Index: acinclude.m4 ================================================================== --- acinclude.m4 +++ acinclude.m4 @@ -6,156 +6,12 @@ # # Add here whatever m4 macros you want to define for your package # -dnl $1 = Description to show user -dnl $2 = Libraries to link to -dnl $3 = Variable to update (optional; default LIBS) -dnl $4 = Action to run if found -dnl $5 = Action to run if not found -AC_DEFUN([SHOBJ_DO_STATIC_LINK_LIB], [ - ifelse($3, [], [ - define([VAR_TO_UPDATE], [LIBS]) - ], [ - define([VAR_TO_UPDATE], [$3]) - ]) - - AC_MSG_CHECKING([for how to statically link to $1]) - - trylink_ADD_LDFLAGS='' - for arg in $VAR_TO_UPDATE; do - case "${arg}" in - -L*) - trylink_ADD_LDFLAGS="${arg}" - ;; - esac - done - - SAVELIBS="$LIBS" - staticlib="" - found="0" - dnl HP/UX uses -Wl,-a,archive ... -Wl,-a,shared_archive - dnl Linux and Solaris us -Wl,-Bstatic ... -Wl,-Bdynamic - AC_LANG_PUSH([C]) - for trylink in "-Wl,-a,archive $2 -Wl,-a,shared_archive" "-Wl,-Bstatic $2 -Wl,-Bdynamic" "$2"; do - if echo " ${LDFLAGS} " | grep ' -static ' >/dev/null; then - if test "${trylink}" != "$2"; then - continue - fi - fi - - LIBS="${SAVELIBS} ${trylink_ADD_LDFLAGS} ${trylink}" - - AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], [ - staticlib="${trylink}" - found="1" - - break - ]) - done - AC_LANG_POP([C]) - LIBS="${SAVELIBS}" - - if test "${found}" = "1"; then - new_RESULT='' - SAVERESULT="$VAR_TO_UPDATE" - for lib in ${SAVERESULT}; do - addlib='1' - for removelib in $2; do - if test "${lib}" = "${removelib}"; then - addlib='0' - break - fi - done - - if test "$addlib" = '1'; then - new_RESULT="${new_RESULT} ${lib}" - fi - done - VAR_TO_UPDATE="${new_RESULT} ${staticlib}" - - AC_MSG_RESULT([${staticlib}]) - - $4 - else - AC_MSG_RESULT([cant]) - - $5 - fi -]) - AC_DEFUN([TCLTLS_SSL_OPENSSL], [ - AC_CHECK_TOOL([PKGCONFIG], [pkg-config], [false]) - - openssldir='' - opensslpkgconfigdir='' - - AC_ARG_WITH([openssl-dir], - AS_HELP_STRING( - [--with-openssl-dir=], - [path to root directory of OpenSSL or LibreSSL installation] - ), [ - openssldir="$withval" - ] - ) - AC_ARG_WITH([openssl-pkgconfig], - AS_HELP_STRING( - [--with-openssl-pkgconfig=], - [path to root directory of OpenSSL or LibreSSL pkgconfigdir] - ), [ - opensslpkgconfigdir="$withval" - ] - ) - - if test -n "$openssldir"; then - if test -e "$openssldir/libssl.$SHOBJEXT"; then - TCLTLS_SSL_LIBS="-L$openssldir -lssl -lcrypto" - openssldir="`AS_DIRNAME(["$openssldir"])`" - else - TCLTLS_SSL_LIBS="-L$openssldir/lib -lssl -lcrypto" - fi - TCLTLS_SSL_CFLAGS="-I$openssldir/include" - TCLTLS_SSL_CPPFLAGS="-I$openssldir/include" - fi - - AC_MSG_CHECKING([for OpenSSL config]) - AC_MSG_RESULT($openssldir) - AC_MSG_CHECKING([for OpenSSL pkgconfig]) - AC_MSG_RESULT($opensslpkgconfigdir) - - pkgConfigExtraArgs='' - if test "${SHARED_BUILD}" == 0 -o "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then - pkgConfigExtraArgs='--static' - fi - - dnl Use pkg-config to find the libraries - dnl Temporarily update PKG_CONFIG_PATH - PKG_CONFIG_PATH_SAVE="${PKG_CONFIG_PATH}" - if test -n "${opensslpkgconfigdir}"; then - if ! test -f "${opensslpkgconfigdir}/openssl.pc"; then - AC_MSG_ERROR([Unable to locate ${opensslpkgconfigdir}/openssl.pc]) - fi - - PKG_CONFIG_PATH="${opensslpkgconfigdir}${PATH_SEPARATOR}${PKG_CONFIG_PATH}" - export PKG_CONFIG_PATH - fi - - AC_ARG_VAR([TCLTLS_SSL_LIBS], [libraries to pass to the linker for OpenSSL or LibreSSL]) - AC_ARG_VAR([TCLTLS_SSL_CFLAGS], [C compiler flags for OpenSSL or LibreSSL]) - AC_ARG_VAR([TCLTLS_SSL_CPPFLAGS], [C preprocessor flags for OpenSSL or LibreSSL]) - if test -z "$TCLTLS_SSL_LIBS"; then - TCLTLS_SSL_LIBS="`"${PKGCONFIG}" openssl --libs $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) - fi - if test -z "$TCLTLS_SSL_CFLAGS"; then - TCLTLS_SSL_CFLAGS="`"${PKGCONFIG}" openssl --cflags-only-other $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) - fi - if test -z "$TCLTLS_SSL_CPPFLAGS"; then - TCLTLS_SSL_CPPFLAGS="`"${PKGCONFIG}" openssl --cflags-only-I $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) - fi - PKG_CONFIG_PATH="${PKG_CONFIG_PATH_SAVE}" - + AC_CHECK_TOOL([PKG_CONFIG], [pkg-config], [false]) dnl Disable support for TLS 1.0 protocol AC_ARG_ENABLE([tls1], AS_HELP_STRING([--disable-tls1], [disable TLS1 protocol]), [ if test "${enableval}" = "no"; then AC_DEFINE([NO_TLS1], [1], [Disable TLS1 protocol]) @@ -189,11 +45,12 @@ AC_MSG_CHECKING([for disable TLS1.3 protocol]) AC_MSG_RESULT('yes') fi ]) - dnl Enable support for building the same library every time + + dnl Enable support for building the same Diffie–Hellman parameters each time AC_ARG_ENABLE([deterministic], AS_HELP_STRING([--enable-deterministic], [enable deterministic DH parameters]), [ tcltls_deterministic="$enableval" ], [ tcltls_deterministic='no' ]) @@ -202,32 +59,36 @@ else GEN_DH_PARAMS_ARGS='' fi dnl Enable support for specifying pre-computed DH params size - AC_ARG_WITH([builtin-dh-params-size], AS_HELP_STRING([--with-builtin-dh-params-size=], [specify the size in bits of the built-in, precomputed, DH params]), [ + AC_ARG_WITH([builtin-dh-params-size], AS_HELP_STRING([--with-builtin-dh-params-size=], + [specify the size in bits of the built-in, precomputed, DH params]), [ AS_CASE([$withval],[2048|4096|8192],,[AC_MSG_ERROR([Unsupported DH params size: $withval])]) GEN_DH_PARAMS_ARGS="${GEN_DH_PARAMS_ARGS} bits=$withval" ]) AC_SUBST(GEN_DH_PARAMS_ARGS) AC_MSG_CHECKING([for DH params]) AC_MSG_RESULT([$GEN_DH_PARAMS_ARGS]) + dnl Determine if we have been asked to use a fast path if possible - AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--enable-ssl-fastpath], [enable using the underlying file descriptor for talking directly to the SSL library]), [ + AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--enable-ssl-fastpath], + [enable using the underlying file descriptor for talking directly to the SSL library]), [ tcltls_ssl_fastpath="$enableval" ], [ tcltls_ssl_fastpath='no' ]) if test "$tcltls_ssl_fastpath" = 'yes'; then - AC_DEFINE(TCLTLS_SSL_USE_FASTPATH, [1], [Define this to enable using the underlying file descriptor for talking directly to the SSL library]) + AC_DEFINE(TCLTLS_SSL_USE_FASTPATH, [1], [Enable SSL library direct use of the underlying file descriptor]) fi AC_MSG_CHECKING([for fast path]) AC_MSG_RESULT([$tcltls_ssl_fastpath]) + dnl Enable hardening - AC_ARG_ENABLE([hardening], AS_HELP_STRING([--disable-hardening], [enable hardening attempts]), [ + AC_ARG_ENABLE([hardening], AS_HELP_STRING([--enable-hardening], [enable hardening attempts]), [ tcltls_enable_hardening="$enableval" ], [ tcltls_enable_hardening='yes' ]) if test "$tcltls_enable_hardening" = 'yes'; then @@ -237,48 +98,138 @@ AC_DEFINE([_FORTIFY_SOURCE], [2], [Enable fortification]) fi fi AC_MSG_CHECKING([for enable hardening]) AC_MSG_RESULT([$tcltls_enable_hardening]) + dnl Determine if we have been asked to statically link to the SSL library AC_ARG_ENABLE([static-ssl], AS_HELP_STRING([--enable-static-ssl], [enable static linking to the SSL library]), [ TCLEXT_TLS_STATIC_SSL="$enableval" ], [ TCLEXT_TLS_STATIC_SSL='no' ]) - - if test "${SHARED_BUILD}" != "1"; then - dnl If we are doing a static build, save the linker flags for other programs to consume - rm -f tcltls.${AREXT}.linkadd - AS_ECHO(["$TCLTLS_SSL_LIBS"]) > tcltls.${AREXT}.linkadd - fi - - dnl If we have been asked to statically link to the SSL library, tell the linker to do so - if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then - dnl Don't bother doing this if we aren't actually doing the runtime linking - if test "${SHARED_BUILD}" = "1"; then - dnl Split the libraries into SSL and non-SSL libraries - new_TCLTLS_SSL_LIBS_normal='' - new_TCLTLS_SSL_LIBS_static='' - for arg in $TCLTLS_SSL_LIBS; do - case "${arg}" in - -L*) - new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}" - new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}" - ;; - -ldl|-lrt|-lc|-lpthread|-lm|-lcrypt|-lidn|-lresolv|-lgcc|-lgcc_s) - new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}" - ;; - -l*) - new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}" - ;; - *) - new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}" - ;; - esac - done - SHOBJ_DO_STATIC_LINK_LIB([OpenSSL], [$new_TCLTLS_SSL_LIBS_static], [new_TCLTLS_SSL_LIBS_static]) - TCLTLS_SSL_LIBS="${new_TCLTLS_SSL_LIBS_normal} ${new_TCLTLS_SSL_LIBS_static}" - fi - fi + AC_MSG_CHECKING([for static linking of openSSL libraries]) + AC_MSG_RESULT([$TCLEXT_TLS_STATIC_SSL]) + + # Static lib + pkgConfigExtraArgs='' + if test "${SHARED_BUILD}" == 0 -o "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then + pkgConfigExtraArgs='--static' + fi + + + dnl Get SSL paths + AC_ARG_WITH([openssl-dir], + AS_HELP_STRING([--with-openssl-dir=], + [path to root directory of OpenSSL or LibreSSL installation] + ), [ + openssldir="$withval" + ], [ + openssldir='' + ] + ) + + dnl Get SSL include files path + AC_ARG_WITH([openssl-includedir], + AS_HELP_STRING([--with-openssl-includedir=], + [path to include directory of OpenSSL or LibreSSL installation] + ), [ + opensslincludedir="$withval" + ], [ + if test -n "$openssldir"; then + opensslincludedir="$openssldir/include/openssl" + else + opensslincludedir='' + fi + ] + ) + AC_MSG_CHECKING([for OpenSSL include directory]) + AC_MSG_RESULT($opensslincludedir) + + dnl Get SSL lib files path + if test -n "$opensslincludedir"; then + if test -f "$opensslincludedir/ssl.h"; then + TCLTLS_SSL_CFLAGS="-I$opensslincludedir" + TCLTLS_SSL_INCLUDES="-I$opensslincludedir" + else + AC_MSG_ERROR([Unable to locate ssl.h]) + fi + fi + + AC_ARG_WITH([openssl-libdir], + AS_HELP_STRING([--with-openssl-libdir=], + [path to lib directory of OpenSSL or LibreSSL installation] + ), [ + openssllibdir="$withval" + ], [ + if test -n "$openssldir"; then + if test "$do64bit" == 'yes'; then + openssllibdir="$openssldir/lib64" + else + openssllibdir="$openssldir/lib" + fi + else + openssllibdir='' + fi + ] + ) + AC_MSG_CHECKING([for OpenSSL lib directory]) + AC_MSG_RESULT($openssllibdir) + + if test -n "$openssllibdir"; then + if test -f "$openssllibdir/libssl${SHLIB_SUFFIX}"; then + if test "${TCLEXT_TLS_STATIC_SSL}" == 'no'; then + TCLTLS_SSL_LIBS="-L$openssllibdir -lcrypto -lssl" + else + # Linux and Solaris + TCLTLS_SSL_LIBS="-Wl,-Bstatic `$PKG_CONFIG --static --libs crypto ssl` -Wl,-Bdynamic" + # HPUX + # -Wl,-a,archive ... -Wl,-a,shared_archive + fi + else + AC_MSG_ERROR([Unable to locate libssl${SHLIB_SUFFIX}]) + fi + else + TCLTLS_SSL_LIBS="-lcrypto -lssl" + fi + + + AC_ARG_WITH([openssl-pkgconfig], + AS_HELP_STRING( + [--with-openssl-pkgconfig=], + [path to root directory of OpenSSL or LibreSSL pkgconfigdir] + ), [ + opensslpkgconfigdir="$withval" + ], [ + opensslpkgconfigdir='' + ] + ) + AC_MSG_CHECKING([for OpenSSL pkgconfig]) + AC_MSG_RESULT($opensslpkgconfigdir) + + dnl Use pkg-config to find the libraries + dnl Temporarily update PKG_CONFIG_PATH + PKG_CONFIG_PATH_SAVE="${PKG_CONFIG_PATH}" + if test -n "${opensslpkgconfigdir}"; then + if ! test -f "${opensslpkgconfigdir}/openssl.pc"; then + AC_MSG_ERROR([Unable to locate ${opensslpkgconfigdir}/openssl.pc]) + fi + + PKG_CONFIG_PATH="${opensslpkgconfigdir}${PATH_SEPARATOR}${PKG_CONFIG_PATH}" + export PKG_CONFIG_PATH + fi + + AC_ARG_VAR([TCLTLS_SSL_LIBS], [libraries to pass to the linker for OpenSSL or LibreSSL]) + AC_ARG_VAR([TCLTLS_SSL_CFLAGS], [C compiler flags for OpenSSL or LibreSSL]) + AC_ARG_VAR([TCLTLS_SSL_INCLUDES], [C compiler include paths for OpenSSL or LibreSSL]) + if test -z "$TCLTLS_SSL_LIBS"; then + TCLTLS_SSL_LIBS="`"${PKG_CONFIG}" openssl --libs $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) + fi + if test -z "$TCLTLS_SSL_CFLAGS"; then + TCLTLS_SSL_CFLAGS="`"${PKG_CONFIG}" openssl --cflags-only-other $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) + fi + if test -z "$TCLTLS_SSL_INCLUDES"; then + TCLTLS_SSL_INCLUDES="`"${PKG_CONFIG}" openssl --cflags-only-I $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration]) + fi + PKG_CONFIG_PATH="${PKG_CONFIG_PATH_SAVE}" ]) Index: configure ================================================================== --- configure +++ configure @@ -645,15 +645,15 @@ #endif" ac_header_c_list= ac_subst_vars='LTLIBOBJS TCLSH_PROG -GEN_DH_PARAMS_ARGS -TCLTLS_SSL_CPPFLAGS +TCLTLS_SSL_INCLUDES TCLTLS_SSL_CFLAGS TCLTLS_SSL_LIBS -PKGCONFIG +GEN_DH_PARAMS_ARGS +PKG_CONFIG VC_MANIFEST_EMBED_EXE VC_MANIFEST_EMBED_DLL RANLIB_STUB MAKE_STUB_LIB MAKE_STATIC_LIB @@ -776,21 +776,23 @@ enable_stubs enable_64bit enable_64bit_vis enable_rpath enable_symbols -with_openssl_dir -with_openssl_pkgconfig enable_tls1 enable_tls1_1 enable_tls1_2 enable_tls1_3 enable_deterministic with_builtin_dh_params_size enable_ssl_fastpath enable_hardening enable_static_ssl +with_openssl_dir +with_openssl_includedir +with_openssl_libdir +with_openssl_pkgconfig ' ac_precious_vars='build_alias host_alias target_alias CC @@ -799,11 +801,11 @@ LIBS CPPFLAGS CPP TCLTLS_SSL_LIBS TCLTLS_SSL_CFLAGS -TCLTLS_SSL_CPPFLAGS' +TCLTLS_SSL_INCLUDES' # Initialize some variables set by options. ac_init_help= ac_init_version=false @@ -1433,29 +1435,35 @@ --disable-tls1_2 disable TLS1.2 protocol --disable-tls1_3 disable TLS1.3 protocol --enable-deterministic enable deterministic DH parameters --enable-ssl-fastpath enable using the underlying file descriptor for talking directly to the SSL library - --disable-hardening enable hardening attempts + --enable-hardening enable hardening attempts --enable-static-ssl enable static linking to the SSL library Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-tcl directory containing tcl configuration (tclConfig.sh) --with-tcl8 Compile for Tcl8 in Tcl9 environment --with-tclinclude directory containing the public Tcl header files + --with-builtin-dh-params-size= + specify the size in bits of the built-in, + precomputed, DH params --with-openssl-dir= path to root directory of OpenSSL or LibreSSL installation + --with-openssl-includedir= + path to include directory of OpenSSL or LibreSSL + installation + --with-openssl-libdir= + path to lib directory of OpenSSL or LibreSSL + installation --with-openssl-pkgconfig= path to root directory of OpenSSL or LibreSSL pkgconfigdir - --with-builtin-dh-params-size= - specify the size in bits of the built-in, - precomputed, DH params Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a @@ -1466,12 +1474,12 @@ CPP C preprocessor TCLTLS_SSL_LIBS libraries to pass to the linker for OpenSSL or LibreSSL TCLTLS_SSL_CFLAGS C compiler flags for OpenSSL or LibreSSL - TCLTLS_SSL_CPPFLAGS - C preprocessor flags for OpenSSL or LibreSSL + TCLTLS_SSL_INCLUDES + C compiler include paths for OpenSSL or LibreSSL Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to the package provider. @@ -8917,16 +8925,16 @@ if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_PKGCONFIG+y} +if test ${ac_cv_prog_PKG_CONFIG+y} then : printf %s "(cached) " >&6 else $as_nop - if test -n "$PKGCONFIG"; then - ac_cv_prog_PKGCONFIG="$PKGCONFIG" # Let the user override the test. + if test -n "$PKG_CONFIG"; then + ac_cv_prog_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS @@ -8935,43 +8943,43 @@ */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_PKGCONFIG="${ac_tool_prefix}pkg-config" + ac_cv_prog_PKG_CONFIG="${ac_tool_prefix}pkg-config" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi -PKGCONFIG=$ac_cv_prog_PKGCONFIG -if test -n "$PKGCONFIG"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG" >&5 -printf "%s\n" "$PKGCONFIG" >&6; } +PKG_CONFIG=$ac_cv_prog_PKG_CONFIG +if test -n "$PKG_CONFIG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5 +printf "%s\n" "$PKG_CONFIG" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi fi -if test -z "$ac_cv_prog_PKGCONFIG"; then - ac_ct_PKGCONFIG=$PKGCONFIG +if test -z "$ac_cv_prog_PKG_CONFIG"; then + ac_ct_PKG_CONFIG=$PKG_CONFIG # Extract the first word of "pkg-config", so it can be a program name with args. set dummy pkg-config; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_ac_ct_PKGCONFIG+y} +if test ${ac_cv_prog_ac_ct_PKG_CONFIG+y} then : printf %s "(cached) " >&6 else $as_nop - if test -n "$ac_ct_PKGCONFIG"; then - ac_cv_prog_ac_ct_PKGCONFIG="$ac_ct_PKGCONFIG" # Let the user override the test. + if test -n "$ac_ct_PKG_CONFIG"; then + ac_cv_prog_ac_ct_PKG_CONFIG="$ac_ct_PKG_CONFIG" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS @@ -8980,139 +8988,43 @@ */) ;; *) as_dir=$as_dir/ ;; esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_PKGCONFIG="pkg-config" + ac_cv_prog_ac_ct_PKG_CONFIG="pkg-config" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi -ac_ct_PKGCONFIG=$ac_cv_prog_ac_ct_PKGCONFIG -if test -n "$ac_ct_PKGCONFIG"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_PKGCONFIG" >&5 -printf "%s\n" "$ac_ct_PKGCONFIG" >&6; } +ac_ct_PKG_CONFIG=$ac_cv_prog_ac_ct_PKG_CONFIG +if test -n "$ac_ct_PKG_CONFIG"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_PKG_CONFIG" >&5 +printf "%s\n" "$ac_ct_PKG_CONFIG" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi - if test "x$ac_ct_PKGCONFIG" = x; then - PKGCONFIG="false" + if test "x$ac_ct_PKG_CONFIG" = x; then + PKG_CONFIG="false" else case $cross_compiling:$ac_tool_warned in yes:) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - PKGCONFIG=$ac_ct_PKGCONFIG - fi -else - PKGCONFIG="$ac_cv_prog_PKGCONFIG" -fi - - - openssldir='' - opensslpkgconfigdir='' - - -# Check whether --with-openssl-dir was given. -if test ${with_openssl_dir+y} -then : - withval=$with_openssl_dir; - openssldir="$withval" - - -fi - - -# Check whether --with-openssl-pkgconfig was given. -if test ${with_openssl_pkgconfig+y} -then : - withval=$with_openssl_pkgconfig; - opensslpkgconfigdir="$withval" - - -fi - - - if test -n "$openssldir"; then - if test -e "$openssldir/libssl.$SHOBJEXT"; then - TCLTLS_SSL_LIBS="-L$openssldir -lssl -lcrypto" - openssldir="`$as_dirname -- "$openssldir" || -$as_expr X"$openssldir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$openssldir" : 'X\(//\)[^/]' \| \ - X"$openssldir" : 'X\(//\)$' \| \ - X"$openssldir" : 'X\(/\)' \| . 2>/dev/null || -printf "%s\n" X"$openssldir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'`" - else - TCLTLS_SSL_LIBS="-L$openssldir/lib -lssl -lcrypto" - fi - TCLTLS_SSL_CFLAGS="-I$openssldir/include" - TCLTLS_SSL_CPPFLAGS="-I$openssldir/include" - fi - - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL config" >&5 -printf %s "checking for OpenSSL config... " >&6; } - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $openssldir" >&5 -printf "%s\n" "$openssldir" >&6; } - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL pkgconfig" >&5 -printf %s "checking for OpenSSL pkgconfig... " >&6; } - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $opensslpkgconfigdir" >&5 -printf "%s\n" "$opensslpkgconfigdir" >&6; } - - pkgConfigExtraArgs='' - if test "${SHARED_BUILD}" == 0 -o "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then - pkgConfigExtraArgs='--static' - fi - - PKG_CONFIG_PATH_SAVE="${PKG_CONFIG_PATH}" - if test -n "${opensslpkgconfigdir}"; then - if ! test -f "${opensslpkgconfigdir}/openssl.pc"; then - as_fn_error $? "Unable to locate ${opensslpkgconfigdir}/openssl.pc" "$LINENO" 5 - fi - - PKG_CONFIG_PATH="${opensslpkgconfigdir}${PATH_SEPARATOR}${PKG_CONFIG_PATH}" - export PKG_CONFIG_PATH - fi - - - - - if test -z "$TCLTLS_SSL_LIBS"; then - TCLTLS_SSL_LIBS="`"${PKGCONFIG}" openssl --libs $pkgConfigExtraArgs`" || as_fn_error $? "Unable to get OpenSSL Configuration" "$LINENO" 5 - fi - if test -z "$TCLTLS_SSL_CFLAGS"; then - TCLTLS_SSL_CFLAGS="`"${PKGCONFIG}" openssl --cflags-only-other $pkgConfigExtraArgs`" || as_fn_error $? "Unable to get OpenSSL Configuration" "$LINENO" 5 - fi - if test -z "$TCLTLS_SSL_CPPFLAGS"; then - TCLTLS_SSL_CPPFLAGS="`"${PKGCONFIG}" openssl --cflags-only-I $pkgConfigExtraArgs`" || as_fn_error $? "Unable to get OpenSSL Configuration" "$LINENO" 5 - fi - PKG_CONFIG_PATH="${PKG_CONFIG_PATH_SAVE}" + PKG_CONFIG=$ac_ct_PKG_CONFIG + fi +else + PKG_CONFIG="$ac_cv_prog_PKG_CONFIG" +fi # Check whether --enable-tls1 was given. if test ${enable_tls1+y} then : @@ -9178,10 +9090,11 @@ printf "%s\n" "'yes'" >&6; } fi fi + # Check whether --enable-deterministic was given. if test ${enable_deterministic+y} then : enableval=$enable_deterministic; @@ -9217,10 +9130,11 @@ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for DH params" >&5 printf %s "checking for DH params... " >&6; } { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $GEN_DH_PARAMS_ARGS" >&5 printf "%s\n" "$GEN_DH_PARAMS_ARGS" >&6; } + # Check whether --enable-ssl-fastpath was given. if test ${enable_ssl_fastpath+y} then : enableval=$enable_ssl_fastpath; @@ -9239,10 +9153,11 @@ fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for fast path" >&5 printf %s "checking for fast path... " >&6; } { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $tcltls_ssl_fastpath" >&5 printf "%s\n" "$tcltls_ssl_fastpath" >&6; } + # Check whether --enable-hardening was given. if test ${enable_hardening+y} then : enableval=$enable_hardening; @@ -9271,10 +9186,11 @@ fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for enable hardening" >&5 printf %s "checking for enable hardening... " >&6; } { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $tcltls_enable_hardening" >&5 printf "%s\n" "$tcltls_enable_hardening" >&6; } + # Check whether --enable-static-ssl was given. if test ${enable_static_ssl+y} then : enableval=$enable_static_ssl; @@ -9284,135 +9200,156 @@ TCLEXT_TLS_STATIC_SSL='no' fi - - if test "${SHARED_BUILD}" == 0; then - rm -f tcltls.${AREXT}.linkadd - printf "%s\n" "$TCLTLS_SSL_LIBS" > tcltls.${AREXT}.linkadd - fi - - if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then - if test "${SHARED_BUILD}" = "1"; then - new_TCLTLS_SSL_LIBS_normal='' - new_TCLTLS_SSL_LIBS_static='' - for arg in $TCLTLS_SSL_LIBS; do - case "${arg}" in - -L*) - new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}" - new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}" - ;; - -ldl|-lrt|-lc|-lpthread|-lm|-lcrypt|-lidn|-lresolv|-lgcc|-lgcc_s) - new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}" - ;; - -l*) - new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}" - ;; - *) - new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}" - ;; - esac - done - - - - - - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for how to statically link to OpenSSL" >&5 -printf %s "checking for how to statically link to OpenSSL... " >&6; } - - trylink_ADD_LDFLAGS='' - for arg in $new_TCLTLS_SSL_LIBS_static; do - case "${arg}" in - -L*) - trylink_ADD_LDFLAGS="${arg}" - ;; - esac - done - - SAVELIBS="$LIBS" - staticlib="" - found="0" - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - for trylink in "-Wl,-a,archive $new_TCLTLS_SSL_LIBS_static -Wl,-a,shared_archive" "-Wl,-Bstatic $new_TCLTLS_SSL_LIBS_static -Wl,-Bdynamic" "$new_TCLTLS_SSL_LIBS_static"; do - if echo " ${LDFLAGS} " | grep ' -static ' >/dev/null; then - if test "${trylink}" != "$new_TCLTLS_SSL_LIBS_static"; then - continue - fi - fi - - LIBS="${SAVELIBS} ${trylink_ADD_LDFLAGS} ${trylink}" - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main (void) -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO" -then : - - staticlib="${trylink}" - found="1" - - break - -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam \ - conftest$ac_exeext conftest.$ac_ext - done - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - LIBS="${SAVELIBS}" - - if test "${found}" = "1"; then - new_RESULT='' - SAVERESULT="$new_TCLTLS_SSL_LIBS_static" - for lib in ${SAVERESULT}; do - addlib='1' - for removelib in $new_TCLTLS_SSL_LIBS_static; do - if test "${lib}" = "${removelib}"; then - addlib='0' - break - fi - done - - if test "$addlib" = '1'; then - new_RESULT="${new_RESULT} ${lib}" - fi - done - new_TCLTLS_SSL_LIBS_static="${new_RESULT} ${staticlib}" - - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: ${staticlib}" >&5 -printf "%s\n" "${staticlib}" >&6; } - - - else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: cant" >&5 -printf "%s\n" "cant" >&6; } - - - fi - - TCLTLS_SSL_LIBS="${new_TCLTLS_SSL_LIBS_normal} ${new_TCLTLS_SSL_LIBS_static}" - fi - fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for static linking of openSSL libraries" >&5 +printf %s "checking for static linking of openSSL libraries... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $TCLEXT_TLS_STATIC_SSL" >&5 +printf "%s\n" "$TCLEXT_TLS_STATIC_SSL" >&6; } + + # Static lib + pkgConfigExtraArgs='' + if test "${SHARED_BUILD}" == 0 -o "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then + pkgConfigExtraArgs='--static' + fi + + + +# Check whether --with-openssl-dir was given. +if test ${with_openssl_dir+y} +then : + withval=$with_openssl_dir; + openssldir="$withval" + +else $as_nop + + openssldir='' + + +fi + + + +# Check whether --with-openssl-includedir was given. +if test ${with_openssl_includedir+y} +then : + withval=$with_openssl_includedir; + opensslincludedir="$withval" + +else $as_nop + + if test -n "$openssldir"; then + opensslincludedir="${openssldir}${PATH_SEPARATOR}include${PATH_SEPARATOR}openssl" + else + opensslincludedir='' + fi + + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL include directory" >&5 +printf %s "checking for OpenSSL include directory... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $opensslincludedir" >&5 +printf "%s\n" "$opensslincludedir" >&6; } + + if test -n "$opensslincludedir"; then + if test -f "${opensslincludedir}${PATH_SEPARATOR}ssl.h"; then + TCLTLS_SSL_CFLAGS="-I$opensslincludedir" + TCLTLS_SSL_INCLUDES="-I$opensslincludedir" + else + as_fn_error $? "Unable to locate ssl.h" "$LINENO" 5 + fi + fi + + +# Check whether --with-openssl-libdir was given. +if test ${with_openssl_libdir+y} +then : + withval=$with_openssl_libdir; + openssllibdir="$withval" + +else $as_nop + + if test -n "$openssldir"; then + if test "$do64bit" == 'yes'; then + openssllibdir="${openssldir}${PATH_SEPARATOR}lib64" + else + openssllibdir="${openssldir}${PATH_SEPARATOR}lib" + fi + else + openssllibdir='' + fi + + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL lib directory" >&5 +printf %s "checking for OpenSSL lib directory... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $openssllibdir" >&5 +printf "%s\n" "$openssllibdir" >&6; } + + if test -n "$openssllibdir"; then + if test -f "${openssllibdir}${PATH_SEPARATOR}libssl${SHLIB_SUFFIX}"; then + if test "${TCLEXT_TLS_STATIC_SSL}" == 'no'; then + TCLTLS_SSL_LIBS="-L$openssllibdir -lcrypto -lssl" + else + # Linux and Solaris + TCLTLS_SSL_LIBS="-Wl,-Bstatic `$PKG_CONFIG --static --libs crypto ssl` -Wl,-Bdynamic" + # HPUX + # -Wl,-a,archive ... -Wl,-a,shared_archive + fi + else + as_fn_error $? "Unable to locate libssl${SHLIB_SUFFIX}" "$LINENO" 5 + fi + else + TCLTLS_SSL_LIBS="-lcrypto -lssl" + fi + + + +# Check whether --with-openssl-pkgconfig was given. +if test ${with_openssl_pkgconfig+y} +then : + withval=$with_openssl_pkgconfig; + opensslpkgconfigdir="$withval" + +else $as_nop + + opensslpkgconfigdir='' + + +fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL pkgconfig" >&5 +printf %s "checking for OpenSSL pkgconfig... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $opensslpkgconfigdir" >&5 +printf "%s\n" "$opensslpkgconfigdir" >&6; } + + PKG_CONFIG_PATH_SAVE="${PKG_CONFIG_PATH}" + if test -n "${opensslpkgconfigdir}"; then + if ! test -f "${opensslpkgconfigdir}${PATH_SEPARATOR}openssl.pc"; then + as_fn_error $? "Unable to locate ${opensslpkgconfigdir}${PATH_SEPARATOR}openssl.pc" "$LINENO" 5 + fi + + PKG_CONFIG_PATH="${opensslpkgconfigdir}${PATH_SEPARATOR}${PKG_CONFIG_PATH}" + export PKG_CONFIG_PATH + fi + + + + + if test -z "$TCLTLS_SSL_LIBS"; then + TCLTLS_SSL_LIBS="`"${PKG_CONFIG}" openssl --libs $pkgConfigExtraArgs`" || as_fn_error $? "Unable to get OpenSSL Configuration" "$LINENO" 5 + fi + if test -z "$TCLTLS_SSL_CFLAGS"; then + TCLTLS_SSL_CFLAGS="`"${PKG_CONFIG}" openssl --cflags-only-other $pkgConfigExtraArgs`" || as_fn_error $? "Unable to get OpenSSL Configuration" "$LINENO" 5 + fi + if test -z "$TCLTLS_SSL_INCLUDES"; then + TCLTLS_SSL_INCLUDES="`"${PKG_CONFIG}" openssl --cflags-only-I $pkgConfigExtraArgs`" || as_fn_error $? "Unable to get OpenSSL Configuration" "$LINENO" 5 + fi + PKG_CONFIG_PATH="${PKG_CONFIG_PATH_SAVE}" #-------------------------------------------------------------------- # Shared libraries and static libraries have different names. # Also, windows libraries and unix libraries have different names. @@ -9425,11 +9362,11 @@ PKG_CFLAGS="$PKG_CFLAGS ${TCLTLS_SSL_CFLAGS}" - vars="${TCLTLS_SSL_CPPFLAGS}" + vars="${TCLTLS_SSL_INCLUDES}" for i in $vars; do PKG_INCLUDES="$PKG_INCLUDES $i" done @@ -9449,11 +9386,11 @@ PKG_CFLAGS="$PKG_CFLAGS ${TCLTLS_SSL_CFLAGS}" - vars="${TCLTLS_SSL_CPPFLAGS}" + vars="${TCLTLS_SSL_INCLUDES}" for i in $vars; do PKG_INCLUDES="$PKG_INCLUDES $i" done @@ -9532,10 +9469,11 @@ # have a special pkgIndex.tcl.in or other files which require # substituting the AC variables in. Include these here. #-------------------------------------------------------------------- ac_config_files="$ac_config_files Makefile pkgIndex.tcl" + #AC_CONFIG_FILES([tlsConfig.sh]) #-------------------------------------------------------------------- # Finally, substitute all of the various values into the files # specified with AC_CONFIG_FILES. Index: configure.ac ================================================================== --- configure.ac +++ configure.ac @@ -176,16 +176,16 @@ #-------------------------------------------------------------------- if test "${TEA_PLATFORM}" = "windows" ; then if test "$GCC" = "yes"; then TEA_ADD_CFLAGS([${TCLTLS_SSL_CFLAGS}]) - TEA_ADD_INCLUDES([${TCLTLS_SSL_CPPFLAGS}]) + TEA_ADD_INCLUDES([${TCLTLS_SSL_INCLUDES}]) TEA_ADD_LIBS([${TCLTLS_SSL_LIBS}]) fi else TEA_ADD_CFLAGS([${TCLTLS_SSL_CFLAGS}]) - TEA_ADD_INCLUDES([${TCLTLS_SSL_CPPFLAGS}]) + TEA_ADD_INCLUDES([${TCLTLS_SSL_INCLUDES}]) TEA_ADD_LIBS([${TCLTLS_SSL_LIBS}]) fi #-------------------------------------------------------------------- # Determine the name of the tclsh and/or wish executables in the