Changes On Branch backend-mbedtls
Bounty program for improvements to Tcl and certain Tcl packages.

Changes In Branch backend-mbedtls Excluding Merge-Ins

This is equivalent to a diff from b9af6e4772 to 37d16cba38

2019-11-15
17:15
Fixed bug where syms file is cleaned in the wrong stage check-in: c82e9cbcbd user: rkeene tags: trunk
16:40
Merged in trunk check-in: 5ee220305f user: rkeene tags: tls-1-7
2019-11-12
17:49
Started work on mbedTLS backend Leaf check-in: 37d16cba38 user: rkeene tags: backend-mbedtls
17:47
Started readding MSVC Windows build support check-in: 8478c7ec08 user: rkeene tags: readd-win-msvc
17:46
Makefile cleanup check-in: b9af6e4772 user: rkeene tags: trunk
17:36
Update configure script to check compiler flags during linking check-in: 01719ee8de user: rkeene tags: trunk

Added aclocal/tcltls_mbedtls.m4 version [04069331bc].









































































































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
AC_DEFUN([TCLTLS_SSL_MBEDTLS], [
	mbedtlsdir=''
	AC_ARG_WITH([mbedtls-dir],
		AS_HELP_STRING(
			[--with-mbedtls-dir=<dir>],
			[path to root directory of MbedTLS installation]
		), [
			mbedtlsdir="$withval"
		]
	)

	if test -n "$mbedtlsdir"; then
		if test -e "$mbedtlsdir/libmbedtls.a" -o -e "$mbedtlsdir/libmbedtls.${AREXT}"; then
			TCLTLS_SSL_LIBS="-L$mbedtlsdir -lmbedtls -lmbedcrypto"
			mbedtlsdir="`AS_DIRNAME(["$mbedtlsdir"])`"
		else
			TCLTLS_SSL_LIBS="-L$mbedtlsdir/library -lmbedtls -lmbedcrypto"
		fi
		TCLTLS_SSL_CFLAGS="-I$mbedtlsdir/include -I${mbedtlsdir}/include/mbedtls"
		TCLTLS_SSL_CPPFLAGS="-I$mbedtlsdir/include -I${mbedtlsdir}/include/mbedtls"
	fi

	AC_ARG_VAR([TCLTLS_SSL_LIBS], [libraries to pass to the linker for MbedTLS])
	AC_ARG_VAR([TCLTLS_SSL_CFLAGS], [C compiler flags for MbedTLS])
	AC_ARG_VAR([TCLTLS_SSL_CPPFLAGS], [C preprocessor flags for MbedTLS])

	if test "$TCLEXT_BUILD" = "static"; then
		dnl If we are doing a static build, save the linker flags for other programs to consume
		rm -f tcltls.${AREXT}.linkadd
		AS_ECHO(["$TCLTLS_SSL_LIBS"]) > tcltls.${AREXT}.linkadd
	fi

	dnl If we have been asked to statically link to the SSL library, specifically tell the linker to do so
	if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then
		dnl Don't bother doing this if we aren't actually doing the runtime linking
		if test "$TCLEXT_BUILD" != "static"; then
			dnl Split the libraries into SSL and non-SSL libraries
			new_TCLTLS_SSL_LIBS_normal=''
			new_TCLTLS_SSL_LIBS_static=''
			for arg in $TCLTLS_SSL_LIBS; do
				case "${arg}" in
					-L*)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
						;;
					-ldl|-lrt|-lc|-lpthread|-lm|-lcrypt|-lidn|-lresolv|-lgcc|-lgcc_s)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						;;
					-l*)
						new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
						;;
					*)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						;;
				esac
			done
			SHOBJ_DO_STATIC_LINK_LIB([MbedTLS], [$new_TCLTLS_SSL_LIBS_static], [new_TCLTLS_SSL_LIBS_static])
			TCLTLS_SSL_LIBS="${new_TCLTLS_SSL_LIBS_normal} ${new_TCLTLS_SSL_LIBS_static}"
		fi
	fi

	dnl Save compile-altering variables we are changing
	SAVE_LIBS="${LIBS}"
	SAVE_CFLAGS="${CFLAGS}"
	SAVE_CPPFLAGS="${CPPFLAGS}"

	dnl Update compile-altering variables to include the MbedTLS libraries
	LIBS="${TCLTLS_SSL_LIBS} ${SAVE_LIBS} ${TCLTLS_SSL_LIBS}"
	CFLAGS="${TCLTLS_SSL_CFLAGS} ${SAVE_CFLAGS} ${TCLTLS_SSL_CFLAGS}"
	CPPFLAGS="${TCLTLS_SSL_CPPFLAGS} ${SAVE_CPPFLAGS} ${TCLTLS_SSL_CPPFLAGS}"

	dnl Verify that basic functionality is there
	AC_LANG_PUSH(C)
	AC_MSG_CHECKING([if a basic MbedTLS program works])
	AC_LINK_IFELSE([AC_LANG_PROGRAM([
#define MBEDTLS_CONFIG_FILE <mbedtls/config.h>
#include MBEDTLS_CONFIG_FILE
		], [
    mbedtls_ssl_context *ctx;
    mbedtls_ssl_init(ctx);
    mbedtls_ssl_setup(ctx, (void *) 0);
    mbedtls_ssl_free(ctx);
		])], [
		AC_MSG_RESULT([yes])
	], [
		AC_MSG_RESULT([no])
		AC_MSG_ERROR([Unable to compile a basic program using MbedTLS])
	])
	AC_LANG_POP([C])

dnl
dnl	AC_CHECK_FUNCS([TLS_method])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_ssl2], [SSLv2_method], [sslv2], [NO_SSL2])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_ssl3], [SSLv3_method], [sslv3], [NO_SSL3])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_0], [TLSv1_method], [tlsv1.0], [NO_TLS1])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_1], [TLSv1_1_method], [tlsv1.1], [NO_TLS1_1])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_2], [TLSv1_2_method], [tlsv1.2], [NO_TLS1_2])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_3], [], [tlsv1.3], [NO_TLS1_3], [SSL_OP_NO_TLSv1_3])
dnl

	dnl Restore compile-altering variables
	LIBS="${SAVE_LIBS}"
	CFLAGS="${SAVE_CFLAGS}"
	CPPFLAGS="${SAVE_CPPFLAGS}"
])

Modified autogen.sh from [825e8c0a23] to [85a2a104f6].

14
15
16
17
18
19
20

21
22
23
24
25
26
27
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28






+







	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/shobj.m4
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/versionscript.m4
	'http://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=blob_plain;f=m4/ax_check_compile_flag.m4'
)

localFiles=(
	aclocal/tcltls_openssl.m4
	aclocal/tcltls_mbedtls.m4
)

failed='0'
for command in "${commands[@]}"; do
	if [ ! -f "$(which "${command}" 2>/dev/null)" ]; then
		echo "error: Unable to locate ${command}" >&2
		failed='1'

Modified configure.ac from [6234df6904] to [c705e1d652].

26
27
28
29
30
31
32
33

34
35
36
37
38
39
40
26
27
28
29
30
31
32

33
34
35
36
37
38
39
40






-
+







	AC_CHECK_TOOL([RANLIB], [ranlib], [:])
	EXTENSION_TARGET="tcltls.${AREXT}"
fi
AC_SUBST(EXTENSION_TARGET)
AC_SUBST(TCLEXT_BUILD)

dnl Determine what SSL library to link with
AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=<name>], [name of ssl library to build against (openssl, libressl, nss, auto)]), [
AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=<name>], [name of ssl library to build against (openssl, libressl, mbedtls, auto)]), [
	if test "$withval" = "no"; then
		AC_MSG_ERROR([You may not specify --without-ssl])
	fi

	if test "$withval" = "yes"; then
		AC_MSG_ERROR([If you specify --with-ssl then you must provide a value])
	fi
216
217
218
219
220
221
222
223
224


225
226
227
228
229
230
231
232
233
216
217
218
219
220
221
222


223
224


225
226
227
228
229
230
231






-
-
+
+
-
-







	tcltls_ssl_lib='openssl'
fi

AS_CASE([$tcltls_ssl_lib],
	[openssl], [
		TCLTLS_SSL_OPENSSL
	],
	[nss], [
	 	TCLTLS_SSL_LIBS=""
	[mbedtls], [
		TCLTLS_SSL_MBEDTLS
		TCLTLS_SSL_CFLAGS=""
		TCLTLS_SSL_CPPFLAGS=""
	],
	[
		AC_MSG_ERROR([Unsupported SSL library: $tcltls_ssl_lib])
	]
)
dnl Determine how to use this SSL library
AC_MSG_CHECKING([how to use $tcltls_ssl_lib])