Overview
| Comment: | Updated to support configure options to disable/enable specific protocols |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | tls-1-7 |
| Files: | files | file ages | folders |
| SHA1: |
c75c1f1d509c1c7eab8b5e62dda4d6c6 |
| User & Date: | rkeene on 2016-12-05 16:57:56 |
| Other Links: | branch diff | manifest | tags |
Context
|
2016-12-05
| ||
| 16:58 | Enforce socket in blocking mode during test where "gets" is expected to wait for a reply check-in: dc7bbc6de6 user: rkeene tags: tls-1-7 | |
| 16:57 | Updated to support configure options to disable/enable specific protocols check-in: c75c1f1d50 user: rkeene tags: tls-1-7 | |
| 16:44 | Moved OpenSSL and LibreSSL checks to an external file check-in: 07852b1ee9 user: rkeene tags: tls-1-7 | |
Changes
Modified aclocal/tcltls_openssl.m4
from [01c1c3f418]
to [dc9bb37a5d].
| ︙ | ︙ | |||
31 32 33 34 35 36 37 | ], [ AC_MSG_RESULT([no]) AC_MSG_ERROR([Unable to compile a basic program using OpenSSL]) ]) AC_LANG_POP([C]) dnl Determine if SSLv2 is supported | > | < > | > > > > > > | < > | > > > > > > | < > | > > > > > > | < > | > > > > > > | < > | > > > > > | 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 |
], [
AC_MSG_RESULT([no])
AC_MSG_ERROR([Unable to compile a basic program using OpenSSL])
])
AC_LANG_POP([C])
dnl Determine if SSLv2 is supported
if test "$tcltls_ssl_ssl2" = "true"; then
AC_CHECK_FUNC(SSLv2_method,, [
tcltls_ssl_ssl2='false'
])
fi
if test "$tcltls_ssl_ssl2" = "false"; then
AC_DEFINE(NO_SSL2, [1], [Define this to disable SSLv2 in OpenSSL support])
fi
dnl Determine if SSLv3 is supported
if test "$tcltls_ssl_ssl3" = "true"; then
AC_CHECK_FUNC(SSLv3_method,, [
tcltls_ssl_ssl3='false'
])
fi
if test "$tcltls_ssl_ssl3" = "false"; then
AC_DEFINE(NO_SSL3, [1], [Define this to disable SSLv3 in OpenSSL support])
fi
dnl Determine if TLSv1.0 is supported
if test "$tcltls_ssl_tls1_0" = "true"; then
AC_CHECK_FUNC(TLSv1_method,, [
tcltls_ssl_tls1_0='false'
])
fi
if test "$tcltls_ssl_tls1_0" = "false"; then
AC_DEFINE(NO_TLS1, [1], [Define this to disable TLSv1.0 in OpenSSL support])
fi
dnl Determine if TLSv1.1 is supported
if test "$tcltls_ssl_tls1_1" = "true"; then
AC_CHECK_FUNC(TLSv1_1_method,, [
tcltls_ssl_tls1_1='false'
])
fi
if test "$tcltls_ssl_tls1_1" = "false"; then
AC_DEFINE(NO_TLS1_1, [1], [Define this to disable TLSv1.1 in OpenSSL support])
fi
dnl Determine if TLSv1.2 is supported
if test "$tcltls_ssl_tls1_2" = "true"; then
AC_CHECK_FUNC(TLSv1_2_method,, [
tcltls_ssl_tls1_2='false'
])
fi
if test "$tcltls_ssl_tls1_2" = "false"; then
AC_DEFINE(NO_TLS1_2, [1], [Define this to disable TLSv1.2 in OpenSSL support])
fi
dnl Restore compile-altering variables
LIBS="${SAVE_LIBS}"
CFLAGS="${SAVE_CFLAGS}"
CPPFLAGS="${SAVE_CPPFLAGS}"
])
|
Modified configure.in
from [4546434d3f]
to [9220961356].
| ︙ | ︙ | |||
53 54 55 56 57 58 59 60 61 62 63 64 65 66 | ]) if test "$tcltls_deterministic" = 'true'; then GEN_DH_PARAMS_ARGS='fallback' else GEN_DH_PARAMS_ARGS='' fi AC_SUBST(GEN_DH_PARAMS_ARGS) dnl Enable support for a debugging build tcltls_debug='false' AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging parameters]), [ if test "$enableval" = "yes"; then tcltls_debug='true' fi | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 | ]) if test "$tcltls_deterministic" = 'true'; then GEN_DH_PARAMS_ARGS='fallback' else GEN_DH_PARAMS_ARGS='' fi AC_SUBST(GEN_DH_PARAMS_ARGS) dnl Allow the user to manually disable protocols dnl ## SSLv2: Disabled by default tcltls_ssl_ssl2='false' AC_ARG_ENABLE([sslv2], AS_HELP_STRING([--enable-sslv2], [enable SSLv2 protocol]), [ if test "$enableval" = "yes"; then tcltls_ssl_ssl2='true' fi ]) dnl ## SSLv3: Disabled by default tcltls_ssl_ssl3='false' AC_ARG_ENABLE([sslv3], AS_HELP_STRING([--enable-sslv3], [enable SSLv3 protocol]), [ if test "$enableval" = "yes"; then tcltls_ssl_ssl3='true' fi ]) dnl ## TLSv1.0: Enabled by default tcltls_ssl_tls1_0='true' AC_ARG_ENABLE([tlsv1.0], AS_HELP_STRING([--disable-tlsv1.0], [disable TLSv1.0 protocol]), [ if test "$enableval" = "no"; then tcltls_ssl_tls1_0='false' fi ]) dnl ## TLSv1.1: Enabled by default tcltls_ssl_tls1_1='true' AC_ARG_ENABLE([tlsv1.1], AS_HELP_STRING([--disable-tlsv1.1], [disable TLSv1.1 protocol]), [ if test "$enableval" = "no"; then tcltls_ssl_tls1_1='false' fi ]) dnl ## TLSv1.1: Enabled by default tcltls_ssl_tls1_2='true' AC_ARG_ENABLE([tlsv1.2], AS_HELP_STRING([--disable-tlsv1.2], [disable TLSv1.2 protocol]), [ if test "$enableval" = "no"; then tcltls_ssl_tls1_2='false' fi ]) dnl Enable support for a debugging build tcltls_debug='false' AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging parameters]), [ if test "$enableval" = "yes"; then tcltls_debug='true' fi |
| ︙ | ︙ |