Check-in [37d16cba38]
Bounty program for improvements to Tcl and certain Tcl packages.
Overview
Comment:Started work on mbedTLS backend
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | backend-mbedtls
Files: files | file ages | folders
SHA3-256: 37d16cba38e65e598e519912be001b2add22231dafb1b46dd057a6d6ec9ee644
User & Date: rkeene on 2019-11-12 17:49:02
Other Links: branch diff | manifest | tags
Context
2019-11-12
17:49
Started work on mbedTLS backend Leaf check-in: 37d16cba38 user: rkeene tags: backend-mbedtls
17:46
Makefile cleanup check-in: b9af6e4772 user: rkeene tags: trunk
Changes

Added aclocal/tcltls_mbedtls.m4 version [04069331bc].


















































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
AC_DEFUN([TCLTLS_SSL_MBEDTLS], [
	mbedtlsdir=''
	AC_ARG_WITH([mbedtls-dir],
		AS_HELP_STRING(
			[--with-mbedtls-dir=<dir>],
			[path to root directory of MbedTLS installation]
		), [
			mbedtlsdir="$withval"
		]
	)

	if test -n "$mbedtlsdir"; then
		if test -e "$mbedtlsdir/libmbedtls.a" -o -e "$mbedtlsdir/libmbedtls.${AREXT}"; then
			TCLTLS_SSL_LIBS="-L$mbedtlsdir -lmbedtls -lmbedcrypto"
			mbedtlsdir="`AS_DIRNAME(["$mbedtlsdir"])`"
		else
			TCLTLS_SSL_LIBS="-L$mbedtlsdir/library -lmbedtls -lmbedcrypto"
		fi
		TCLTLS_SSL_CFLAGS="-I$mbedtlsdir/include -I${mbedtlsdir}/include/mbedtls"
		TCLTLS_SSL_CPPFLAGS="-I$mbedtlsdir/include -I${mbedtlsdir}/include/mbedtls"
	fi

	AC_ARG_VAR([TCLTLS_SSL_LIBS], [libraries to pass to the linker for MbedTLS])
	AC_ARG_VAR([TCLTLS_SSL_CFLAGS], [C compiler flags for MbedTLS])
	AC_ARG_VAR([TCLTLS_SSL_CPPFLAGS], [C preprocessor flags for MbedTLS])

	if test "$TCLEXT_BUILD" = "static"; then
		dnl If we are doing a static build, save the linker flags for other programs to consume
		rm -f tcltls.${AREXT}.linkadd
		AS_ECHO(["$TCLTLS_SSL_LIBS"]) > tcltls.${AREXT}.linkadd
	fi

	dnl If we have been asked to statically link to the SSL library, specifically tell the linker to do so
	if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then
		dnl Don't bother doing this if we aren't actually doing the runtime linking
		if test "$TCLEXT_BUILD" != "static"; then
			dnl Split the libraries into SSL and non-SSL libraries
			new_TCLTLS_SSL_LIBS_normal=''
			new_TCLTLS_SSL_LIBS_static=''
			for arg in $TCLTLS_SSL_LIBS; do
				case "${arg}" in
					-L*)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
						;;
					-ldl|-lrt|-lc|-lpthread|-lm|-lcrypt|-lidn|-lresolv|-lgcc|-lgcc_s)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						;;
					-l*)
						new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
						;;
					*)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						;;
				esac
			done
			SHOBJ_DO_STATIC_LINK_LIB([MbedTLS], [$new_TCLTLS_SSL_LIBS_static], [new_TCLTLS_SSL_LIBS_static])
			TCLTLS_SSL_LIBS="${new_TCLTLS_SSL_LIBS_normal} ${new_TCLTLS_SSL_LIBS_static}"
		fi
	fi

	dnl Save compile-altering variables we are changing
	SAVE_LIBS="${LIBS}"
	SAVE_CFLAGS="${CFLAGS}"
	SAVE_CPPFLAGS="${CPPFLAGS}"

	dnl Update compile-altering variables to include the MbedTLS libraries
	LIBS="${TCLTLS_SSL_LIBS} ${SAVE_LIBS} ${TCLTLS_SSL_LIBS}"
	CFLAGS="${TCLTLS_SSL_CFLAGS} ${SAVE_CFLAGS} ${TCLTLS_SSL_CFLAGS}"
	CPPFLAGS="${TCLTLS_SSL_CPPFLAGS} ${SAVE_CPPFLAGS} ${TCLTLS_SSL_CPPFLAGS}"

	dnl Verify that basic functionality is there
	AC_LANG_PUSH(C)
	AC_MSG_CHECKING([if a basic MbedTLS program works])
	AC_LINK_IFELSE([AC_LANG_PROGRAM([
#define MBEDTLS_CONFIG_FILE <mbedtls/config.h>
#include MBEDTLS_CONFIG_FILE
		], [
    mbedtls_ssl_context *ctx;
    mbedtls_ssl_init(ctx);
    mbedtls_ssl_setup(ctx, (void *) 0);
    mbedtls_ssl_free(ctx);
		])], [
		AC_MSG_RESULT([yes])
	], [
		AC_MSG_RESULT([no])
		AC_MSG_ERROR([Unable to compile a basic program using MbedTLS])
	])
	AC_LANG_POP([C])

dnl
dnl	AC_CHECK_FUNCS([TLS_method])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_ssl2], [SSLv2_method], [sslv2], [NO_SSL2])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_ssl3], [SSLv3_method], [sslv3], [NO_SSL3])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_0], [TLSv1_method], [tlsv1.0], [NO_TLS1])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_1], [TLSv1_1_method], [tlsv1.1], [NO_TLS1_1])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_2], [TLSv1_2_method], [tlsv1.2], [NO_TLS1_2])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_3], [], [tlsv1.3], [NO_TLS1_3], [SSL_OP_NO_TLSv1_3])
dnl

	dnl Restore compile-altering variables
	LIBS="${SAVE_LIBS}"
	CFLAGS="${SAVE_CFLAGS}"
	CPPFLAGS="${SAVE_CPPFLAGS}"
])

Modified autogen.sh from [825e8c0a23] to [85a2a104f6].

14
15
16
17
18
19
20

21
22
23
24
25
26
27
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/shobj.m4
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/versionscript.m4
	'http://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=blob_plain;f=m4/ax_check_compile_flag.m4'
)

localFiles=(
	aclocal/tcltls_openssl.m4

)

failed='0'
for command in "${commands[@]}"; do
	if [ ! -f "$(which "${command}" 2>/dev/null)" ]; then
		echo "error: Unable to locate ${command}" >&2
		failed='1'






>







14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/shobj.m4
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/versionscript.m4
	'http://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=blob_plain;f=m4/ax_check_compile_flag.m4'
)

localFiles=(
	aclocal/tcltls_openssl.m4
	aclocal/tcltls_mbedtls.m4
)

failed='0'
for command in "${commands[@]}"; do
	if [ ! -f "$(which "${command}" 2>/dev/null)" ]; then
		echo "error: Unable to locate ${command}" >&2
		failed='1'

Modified configure.ac from [6234df6904] to [c705e1d652].

26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
...
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
	AC_CHECK_TOOL([RANLIB], [ranlib], [:])
	EXTENSION_TARGET="tcltls.${AREXT}"
fi
AC_SUBST(EXTENSION_TARGET)
AC_SUBST(TCLEXT_BUILD)

dnl Determine what SSL library to link with
AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=<name>], [name of ssl library to build against (openssl, libressl, nss, auto)]), [
	if test "$withval" = "no"; then
		AC_MSG_ERROR([You may not specify --without-ssl])
	fi

	if test "$withval" = "yes"; then
		AC_MSG_ERROR([If you specify --with-ssl then you must provide a value])
	fi
................................................................................
	tcltls_ssl_lib='openssl'
fi

AS_CASE([$tcltls_ssl_lib],
	[openssl], [
		TCLTLS_SSL_OPENSSL
	],
	[nss], [
	 	TCLTLS_SSL_LIBS=""
		TCLTLS_SSL_CFLAGS=""
		TCLTLS_SSL_CPPFLAGS=""
	],
	[
		AC_MSG_ERROR([Unsupported SSL library: $tcltls_ssl_lib])
	]
)
dnl Determine how to use this SSL library
AC_MSG_CHECKING([how to use $tcltls_ssl_lib])






|







 







|
|
<
<







26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
...
216
217
218
219
220
221
222
223
224


225
226
227
228
229
230
231
	AC_CHECK_TOOL([RANLIB], [ranlib], [:])
	EXTENSION_TARGET="tcltls.${AREXT}"
fi
AC_SUBST(EXTENSION_TARGET)
AC_SUBST(TCLEXT_BUILD)

dnl Determine what SSL library to link with
AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=<name>], [name of ssl library to build against (openssl, libressl, mbedtls, auto)]), [
	if test "$withval" = "no"; then
		AC_MSG_ERROR([You may not specify --without-ssl])
	fi

	if test "$withval" = "yes"; then
		AC_MSG_ERROR([If you specify --with-ssl then you must provide a value])
	fi
................................................................................
	tcltls_ssl_lib='openssl'
fi

AS_CASE([$tcltls_ssl_lib],
	[openssl], [
		TCLTLS_SSL_OPENSSL
	],
	[mbedtls], [
		TCLTLS_SSL_MBEDTLS


	],
	[
		AC_MSG_ERROR([Unsupported SSL library: $tcltls_ssl_lib])
	]
)
dnl Determine how to use this SSL library
AC_MSG_CHECKING([how to use $tcltls_ssl_lib])