Changes On Branch x-header-work

Changes In Branch x-header-work Excluding Merge-Ins

This is equivalent to a diff from fb6a7404da to bd8b53ced2

2019-06-19
18:25
TclTLS 1.7.19 check-in: 3d0bcddafd user: rkeene tags: tls-1-7, tls-1-7-19
2019-05-29
18:52
Try to find headers in a specific path and do not allow "mp_int"/"mp_digit" to conflict with other things Leaf check-in: bd8b53ced2 user: rkeene tags: x-header-work
2019-04-25
16:51
TclTLS 1.7.18 check-in: fb6a7404da user: rkeene tags: tls-1-7, tls-1-7-18
16:51
Merged in changes from trunk check-in: a64e691ada user: rkeene tags: tls-1-7

Modified aclocal/tcltls_openssl.m4 from [c4132f494e] to [4ea3fa4aea].

11
12
13
14
15
16
17





18
19


20
21

22
23
24
25
26
27
28
11
12
13
14
15
16
17
18
19
20
21
22


23
24
25

26
27
28
29
30
31
32
33







+
+
+
+
+
-
-
+
+

-
+







			AC_CHECK_FUNC($2,, [
				proto_check='false'
			])
		], [
			AC_LANG_PUSH(C)
			AC_MSG_CHECKING([for $3 protocol support])
			AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
#ifdef OPENSSL_HEADER_PREFIX
#  define OPENSSL_HEADER(header) <OPENSSL_HEADER_PREFIX/header>
#else
#  define OPENSSL_HEADER(header) <header>
#endif
#include <openssl/ssl.h>
#include <openssl/opensslv.h>
#include OPENSSL_HEADER(openssl/ssl.h)
#include OPENSSL_HEADER(openssl/opensslv.h)
#if (SSLEAY_VERSION_NUMBER >= 0x0907000L)
# include <openssl/conf.h>
# include OPENSSL_HEADER(openssl/conf.h)
#endif
			], [
int x = $5;
			])], [
				AC_MSG_RESULT([yes])
			], [
				AC_MSG_RESULT([no])
79
80
81
82
83
84
85



86
87
88
89
90
91
92
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100







+
+
+







		if test -e "$openssldir/libssl.$SHOBJEXT"; then
			TCLTLS_SSL_LIBS="-L$openssldir -lssl -lcrypto"
			openssldir="`AS_DIRNAME(["$openssldir"])`"
		else
			TCLTLS_SSL_LIBS="-L$openssldir/lib -lssl -lcrypto"
		fi
		TCLTLS_SSL_CFLAGS="-I$openssldir/include"
		if test -n "$openssldir"; then
			AC_DEFINE_UNQUOTED(OPENSSL_HEADER_PREFIX, [$openssldir/include], [Path to OpenSSL headers])
		fi
		TCLTLS_SSL_CPPFLAGS="-I$openssldir/include"
	fi

	pkgConfigExtraArgs=''
	if test "$TCLEXT_BUILD" = "static" -o "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then
		pkgConfigExtraArgs='--static'
	fi
110
111
112
113
114
115
116




117
118
119
120
121
122
123
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135







+
+
+
+







		TCLTLS_SSL_LIBS="`"${PKGCONFIG}" openssl --libs $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration])
	fi
	if test -z "$TCLTLS_SSL_CFLAGS"; then
		TCLTLS_SSL_CFLAGS="`"${PKGCONFIG}" openssl --cflags-only-other $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration])
	fi
	if test -z "$TCLTLS_SSL_CPPFLAGS"; then
		TCLTLS_SSL_CPPFLAGS="`"${PKGCONFIG}" openssl --cflags-only-I $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration])
		opensslincdir="$(echo "${TCLTLS_SSL_CPPFLAGS}" | sed 's@^.*-I@@')"
		if test -n "$opensslincdir"; then
			AC_DEFINE_UNQUOTED(OPENSSL_HEADER_PREFIX, [$opensslincdir], [Path to OpenSSL headers])
		fi
	fi
	PKG_CONFIG_PATH="${PKG_CONFIG_PATH_SAVE}"

	if test "$TCLEXT_BUILD" = "static"; then
		dnl If we are doing a static build, save the linker flags for other programs to consume
		rm -f tcltls.a.linkadd
		AS_ECHO(["$TCLTLS_SSL_LIBS"]) > tcltls.a.linkadd
162
163
164
165
166
167
168





169
170


171
172

173
174
175
176
177
178
179
174
175
176
177
178
179
180
181
182
183
184
185


186
187
188

189
190
191
192
193
194
195
196







+
+
+
+
+
-
-
+
+

-
+







	CFLAGS="${TCLTLS_SSL_CFLAGS} ${SAVE_CFLAGS} ${TCLTLS_SSL_CFLAGS}"
	CPPFLAGS="${TCLTLS_SSL_CPPFLAGS} ${SAVE_CPPFLAGS} ${TCLTLS_SSL_CPPFLAGS}"

	dnl Verify that basic functionality is there
	AC_LANG_PUSH(C)
	AC_MSG_CHECKING([if a basic OpenSSL program works])
	AC_LINK_IFELSE([AC_LANG_PROGRAM([
#ifdef OPENSSL_HEADER_PREFIX
#  define OPENSSL_HEADER(header) <OPENSSL_HEADER_PREFIX/header>
#else
#  define OPENSSL_HEADER(header) <header>
#endif
#include <openssl/ssl.h>
#include <openssl/opensslv.h>
#include OPENSSL_HEADER(openssl/ssl.h)
#include OPENSSL_HEADER(openssl/opensslv.h)
#if (SSLEAY_VERSION_NUMBER >= 0x0907000L)
# include <openssl/conf.h>
# include OPENSSL_HEADER(openssl/conf.h)
#endif
		], [
  SSL_library_init();
  SSL_load_error_strings();
		])], [
		AC_MSG_RESULT([yes])
	], [
190
191
192
193
194
195
196





197

198
199

200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218

219
220

221
222
223
224
225
226
227
228







+
+
+
+
+
-
+

-
+







	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_2], [TLSv1_2_method], [tlsv1.2], [NO_TLS1_2])
	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_3], [], [tlsv1.3], [NO_TLS1_3], [SSL_OP_NO_TLSv1_3])

	AC_CACHE_VAL([tcltls_cv_func_tlsext_hostname], [
		AC_LANG_PUSH(C)
		AC_MSG_CHECKING([for SSL_set_tlsext_host_name])
		AC_LINK_IFELSE([AC_LANG_PROGRAM([
#ifdef OPENSSL_HEADER_PREFIX
#  define OPENSSL_HEADER(header) <OPENSSL_HEADER_PREFIX/header>
#else
#  define OPENSSL_HEADER(header) <header>
#endif
#include <openssl/ssl.h>
#include OPENSSL_HEADER(openssl/ssl.h)
#if (SSLEAY_VERSION_NUMBER >= 0x0907000L)
# include <openssl/conf.h>
# include OPENSSL_HEADER(openssl/conf.h)
#endif
			], [
  (void)SSL_set_tlsext_host_name((void *) 0, (void *) 0);
			])], [
			AC_MSG_RESULT([yes])
			tcltls_cv_func_tlsext_hostname='yes'
		], [

Modified tls.c from [c565bf20f1] to [391c72843c].

104
105
106
107
108
109
110
111

112
113
114

115
116
117
118
119
120
121
104
105
106
107
108
109
110

111
112
113

114
115
116
117
118
119
120
121







-
+


-
+








/*
 * Thread-Safe TLS Code
 */

#ifdef TCL_THREADS
#define OPENSSL_THREAD_DEFINES
#include <openssl/opensslconf.h>
#include OPENSSL_HEADER(openssl/opensslconf.h)

#ifdef OPENSSL_THREADS
#include <openssl/crypto.h>
#include OPENSSL_HEADER(openssl/crypto.h)

/*
 * Threaded operation requires locking callbacks
 * Based from /crypto/cryptlib.c of OpenSSL and NSOpenSSL.
 */

static Tcl_Mutex *locks = NULL;

Modified tls.h from [5e9dbae35a] to [32e35217c8].

14
15
16
17
18
19
20


21


22
23
24
25
26
27
28
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32







+
+

+
+







 *	tclSSL (Colin McCormack, Shared Technology)
 *	SSLtcl (Peter Antman)
 *
 */
#ifndef _TLS_H
#define _TLS_H

#define mp_digit __TCL_MP_DIGIT
#define mp_int   __TCL_MP_INT
#include <tcl.h>
#undef mp_digit
#undef mp_int

/*
 * Initialization routines -- our entire public C API.
 */
int Tls_Init(Tcl_Interp *interp);
int Tls_SafeInit(Tcl_Interp *interp);

Modified tlsInt.h from [b78d815874] to [50b6f39a60].

18
19
20
21
22
23
24






25
26
27
28
29
30
31
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37







+
+
+
+
+
+







#ifndef _TLSINT_H
#define _TLSINT_H

#include "tls.h"
#include <errno.h>
#include <string.h>
#include <stdint.h>

#ifdef OPENSSL_HEADER_PREFIX
#  define OPENSSL_HEADER(header) <OPENSSL_HEADER_PREFIX/header>
#else
#  define OPENSSL_HEADER(header) <header>
#endif

#ifdef __WIN32__
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <wincrypt.h> /* OpenSSL needs this on Windows */
#endif

41
42
43
44
45
46
47
48
49
50
51




52
53
54
55
56
57
58
47
48
49
50
51
52
53




54
55
56
57
58
59
60
61
62
63
64







-
-
-
-
+
+
+
+







#  define NO_RC5
#  define NO_RSA
#  ifndef NO_SSL2
#    define NO_SSL2
#  endif
#endif

#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/opensslv.h>
#include OPENSSL_HEADER(openssl/ssl.h)
#include OPENSSL_HEADER(openssl/err.h)
#include OPENSSL_HEADER(openssl/rand.h)
#include OPENSSL_HEADER(openssl/opensslv.h)

/*
 * Determine if we should use the pre-OpenSSL 1.1.0 API
 */
#undef TCLTLS_OPENSSL_PRE_1_1
#if (defined(LIBRESSL_VERSION_NUMBER)) || OPENSSL_VERSION_NUMBER < 0x10100000L
#  define TCLTLS_OPENSSL_PRE_1_1_API 1