Overview
Comment: | Merged in generate tls.tcl.h and debug mode option changes |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | crypto |
Files: | files | file ages | folders |
SHA3-256: |
d00f5eca5d17e10e1e6035ac98db916c |
User & Date: | bohagan on 2024-06-06 01:21:27 |
Other Links: | branch diff | manifest | tags |
Context
2024-06-06
| ||
01:21 | Merged in generate tls.tcl.h and debug mode option changes Leaf check-in: d00f5eca5d user: bohagan tags: crypto | |
00:47 | Added back option to enable debug mode that was lost in conversion to new TEA build system check-in: 73be06fc48 user: bohagan tags: tls-1.8 | |
2024-05-29
| ||
01:30 | Merged in changes from master check-in: 9d265b298a user: bohagan tags: crypto | |
Changes
Modified Makefile.in
from [374d539e3c]
to [6e9018ca55].
︙ | ︙ | |||
320 321 322 323 324 325 326 | #======================================================================== VPATH = $(srcdir):$(srcdir)/generic:$(srcdir)/unix:$(srcdir)/win:$(srcdir)/macosx # Create a C-source-ified version of the script resources # for TclTLS so that we only need a single file to enable # this extension | | | < < < | 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 | #======================================================================== VPATH = $(srcdir):$(srcdir)/generic:$(srcdir)/unix:$(srcdir)/win:$(srcdir)/macosx # Create a C-source-ified version of the script resources # for TclTLS so that we only need a single file to enable # this extension tls.tcl.h: $(srcdir)/library/tls.tcl sed -e '/^\\s*\#/d' -e '/^\\s*$$/d' -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/^/"/' -e 's/$$/\\n\"/' < `@CYGPATH@ $<` > $@ || { rm -f $@; exit 1; } $(srcdir)/manifest.uuid: printf "git-" >$(srcdir)/manifest.uuid (cd $(srcdir); git rev-parse HEAD >>$(srcdir)/manifest.uuid || \ (printf "svn-r" >$(srcdir)/manifest.uuid ; \ svn info --show-item last-changed-revision >>$(srcdir)/manifest.uuid) || \ printf "unknown" >$(srcdir)/manifest.uuid) |
︙ | ︙ |
Modified README.txt
from [8780a2ec30]
to [f08e3dfc2c].
︙ | ︙ | |||
58 59 60 61 62 63 64 65 66 67 68 69 70 71 | The supported configure options include all of the standard TEA configure script options, plus: --disable-tls1 disable TLS1 protocol --disable-tls1_1 disable TLS1.1 protocol --disable-tls1_2 disable TLS1.2 protocol --disable-tls1_3 disable TLS1.3 protocol --enable-ssl-fastpath enable using the underlying file descriptor for talking directly to the SSL library --enable-hardening enable hardening attempts --enable-static-ssl enable static linking to the SSL library If either TCL or OpenSSL are installed in non-standard locations, the following configure options are available. For all options, see ./configure --help. | > | 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 | The supported configure options include all of the standard TEA configure script options, plus: --disable-tls1 disable TLS1 protocol --disable-tls1_1 disable TLS1.1 protocol --disable-tls1_2 disable TLS1.2 protocol --disable-tls1_3 disable TLS1.3 protocol --enable-debug enable debugging mode and output more status --enable-ssl-fastpath enable using the underlying file descriptor for talking directly to the SSL library --enable-hardening enable hardening attempts --enable-static-ssl enable static linking to the SSL library If either TCL or OpenSSL are installed in non-standard locations, the following configure options are available. For all options, see ./configure --help. |
︙ | ︙ |
Modified acinclude.m4
from [d72291abc4]
to [30ce022af6].
︙ | ︙ | |||
53 54 55 56 57 58 59 60 61 62 63 64 65 66 | if test "${enableval}" == "no"; then AC_DEFINE([NO_TLS1_3], [1], [Disable TLS1.3 protocol]) AC_MSG_CHECKING([for disable TLS1.3 protocol]) AC_MSG_RESULT([yes]) fi ]) dnl Determine if we have been asked to use a fast path if possible AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--enable-ssl-fastpath], [enable using the underlying file descriptor for talking directly to the SSL library]), [ tcltls_ssl_fastpath="$enableval" ], [ tcltls_ssl_fastpath='no' | > > > > > > > > > > > > > > | 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 | if test "${enableval}" == "no"; then AC_DEFINE([NO_TLS1_3], [1], [Disable TLS1.3 protocol]) AC_MSG_CHECKING([for disable TLS1.3 protocol]) AC_MSG_RESULT([yes]) fi ]) dnl Determine if debugging mode should be enabled AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging mode and output more status]), [ tcltls_debug_mode="$enableval" ], [ tcltls_debug_mode='no' ]) if test "$tcltls_debug_mode" == 'yes'; then AC_DEFINE(TCLEXT_TCLTLS_DEBUG, [1], [Enable debugging mode]) fi AC_MSG_CHECKING([for debug mode]) AC_MSG_RESULT([$tcltls_debug_mode]) dnl Determine if we have been asked to use a fast path if possible AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--enable-ssl-fastpath], [enable using the underlying file descriptor for talking directly to the SSL library]), [ tcltls_ssl_fastpath="$enableval" ], [ tcltls_ssl_fastpath='no' |
︙ | ︙ |
Modified configure
from [464341226c]
to [d1566f680c].
︙ | ︙ | |||
769 770 771 772 773 774 775 776 777 778 779 780 781 782 | enable_rpath enable_symbols enable_ssl3 enable_tls1 enable_tls1_1 enable_tls1_2 enable_tls1_3 enable_ssl_fastpath enable_hardening enable_static_ssl with_openssl_dir with_openssl_includedir with_openssl_libdir with_openssl_pkgconfig | > | 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 | enable_rpath enable_symbols enable_ssl3 enable_tls1 enable_tls1_1 enable_tls1_2 enable_tls1_3 enable_debug enable_ssl_fastpath enable_hardening enable_static_ssl with_openssl_dir with_openssl_includedir with_openssl_libdir with_openssl_pkgconfig |
︙ | ︙ | |||
1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 | --disable-rpath disable rpath support (default: on) --enable-symbols build with debugging symbols (default: off) --disable-ssl3 disable SSL3 protocol --disable-tls1 disable TLS1 protocol --disable-tls1_1 disable TLS1.1 protocol --disable-tls1_2 disable TLS1.2 protocol --disable-tls1_3 disable TLS1.3 protocol --enable-ssl-fastpath enable using the underlying file descriptor for talking directly to the SSL library --enable-hardening enable hardening attempts --enable-static-ssl enable static linking to the SSL library Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] | > | 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 | --disable-rpath disable rpath support (default: on) --enable-symbols build with debugging symbols (default: off) --disable-ssl3 disable SSL3 protocol --disable-tls1 disable TLS1 protocol --disable-tls1_1 disable TLS1.1 protocol --disable-tls1_2 disable TLS1.2 protocol --disable-tls1_3 disable TLS1.3 protocol --enable-debug enable debugging mode and output more status --enable-ssl-fastpath enable using the underlying file descriptor for talking directly to the SSL library --enable-hardening enable hardening attempts --enable-static-ssl enable static linking to the SSL library Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] |
︙ | ︙ | |||
9173 9174 9175 9176 9177 9178 9179 | #-------------------------------------------------------------------- # This marco includes the TCL TLS specific functions to set the # OpenSSL or LibreSSL config. #-------------------------------------------------------------------- | | | 9175 9176 9177 9178 9179 9180 9181 9182 9183 9184 9185 9186 9187 9188 9189 | #-------------------------------------------------------------------- # This marco includes the TCL TLS specific functions to set the # OpenSSL or LibreSSL config. #-------------------------------------------------------------------- if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_PKG_CONFIG+y} then : printf %s "(cached) " >&6 |
︙ | ︙ | |||
9368 9369 9370 9371 9372 9373 9374 9375 9376 9377 9378 9379 9380 9381 | { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } fi fi # Check whether --enable-ssl-fastpath was given. if test ${enable_ssl_fastpath+y} then : enableval=$enable_ssl_fastpath; tcltls_ssl_fastpath="$enableval" | > > > > > > > > > > > > > > > > > > > > > > > > | 9370 9371 9372 9373 9374 9375 9376 9377 9378 9379 9380 9381 9382 9383 9384 9385 9386 9387 9388 9389 9390 9391 9392 9393 9394 9395 9396 9397 9398 9399 9400 9401 9402 9403 9404 9405 9406 9407 | { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } fi fi # Check whether --enable-debug was given. if test ${enable_debug+y} then : enableval=$enable_debug; tcltls_debug_mode="$enableval" else case e in #( e) tcltls_debug_mode='no' ;; esac fi if test "$tcltls_debug_mode" == 'yes'; then printf "%s\n" "#define TCLEXT_TCLTLS_DEBUG 1" >>confdefs.h fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for debug mode" >&5 printf %s "checking for debug mode... " >&6; } { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $tcltls_debug_mode" >&5 printf "%s\n" "$tcltls_debug_mode" >&6; } # Check whether --enable-ssl-fastpath was given. if test ${enable_ssl_fastpath+y} then : enableval=$enable_ssl_fastpath; tcltls_ssl_fastpath="$enableval" |
︙ | ︙ |
Modified generic/tls.c
from [5693b2c98c]
to [c4b8d40b20].
︙ | ︙ | |||
2720 2721 2722 2723 2724 2725 2726 2727 2728 2729 2730 2731 2732 2733 | ".static" #endif ), NULL); } return TCL_OK; } /* *------------------------------------------------------------------- * * Tls_Init -- * * This is a package initialization procedure, which is called * by Tcl when this package is to be added to an interpreter. | > > > > > | 2720 2721 2722 2723 2724 2725 2726 2727 2728 2729 2730 2731 2732 2733 2734 2735 2736 2737 2738 | ".static" #endif ), NULL); } return TCL_OK; } /* Init script */ static const char tlsTclInitScript[] = { #include "tls.tcl.h" }; /* *------------------------------------------------------------------- * * Tls_Init -- * * This is a package initialization procedure, which is called * by Tcl when this package is to be added to an interpreter. |
︙ | ︙ | |||
2742 2743 2744 2745 2746 2747 2748 | #if TCL_MAJOR_VERSION > 8 #define MIN_VERSION "9.0" #else #define MIN_VERSION "8.5" #endif | < < < < < | 2747 2748 2749 2750 2751 2752 2753 2754 2755 2756 2757 2758 2759 2760 | #if TCL_MAJOR_VERSION > 8 #define MIN_VERSION "9.0" #else #define MIN_VERSION "8.5" #endif DLLEXPORT int Tls_Init(Tcl_Interp *interp) { dprintf("Called"); #ifdef USE_TCL_STUBS if (Tcl_InitStubs(interp, MIN_VERSION, 0) == NULL) { return TCL_ERROR; |
︙ | ︙ |
Modified generic/tlsInt.h
from [6b6b71d2f2]
to [08eeb039c3].
︙ | ︙ | |||
47 48 49 50 51 52 53 | # endif #endif /* * Backwards compatibility for size type change */ #if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7 | | > | > | | | | | | | | 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 | # endif #endif /* * Backwards compatibility for size type change */ #if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7 #include <limits.h> #ifndef TCL_SIZE_MAX #define TCL_SIZE_MAX INT_MAX #endif #ifndef Tcl_Size typedef int Tcl_Size; #endif #define TCL_SIZE_MODIFIER "" #define Tcl_GetSizeIntFromObj Tcl_GetIntFromObj #define Tcl_NewSizeIntObj Tcl_NewIntObj #define Tcl_NewSizeIntFromObj Tcl_NewWideIntObj #endif /* Define missing POSIX error codes */ #ifndef ECONNABORTED #define ECONNABORTED 130 /* Software caused connection abort */ #endif #ifndef ECONNRESET |
︙ | ︙ |
Modified win/README.txt
from [7588eb108e]
to [8918719965].
︙ | ︙ | |||
65 66 67 68 69 70 71 | set BUILDDIR=\path\to\build\tcltls set TCLINSTALL=\path\to\tcl set INSTALLDIR=%TCLINSTALL%\lib set SSLINSTALL=\path\to\openssl\dir 2a) Unzip distribution to %BUILDDIR% | < < < < < < < | | 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 | set BUILDDIR=\path\to\build\tcltls set TCLINSTALL=\path\to\tcl set INSTALLDIR=%TCLINSTALL%\lib set SSLINSTALL=\path\to\openssl\dir 2a) Unzip distribution to %BUILDDIR% 2b) Start Visual Studio shell At Visual Studio x64 native prompt: cd %BUILDDIR%\win nmake -f makefile.vc TCLDIR=%TCLINSTALL% SSL_INSTALL_FOLDER=%SSLINSTALL% nmake -f makefile.vc install TCLDIR=%TCLINSTALL% INSTALLDIR=%INSTALLDIR% SSL_INSTALL_FOLDER=%SSLINSTALL% |
︙ | ︙ |
Modified win/makefile.vc
from [eb018c9b6b]
to [248888ac47].
︙ | ︙ | |||
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | all: setup default-target clean: default-clean realclean: default-hose # We must define a pkgindex target that will create a pkgIndex.tcl # file in the $(OUT_DIR) directory. We can just redirect to the # default-pkgindex target for our sample extension. pkgindex: default-pkgindex-tea # Manifest which defines fossil/git commit id for build-info command $(ROOT)\manifest.uuid: if not exist $(ROOT)\manifest.uuid ( copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid where git if ERRORLEVEL 0 ( | > > > > > > > > > > > > > > | 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 | all: setup default-target clean: default-clean realclean: default-hose # Explicit dependency rules $(PRJ_OBJS): $(TMP_DIR)\tls.tcl.h $(TMP_DIR)\tlsUuid.h # We must define a pkgindex target that will create a pkgIndex.tcl # file in the $(OUT_DIR) directory. We can just redirect to the # default-pkgindex target for our sample extension. pkgindex: default-pkgindex-tea $(TMP_DIR)\tls.tcl.h: $(LIBDIR)\tls.tcl "$(TCLSH)" << $(LIBDIR)\tls.tcl >$(TMP_DIR)\tls.tcl.h set in [open [lindex $$argv 0] r] while {[gets $$in line] != -1} { switch -regexp -- $$line "^$$" - {^\s*#} continue regsub -all {\\} $$line {\\\\} line regsub -all {"} $$line {\"} line puts "\"$$line\\n\"" } << # Manifest which defines fossil/git commit id for build-info command $(ROOT)\manifest.uuid: if not exist $(ROOT)\manifest.uuid ( copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid where git if ERRORLEVEL 0 ( |
︙ | ︙ | |||
104 105 106 107 108 109 110 | if exist "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" ( xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" "$(PRJ_INSTALL_DIR)" ) if exist "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" ( xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" "$(PRJ_INSTALL_DIR)" ) | < < < | 118 119 120 121 122 123 124 125 126 | if exist "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" ( xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" "$(PRJ_INSTALL_DIR)" ) if exist "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" ( xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" "$(PRJ_INSTALL_DIR)" ) # Test package test: default-test |