From f3adb1b276a9556562cd68e374ac621e5ac1ebab Mon Sep 17 00:00:00 2001 From: William Joye Date: Wed, 26 Apr 2017 11:40:38 -0400 Subject: support https via tls --- ds9/unix/Makefile.in | 2 +- ds9/win/Makefile.in | 4 +- ds9/win/configure | 365 +++++++++++++++++++++++++++++++++++++++++++++++++++ ds9/win/configure.ac | 6 + ds9/win/ds9.C | 7 + 5 files changed, 381 insertions(+), 3 deletions(-) diff --git a/ds9/unix/Makefile.in b/ds9/unix/Makefile.in index 412d33d..25b1943 100644 --- a/ds9/unix/Makefile.in +++ b/ds9/unix/Makefile.in @@ -35,7 +35,7 @@ tcliis_LIB_SPEC = @tcliis_LIB_SPEC@ tclsignal_LIB_SPEC= @tclsignal_LIB_SPEC@ tclxml_LIB_SPEC = @tclxml_LIB_SPEC@ tclzvfs_LIB_SPEC= @tclzvfs_LIB_SPEC@ -tls_LIB_SPEC=@tls_LIB_SPEC@ +tls_LIB_SPEC =@tls_LIB_SPEC@ tkblt_LIB_SPEC = @tkblt_LIB_SPEC@ tkhtml1_LIB_SPEC= @tkhtml1_LIB_SPEC@ diff --git a/ds9/win/Makefile.in b/ds9/win/Makefile.in index 74b3a00..20c7513 100755 --- a/ds9/win/Makefile.in +++ b/ds9/win/Makefile.in @@ -21,7 +21,6 @@ TK_STUB_LIB_SPEC= @TK_STUB_LIB_SPEC@ tifftcl_LIB_SPEC= @tifftcl_LIB_SPEC@ pngtcl_LIB_SPEC = @pngtcl_LIB_SPEC@ jpegtcl_LIB_SPEC= @jpegtcl_LIB_SPEC@ -zlibtcl_LIB_SPEC= @zlibtcl_LIB_SPEC@ tkimg_LIB_SPEC = @tkimg_LIB_SPEC@ tkimggif_LIB_SPEC= @tkimggif_LIB_SPEC@ @@ -32,6 +31,7 @@ tkimgwindow_LIB_SPEC= @tkimgwindow_LIB_SPEC@ tcliis_LIB_SPEC = @tcliis_LIB_SPEC@ tclxml_LIB_SPEC = @tclxml_LIB_SPEC@ +tls_LIB_SPEC =@tls_LIB_SPEC@ tkblt_LIB_SPEC = @tkblt_LIB_SPEC@ tkhtml1_LIB_SPEC= @tkhtml1_LIB_SPEC@ @@ -82,7 +82,7 @@ SPECS = \ $(zlibtcl_LIB_SPEC) \ $(tcliis_LIB_SPEC) \ $(tclxml_LIB_SPEC) \ - $(tclzvfs_LIB_SPEC) \ + $(tls_LIB_SPEC) \ $(tkblt_LIB_SPEC) \ $(tkhtml1_LIB_SPEC) \ $(tkimg_LIB_SPEC) \ diff --git a/ds9/win/configure b/ds9/win/configure index a078ba2..d48bc78 100755 --- a/ds9/win/configure +++ b/ds9/win/configure @@ -763,6 +763,14 @@ tkblt_LIB_FILE tkblt_SRC_DIR tkblt_BIN_DIR tkblt_VERSION +tls_STUB_LIB_PATH +tls_STUB_LIB_SPEC +tls_STUB_LIB_FILE +tls_LIB_SPEC +tls_LIB_FILE +tls_SRC_DIR +tls_BIN_DIR +tls_VERSION tclxml_STUB_LIB_PATH tclxml_STUB_LIB_SPEC tclxml_STUB_LIB_FILE @@ -906,6 +914,7 @@ with_jpegtcl with_zlibtcl with_tcliis with_tclxml +with_tls with_tkblt with_tkhtml1 with_tkimg @@ -1569,6 +1578,7 @@ Optional Packages: --with-zlibtcl directory containing zlibtcl configuration (zlibtclConfig.sh) --with-tcliis directory containing tcliis configuration (tcliisConfig.sh) --with-tclxml directory containing tclxml configuration (tclxmlConfig.sh) + --with-tls directory containing tls configuration (tlsConfig.sh) --with-tkblt directory containing tkblt configuration (tkbltConfig.sh) --with-tkhtml1 directory containing tkhtml1 configuration (tkhtml1Config.sh) --with-tkimg directory containing tkimg configuration (tkimgConfig.sh) @@ -5494,6 +5504,270 @@ fi # + # Ok, lets find the tls configuration + # First, look for one uninstalled. + # the alternative search directory is invoked by --with-tls + # + + if test x"${no_tls}" = x ; then + # we reset no_tls in case something fails here + no_tls=true + +# Check whether --with-tls was given. +if test "${with_tls+set}" = set; then : + withval=$with_tls; with_tlsconfig=${withval} +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for tls configuration" >&5 +$as_echo_n "checking for tls configuration... " >&6; } + if ${ac_cv_c_tlsconfig+:} false; then : + $as_echo_n "(cached) " >&6 +else + + + # First check to see if --with-tls was specified. + if test x"${with_tlsconfig}" != x ; then + case ${with_tlsconfig} in + */tlsConfig.sh ) + if test -f ${with_tlsconfig}; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: --with-tls argument should refer to directory containing tlsConfig.sh, not to tlsConfig.sh itself" >&5 +$as_echo "$as_me: WARNING: --with-tls argument should refer to directory containing tlsConfig.sh, not to tlsConfig.sh itself" >&2;} + with_tlsconfig=`echo ${with_tlsconfig} | sed 's!/tlsConfig\.sh$!!'` + fi;; + esac + if test -f "${with_tlsconfig}/tlsConfig.sh" ; then + ac_cv_c_tlsconfig=`(cd ${with_tlsconfig}; pwd)` + else + as_fn_error $? "${with_tlsconfig} directory doesn't contain tlsConfig.sh" "$LINENO" 5 + fi + fi + + # then check for a private tls installation + if test x"${ac_cv_c_tlsconfig}" = x ; then + for i in \ + ../tls \ + `ls -dr ../tls*[0-9].[0-9]*.[0-9]* 2>/dev/null` \ + `ls -dr ../tls*[0-9].[0-9][0-9] 2>/dev/null` \ + `ls -dr ../tls*[0-9].[0-9] 2>/dev/null` \ + `ls -dr ../tls*[0-9].[0-9]* 2>/dev/null` \ + ../../tls \ + `ls -dr ../../tls*[0-9].[0-9]*.[0-9]* 2>/dev/null` \ + `ls -dr ../../tls*[0-9].[0-9][0-9] 2>/dev/null` \ + `ls -dr ../../tls*[0-9].[0-9] 2>/dev/null` \ + `ls -dr ../../tls*[0-9].[0-9]* 2>/dev/null` \ + ../../../tls \ + `ls -dr ../../../tls*[0-9].[0-9]*.[0-9]* 2>/dev/null` \ + `ls -dr ../../../tls*[0-9].[0-9][0-9] 2>/dev/null` \ + `ls -dr ../../../tls*[0-9].[0-9] 2>/dev/null` \ + `ls -dr ../../../tls*[0-9].[0-9]* 2>/dev/null` \ + ${srcdir}/../tls \ + `ls -dr ${srcdir}/../tls*[0-9].[0-9]*.[0-9]* 2>/dev/null` \ + `ls -dr ${srcdir}/../tls*[0-9].[0-9][0-9] 2>/dev/null` \ + `ls -dr ${srcdir}/../tls*[0-9].[0-9] 2>/dev/null` \ + `ls -dr ${srcdir}/../tls*[0-9].[0-9]* 2>/dev/null` \ + ; do + if test -f "$i/tlsConfig.sh" ; then + ac_cv_c_tlsconfig=`(cd $i; pwd)` + break + fi + if test -f "$i/unix/tlsConfig.sh" ; then + ac_cv_c_tlsconfig=`(cd $i/unix; pwd)` + break + fi + done + fi + + # check in a few common install locations + if test x"${ac_cv_c_tlsconfig}" = x ; then + for i in `ls -d ${libdir} 2>/dev/null` \ + `ls -d ${exec_prefix}/lib 2>/dev/null` \ + `ls -d ${prefix}/lib 2>/dev/null` \ + `ls -d /usr/local/lib 2>/dev/null` \ + `ls -d /usr/contrib/lib 2>/dev/null` \ + `ls -d /usr/lib 2>/dev/null` \ + `ls -d /usr/lib64 2>/dev/null` \ + ; do + if test -f "$i/tlsConfig.sh" ; then + ac_cv_c_tlsconfig=`(cd $i; pwd)` + break + fi + done + fi + +fi + + + if test x"${ac_cv_c_tlsconfig}" = x ; then + tls_BIN_DIR="# no tls configs found" + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Cannot find tls configuration definitions" >&5 +$as_echo "$as_me: WARNING: Cannot find tls configuration definitions" >&2;} + exit 0 + else + no_tls= + tls_BIN_DIR=${ac_cv_c_tlsconfig} + { $as_echo "$as_me:${as_lineno-$LINENO}: result: found $tls_BIN_DIR/tlsConfig.sh" >&5 +$as_echo "found $tls_BIN_DIR/tlsConfig.sh" >&6; } + fi + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for existence of ${tls_BIN_DIR}/tlsConfig.sh" >&5 +$as_echo_n "checking for existence of ${tls_BIN_DIR}/tlsConfig.sh... " >&6; } + + if test -f "${tls_BIN_DIR}/tlsConfig.sh" ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: loading" >&5 +$as_echo "loading" >&6; } + . "${tls_BIN_DIR}/tlsConfig.sh" + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: file not found" >&5 +$as_echo "file not found" >&6; } + fi + + # + # If the tls_BIN_DIR is the build directory (not the install directory), + # then set the common variable name to the value of the build variables. + # For example, the variable tls_LIB_SPEC will be set to the value + # of tls_BUILD_LIB_SPEC. An extension should make use of tls_LIB_SPEC + # instead of tls_BUILD_LIB_SPEC since it will work with both an + # installed and uninstalled version of Tcl. + # + + if test -f "${tls_BIN_DIR}/Makefile" ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Found Makefile - using build library specs for tls" >&5 +$as_echo "$as_me: WARNING: Found Makefile - using build library specs for tls" >&2;} + tls_LIB_SPEC=${tls_BUILD_LIB_SPEC} + tls_STUB_LIB_SPEC=${tls_BUILD_STUB_LIB_SPEC} + tls_STUB_LIB_PATH=${tls_BUILD_STUB_LIB_PATH} + tls_INCLUDE_SPEC=${tls_BUILD_INCLUDE_SPEC} + tls_LIBRARY_PATH=${tls_LIBRARY_PATH} + fi + + + + + + + + + + + + + # Allow the caller to prevent this auto-check by specifying any 2nd arg + if test "x" = x; then : + + # Check both upper and lower-case variants + # If a dev wanted non-stubs libs, this function could take an option + # to not use _STUB in the paths below + if test "x${tls_STUB_LIB_SPEC}" = x; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking For TLS_STUB library for LIBS" >&5 +$as_echo_n "checking For TLS_STUB library for LIBS... " >&6; } + # This simplifies the use of stub libraries by automatically adding + # the stub lib to your path. Normally this would add to SHLIB_LD_LIBS, + # but this is called before CONFIG_CFLAGS. More importantly, this adds + # to PKG_LIBS, which becomes LIBS, and that is only used by SHLIB_LD. + if test "x${TLS_STUB_LIB_SPEC}" != "x" ; then + if test "${TEA_PLATFORM}" = "windows" -a "$GCC" != "yes" ; then + + vars="\"`${CYGPATH} ${TLS_STUB_LIB_PATH}`\"" + for i in $vars; do + if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then + case $i in + *.lib) + # Convert foo.lib to -lfoo for GCC + i=-l`echo "$i" | sed -e 's/\.[^.]*$//' -e 's/\.lib.*//'` + ;; + esac + fi + PKG_LIBS="$PKG_LIBS $i" + done + + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: using TLS_STUB_LIB_PATH ${TLS_STUB_LIB_PATH}" >&5 +$as_echo "using TLS_STUB_LIB_PATH ${TLS_STUB_LIB_PATH}" >&6; } + else + + vars="${TLS_STUB_LIB_SPEC}" + for i in $vars; do + if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then + case $i in + *.lib) + # Convert foo.lib to -lfoo for GCC + i=-l`echo "$i" | sed -e 's/\.[^.]*$//' -e 's/\.lib.*//'` + ;; + esac + fi + PKG_LIBS="$PKG_LIBS $i" + done + + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: using TLS_STUB_LIB_SPEC ${TLS_STUB_LIB_SPEC}" >&5 +$as_echo "using TLS_STUB_LIB_SPEC ${TLS_STUB_LIB_SPEC}" >&6; } + fi + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: file not found" >&5 +$as_echo "file not found" >&6; } + fi + +else + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking For tls_STUB library for LIBS" >&5 +$as_echo_n "checking For tls_STUB library for LIBS... " >&6; } + # This simplifies the use of stub libraries by automatically adding + # the stub lib to your path. Normally this would add to SHLIB_LD_LIBS, + # but this is called before CONFIG_CFLAGS. More importantly, this adds + # to PKG_LIBS, which becomes LIBS, and that is only used by SHLIB_LD. + if test "x${tls_STUB_LIB_SPEC}" != "x" ; then + if test "${TEA_PLATFORM}" = "windows" -a "$GCC" != "yes" ; then + + vars="\"`${CYGPATH} ${tls_STUB_LIB_PATH}`\"" + for i in $vars; do + if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then + case $i in + *.lib) + # Convert foo.lib to -lfoo for GCC + i=-l`echo "$i" | sed -e 's/\.[^.]*$//' -e 's/\.lib.*//'` + ;; + esac + fi + PKG_LIBS="$PKG_LIBS $i" + done + + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: using tls_STUB_LIB_PATH ${tls_STUB_LIB_PATH}" >&5 +$as_echo "using tls_STUB_LIB_PATH ${tls_STUB_LIB_PATH}" >&6; } + else + + vars="${tls_STUB_LIB_SPEC}" + for i in $vars; do + if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then + case $i in + *.lib) + # Convert foo.lib to -lfoo for GCC + i=-l`echo "$i" | sed -e 's/\.[^.]*$//' -e 's/\.lib.*//'` + ;; + esac + fi + PKG_LIBS="$PKG_LIBS $i" + done + + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: using tls_STUB_LIB_SPEC ${tls_STUB_LIB_SPEC}" >&5 +$as_echo "using tls_STUB_LIB_SPEC ${tls_STUB_LIB_SPEC}" >&6; } + fi + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: file not found" >&5 +$as_echo "file not found" >&6; } + fi + +fi + +fi + + + + # # Ok, lets find the tkblt configuration # First, look for one uninstalled. # the alternative search directory is invoked by --with-tkblt @@ -10573,6 +10847,97 @@ done #TEA_ADD_STUB_SOURCES([]) #TEA_ADD_TCL_SOURCES([]) +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for CRYPTO_new_ex_data in -lcrypto" >&5 +$as_echo_n "checking for CRYPTO_new_ex_data in -lcrypto... " >&6; } +if ${ac_cv_lib_crypto_CRYPTO_new_ex_data+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lcrypto $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char CRYPTO_new_ex_data (); +int +main () +{ +return CRYPTO_new_ex_data (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_crypto_CRYPTO_new_ex_data=yes +else + ac_cv_lib_crypto_CRYPTO_new_ex_data=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_CRYPTO_new_ex_data" >&5 +$as_echo "$ac_cv_lib_crypto_CRYPTO_new_ex_data" >&6; } +if test "x$ac_cv_lib_crypto_CRYPTO_new_ex_data" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBCRYPTO 1 +_ACEOF + + LIBS="-lcrypto $LIBS" + +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for TLSv1_1_method in -lssl" >&5 +$as_echo_n "checking for TLSv1_1_method in -lssl... " >&6; } +if ${ac_cv_lib_ssl_TLSv1_1_method+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lssl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char TLSv1_1_method (); +int +main () +{ +return TLSv1_1_method (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ssl_TLSv1_1_method=yes +else + ac_cv_lib_ssl_TLSv1_1_method=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ssl_TLSv1_1_method" >&5 +$as_echo "$ac_cv_lib_ssl_TLSv1_1_method" >&6; } +if test "x$ac_cv_lib_ssl_TLSv1_1_method" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBSSL 1 +_ACEOF + + LIBS="-lssl $LIBS" + +fi + + #-------------------------------------------------------------------- # __CHANGE__ # diff --git a/ds9/win/configure.ac b/ds9/win/configure.ac index ec00c61..8f6258e 100644 --- a/ds9/win/configure.ac +++ b/ds9/win/configure.ac @@ -67,6 +67,9 @@ TEA_LOAD_CONFIG(tcliis) TEA_PATH_CONFIG(tclxml) TEA_LOAD_CONFIG(tclxml) +TEA_PATH_CONFIG(tls) +TEA_LOAD_CONFIG(tls) + TEA_PATH_CONFIG(tkblt) TEA_LOAD_CONFIG(tkblt) @@ -137,6 +140,9 @@ TEA_ADD_LIBS([-lstdc++]) #TEA_ADD_STUB_SOURCES([]) #TEA_ADD_TCL_SOURCES([]) +AC_CHECK_LIB([crypto],[CRYPTO_new_ex_data]) +AC_CHECK_LIB([ssl],[TLSv1_1_method]) + #-------------------------------------------------------------------- # __CHANGE__ # diff --git a/ds9/win/ds9.C b/ds9/win/ds9.C index c3c0333..fa3e871 100644 --- a/ds9/win/ds9.C +++ b/ds9/win/ds9.C @@ -41,6 +41,7 @@ extern "C" { int Tclxpa_Init(Tcl_Interp*); int Tcliis_Init(Tcl_Interp*); + int Tls_Init(Tcl_Interp*); int Tclxml_Init(Tcl_Interp*); int Tclxml_libxml2_Init(Tcl_Interp*); @@ -138,6 +139,12 @@ int SAOAppInit(Tcl_Interp *interp) // Tcl_StaticPackage (interp, "tclcheckdns", Tclcheckdns_Init, // (Tcl_PackageInitProc*)NULL); + // Tls + if (Tls_Init(interp) == TCL_ERROR) + return TCL_ERROR; + Tcl_StaticPackage (interp, "tls", Tls_Init, + (Tcl_PackageInitProc*)NULL); + // Tksao if (Tksao_Init(interp) == TCL_ERROR) return TCL_ERROR; -- cgit v0.12