
9067
9068
9069
9070
9071
9072
9073
9074
9075
9076
9077
9078
9079
9080
9081
9082
9083
9084
9085
|
if test ${enable_tls1+y}
then :
enableval=$enable_tls1;
if test "${enableval}" = "no"; then
printf "%s\n" "#define NO_TLS1 1" >>confdefs.h
fi
fi
# Check whether --enable-tls1_1 was given.
if test ${enable_tls1_1+y}
then :
enableval=$enable_tls1_1;
if test "${enableval}" = "no"; then
printf "%s\n" "#define NO_TLS1_1 1" >>confdefs.h
fi
fi
# Check whether --enable-tls1_2 was given.
if test ${enable_tls1_2+y}
then :
enableval=$enable_tls1_2;
if test "${enableval}" = "no"; then
printf "%s\n" "#define NO_TLS1_2 1" >>confdefs.h
fi
fi
# Check whether --enable-tls1_3 was given.
if test ${enable_tls1_3+y}
then :
enableval=$enable_tls1_3;
if test "${enableval}" = "no"; then
printf "%s\n" "#define NO_TLS1_3 1" >>confdefs.h
fi
fi
tcltls_deterministic='false'
# Check whether --enable-deterministic was given.
if test "$enableval" = "yes"; then
tcltls_deterministic='true'
fi
if test "$tcltls_deterministic" = 'true'; then
GEN_DH_PARAMS_ARGS='fallback'
else
GEN_DH_PARAMS_ARGS=''
fi
# Check whether --with-builtin-dh-params-size was given.
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
<
<
|
|
>
>
>
|
<
|
|
9117
9118
9119
9120
9121
9122
9123
9124
9125
9126
9127
9128
9129
9130
9131
9132
9133
9134
9135
9136
9137
9138
9139
9140
9141
9142
9143
9144
9145
9146
9147
9148
9149
9150
9151
9152
9153
9154
9155
9156
9157
9158
9159
9160
9161
9162
9163
9164
9165
9166
9167
9168
9169
9170
9171
9172
9173
9174
9175
9176
9177
9178
9179
9180
9181
9182
9183
9184
9185
9186
9187
9188
9189
9190
9191
9192
9193
9194
9195
9196
9197
9198
9199
9200
9201
9202
9203
|
if test ${enable_tls1+y}
then :
enableval=$enable_tls1;
if test "${enableval}" = "no"; then
printf "%s\n" "#define NO_TLS1 1" >>confdefs.h
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for disable TLS1 protocol" >&5
printf %s "checking for disable TLS1 protocol... " >&6; }
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: 'yes'" >&5
printf "%s\n" "'yes'" >&6; }
fi
fi
# Check whether --enable-tls1_1 was given.
if test ${enable_tls1_1+y}
then :
enableval=$enable_tls1_1;
if test "${enableval}" = "no"; then
printf "%s\n" "#define NO_TLS1_1 1" >>confdefs.h
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for disable TLS1.1 protocol" >&5
printf %s "checking for disable TLS1.1 protocol... " >&6; }
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: 'yes'" >&5
printf "%s\n" "'yes'" >&6; }
fi
fi
# Check whether --enable-tls1_2 was given.
if test ${enable_tls1_2+y}
then :
enableval=$enable_tls1_2;
if test "${enableval}" = "no"; then
printf "%s\n" "#define NO_TLS1_2 1" >>confdefs.h
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for disable TLS1.2 protocol" >&5
printf %s "checking for disable TLS1.2 protocol... " >&6; }
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: 'yes'" >&5
printf "%s\n" "'yes'" >&6; }
fi
fi
# Check whether --enable-tls1_3 was given.
if test ${enable_tls1_3+y}
then :
enableval=$enable_tls1_3;
if test "${enableval}" = "no"; then
printf "%s\n" "#define NO_TLS1_3 1" >>confdefs.h
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for disable TLS1.3 protocol" >&5
printf %s "checking for disable TLS1.3 protocol... " >&6; }
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: 'yes'" >&5
printf "%s\n" "'yes'" >&6; }
fi
fi
# Check whether --enable-deterministic was given.
if test ${enable_deterministic+y}
then :
enableval=$enable_deterministic;
tcltls_deterministic="$enableval"
else $as_nop
tcltls_deterministic='no'
fi
if test "$tcltls_deterministic" = 'yes'; then
GEN_DH_PARAMS_ARGS='fallback'
else
GEN_DH_PARAMS_ARGS=''
fi
# Check whether --with-builtin-dh-params-size was given.
|
| ︙ | | | ︙ | |
9093
9094
9095
9096
9097
9098
9099
9100
9101
9102
9103
9104
9105
9106
9107
9108
9109
9110
9111
9112
9113
9114
9115
9116
9117
9118
9119
9120
9121
9122
9123
9124
9125
9126
9127
9128
9129
9130
9131
9132
9133
9134
9135
9136
9137
9138
9139
9140
9141
9142
9143
9144
9145
9146
9147
9148
9149
9150
9151
9152
9153
9154
9155
9156
9157
9158
9159
9160
9161
9162
9163
9164
9165
9166
|
as_fn_error $? "Unsupported DH params size: $withval" "$LINENO" 5 ;;
esac
GEN_DH_PARAMS_ARGS="${GEN_DH_PARAMS_ARGS} bits=$withval"
fi
tcltls_ssl_fastpath='no'
# Check whether --enable-ssl-fastpath was given.
if test "$enableval" = 'yes'; then
tcltls_ssl_fastpath='yes'
else
tcltls_ssl_fastpath='no'
fi
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking enable hardening" >&5
printf %s "checking enable hardening... " >&6; }
tcltls_enable_hardening='yes'
# Check whether --enable-hardening was given.
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $tcltls_enable_hardening" >&5
printf "%s\n" "$tcltls_enable_hardening" >&6; }
TCLEXT_TLS_STATIC_SSL='no'
# Check whether --enable-static-ssl was given.
if test "$enableval" = 'yes'; then
TCLEXT_TLS_STATIC_SSL='yes'
fi
|
|
>
>
>
<
|
<
|
>
|
>
|
<
<
<
|
|
>
>
|
|
>
>
>
>
<
<
|
>
>
>
<
|
|
>
>
>
|
<
|
9211
9212
9213
9214
9215
9216
9217
9218
9219
9220
9221
9222
9223
9224
9225
9226
9227
9228
9229
9230
9231
9232
9233
9234
9235
9236
9237
9238
9239
9240
9241
9242
9243
9244
9245
9246
9247
9248
9249
9250
9251
9252
9253
9254
9255
9256
9257
9258
9259
9260
9261
9262
9263
9264
9265
9266
9267
9268
9269
9270
9271
9272
9273
9274
9275
9276
9277
9278
9279
9280
9281
9282
9283
9284
9285
9286
9287
9288
9289
9290
9291
9292
|
as_fn_error $? "Unsupported DH params size: $withval" "$LINENO" 5 ;;
esac
GEN_DH_PARAMS_ARGS="${GEN_DH_PARAMS_ARGS} bits=$withval"
fi
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for DH params" >&5
printf %s "checking for DH params... " >&6; }
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GEN_DH_PARAMS_ARGS" >&5
printf "%s\n" "$GEN_DH_PARAMS_ARGS" >&6; }
# Check whether --enable-ssl-fastpath was given.
if test ${enable_ssl_fastpath+y}
then :
enableval=$enable_ssl_fastpath;
tcltls_ssl_fastpath="$enableval"
else $as_nop
tcltls_ssl_fastpath='no'
fi
if test "$tcltls_ssl_fastpath" = 'yes'; then
printf "%s\n" "#define TCLTLS_SSL_USE_FASTPATH 1" >>confdefs.h
fi
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for fast path" >&5
printf %s "checking for fast path... " >&6; }
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $tcltls_ssl_fastpath" >&5
printf "%s\n" "$tcltls_ssl_fastpath" >&6; }
# Check whether --enable-hardening was given.
if test ${enable_hardening+y}
then :
enableval=$enable_hardening;
tcltls_enable_hardening="$enableval"
else $as_nop
tcltls_enable_hardening='yes'
fi
if test "$tcltls_enable_hardening" = 'yes'; then
if test "$GCC" = 'yes' -o "$CC" = 'clang'; then
PKG_CFLAGS="$PKG_CFLAGS -fstack-protector-all"
PKG_CFLAGS="$PKG_CFLAGS -fno-strict-overflow"
printf "%s\n" "#define _FORTIFY_SOURCE 2" >>confdefs.h
fi
fi
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for enable hardening" >&5
printf %s "checking for enable hardening... " >&6; }
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $tcltls_enable_hardening" >&5
printf "%s\n" "$tcltls_enable_hardening" >&6; }
# Check whether --enable-static-ssl was given.
if test ${enable_static_ssl+y}
then :
enableval=$enable_static_ssl;
TCLEXT_TLS_STATIC_SSL="$enableval"
else $as_nop
TCLEXT_TLS_STATIC_SSL='no'
fi
if test "${SHARED_BUILD}" == 0; then
rm -f tcltls.${AREXT}.linkadd
printf "%s\n" "$TCLTLS_SSL_LIBS" > tcltls.${AREXT}.linkadd
|
| ︙ | | | ︙ | |
9183
9184
9185
9186
9187
9188
9189
9190
9191
9192
9193
9194
9195
9196
9197
|
new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
;;
*)
new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
;;
esac
done
|
<
|
9309
9310
9311
9312
9313
9314
9315
9316
9317
9318
9319
9320
9321
9322
|
new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
;;
*)
new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
;;
esac
done
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for how to statically link to OpenSSL" >&5
printf %s "checking for how to statically link to OpenSSL... " >&6; }
|
| ︙ | | | ︙ | |
9397
9398
9399
9400
9401
9402
9403
9404
9405
9406
9407
9408
9409
9410
9411
|
#--------------------------------------------------------------------
# Setup a *Config.sh.in configuration file.
#--------------------------------------------------------------------
#TEA_EXPORT_CONFIG([tls])
#AC_SUBST(SAMPLE_VAR)
|
<
|
9522
9523
9524
9525
9526
9527
9528
9529
9530
9531
9532
9533
9534
9535
|
#--------------------------------------------------------------------
# Setup a *Config.sh.in configuration file.
#--------------------------------------------------------------------
#TEA_EXPORT_CONFIG([tls])
#AC_SUBST(SAMPLE_VAR)
#--------------------------------------------------------------------
# Specify files to substitute AC variables in. You may alternatively
# have a special pkgIndex.tcl.in or other files which require
# substituting the AC variables in. Include these here.
#--------------------------------------------------------------------
|
| ︙ | | | ︙ | |