Check-in [3d0bcddafd]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:TclTLS 1.7.19
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | tls-1-7 | tls-1-7-19
Files: files | file ages | folders
SHA3-256:3d0bcddafdef9acbe707f5357ac1c332bd40761654170fc7bc327eed535e5b3a
User & Date: rkeene 2019-06-19 18:25:03
Context
2019-06-19
18:25
TclTLS 1.7.19 Leaf check-in: 3d0bcddafd user: rkeene tags: tls-1-7, tls-1-7-19
18:13
Update autoconf scripts from repo check-in: 5bd22a4abd user: rkeene tags: trunk
2019-04-25
16:51
TclTLS 1.7.18 check-in: fb6a7404da user: rkeene tags: tls-1-7, tls-1-7-18
Changes

Changes to Makefile.in.

    20     20   
    21     21   @EXTENSION_TARGET@: @TCLEXT_BUILD@-@EXTENSION_TARGET@
    22     22   	mv @TCLEXT_BUILD@-@EXTENSION_TARGET@ @EXTENSION_TARGET@
    23     23   
    24     24   # The shared object target
    25     25   shared-@EXTENSION_TARGET@: tls.o tlsBIO.o tlsIO.o tlsX509.o Makefile
    26     26   	$(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o shared-@EXTENSION_TARGET@ tls.o tlsBIO.o tlsIO.o tlsX509.o $(LIBS)
           27  +	-@WEAKENSYMS@ shared-@EXTENSION_TARGET@
           28  +	-@REMOVESYMS@ shared-@EXTENSION_TARGET@
    27     29   
    28     30   # The static target
    29     31   static-@EXTENSION_TARGET@: tls.o tlsBIO.o tlsIO.o tlsX509.o Makefile
    30     32   	$(AR) rcu static-@EXTENSION_TARGET@ tls.o tlsBIO.o tlsIO.o tlsX509.o
    31     33   	-$(RANLIB) static-@EXTENSION_TARGET@
    32     34   
    33     35   # Dependencies for all our targets

Changes to aclocal/ax_check_compile_flag.m4.

     1      1   # ===========================================================================
     2         -#   http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html
            2  +#  https://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html
     3      3   # ===========================================================================
     4      4   #
     5      5   # SYNOPSIS
     6      6   #
     7      7   #   AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT])
     8      8   #
     9      9   # DESCRIPTION
................................................................................
    25     25   #   macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG.
    26     26   #
    27     27   # LICENSE
    28     28   #
    29     29   #   Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
    30     30   #   Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
    31     31   #
    32         -#   This program is free software: you can redistribute it and/or modify it
    33         -#   under the terms of the GNU General Public License as published by the
    34         -#   Free Software Foundation, either version 3 of the License, or (at your
    35         -#   option) any later version.
    36         -#
    37         -#   This program is distributed in the hope that it will be useful, but
    38         -#   WITHOUT ANY WARRANTY; without even the implied warranty of
    39         -#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
    40         -#   Public License for more details.
    41         -#
    42         -#   You should have received a copy of the GNU General Public License along
    43         -#   with this program. If not, see <http://www.gnu.org/licenses/>.
    44         -#
    45         -#   As a special exception, the respective Autoconf Macro's copyright owner
    46         -#   gives unlimited permission to copy, distribute and modify the configure
    47         -#   scripts that are the output of Autoconf when processing the Macro. You
    48         -#   need not follow the terms of the GNU General Public License when using
    49         -#   or distributing such scripts, even though portions of the text of the
    50         -#   Macro appear in them. The GNU General Public License (GPL) does govern
    51         -#   all other use of the material that constitutes the Autoconf Macro.
    52         -#
    53         -#   This special exception to the GPL applies to versions of the Autoconf
    54         -#   Macro released by the Autoconf Archive. When you make and distribute a
    55         -#   modified version of the Autoconf Macro, you may extend this special
    56         -#   exception to the GPL to apply to your modified version as well.
           32  +#   Copying and distribution of this file, with or without modification, are
           33  +#   permitted in any medium without royalty provided the copyright notice
           34  +#   and this notice are preserved.  This file is offered as-is, without any
           35  +#   warranty.
    57     36   
    58         -#serial 4
           37  +#serial 6
    59     38   
    60     39   AC_DEFUN([AX_CHECK_COMPILE_FLAG],
    61     40   [AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF
    62     41   AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl
    63     42   AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [
    64     43     ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS
    65     44     _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1"

Changes to aclocal/shobj.m4.

   110    110   			AC_LANG_POP(C)
   111    111   			unset tryrpath
   112    112   		])
   113    113   
   114    114   		LDFLAGS="$OLD_LDFLAGS"
   115    115   		unset OLD_LDFLAGS
   116    116   
   117         -		ADDLDFLAGS=""
   118         -		for opt in $LDFLAGS $LIBS; do
   119         -			if echo "$opt" | grep '^-L' >/dev/null; then
   120         -				rpathdir="`echo "$opt" | sed 's@^-L *@@'`"
   121         -				ADDLDFLAGS="$ADDLDFLAGS $rsk_cv_link_set_rpath -Wl,$rpathdir"
   122         -			fi
   123         -		done
   124         -		unset opt
          117  +		if test -n "$rsk_cv_link_set_rpath"; then
          118  +			ADDLDFLAGS=""
          119  +			for opt in $LDFLAGS $LIBS; do
          120  +				if echo "$opt" | grep '^-L' >/dev/null; then
          121  +					rpathdir="`echo "$opt" | sed 's@^-L *@@'`"
          122  +					ADDLDFLAGS="$ADDLDFLAGS $rsk_cv_link_set_rpath -Wl,$rpathdir"
          123  +				fi
          124  +			done
          125  +			unset opt
   125    126   
   126         -		LDFLAGS="$LDFLAGS $ADDLDFLAGS"
          127  +			LDFLAGS="$LDFLAGS $ADDLDFLAGS"
   127    128   
   128         -		unset ADDLDFLAGS
          129  +			unset ADDLDFLAGS
          130  +		fi
   129    131   	fi
   130    132   ])
   131    133   
   132    134   AC_DEFUN([DC_CHK_OS_INFO], [
   133    135   	AC_CANONICAL_HOST
   134    136   	AC_SUBST(SHOBJEXT)
   135    137   	AC_SUBST(SHOBJFLAGS)
................................................................................
   160    162   					*)
   161    163   						SHOBJEXT="sl"
   162    164   						;;
   163    165   				esac
   164    166   				;;
   165    167   			mingw32|mingw32msvc*)
   166    168   				SHOBJEXT="dll"
   167         -				AREXT='lib'
   168    169   				CFLAGS="$CFLAGS -mms-bitfields"
   169    170   				CPPFLAGS="$CPPFLAGS -mms-bitfields"
   170    171   				SHOBJCPPFLAGS="-DPIC"
   171    172   				SHOBJLDFLAGS='-shared -Wl,--dll -Wl,--enable-auto-image-base -Wl,--output-def,$[@].def,--out-implib,$[@].a'
   172    173   				;;
   173    174   			msvc)
   174    175   				SHOBJEXT="dll"

Changes to aclocal/tcltls_openssl.m4.

   115    115   	if test -z "$TCLTLS_SSL_CPPFLAGS"; then
   116    116   		TCLTLS_SSL_CPPFLAGS="`"${PKGCONFIG}" openssl --cflags-only-I $pkgConfigExtraArgs`" || AC_MSG_ERROR([Unable to get OpenSSL Configuration])
   117    117   	fi
   118    118   	PKG_CONFIG_PATH="${PKG_CONFIG_PATH_SAVE}"
   119    119   
   120    120   	if test "$TCLEXT_BUILD" = "static"; then
   121    121   		dnl If we are doing a static build, save the linker flags for other programs to consume
   122         -		rm -f tcltls.a.linkadd
   123         -		AS_ECHO(["$TCLTLS_SSL_LIBS"]) > tcltls.a.linkadd
          122  +		rm -f tcltls.${AREXT}.linkadd
          123  +		AS_ECHO(["$TCLTLS_SSL_LIBS"]) > tcltls.${AREXT}.linkadd
   124    124   	fi
   125    125   
   126    126   	dnl If we have been asked to statically link to the SSL library, specifically tell the linker to do so
   127    127   	if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then
   128    128   		dnl Don't bother doing this if we aren't actually doing the runtime linking
   129    129   		if test "$TCLEXT_BUILD" != "static"; then
   130    130   			dnl Split the libraries into SSL and non-SSL libraries

Changes to configure.ac.

     1      1   dnl Define ourselves
     2         -AC_INIT(tcltls, 1.7.18)
            2  +AC_INIT(tcltls, 1.7.19)
     3      3   
     4      4   dnl Checks for programs.
     5      5   AC_PROG_CC
     6      6   AC_PROG_MAKE_SET
     7      7   AC_PROG_INSTALL
     8      8   AC_GNU_SOURCE
     9      9   
................................................................................
   177    177   AX_CHECK_COMPILE_FLAG([-Wall], [CFLAGS="$CFLAGS -Wall"])
   178    178   AX_CHECK_COMPILE_FLAG([-W], [
   179    179   	CFLAGS="$CFLAGS -W"
   180    180   	AX_CHECK_COMPILE_FLAG([-Wno-self-assign], [CFLAGS="$CFLAGS -Wno-self-assign"])
   181    181   ])
   182    182   
   183    183   dnl Enable hardening
   184         -AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [CFLAGS="$CFLAGS -fstack-protector-all"])
   185         -AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], [CFLAGS="$CFLAGS -fno-strict-overflow"])
   186         -AC_DEFINE([_FORTIFY_SOURCE], [2], [Enable fortification])
          184  +tcltls_enable_hardening='auto'
          185  +AC_ARG_ENABLE([hardening], AS_HELP_STRING([--disable-hardening], [disable hardening attempts]), [
          186  +	tcltls_enable_hardening="$enableval"
          187  +])
          188  +if test "$tcltls_enable_hardening" = 'auto'; then
          189  +	tcltls_enable_hardening='true'
          190  +	if test "$TCLEXT_BUILD" = 'static'; then
          191  +		tcltls_enable_hardening='false'
          192  +	fi
          193  +elif test "$tcltls_enable_hardening" = 'yes'; then
          194  +	tcltls_enable_hardening='true'
          195  +else
          196  +	tcltls_enable_hardening='false'
          197  +fi
          198  +if test "$tcltls_enable_hardening" = 'true'; then
          199  +	AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [CFLAGS="$CFLAGS -fstack-protector-all"])
          200  +	AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], [CFLAGS="$CFLAGS -fno-strict-overflow"])
          201  +	AC_DEFINE([_FORTIFY_SOURCE], [2], [Enable fortification])
          202  +fi
   187    203   
   188    204   dnl XXX:TODO: Automatically determine the SSL library to use
   189    205   dnl           defaulting to OpenSSL for compatibility reasons
   190    206   if test "$tcltls_ssl_lib" = 'auto'; then
   191    207   	tcltls_ssl_lib='openssl'
   192    208   fi
   193    209   
................................................................................
   224    240   if test "$TCLEXT_BUILD" != 'static'; then
   225    241   	if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then
   226    242   		DC_SYNC_RPATH([no])
   227    243   	else
   228    244   		DC_SYNC_RPATH([yes])
   229    245   	fi
   230    246   fi
          247  +
          248  +dnl Enable a stable ABI
          249  +DC_SETUP_STABLE_API([${srcdir}/tcltls.vers], tcltls.syms)
          250  +if test "$tcltls_debug" = 'true'; then
          251  +	WEAKENSYMS=':'
          252  +	REMOVESYMS=':'
          253  +fi
   231    254   
   232    255   dnl Produce output
   233         -AC_OUTPUT(Makefile pkgIndex.tcl)
          256  +AC_OUTPUT(Makefile pkgIndex.tcl tcltls.syms)

Added tcltls.syms.in.

            1  +@SYMPREFIX@Tls_Init

Added tcltls.vers.

            1  +{
            2  +	global:
            3  +		Tls_Init;
            4  +	local:
            5  +		*;
            6  +};