TclTLS
Check-in [d00f5eca5d]
Login
HomeTimelineDownloadBrowse SourceBranchesTagsTicketsWiki
EuroTcl/OpenACS 11 - 12 JULY 2024, VIENNA
Overview
Comment:Merged in generate tls.tcl.h and debug mode option changes
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | crypto
Files: files | file ages | folders
SHA3-256: d00f5eca5d17e10e1e6035ac98db916cd04322d7baa1153e67163edd9d6c9f64
User & Date: bohagan on 2024-06-06 01:21:27
Other Links: branch diff | manifest | tags
Context
2024-06-06
01:21
Merged in generate tls.tcl.h and debug mode option changes Leaf check-in: d00f5eca5d user: bohagan tags: crypto
00:47
Added back option to enable debug mode that was lost in conversion to new TEA build system check-in: 73be06fc48 user: bohagan tags: tls-1.8
2024-05-29
01:30
Merged in changes from master check-in: 9d265b298a user: bohagan tags: crypto
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Modified Makefile.in from [374d539e3c] to [6e9018ca55]. 

320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338

#========================================================================

VPATH = $(srcdir):$(srcdir)/generic:$(srcdir)/unix:$(srcdir)/win:$(srcdir)/macosx

# Create a C-source-ified version of the script resources
# for TclTLS so that we only need a single file to enable
# this extension
tls.tcl.h: @srcdir@/library/tls.tcl Makefile
	od -A n -v -t xC < '@srcdir@/library/tls.tcl' > tls.tcl.h.new.1
	sed 's@[^0-9A-Fa-f]@@g;s@..@0x&, @g' < tls.tcl.h.new.1 > tls.tcl.h.new.2
	rm -f tls.tcl.h.new.1
	mv tls.tcl.h.new.2 @srcdir@/generic/tls.tcl.h

$(srcdir)/manifest.uuid:
	printf "git-" >$(srcdir)/manifest.uuid
	(cd $(srcdir); git rev-parse HEAD >>$(srcdir)/manifest.uuid || \
	    (printf "svn-r" >$(srcdir)/manifest.uuid ; \
	    svn info --show-item last-changed-revision >>$(srcdir)/manifest.uuid) || \
	    printf "unknown" >$(srcdir)/manifest.uuid)








|
|
<
<
<








320
321
322
323
324
325
326
327
328



329
330
331
332
333
334
335

#========================================================================

VPATH = $(srcdir):$(srcdir)/generic:$(srcdir)/unix:$(srcdir)/win:$(srcdir)/macosx

# Create a C-source-ified version of the script resources
# for TclTLS so that we only need a single file to enable
# this extension
tls.tcl.h: $(srcdir)/library/tls.tcl
	sed -e '/^\\s*\#/d' -e '/^\\s*$$/d' -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/^/"/' -e 's/$$/\\n\"/' < `@CYGPATH@ $<` > $@ || { rm -f $@; exit 1; }




$(srcdir)/manifest.uuid:
	printf "git-" >$(srcdir)/manifest.uuid
	(cd $(srcdir); git rev-parse HEAD >>$(srcdir)/manifest.uuid || \
	    (printf "svn-r" >$(srcdir)/manifest.uuid ; \
	    svn info --show-item last-changed-revision >>$(srcdir)/manifest.uuid) || \
	    printf "unknown" >$(srcdir)/manifest.uuid)

Modified README.txt from [8780a2ec30] to [f08e3dfc2c]. 

58
59
60
61
62
63
64

65
66
67
68
69
70
71

The supported configure options include all of the standard TEA configure script
options, plus:

  --disable-tls1          disable TLS1 protocol
  --disable-tls1_1        disable TLS1.1 protocol
  --disable-tls1_2        disable TLS1.2 protocol
  --disable-tls1_3        disable TLS1.3 protocol

  --enable-ssl-fastpath   enable using the underlying file descriptor for talking directly to the SSL library
  --enable-hardening      enable hardening attempts
  --enable-static-ssl     enable static linking to the SSL library

If either TCL or OpenSSL are installed in non-standard locations, the following
configure options are available. For all options, see ./configure --help.









>








58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

The supported configure options include all of the standard TEA configure script
options, plus:

  --disable-tls1          disable TLS1 protocol
  --disable-tls1_1        disable TLS1.1 protocol
  --disable-tls1_2        disable TLS1.2 protocol
  --disable-tls1_3        disable TLS1.3 protocol
  --enable-debug          enable debugging mode and output more status
  --enable-ssl-fastpath   enable using the underlying file descriptor for talking directly to the SSL library
  --enable-hardening      enable hardening attempts
  --enable-static-ssl     enable static linking to the SSL library

If either TCL or OpenSSL are installed in non-standard locations, the following
configure options are available. For all options, see ./configure --help.

Modified acinclude.m4 from [d72291abc4] to [30ce022af6]. 

53
54
55
56
57
58
59














60
61
62
63
64
65
66

		if test "${enableval}" == "no"; then
			AC_DEFINE([NO_TLS1_3], [1], [Disable TLS1.3 protocol])
			AC_MSG_CHECKING([for disable TLS1.3 protocol])
			AC_MSG_RESULT([yes])
		fi
	])
















	dnl Determine if we have been asked to use a fast path if possible
	AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--enable-ssl-fastpath],
		[enable using the underlying file descriptor for talking directly to the SSL library]), [
		tcltls_ssl_fastpath="$enableval"
	], [
		tcltls_ssl_fastpath='no'








>
>
>
>
>
>
>
>
>
>
>
>
>
>








53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

		if test "${enableval}" == "no"; then
			AC_DEFINE([NO_TLS1_3], [1], [Disable TLS1.3 protocol])
			AC_MSG_CHECKING([for disable TLS1.3 protocol])
			AC_MSG_RESULT([yes])
		fi
	])


	dnl Determine if debugging mode should be enabled
	AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug],
		[enable debugging mode and output more status]), [
		tcltls_debug_mode="$enableval"
	], [
		tcltls_debug_mode='no'
	])
	if test "$tcltls_debug_mode" == 'yes'; then
		AC_DEFINE(TCLEXT_TCLTLS_DEBUG, [1], [Enable debugging mode])
	fi
	AC_MSG_CHECKING([for debug mode])
	AC_MSG_RESULT([$tcltls_debug_mode])


	dnl Determine if we have been asked to use a fast path if possible
	AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--enable-ssl-fastpath],
		[enable using the underlying file descriptor for talking directly to the SSL library]), [
		tcltls_ssl_fastpath="$enableval"
	], [
		tcltls_ssl_fastpath='no'

Modified configure from [464341226c] to [d1566f680c]. 

769
770
771
772
773
774
775

776
777
778
779
780
781
782

enable_rpath
enable_symbols
enable_ssl3
enable_tls1
enable_tls1_1
enable_tls1_2
enable_tls1_3

enable_ssl_fastpath
enable_hardening
enable_static_ssl
with_openssl_dir
with_openssl_includedir
with_openssl_libdir
with_openssl_pkgconfig








>








769
770
771
772
773
774
775
776
777
778
779
780
781
782
783

enable_rpath
enable_symbols
enable_ssl3
enable_tls1
enable_tls1_1
enable_tls1_2
enable_tls1_3
enable_debug
enable_ssl_fastpath
enable_hardening
enable_static_ssl
with_openssl_dir
with_openssl_includedir
with_openssl_libdir
with_openssl_pkgconfig

1420
1421
1422
1423
1424
1425
1426

1427
1428
1429
1430
1431
1432
1433

  --disable-rpath         disable rpath support (default: on)
  --enable-symbols        build with debugging symbols (default: off)
  --disable-ssl3          disable SSL3 protocol
  --disable-tls1          disable TLS1 protocol
  --disable-tls1_1        disable TLS1.1 protocol
  --disable-tls1_2        disable TLS1.2 protocol
  --disable-tls1_3        disable TLS1.3 protocol

  --enable-ssl-fastpath   enable using the underlying file descriptor for
                          talking directly to the SSL library
  --enable-hardening      enable hardening attempts
  --enable-static-ssl     enable static linking to the SSL library

Optional Packages:
  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]








>








1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435

  --disable-rpath         disable rpath support (default: on)
  --enable-symbols        build with debugging symbols (default: off)
  --disable-ssl3          disable SSL3 protocol
  --disable-tls1          disable TLS1 protocol
  --disable-tls1_1        disable TLS1.1 protocol
  --disable-tls1_2        disable TLS1.2 protocol
  --disable-tls1_3        disable TLS1.3 protocol
  --enable-debug          enable debugging mode and output more status
  --enable-ssl-fastpath   enable using the underlying file descriptor for
                          talking directly to the SSL library
  --enable-hardening      enable hardening attempts
  --enable-static-ssl     enable static linking to the SSL library

Optional Packages:
  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]

9173
9174
9175
9176
9177
9178
9179
9180
9181
9182
9183
9184
9185
9186
9187


#--------------------------------------------------------------------
# This marco includes the TCL TLS specific functions to set the
# OpenSSL or LibreSSL config.
#--------------------------------------------------------------------


	if test -n "$ac_tool_prefix"; then
  # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
printf %s "checking for $ac_word... " >&6; }
if test ${ac_cv_prog_PKG_CONFIG+y}
then :
  printf %s "(cached) " >&6








|








9175
9176
9177
9178
9179
9180
9181
9182
9183
9184
9185
9186
9187
9188
9189


#--------------------------------------------------------------------
# This marco includes the TCL TLS specific functions to set the
# OpenSSL or LibreSSL config.
#--------------------------------------------------------------------


		if test -n "$ac_tool_prefix"; then
  # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
printf %s "checking for $ac_word... " >&6; }
if test ${ac_cv_prog_PKG_CONFIG+y}
then :
  printf %s "(cached) " >&6

9368
9369
9370
9371
9372
9373
9374
























9375
9376
9377
9378
9379
9380
9381

			{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
printf "%s\n" "yes" >&6; }
		fi

fi



























		# Check whether --enable-ssl-fastpath was given.
if test ${enable_ssl_fastpath+y}
then :
  enableval=$enable_ssl_fastpath;
		tcltls_ssl_fastpath="$enableval"









>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>








9370
9371
9372
9373
9374
9375
9376
9377
9378
9379
9380
9381
9382
9383
9384
9385
9386
9387
9388
9389
9390
9391
9392
9393
9394
9395
9396
9397
9398
9399
9400
9401
9402
9403
9404
9405
9406
9407

			{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
printf "%s\n" "yes" >&6; }
		fi

fi



		# Check whether --enable-debug was given.
if test ${enable_debug+y}
then :
  enableval=$enable_debug;
		tcltls_debug_mode="$enableval"

else case e in #(
  e)
		tcltls_debug_mode='no'
	 ;;
esac
fi

	if test "$tcltls_debug_mode" == 'yes'; then

printf "%s\n" "#define TCLEXT_TCLTLS_DEBUG 1" >>confdefs.h

	fi
	{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for debug mode" >&5
printf %s "checking for debug mode... " >&6; }
	{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $tcltls_debug_mode" >&5
printf "%s\n" "$tcltls_debug_mode" >&6; }


		# Check whether --enable-ssl-fastpath was given.
if test ${enable_ssl_fastpath+y}
then :
  enableval=$enable_ssl_fastpath;
		tcltls_ssl_fastpath="$enableval"

Modified generic/tls.c from [5693b2c98c] to [c4b8d40b20]. 

2720
2721
2722
2723
2724
2725
2726





2727
2728
2729
2730
2731
2732
2733

			    ".static"
#endif
		), NULL);
    }
    return TCL_OK;
}






/*
 *-------------------------------------------------------------------
 *
 * Tls_Init --
 *
 *	This is a package initialization procedure, which is called
 *	by Tcl when this package is to be added to an interpreter.








>
>
>
>
>








2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738

			    ".static"
#endif
		), NULL);
    }
    return TCL_OK;
}

/* Init script */
static const char tlsTclInitScript[] = {
#include "tls.tcl.h"
};

/*
 *-------------------------------------------------------------------
 *
 * Tls_Init --
 *
 *	This is a package initialization procedure, which is called
 *	by Tcl when this package is to be added to an interpreter.

2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760


#if TCL_MAJOR_VERSION > 8
#define MIN_VERSION "9.0"
#else
#define MIN_VERSION "8.5"
#endif

static const char tlsTclInitScript[] = {
#include "tls.tcl.h"
	0x00
    };

DLLEXPORT int Tls_Init(Tcl_Interp *interp) {

    dprintf("Called");

#ifdef USE_TCL_STUBS
    if (Tcl_InitStubs(interp, MIN_VERSION, 0) == NULL) {
	return TCL_ERROR;








<
<
<
<
<








2747
2748
2749
2750
2751
2752
2753





2754
2755
2756
2757
2758
2759
2760


#if TCL_MAJOR_VERSION > 8
#define MIN_VERSION "9.0"
#else
#define MIN_VERSION "8.5"
#endif






DLLEXPORT int Tls_Init(Tcl_Interp *interp) {

    dprintf("Called");

#ifdef USE_TCL_STUBS
    if (Tcl_InitStubs(interp, MIN_VERSION, 0) == NULL) {
	return TCL_ERROR;

Modified generic/tlsInt.h from [6b6b71d2f2] to [08eeb039c3]. 

47
48
49
50
51
52
53
54

55

56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

#   endif
#endif

/*
 * Backwards compatibility for size type change
 */
#if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7
    #include <limits.h>

    #define TCL_SIZE_MAX INT_MAX


    #ifndef Tcl_Size
        typedef int Tcl_Size;
    #endif

    #define TCL_SIZE_MODIFIER ""
    #define Tcl_GetSizeIntFromObj Tcl_GetIntFromObj
    #define Tcl_NewSizeIntObj     Tcl_NewIntObj
    #define Tcl_NewSizeIntFromObj Tcl_NewWideIntObj
#endif

/* Define missing POSIX error codes */
#ifndef ECONNABORTED
#define ECONNABORTED	130	/* Software caused connection abort */
#endif
#ifndef ECONNRESET








|
>
|
>

|
|
|

|
|
|
|








47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

#   endif
#endif

/*
 * Backwards compatibility for size type change
 */
#if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7
#include <limits.h>
#ifndef TCL_SIZE_MAX
#define TCL_SIZE_MAX INT_MAX
#endif

#ifndef Tcl_Size
    typedef int Tcl_Size;
#endif

#define TCL_SIZE_MODIFIER ""
#define Tcl_GetSizeIntFromObj Tcl_GetIntFromObj
#define Tcl_NewSizeIntObj     Tcl_NewIntObj
#define Tcl_NewSizeIntFromObj Tcl_NewWideIntObj
#endif

/* Define missing POSIX error codes */
#ifndef ECONNABORTED
#define ECONNABORTED	130	/* Software caused connection abort */
#endif
#ifndef ECONNRESET

Modified win/README.txt from [7588eb108e] to [8918719965]. 

65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

  set BUILDDIR=\path\to\build\tcltls
  set TCLINSTALL=\path\to\tcl
  set INSTALLDIR=%TCLINSTALL%\lib
  set SSLINSTALL=\path\to\openssl\dir

2a) Unzip distribution to %BUILDDIR%

2b) Start BASH shell (MinGW62 Git shell)

  cd %BUILDDIR%
  od -A n -v -t xC < 'library/tls.tcl' > tls.tcl.h.new.1
  sed 's@[^0-9A-Fa-f]@@g;s@..@0x&, @g' < tls.tcl.h.new.1 > generic/tls.tcl.h
  rm -f tls.tcl.h.new.1

2c) Start Visual Studio shell

  At Visual Studio x64 native prompt:

  cd %BUILDDIR%\win

  nmake -f makefile.vc TCLDIR=%TCLINSTALL% SSL_INSTALL_FOLDER=%SSLINSTALL%
  nmake -f makefile.vc install TCLDIR=%TCLINSTALL% INSTALLDIR=%INSTALLDIR% SSL_INSTALL_FOLDER=%SSLINSTALL%








<
<
<
<
<
<
<
|








65
66
67
68
69
70
71







72
73
74
75
76
77
78
79

  set BUILDDIR=\path\to\build\tcltls
  set TCLINSTALL=\path\to\tcl
  set INSTALLDIR=%TCLINSTALL%\lib
  set SSLINSTALL=\path\to\openssl\dir

2a) Unzip distribution to %BUILDDIR%








2b) Start Visual Studio shell

  At Visual Studio x64 native prompt:

  cd %BUILDDIR%\win

  nmake -f makefile.vc TCLDIR=%TCLINSTALL% SSL_INSTALL_FOLDER=%SSLINSTALL%
  nmake -f makefile.vc install TCLDIR=%TCLINSTALL% INSTALLDIR=%INSTALLDIR% SSL_INSTALL_FOLDER=%SSLINSTALL%

Modified win/makefile.vc from [eb018c9b6b] to [248888ac47]. 

70
71
72
73
74
75
76



77
78
79
80











81
82
83
84
85
86
87


all: setup default-target

clean: default-clean

realclean: default-hose




# We must define a pkgindex target that will create a pkgIndex.tcl
# file in the $(OUT_DIR) directory. We can just redirect to the
# default-pkgindex target for our sample extension.
pkgindex: default-pkgindex-tea












# Manifest which defines fossil/git commit id for build-info command
$(ROOT)\manifest.uuid:
    if not exist $(ROOT)\manifest.uuid (
	copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid
	where git
	if ERRORLEVEL 0 (








>
>
>




>
>
>
>
>
>
>
>
>
>
>








70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101


all: setup default-target

clean: default-clean

realclean: default-hose

# Explicit dependency rules
$(PRJ_OBJS): $(TMP_DIR)\tls.tcl.h $(TMP_DIR)\tlsUuid.h

# We must define a pkgindex target that will create a pkgIndex.tcl
# file in the $(OUT_DIR) directory. We can just redirect to the
# default-pkgindex target for our sample extension.
pkgindex: default-pkgindex-tea

$(TMP_DIR)\tls.tcl.h: $(LIBDIR)\tls.tcl
	"$(TCLSH)" << $(LIBDIR)\tls.tcl >$(TMP_DIR)\tls.tcl.h
	set in [open [lindex $$argv 0] r]
	while {[gets $$in line] != -1} {
	    switch -regexp -- $$line "^$$" - {^\s*#} continue
	    regsub -all {\\} $$line {\\\\} line
	    regsub -all {"} $$line {\"} line
	    puts "\"$$line\\n\""
	}
<<

# Manifest which defines fossil/git commit id for build-info command
$(ROOT)\manifest.uuid:
    if not exist $(ROOT)\manifest.uuid (
	copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid
	where git
	if ERRORLEVEL 0 (

104
105
106
107
108
109
110
111
112
113
114
115

    if exist "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )
    if exist "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )

# Explicit dependency rules
$(GENERICDIR)\tls.c: $(TMP_DIR)\tlsUuid.h

# Test package
test: default-test








<
<
<



118
119
120
121
122
123
124



125
126

    if exist "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )
    if exist "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )




# Test package
test: default-test

Powered by Fossil · RSS