ADDED configure.ac Index: configure.ac ================================================================== --- /dev/null +++ configure.ac @@ -0,0 +1,211 @@ +dnl Define ourselves +AC_INIT(tcltls, 1.7.3) + +dnl Checks for programs. +AC_PROG_CC +AC_PROG_MAKE_SET +AC_PROG_INSTALL +AC_GNU_SOURCE + +dnl Determine system information +DC_CHK_OS_INFO + +dnl Look for appropriate headers +AC_CHECK_HEADERS(unistd.h stdlib.h string.h strings.h) + +dnl Perform Tcl Extension required stuff +TCLEXT_INIT + +if test "$TCLEXT_BUILD" != 'static'; then + dnl Determine how to make shared objects + DC_GET_SHOBJFLAGS + + EXTENSION_TARGET="tcltls.${SHOBJEXT}" +else + AC_CHECK_TOOL([AR], [ar], [false]) + AC_CHECK_TOOL([RANLIB], [ranlib], [:]) + EXTENSION_TARGET="tcltls.${AREXT}" +fi +AC_SUBST(EXTENSION_TARGET) +AC_SUBST(TCLEXT_BUILD) + +dnl Determine what SSL library to link with +AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=], [name of ssl library to build against (openssl, libressl, nss, auto)]), [ + if test "$withval" = "no"; then + AC_MSG_ERROR([You may not specify --without-ssl]) + fi + + if test "$withval" = "yes"; then + AC_MSG_ERROR([If you specify --with-ssl then you must provide a value]) + fi + + tcltls_ssl_lib="$withval" +], [ + tcltls_ssl_lib='auto' +]) + +dnl Enable support for building the same library every time +tcltls_deterministic='false' +AC_ARG_ENABLE([deterministic], AS_HELP_STRING([--enable-deterministic], [enable deterministic parameters]), [ + if test "$enableval" = "yes"; then + tcltls_deterministic='true' + fi +]) +if test "$tcltls_deterministic" = 'true'; then + GEN_DH_PARAMS_ARGS='fallback' +else + GEN_DH_PARAMS_ARGS='' +fi +AC_SUBST(GEN_DH_PARAMS_ARGS) + +dnl Allow the user to manually disable protocols +dnl ## SSLv2: Enabled by default +tcltls_ssl_ssl2='true' +AC_ARG_ENABLE([sslv2], AS_HELP_STRING([--disable-sslv2], [disable SSLv2 protocol]), [ + if test "$enableval" = "yes"; then + tcltls_ssl_ssl2='force' + else + tcltls_ssl_ssl2='false' + fi +]) + +dnl ## SSLv3: Enabled by default +tcltls_ssl_ssl3='true' +AC_ARG_ENABLE([sslv3], AS_HELP_STRING([--disable-sslv3], [disable SSLv3 protocol]), [ + if test "$enableval" = "yes"; then + tcltls_ssl_ssl3='force' + else + tcltls_ssl_ssl3='false' + fi +]) + +dnl ## TLSv1.0: Enabled by default +tcltls_ssl_tls1_0='true' +AC_ARG_ENABLE([tlsv1.0], AS_HELP_STRING([--disable-tlsv1.0], [disable TLSv1.0 protocol]), [ + if test "$enableval" = "yes"; then + tcltls_ssl_tls1_0='force' + else + tcltls_ssl_tls1_0='false' + fi +]) + +dnl ## TLSv1.1: Enabled by default +tcltls_ssl_tls1_1='true' +AC_ARG_ENABLE([tlsv1.1], AS_HELP_STRING([--disable-tlsv1.1], [disable TLSv1.1 protocol]), [ + if test "$enableval" = "yes"; then + tcltls_ssl_tls1_1='force' + else + tcltls_ssl_tls1_1='false' + fi +]) + +dnl ## TLSv1.1: Enabled by default +tcltls_ssl_tls1_2='true' +AC_ARG_ENABLE([tlsv1.2], AS_HELP_STRING([--disable-tlsv1.2], [disable TLSv1.2 protocol]), [ + if test "$enableval" = "yes"; then + tcltls_ssl_tls1_2='force' + else + tcltls_ssl_tls1_2='false' + fi +]) + +dnl Enable support for a debugging build +tcltls_debug='false' +AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging parameters]), [ + if test "$enableval" = "yes"; then + tcltls_debug='true' + fi +]) +if test "$tcltls_debug" = 'true'; then + AC_DEFINE(TCLEXT_TCLTLS_DEBUG, [1], [Enable debugging build]) + AX_CHECK_COMPILE_FLAG([-fcheck-pointer-bounds], [CFLAGS="$CFLAGS -fcheck-pointer-bounds"]) +else + dnl If we are not doing debugging disable some of the more annoying warnings + AX_CHECK_COMPILE_FLAG([-Wno-unused-value], [CFLAGS="$CFLAGS -Wno-unused-value"]) + AX_CHECK_COMPILE_FLAG([-Wno-unused-parameter], [CFLAGS="$CFLAGS -Wno-unused-parameter"]) + AX_CHECK_COMPILE_FLAG([-Wno-deprecated-declarations], [CFLAGS="$CFLAGS -Wno-deprecated-declarations"]) +fi + +dnl Find "pkg-config" since we need to use it +AC_CHECK_TOOL([PKGCONFIG], [pkg-config], [false]) + +dnl Determine if we have been asked to use a fast path if possible +tcltls_ssl_fastpath='no' +AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--disable-ssl-fastpath], [disable using the underlying file descriptor for talking directly to the SSL library]), [ + if test "$enableval" = 'yes'; then + tcltls_ssl_fastpath='yes' + else + tcltls_ssl_fastpath='no' + fi +]) + +if test "$tcltls_ssl_fastpath" = 'yes'; then + AC_DEFINE(TCLTLS_SSL_USE_FASTPATH, [1], [Define this to enable using the underlying file descriptor for talking directly to the SSL library]) +fi + +dnl Determine if we have been asked to statically link to the SSL library +TCLEXT_TLS_STATIC_SSL='no' +AC_ARG_ENABLE([static-ssl], AS_HELP_STRING([--enable-static-ssl], [enable statically linking to the specified SSL library]), [ + if test "$enableval" = 'yes'; then + TCLEXT_TLS_STATIC_SSL='yes' + fi +]) + +dnl Enable compiler warnings +AX_CHECK_COMPILE_FLAG([-Wall], [CFLAGS="$CFLAGS -Wall"]) +AX_CHECK_COMPILE_FLAG([-W], [ + CFLAGS="$CFLAGS -W" + AX_CHECK_COMPILE_FLAG([-Wno-self-assign], [CFLAGS="$CFLAGS -Wno-self-assign"]) +]) + +dnl Enable hardening +AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [CFLAGS="$CFLAGS -fstack-protector-all"]) +AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], [CFLAGS="$CFLAGS -fno-strict-overflow"]) +AC_DEFINE([_FORTIFY_SOURCE], [2], [Enable fortification]) + +dnl XXX:TODO: Automatically determine the SSL library to use +dnl defaulting to OpenSSL for compatibility reasons +if test "$tcltls_ssl_lib" = 'auto'; then + tcltls_ssl_lib='openssl' +fi + +AC_MSG_CHECKING([which TLS library to use]) +AC_MSG_RESULT([$tcltls_ssl_lib]) + +dnl Manually rewrite libressl to OpenSSL since we use the +dnl compatibility interface +if test "$tcltls_ssl_lib" = "libressl"; then + tcltls_ssl_lib='openssl' +fi + +AS_CASE([$tcltls_ssl_lib], + [openssl], [ + TCLTLS_SSL_OPENSSL + ], + [nss], [ + TCLTLS_SSL_LIBS="" + TCLTLS_SSL_CFLAGS="" + TCLTLS_SSL_CPPFLAGS="" + ], + [ + AC_MSG_ERROR([Unsupported SSL library: $tcltls_ssl_lib]) + ] +) +dnl Determine how to use this SSL library +AC_MSG_CHECKING([how to use $tcltls_ssl_lib]) +LIBS="${LIBS} ${TCLTLS_SSL_LIBS}" +CFLAGS="${CFLAGS} ${TCLTLS_SSL_CFLAGS}" +CPPFLAGS="${CPPFLAGS} ${TCLTLS_SSL_CPPFLAGS}" +AC_MSG_RESULT([$TCLTLS_SSL_CPPFLAGS $TCLTLS_SSL_CFLAGS $TCLTLS_SSL_LIBS]) + +dnl Sync the RPATH if requested +if test "$TCLEXT_BUILD" != 'static'; then + if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then + DC_SYNC_RPATH([no]) + else + DC_SYNC_RPATH([yes]) + fi +fi + +dnl Produce output +AC_OUTPUT(Makefile pkgIndex.tcl) DELETED configure.in Index: configure.in ================================================================== --- configure.in +++ /dev/null @@ -1,211 +0,0 @@ -dnl Define ourselves -AC_INIT(tcltls, 1.7.3) - -dnl Checks for programs. -AC_PROG_CC -AC_PROG_MAKE_SET -AC_PROG_INSTALL -AC_GNU_SOURCE - -dnl Determine system information -DC_CHK_OS_INFO - -dnl Look for appropriate headers -AC_CHECK_HEADERS(unistd.h stdlib.h string.h strings.h) - -dnl Perform Tcl Extension required stuff -TCLEXT_INIT - -if test "$TCLEXT_BUILD" != 'static'; then - dnl Determine how to make shared objects - DC_GET_SHOBJFLAGS - - EXTENSION_TARGET="tcltls.${SHOBJEXT}" -else - AC_CHECK_TOOL([AR], [ar], [false]) - AC_CHECK_TOOL([RANLIB], [ranlib], [:]) - EXTENSION_TARGET="tcltls.${AREXT}" -fi -AC_SUBST(EXTENSION_TARGET) -AC_SUBST(TCLEXT_BUILD) - -dnl Determine what SSL library to link with -AC_ARG_WITH([ssl], AS_HELP_STRING([--with-ssl=], [name of ssl library to build against (openssl, libressl, nss, auto)]), [ - if test "$withval" = "no"; then - AC_MSG_ERROR([You may not specify --without-ssl]) - fi - - if test "$withval" = "yes"; then - AC_MSG_ERROR([If you specify --with-ssl then you must provide a value]) - fi - - tcltls_ssl_lib="$withval" -], [ - tcltls_ssl_lib='auto' -]) - -dnl Enable support for building the same library every time -tcltls_deterministic='false' -AC_ARG_ENABLE([deterministic], AS_HELP_STRING([--enable-deterministic], [enable deterministic parameters]), [ - if test "$enableval" = "yes"; then - tcltls_deterministic='true' - fi -]) -if test "$tcltls_deterministic" = 'true'; then - GEN_DH_PARAMS_ARGS='fallback' -else - GEN_DH_PARAMS_ARGS='' -fi -AC_SUBST(GEN_DH_PARAMS_ARGS) - -dnl Allow the user to manually disable protocols -dnl ## SSLv2: Enabled by default -tcltls_ssl_ssl2='true' -AC_ARG_ENABLE([sslv2], AS_HELP_STRING([--disable-sslv2], [disable SSLv2 protocol]), [ - if test "$enableval" = "yes"; then - tcltls_ssl_ssl2='force' - else - tcltls_ssl_ssl2='false' - fi -]) - -dnl ## SSLv3: Enabled by default -tcltls_ssl_ssl3='true' -AC_ARG_ENABLE([sslv3], AS_HELP_STRING([--disable-sslv3], [disable SSLv3 protocol]), [ - if test "$enableval" = "yes"; then - tcltls_ssl_ssl3='force' - else - tcltls_ssl_ssl3='false' - fi -]) - -dnl ## TLSv1.0: Enabled by default -tcltls_ssl_tls1_0='true' -AC_ARG_ENABLE([tlsv1.0], AS_HELP_STRING([--disable-tlsv1.0], [disable TLSv1.0 protocol]), [ - if test "$enableval" = "yes"; then - tcltls_ssl_tls1_0='force' - else - tcltls_ssl_tls1_0='false' - fi -]) - -dnl ## TLSv1.1: Enabled by default -tcltls_ssl_tls1_1='true' -AC_ARG_ENABLE([tlsv1.1], AS_HELP_STRING([--disable-tlsv1.1], [disable TLSv1.1 protocol]), [ - if test "$enableval" = "yes"; then - tcltls_ssl_tls1_1='force' - else - tcltls_ssl_tls1_1='false' - fi -]) - -dnl ## TLSv1.1: Enabled by default -tcltls_ssl_tls1_2='true' -AC_ARG_ENABLE([tlsv1.2], AS_HELP_STRING([--disable-tlsv1.2], [disable TLSv1.2 protocol]), [ - if test "$enableval" = "yes"; then - tcltls_ssl_tls1_2='force' - else - tcltls_ssl_tls1_2='false' - fi -]) - -dnl Enable support for a debugging build -tcltls_debug='false' -AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging parameters]), [ - if test "$enableval" = "yes"; then - tcltls_debug='true' - fi -]) -if test "$tcltls_debug" = 'true'; then - AC_DEFINE(TCLEXT_TCLTLS_DEBUG, [1], [Enable debugging build]) - AX_CHECK_COMPILE_FLAG([-fcheck-pointer-bounds], [CFLAGS="$CFLAGS -fcheck-pointer-bounds"]) -else - dnl If we are not doing debugging disable some of the more annoying warnings - AX_CHECK_COMPILE_FLAG([-Wno-unused-value], [CFLAGS="$CFLAGS -Wno-unused-value"]) - AX_CHECK_COMPILE_FLAG([-Wno-unused-parameter], [CFLAGS="$CFLAGS -Wno-unused-parameter"]) - AX_CHECK_COMPILE_FLAG([-Wno-deprecated-declarations], [CFLAGS="$CFLAGS -Wno-deprecated-declarations"]) -fi - -dnl Find "pkg-config" since we need to use it -AC_CHECK_TOOL([PKGCONFIG], [pkg-config], [false]) - -dnl Determine if we have been asked to use a fast path if possible -tcltls_ssl_fastpath='no' -AC_ARG_ENABLE([ssl-fastpath], AS_HELP_STRING([--disable-ssl-fastpath], [disable using the underlying file descriptor for talking directly to the SSL library]), [ - if test "$enableval" = 'yes'; then - tcltls_ssl_fastpath='yes' - else - tcltls_ssl_fastpath='no' - fi -]) - -if test "$tcltls_ssl_fastpath" = 'yes'; then - AC_DEFINE(TCLTLS_SSL_USE_FASTPATH, [1], [Define this to enable using the underlying file descriptor for talking directly to the SSL library]) -fi - -dnl Determine if we have been asked to statically link to the SSL library -TCLEXT_TLS_STATIC_SSL='no' -AC_ARG_ENABLE([static-ssl], AS_HELP_STRING([--enable-static-ssl], [enable statically linking to the specified SSL library]), [ - if test "$enableval" = 'yes'; then - TCLEXT_TLS_STATIC_SSL='yes' - fi -]) - -dnl Enable compiler warnings -AX_CHECK_COMPILE_FLAG([-Wall], [CFLAGS="$CFLAGS -Wall"]) -AX_CHECK_COMPILE_FLAG([-W], [ - CFLAGS="$CFLAGS -W" - AX_CHECK_COMPILE_FLAG([-Wno-self-assign], [CFLAGS="$CFLAGS -Wno-self-assign"]) -]) - -dnl Enable hardening -AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [CFLAGS="$CFLAGS -fstack-protector-all"]) -AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], [CFLAGS="$CFLAGS -fno-strict-overflow"]) -AC_DEFINE([_FORTIFY_SOURCE], [2], [Enable fortification]) - -dnl XXX:TODO: Automatically determine the SSL library to use -dnl defaulting to OpenSSL for compatibility reasons -if test "$tcltls_ssl_lib" = 'auto'; then - tcltls_ssl_lib='openssl' -fi - -AC_MSG_CHECKING([which TLS library to use]) -AC_MSG_RESULT([$tcltls_ssl_lib]) - -dnl Manually rewrite libressl to OpenSSL since we use the -dnl compatibility interface -if test "$tcltls_ssl_lib" = "libressl"; then - tcltls_ssl_lib='openssl' -fi - -AS_CASE([$tcltls_ssl_lib], - [openssl], [ - TCLTLS_SSL_OPENSSL - ], - [nss], [ - TCLTLS_SSL_LIBS="" - TCLTLS_SSL_CFLAGS="" - TCLTLS_SSL_CPPFLAGS="" - ], - [ - AC_MSG_ERROR([Unsupported SSL library: $tcltls_ssl_lib]) - ] -) -dnl Determine how to use this SSL library -AC_MSG_CHECKING([how to use $tcltls_ssl_lib]) -LIBS="${LIBS} ${TCLTLS_SSL_LIBS}" -CFLAGS="${CFLAGS} ${TCLTLS_SSL_CFLAGS}" -CPPFLAGS="${CPPFLAGS} ${TCLTLS_SSL_CPPFLAGS}" -AC_MSG_RESULT([$TCLTLS_SSL_CPPFLAGS $TCLTLS_SSL_CFLAGS $TCLTLS_SSL_LIBS]) - -dnl Sync the RPATH if requested -if test "$TCLEXT_BUILD" != 'static'; then - if test "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then - DC_SYNC_RPATH([no]) - else - DC_SYNC_RPATH([yes]) - fi -fi - -dnl Produce output -AC_OUTPUT(Makefile pkgIndex.tcl)