ADDED acinclude.m4 Index: acinclude.m4 ================================================================== --- /dev/null +++ acinclude.m4 @@ -0,0 +1,222 @@ +# +# Include the TEA standard macro set +# + +builtin(include,tclconfig/tcl.m4) + +# +# Add here whatever m4 macros you want to define for your package +# + +AC_DEFUN([TCLTLS_SSL_OPENSSL], [ + AC_CHECK_TOOL([PKG_CONFIG], [pkg-config]) + + dnl Disable support for TLS 1.0 protocol + AC_ARG_ENABLE([tls1], AS_HELP_STRING([--disable-tls1], [disable TLS1 protocol]), [ + if test "${enableval}" = "no"; then + AC_DEFINE([NO_TLS1], [1], [Disable TLS1 protocol]) + AC_MSG_CHECKING([for disable TLS1 protocol]) + AC_MSG_RESULT('yes') + fi + ]) + + dnl Disable support for TLS 1.1 protocol + AC_ARG_ENABLE([tls1_1], AS_HELP_STRING([--disable-tls1_1], [disable TLS1.1 protocol]), [ + if test "${enableval}" = "no"; then + AC_DEFINE([NO_TLS1_1], [1], [Disable TLS1.1 protocol]) + AC_MSG_CHECKING([for disable TLS1.1 protocol]) + AC_MSG_RESULT('yes') + fi + ]) + + dnl Disable support for TLS 1.2 protocol + AC_ARG_ENABLE([tls1_2], AS_HELP_STRING([--disable-tls1_2], [disable TLS1.2 protocol]), [ + if test "${enableval}" = "no"; then + AC_DEFINE([NO_TLS1_2], [1], [Disable TLS1.2 protocol]) + AC_MSG_CHECKING([for disable TLS1.2 protocol]) + AC_MSG_RESULT('yes') + fi + ]) + + dnl Disable support for TLS 1.3 protocol + AC_ARG_ENABLE([tls1_3], AS_HELP_STRING([--disable-tls1_3], [disable TLS1.3 protocol]), [ + if test "${enableval}" = "no"; then + AC_DEFINE([NO_TLS1_3], [1], [Disable TLS1.3 protocol]) + AC_MSG_CHECKING([for disable TLS1.3 protocol]) + AC_MSG_RESULT('yes') + fi + ]) + + + dnl Determine if we have been asked to use a fast path if possible + AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--enable-ssl-fastpath], + [enable using the underlying file descriptor for talking directly to the SSL library]), [ + tcltls_ssl_fastpath="$enableval" + ], [ + tcltls_ssl_fastpath='no' + ]) + if test "$tcltls_ssl_fastpath" = 'yes'; then + AC_DEFINE(TCLTLS_SSL_USE_FASTPATH, [1], [Enable SSL library direct use of the underlying file descriptor]) + fi + AC_MSG_CHECKING([for fast path]) + AC_MSG_RESULT([$tcltls_ssl_fastpath]) + + + dnl Enable hardening + AC_ARG_ENABLE([hardening], AS_HELP_STRING([--enable-hardening], [enable hardening attempts]), [ + tcltls_enable_hardening="$enableval" + ], [ + tcltls_enable_hardening='yes' + ]) + if test "$tcltls_enable_hardening" = 'yes'; then + if test "$GCC" = 'yes' -o "$CC" = 'clang'; then + TEA_ADD_CFLAGS([-fstack-protector-all]) + TEA_ADD_CFLAGS([-fno-strict-overflow]) + AC_DEFINE([_FORTIFY_SOURCE], [2], [Enable fortification]) + fi + fi + AC_MSG_CHECKING([for enable hardening]) + AC_MSG_RESULT([$tcltls_enable_hardening]) + + + dnl Determine if we have been asked to statically link to the SSL library + AC_ARG_ENABLE([static-ssl], AS_HELP_STRING([--enable-static-ssl], [enable static linking to the SSL library]), [ + TCLEXT_TLS_STATIC_SSL="$enableval" + ], [ + TCLEXT_TLS_STATIC_SSL='no' + ]) + AC_MSG_CHECKING([for static linking of openSSL libraries]) + AC_MSG_RESULT([$TCLEXT_TLS_STATIC_SSL]) + + + dnl Set SSL files root path + AC_ARG_WITH([openssl-dir], + AS_HELP_STRING([--with-openssl-dir=], + [path to root directory of OpenSSL or LibreSSL installation] + ), [ + openssldir="$withval" + ], [ + openssldir='' + ] + ) + + dnl Set SSL include files path + AC_ARG_WITH([openssl-includedir], + AS_HELP_STRING([--with-openssl-includedir=], + [path to include directory of OpenSSL or LibreSSL installation] + ), [ + opensslincludedir="$withval" + ], [ + if test -n "$openssldir"; then + opensslincludedir="$openssldir/include/openssl" + else + opensslincludedir='' + fi + ] + ) + AC_MSG_CHECKING([for OpenSSL include directory]) + AC_MSG_RESULT($opensslincludedir) + + dnl Set SSL include vars + if test -n "$opensslincludedir"; then + if test -f "$opensslincludedir/ssl.h"; then + TCLTLS_SSL_CFLAGS="-I$opensslincludedir" + TCLTLS_SSL_INCLUDES="-I$opensslincludedir" + else + AC_MSG_ERROR([Unable to locate ssl.h]) + fi + else + TCLTLS_SSL_CFLAGS="-I$(includedir)/openssl" + TCLTLS_SSL_INCLUDES="-I$(includedir)/openssl" + fi + + dnl Set SSL lib files path + AC_ARG_WITH([openssl-libdir], + AS_HELP_STRING([--with-openssl-libdir=], + [path to lib directory of OpenSSL or LibreSSL installation] + ), [ + openssllibdir="$withval" + ], [ + if test -n "$openssldir"; then + if test "$do64bit" == 'yes'; then + openssllibdir="$openssldir/lib64" + else + openssllibdir="$openssldir/lib" + fi + else + openssllibdir='' + fi + ] + ) + AC_MSG_CHECKING([for OpenSSL lib directory]) + AC_MSG_RESULT($openssllibdir) + + dnl Set SSL lib vars + if test -n "$openssllibdir"; then + if test -f "$openssllibdir/libssl${SHLIB_SUFFIX}"; then + if test "${TCLEXT_TLS_STATIC_SSL}" == 'no'; then + TCLTLS_SSL_LIBS="-L$openssllibdir -lcrypto -lssl" + else + # Linux and Solaris + TCLTLS_SSL_LIBS="-Wl,-Bstatic `$PKG_CONFIG --static --libs crypto ssl` -Wl,-Bdynamic" + # HPUX + # -Wl,-a,archive ... -Wl,-a,shared_archive + fi + else + AC_MSG_ERROR([Unable to locate libssl${SHLIB_SUFFIX}]) + fi + else + TCLTLS_SSL_LIBS="-lcrypto -lssl" + fi + + + dnl Include config variables in --help list and make available to be substituted via AC_SUBST. + AC_ARG_VAR([TCLTLS_SSL_CFLAGS], [C compiler flags for OpenSSL or LibreSSL]) + AC_ARG_VAR([TCLTLS_SSL_INCLUDES], [C compiler include paths for OpenSSL or LibreSSL]) + AC_ARG_VAR([TCLTLS_SSL_LIBS], [libraries to pass to the linker for OpenSSL or LibreSSL]) + + + dnl Set location of pkgconfig files + AC_ARG_WITH([openssl-pkgconfig], + AS_HELP_STRING([--with-openssl-pkgconfig=], + [path to root directory of OpenSSL or LibreSSL pkgconfigdir] + ), [ + opensslpkgconfigdir="$withval" + ], [ + opensslpkgconfigdir='' + ] + ) + AC_MSG_CHECKING([for OpenSSL pkgconfig]) + AC_MSG_RESULT($opensslpkgconfigdir) + + + # Use Package Config tool to get config + pkgConfigExtraArgs='' + if test "${SHARED_BUILD}" == 0 -o "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then + pkgConfigExtraArgs='--static' + fi + + dnl Use pkg-config to find the libraries + if test -n "${PKG_CONFIG}"; then + dnl Temporarily update PKG_CONFIG_PATH + PKG_CONFIG_PATH_SAVE="${PKG_CONFIG_PATH}" + if test -n "${opensslpkgconfigdir}"; then + if ! test -f "${opensslpkgconfigdir}/openssl.pc"; then + AC_MSG_ERROR([Unable to locate ${opensslpkgconfigdir}/openssl.pc]) + fi + + PKG_CONFIG_PATH="${opensslpkgconfigdir}${PATH_SEPARATOR}${PKG_CONFIG_PATH}" + export PKG_CONFIG_PATH + fi + if test -z "$TCLTLS_SSL_LIBS"; then + TCLTLS_SSL_LIBS="`"${PKG_CONFIG}" openssl --libs $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) + fi + if test -z "$TCLTLS_SSL_CFLAGS"; then + TCLTLS_SSL_CFLAGS="`"${PKG_CONFIG}" openssl --cflags-only-other $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) + fi + if test -z "$TCLTLS_SSL_INCLUDES"; then + TCLTLS_SSL_INCLUDES="`"${PKG_CONFIG}" openssl --cflags-only-I $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) + fi + PKG_CONFIG_PATH="${PKG_CONFIG_PATH_SAVE}" + fi +]) ADDED aclocal.m4 Index: aclocal.m4 ================================================================== --- /dev/null +++ aclocal.m4 @@ -0,0 +1,69 @@ +# generated automatically by aclocal 1.16.5 -*- Autoconf -*- + +# Copyright (C) 1996-2021 Free Software Foundation, Inc. + +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) +# =========================================================================== +# https://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT]) +# +# DESCRIPTION +# +# Check whether the given FLAG works with the current language's compiler +# or gives an error. (Warnings, however, are ignored) +# +# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on +# success/failure. +# +# If EXTRA-FLAGS is defined, it is added to the current language's default +# flags (e.g. CFLAGS) when the check is done. The check is thus made with +# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to +# force the compiler to issue an error when a bad flag is given. +# +# INPUT gives an alternative input source to AC_COMPILE_IFELSE. +# +# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this +# macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG. +# +# LICENSE +# +# Copyright (c) 2008 Guido U. Draheim +# Copyright (c) 2011 Maarten Bosmans +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 6 + +AC_DEFUN([AX_CHECK_COMPILE_FLAG], +[AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF +AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl +AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [ + ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS + _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1" + AC_COMPILE_IFELSE([m4_default([$5],[AC_LANG_PROGRAM()])], + [AS_VAR_SET(CACHEVAR,[yes])], + [AS_VAR_SET(CACHEVAR,[no])]) + _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags]) +AS_VAR_IF(CACHEVAR,yes, + [m4_default([$2], :)], + [m4_default([$3], :)]) +AS_VAR_POPDEF([CACHEVAR])dnl +])dnl AX_CHECK_COMPILE_FLAGS + +m4_include([acinclude.m4])