Check-in [37d16cba38]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Started work on mbedTLS backend
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | backend-mbedtls
Files: files | file ages | folders
SHA3-256:37d16cba38e65e598e519912be001b2add22231dafb1b46dd057a6d6ec9ee644
User & Date: rkeene 2019-11-12 17:49:02
Context
2019-11-12
17:49
Started work on mbedTLS backend Leaf check-in: 37d16cba38 user: rkeene tags: backend-mbedtls
17:46
Makefile cleanup check-in: b9af6e4772 user: rkeene tags: trunk
Changes

Added aclocal/tcltls_mbedtls.m4.



















































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
AC_DEFUN([TCLTLS_SSL_MBEDTLS], [
	mbedtlsdir=''
	AC_ARG_WITH([mbedtls-dir],
		AS_HELP_STRING(
			[--with-mbedtls-dir=<dir>],
			[path to root directory of MbedTLS installation]
		), [
			mbedtlsdir="$withval"
		]
	)

	if test -n "$mbedtlsdir"; then
		if test -e "$mbedtlsdir/libmbedtls.a" -o -e "$mbedtlsdir/libmbedtls.${AREXT}"; then
			TCLTLS_SSL_LIBS="-L$mbedtlsdir -lmbedtls -lmbedcrypto"
			mbedtlsdir="`AS_DIRNAME(["$mbedtlsdir"])`"
		else
			TCLTLS_SSL_LIBS="-L$mbedtlsdir/library -lmbedtls -lmbedcrypto"
		fi
		TCLTLS_SSL_CFLAGS="-I$mbedtlsdir/include -I${mbedtlsdir}/include/mbedtls"
		TCLTLS_SSL_CPPFLAGS="-I$mbedtlsdir/include -I${mbedtlsdir}/include/mbedtls"
	fi

	AC_ARG_VAR([TCLTLS_SSL_LIBS], [libraries to pass to the linker for MbedTLS])
	AC_ARG_VAR([TCLTLS_SSL_CFLAGS], [C compiler flags for MbedTLS])
	AC_ARG_VAR([TCLTLS_SSL_CPPFLAGS], [C preprocessor flags for MbedTLS])

	if test "$TCLEXT_BUILD" = "static"; then
		dnl If we are doing a static build, save the linker flags for other programs to consume
		rm -f tcltls.${AREXT}.linkadd
		AS_ECHO(["$TCLTLS_SSL_LIBS"]) > tcltls.${AREXT}.linkadd
	fi

	dnl If we have been asked to statically link to the SSL library, specifically tell the linker to do so
	if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then
		dnl Don't bother doing this if we aren't actually doing the runtime linking
		if test "$TCLEXT_BUILD" != "static"; then
			dnl Split the libraries into SSL and non-SSL libraries
			new_TCLTLS_SSL_LIBS_normal=''
			new_TCLTLS_SSL_LIBS_static=''
			for arg in $TCLTLS_SSL_LIBS; do
				case "${arg}" in
					-L*)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
						;;
					-ldl|-lrt|-lc|-lpthread|-lm|-lcrypt|-lidn|-lresolv|-lgcc|-lgcc_s)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						;;
					-l*)
						new_TCLTLS_SSL_LIBS_static="${new_TCLTLS_SSL_LIBS_static} ${arg}"
						;;
					*)
						new_TCLTLS_SSL_LIBS_normal="${new_TCLTLS_SSL_LIBS_normal} ${arg}"
						;;
				esac
			done
			SHOBJ_DO_STATIC_LINK_LIB([MbedTLS], [$new_TCLTLS_SSL_LIBS_static], [new_TCLTLS_SSL_LIBS_static])
			TCLTLS_SSL_LIBS="${new_TCLTLS_SSL_LIBS_normal} ${new_TCLTLS_SSL_LIBS_static}"
		fi
	fi

	dnl Save compile-altering variables we are changing
	SAVE_LIBS="${LIBS}"
	SAVE_CFLAGS="${CFLAGS}"
	SAVE_CPPFLAGS="${CPPFLAGS}"

	dnl Update compile-altering variables to include the MbedTLS libraries
	LIBS="${TCLTLS_SSL_LIBS} ${SAVE_LIBS} ${TCLTLS_SSL_LIBS}"
	CFLAGS="${TCLTLS_SSL_CFLAGS} ${SAVE_CFLAGS} ${TCLTLS_SSL_CFLAGS}"
	CPPFLAGS="${TCLTLS_SSL_CPPFLAGS} ${SAVE_CPPFLAGS} ${TCLTLS_SSL_CPPFLAGS}"

	dnl Verify that basic functionality is there
	AC_LANG_PUSH(C)
	AC_MSG_CHECKING([if a basic MbedTLS program works])
	AC_LINK_IFELSE([AC_LANG_PROGRAM([
#define MBEDTLS_CONFIG_FILE <mbedtls/config.h>
#include MBEDTLS_CONFIG_FILE
		], [
    mbedtls_ssl_context *ctx;
    mbedtls_ssl_init(ctx);
    mbedtls_ssl_setup(ctx, (void *) 0);
    mbedtls_ssl_free(ctx);
		])], [
		AC_MSG_RESULT([yes])
	], [
		AC_MSG_RESULT([no])
		AC_MSG_ERROR([Unable to compile a basic program using MbedTLS])
	])
	AC_LANG_POP([C])

dnl
dnl	AC_CHECK_FUNCS([TLS_method])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_ssl2], [SSLv2_method], [sslv2], [NO_SSL2])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_ssl3], [SSLv3_method], [sslv3], [NO_SSL3])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_0], [TLSv1_method], [tlsv1.0], [NO_TLS1])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_1], [TLSv1_1_method], [tlsv1.1], [NO_TLS1_1])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_2], [TLSv1_2_method], [tlsv1.2], [NO_TLS1_2])
dnl	TCLTLS_SSL_OPENSSL_CHECK_PROTO_VER([tcltls_ssl_tls1_3], [], [tlsv1.3], [NO_TLS1_3], [SSL_OP_NO_TLSv1_3])
dnl

	dnl Restore compile-altering variables
	LIBS="${SAVE_LIBS}"
	CFLAGS="${SAVE_CFLAGS}"
	CPPFLAGS="${SAVE_CPPFLAGS}"
])

Changes to autogen.sh.

14
15
16
17
18
19
20

21
22
23
24
25
26
27
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/shobj.m4
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/versionscript.m4
	'http://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=blob_plain;f=m4/ax_check_compile_flag.m4'
)

localFiles=(
	aclocal/tcltls_openssl.m4

)

failed='0'
for command in "${commands[@]}"; do
	if [ ! -f "$(which "${command}" 2>/dev/null)" ]; then
		echo "error: Unable to locate ${command}" >&2
		failed='1'







>







14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/shobj.m4
	http://chiselapp.com/user/rkeene/repository/autoconf/doc/trunk/versionscript.m4
	'http://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=blob_plain;f=m4/ax_check_compile_flag.m4'
)

localFiles=(
	aclocal/tcltls_openssl.m4
	aclocal/tcltls_mbedtls.m4
)

failed='0'
for command in "${commands[@]}"; do
	if [ ! -f "$(which "${command}" 2>/dev/null)" ]; then
		echo "error: Unable to locate ${command}" >&2
		failed='1'

Changes to configure.ac.

26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
...
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
	AC_CHECK_TOOL([RANLIB], [ranlib], [:])
	EXTENSION_TARGET="tcltls.${AREXT}"
fi
AC_SUBST(EXTENSION_TARGET)
AC_SUBST(TCLEXT_BUILD)

dnl Determine what SSL library to link with
AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=<name>], [name of ssl library to build against (openssl, libressl, nss, auto)]), [
	if test "$withval" = "no"; then
		AC_MSG_ERROR([You may not specify --without-ssl])
	fi

	if test "$withval" = "yes"; then
		AC_MSG_ERROR([If you specify --with-ssl then you must provide a value])
	fi
................................................................................
	tcltls_ssl_lib='openssl'
fi

AS_CASE([$tcltls_ssl_lib],
	[openssl], [
		TCLTLS_SSL_OPENSSL
	],
	[nss], [
	 	TCLTLS_SSL_LIBS=""
		TCLTLS_SSL_CFLAGS=""
		TCLTLS_SSL_CPPFLAGS=""
	],
	[
		AC_MSG_ERROR([Unsupported SSL library: $tcltls_ssl_lib])
	]
)
dnl Determine how to use this SSL library
AC_MSG_CHECKING([how to use $tcltls_ssl_lib])







|







 







|
|
<
<







26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
...
216
217
218
219
220
221
222
223
224


225
226
227
228
229
230
231
	AC_CHECK_TOOL([RANLIB], [ranlib], [:])
	EXTENSION_TARGET="tcltls.${AREXT}"
fi
AC_SUBST(EXTENSION_TARGET)
AC_SUBST(TCLEXT_BUILD)

dnl Determine what SSL library to link with
AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=<name>], [name of ssl library to build against (openssl, libressl, mbedtls, auto)]), [
	if test "$withval" = "no"; then
		AC_MSG_ERROR([You may not specify --without-ssl])
	fi

	if test "$withval" = "yes"; then
		AC_MSG_ERROR([If you specify --with-ssl then you must provide a value])
	fi
................................................................................
	tcltls_ssl_lib='openssl'
fi

AS_CASE([$tcltls_ssl_lib],
	[openssl], [
		TCLTLS_SSL_OPENSSL
	],
	[mbedtls], [
		TCLTLS_SSL_MBEDTLS


	],
	[
		AC_MSG_ERROR([Unsupported SSL library: $tcltls_ssl_lib])
	]
)
dnl Determine how to use this SSL library
AC_MSG_CHECKING([how to use $tcltls_ssl_lib])