Check-in [c75c1f1d50]
Overview
Comment:Updated to support configure options to disable/enable specific protocols
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | tls-1-7
Files: files | file ages | folders
SHA1: c75c1f1d509c1c7eab8b5e62dda4d6c6e104f94e
User & Date: rkeene on 2016-12-05 16:57:56
Other Links: branch diff | manifest | tags
Context
2016-12-05
16:58
Enforce socket in blocking mode during test where "gets" is expected to wait for a reply check-in: dc7bbc6de6 user: rkeene tags: tls-1-7
16:57
Updated to support configure options to disable/enable specific protocols check-in: c75c1f1d50 user: rkeene tags: tls-1-7
16:44
Moved OpenSSL and LibreSSL checks to an external file check-in: 07852b1ee9 user: rkeene tags: tls-1-7
Changes

Modified aclocal/tcltls_openssl.m4 from [01c1c3f418] to [dc9bb37a5d].

31
32
33
34
35
36
37

38
39

40

41




42

43
44

45

46




47

48
49

50

51




52

53
54

55

56




57

58
59

60





61
62
63
64
65
66
	], [
		AC_MSG_RESULT([no])
		AC_MSG_ERROR([Unable to compile a basic program using OpenSSL])
	])
	AC_LANG_POP([C])

	dnl Determine if SSLv2 is supported

	AC_CHECK_FUNC(SSLv2_method,, [
		AC_DEFINE(NO_SSL2, [1], [Define this to disable SSLv2 in OpenSSL support])

	])






	dnl Determine if SSLv3 is supported

	AC_CHECK_FUNC(SSLv3_method,, [
		AC_DEFINE(NO_SSL3, [1], [Define this to disable SSLv3 in OpenSSL support])

	])






	dnl Determine if TLSv1.0 is supported

	AC_CHECK_FUNC(TLSv1_method,, [
		AC_DEFINE(NO_TLS1, [1], [Define this to disable TLSv1.0 in OpenSSL support])

	])






	dnl Determine if TLSv1.1 is supported

	AC_CHECK_FUNC(TLSv1_1_method,, [
		AC_DEFINE(NO_TLS1_1, [1], [Define this to disable TLSv1.1 in OpenSSL support])

	])






	dnl Determine if TLSv1.2 is supported

	AC_CHECK_FUNC(TLSv1_2_method,, [
		AC_DEFINE(NO_TLS1_2, [1], [Define this to disable TLSv1.2 in OpenSSL support])

	])






	dnl Restore compile-altering variables
	LIBS="${SAVE_LIBS}"
	CFLAGS="${SAVE_CFLAGS}"
	CPPFLAGS="${SAVE_CPPFLAGS}"
])







>

<
>

>

>
>
>
>

>

<
>

>

>
>
>
>

>

<
>

>

>
>
>
>

>

<
>

>

>
>
>
>

>

<
>

>
>
>
>
>






31
32
33
34
35
36
37
38
39

40
41
42
43
44
45
46
47
48
49
50

51
52
53
54
55
56
57
58
59
60
61

62
63
64
65
66
67
68
69
70
71
72

73
74
75
76
77
78
79
80
81
82
83

84
85
86
87
88
89
90
91
92
93
94
95
96
	], [
		AC_MSG_RESULT([no])
		AC_MSG_ERROR([Unable to compile a basic program using OpenSSL])
	])
	AC_LANG_POP([C])

	dnl Determine if SSLv2 is supported
	if test "$tcltls_ssl_ssl2" = "true"; then
	AC_CHECK_FUNC(SSLv2_method,, [

			tcltls_ssl_ssl2='false'
	])
	fi

	if test "$tcltls_ssl_ssl2" = "false"; then
		AC_DEFINE(NO_SSL2, [1], [Define this to disable SSLv2 in OpenSSL support])
	fi

	dnl Determine if SSLv3 is supported
	if test "$tcltls_ssl_ssl3" = "true"; then
	AC_CHECK_FUNC(SSLv3_method,, [

			tcltls_ssl_ssl3='false'
	])
	fi

	if test "$tcltls_ssl_ssl3" = "false"; then
		AC_DEFINE(NO_SSL3, [1], [Define this to disable SSLv3 in OpenSSL support])
	fi

	dnl Determine if TLSv1.0 is supported
	if test "$tcltls_ssl_tls1_0" = "true"; then
	AC_CHECK_FUNC(TLSv1_method,, [

			tcltls_ssl_tls1_0='false'
	])
	fi

	if test "$tcltls_ssl_tls1_0" = "false"; then
		AC_DEFINE(NO_TLS1, [1], [Define this to disable TLSv1.0 in OpenSSL support])
	fi

	dnl Determine if TLSv1.1 is supported
	if test "$tcltls_ssl_tls1_1" = "true"; then
	AC_CHECK_FUNC(TLSv1_1_method,, [

			tcltls_ssl_tls1_1='false'
	])
	fi

	if test "$tcltls_ssl_tls1_1" = "false"; then
		AC_DEFINE(NO_TLS1_1, [1], [Define this to disable TLSv1.1 in OpenSSL support])
	fi

	dnl Determine if TLSv1.2 is supported
	if test "$tcltls_ssl_tls1_2" = "true"; then
	AC_CHECK_FUNC(TLSv1_2_method,, [

			tcltls_ssl_tls1_2='false'
	])
	fi

	if test "$tcltls_ssl_tls1_2" = "false"; then
		AC_DEFINE(NO_TLS1_2, [1], [Define this to disable TLSv1.2 in OpenSSL support])
	fi

	dnl Restore compile-altering variables
	LIBS="${SAVE_LIBS}"
	CFLAGS="${SAVE_CFLAGS}"
	CPPFLAGS="${SAVE_CPPFLAGS}"
])

Modified configure.in from [4546434d3f] to [9220961356].

53
54
55
56
57
58
59









































60
61
62
63
64
65
66
])
if test "$tcltls_deterministic" = 'true'; then
	GEN_DH_PARAMS_ARGS='fallback'
else
	GEN_DH_PARAMS_ARGS=''
fi
AC_SUBST(GEN_DH_PARAMS_ARGS)










































dnl Enable support for a debugging build
tcltls_debug='false'
AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging parameters]), [
	if test "$enableval" = "yes"; then
		tcltls_debug='true'
	fi







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
])
if test "$tcltls_deterministic" = 'true'; then
	GEN_DH_PARAMS_ARGS='fallback'
else
	GEN_DH_PARAMS_ARGS=''
fi
AC_SUBST(GEN_DH_PARAMS_ARGS)

dnl Allow the user to manually disable protocols
dnl ## SSLv2: Disabled by default
tcltls_ssl_ssl2='false'
AC_ARG_ENABLE([sslv2], AS_HELP_STRING([--enable-sslv2], [enable SSLv2 protocol]), [
	if test "$enableval" = "yes"; then
		tcltls_ssl_ssl2='true'
	fi
])

dnl ## SSLv3: Disabled by default
tcltls_ssl_ssl3='false'
AC_ARG_ENABLE([sslv3], AS_HELP_STRING([--enable-sslv3], [enable SSLv3 protocol]), [
	if test "$enableval" = "yes"; then
		tcltls_ssl_ssl3='true'
	fi
])

dnl ## TLSv1.0: Enabled by default
tcltls_ssl_tls1_0='true'
AC_ARG_ENABLE([tlsv1.0], AS_HELP_STRING([--disable-tlsv1.0], [disable TLSv1.0 protocol]), [
	if test "$enableval" = "no"; then
		tcltls_ssl_tls1_0='false'
	fi
])

dnl ## TLSv1.1: Enabled by default
tcltls_ssl_tls1_1='true'
AC_ARG_ENABLE([tlsv1.1], AS_HELP_STRING([--disable-tlsv1.1], [disable TLSv1.1 protocol]), [
	if test "$enableval" = "no"; then
		tcltls_ssl_tls1_1='false'
	fi
])

dnl ## TLSv1.1: Enabled by default
tcltls_ssl_tls1_2='true'
AC_ARG_ENABLE([tlsv1.2], AS_HELP_STRING([--disable-tlsv1.2], [disable TLSv1.2 protocol]), [
	if test "$enableval" = "no"; then
		tcltls_ssl_tls1_2='false'
	fi
])

dnl Enable support for a debugging build
tcltls_debug='false'
AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging parameters]), [
	if test "$enableval" = "yes"; then
		tcltls_debug='true'
	fi