Overview
Comment: | Updated to support a deterministic mode |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | tls-1-7 |
Files: | files | file ages | folders |
SHA1: |
bf7f82b5e82c3c4173fb9add2d6cdd9a |
User & Date: | rkeene on 2016-12-01 21:51:55 |
Other Links: | branch diff | manifest | tags |
Context
2016-12-02
| ||
16:09 | Minor cleanup of global variables and void function check-in: ee18d6c91e user: rkeene tags: tls-1-7 | |
2016-12-01
| ||
21:51 | Updated to support a deterministic mode check-in: bf7f82b5e8 user: rkeene tags: tls-1-7 | |
21:36 | Updated to generate DH parameters more dynamically check-in: 3d5e70d1d5 user: rkeene tags: tls-1-7 | |
Changes
Modified Makefile.in
from [e516302d1e]
to [d6e6218bd6].
︙ | ︙ | |||
33 34 35 36 37 38 39 | # this extension @srcdir@/tls.tcl.h: @srcdir@/tls.tcl xxd -i < '@srcdir@/tls.tcl' > '@srcdir@/tls.tcl.h.new' mv '@srcdir@/tls.tcl.h.new' '@srcdir@/tls.tcl.h' # Create default DH parameters dh_params.h: @srcdir@/gen_dh_params | | | 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | # this extension @srcdir@/tls.tcl.h: @srcdir@/tls.tcl xxd -i < '@srcdir@/tls.tcl' > '@srcdir@/tls.tcl.h.new' mv '@srcdir@/tls.tcl.h.new' '@srcdir@/tls.tcl.h' # Create default DH parameters dh_params.h: @srcdir@/gen_dh_params @srcdir@/gen_dh_params @GEN_DH_PARAMS_ARGS@ > dh_params.h.new mv dh_params.h.new dh_params.h # Generic target for building files from the "srcdir" # tree -- the default target will not match paths %.o: @srcdir@/%.c $(CC) $(CPPFLAGS) $(CFLAGS) -o "$@" -c "$<" |
︙ | ︙ |
Modified configure.in
from [0ba49b2843]
to [92ab7478f3].
︙ | ︙ | |||
40 41 42 43 44 45 46 47 48 49 50 51 52 53 | fi tcltls_ssl_lib="$withval" ], [ tcltls_ssl_lib='auto' ]) AC_CHECK_TOOL([PKGCONFIG], [pkg-config], [false]) dnl XXX:TODO: Automatically determine the SSL library to use dnl defaulting to OpenSSL for compatibility reasons if test "$tcltls_ssl_lib" = 'auto'; then tcltls_ssl_lib='openssl' | > > > > > > > > > > > > > | 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 | fi tcltls_ssl_lib="$withval" ], [ tcltls_ssl_lib='auto' ]) dnl Enable support for building the same library every time tcltls_deterministic='false' AC_ARG_ENABLE([deterministic], AS_HELP_STRING([--enable-deterministic], [enable deterministic parameters]), [ if test "$enableval" = "yes"; then tcltls_deterministic='true' fi ]) if test "$tcltls_deterministic" = 'true'; then GEN_DH_PARAMS_ARGS='fallback' else GEN_DH_PARAMS_ARGS='' fi AC_SUBST(GEN_DH_PARAMS_ARGS) AC_CHECK_TOOL([PKGCONFIG], [pkg-config], [false]) dnl XXX:TODO: Automatically determine the SSL library to use dnl defaulting to OpenSSL for compatibility reasons if test "$tcltls_ssl_lib" = 'auto'; then tcltls_ssl_lib='openssl' |
︙ | ︙ |
Modified gen_dh_params
from [a7290cba5e]
to [121b16da7e].
︙ | ︙ | |||
76 77 78 79 80 81 82 83 84 85 86 87 88 | dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); if ((dh->p == NULL) || (dh->g == NULL)) { DH_free(dh); return(NULL); } return(dh); } _EOF_ } gen_dh_params_openssl && exit 0 gen_dh_params_remote && exit 0 gen_dh_params_fallback && exit 0 exit 1 | > > > > > > > | 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 | dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); if ((dh->p == NULL) || (dh->g == NULL)) { DH_free(dh); return(NULL); } return(dh); } _EOF_ } # Enable support for giving the same DH params each time if [ "$1" = 'fallback' ]; then gen_dh_params_fallback && exit 0 exit 1 fi gen_dh_params_openssl && exit 0 gen_dh_params_remote && exit 0 gen_dh_params_fallback && exit 0 exit 1 |