stub in initial libtls standalone tree

author: Brent Cook <busterb@gmail.com> 2015-04-30 04:44:35 -0500
committer: Brent Cook <busterb@gmail.com> 2015-05-23 19:26:51 -0500
commit: 28353c1df15c3d0482a10ffe33fa34c053af2c2e (patch)
tree: 580bf87a6db90c492dd55594f9612d2442331376
parent: 7de7605b95f2cd2d061720376544d511f71dc063 (diff)
download: portable-28353c1df15c3d0482a10ffe33fa34c053af2c2e.tar.gz
portable-28353c1df15c3d0482a10ffe33fa34c053af2c2e.tar.bz2
portable-28353c1df15c3d0482a10ffe33fa34c053af2c2e.zip
14 files changed, 406 insertions, 121 deletions
diff --git a/.gitignore b/.gitignore
index 28cf002..5c62f55 100644
--- a/.gitignore
+++ b/.gitignore
@@ -63,34 +63,30 @@ tests/*.txt
 # ctags stuff
 TAGS
-## The initial / makes these files only get ignored in particular directories.
+autom4te.cache
-/autom4te.cache
 # Libtool adds these, at least sometimes
 INSTALL
-/m4/libtool.m4
+COPYING
-/m4/ltoptions.m4
+m4
-/m4/ltsugar.m4
-/m4/ltversion.m4
+aclocal.m4
-/m4/lt~obsolete.m4
+compile
+doxygen
-/aclocal.m4
+config.guess
-/compile
+config.log
-/doxygen
+config.status
-/config.guess
+config.sub
-/config.log
+configure
-/config.status
+depcomp
-/config.sub
+config.h
-/configure
+config.h.in
-/depcomp
+install-sh
-/config.h
+libtool
-/config.h.in
+ltmain.sh
-/install-sh
+missing
-/libtool
+stamp-h1
-/ltmain.sh
+stamp-h2
-/missing
-/stamp-h1
-/stamp-h2
 include/openssl/Makefile.am
@@ -106,97 +102,31 @@ include/pqueue.h
 include/tls.h
 include/openssl/*.h
 include/openssl/*.he
-apps/*.h
-apps/*.c
+/apps/*.h
-apps/openssl
+/apps/*.c
-apps/openssl.cnf
+/apps/openssl
-!apps/apps_win.c
+/apps/openssl.cnf
-!apps/poll_win.c
+!/apps/apps_win.c
-!apps/certhash_disabled.c
+!/apps/poll_win.c
+!/apps/certhash_disabled.c
-crypto/compat/arc4random.c
-crypto/compat/chacha_private.h
+/crypto
-crypto/compat/explicit_bzero.c
+!/crypto/Makefile.am.*
-crypto/compat/getentropy_*.c
+!/crypto/compat/arc4random.h
-crypto/compat/reallocarray.c
+!/crypto/compat/b_win.c
-crypto/compat/strlcat.c
+!/crypto/compat/bsd_asprintf.c
-crypto/compat/strlcpy.c
+!/crypto/compat/ui_openssl_win.c
-crypto/compat/strndup.c
-crypto/compat/strnlen.c
+/libtls-standalone/include/*.h
-crypto/compat/timingsafe_bcmp.c
+/libtls-standalone/src/*.c
-crypto/compat/timingsafe_memcmp.c
+/libtls-standalone/src/*.h
-crypto/compat/arc4random_*.h
+/libtls-standalone/src/compat
-crypto/aes/
-crypto/asn1/
-crypto/bf/
-crypto/bio/
-crypto/bn/
-crypto/buffer/
-crypto/camellia/
-crypto/cast/
-crypto/camellia/
-crypto/chacha/
-crypto/cmac/
-crypto/comp/
-crypto/conf/
-crypto/cpt_err.c
-crypto/cryptlib.c
-crypto/cryptlib.h
-crypto/cversion.c
-crypto/des/
-crypto/dh/
-crypto/dsa/
-crypto/dso/
-crypto/ec/
-crypto/ecdh/
-crypto/ecdsa/
-crypto/engine/
-crypto/err/
-crypto/evp/
-crypto/ex_data.c
-crypto/gost/
-crypto/hmac/
-crypto/idea/
-crypto/krb5/
-crypto/lhash/
-crypto/malloc-wrapper.c
-crypto/md32_common.h
-crypto/md4/
-crypto/md5/
-crypto/mdc2/
-crypto/mem_clr.c
-crypto/mem_dbg.c
-crypto/modes/
-crypto/o_init.c
-crypto/o_str.c
-crypto/o_time.c
-crypto/o_time.h
-crypto/objects
-crypto/ocsp/
-crypto/pem/
-crypto/pkcs12/
-crypto/pkcs7/
-crypto/poly1305/
-crypto/pqueue/
-crypto/rand/
-crypto/rc2/
-crypto/rc4/
-crypto/ripemd/
-crypto/rsa/
-crypto/sha/
-crypto/stack/
-crypto/ts/
-crypto/txt_db/
-crypto/ui/
-crypto/whrlpool/
-crypto/x509/
-crypto/x509v3/
 openbsd/
 *.tar.gz
 apps/*.1*
 man/*.3
 man/*.1
 man/Makefile.am
-.gitmodules
-COPYING
diff --git a/libtls-standalone/AUTHORS b/libtls-standalone/AUTHORS
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/libtls-standalone/AUTHORS
diff --git a/libtls-standalone/ChangeLog b/libtls-standalone/ChangeLog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/libtls-standalone/ChangeLog
diff --git a/libtls-standalone/Makefile.am b/libtls-standalone/Makefile.am
new file mode 100644
index 0000000..8881d8c
--- /dev/null
+++ b/libtls-standalone/Makefile.am
@@ -0,0 +1,7 @@
+SUBDIRS = include src
+ACLOCAL_AMFLAGS = -I m4
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = libtls.pc
+EXTRA_DIST = README VERSION
diff --git a/libtls-standalone/NEWS b/libtls-standalone/NEWS
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/libtls-standalone/NEWS
diff --git a/libtls-standalone/README b/libtls-standalone/README
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/libtls-standalone/README
diff --git a/libtls-standalone/VERSION b/libtls-standalone/VERSION
new file mode 100644
index 0000000..81ece01
--- /dev/null
+++ b/libtls-standalone/VERSION
@@ -0,0 +1 @@
+3:1:0
diff --git a/libtls-standalone/configure.ac b/libtls-standalone/configure.ac
new file mode 100644
index 0000000..babb266
--- /dev/null
+++ b/libtls-standalone/configure.ac
@@ -0,0 +1,254 @@
+AC_INIT([libtls], m4_esyscmd([tr -d '\n' < VERSION]))
+AC_CANONICAL_HOST
+AM_INIT_AUTOMAKE([subdir-objects])
+AC_CONFIG_MACRO_DIR([m4])
+m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
+# This must be called before AC_PROG_CC
+USER_CFLAGS="$CFLAGS"
+AC_PROG_CC
+AC_PROG_CC_STDC
+AM_PROG_CC_C_O
+AC_PROG_LIBTOOL
+LT_INIT
+CFLAGS="$CFLAGS -Wall -std=gnu99"
+case $host_os in
+        *aix*)
+                HOST_OS=aix
+                if test "`echo $CC | cut -d ' ' -f 1`" != "gcc" ; then
+                        CFLAGS="$USER_CFLAGS"
+                fi
+                ;;
+        *cygwin*)
+                HOST_OS=cygwin
+                ;;
+        *darwin*)
+                HOST_OS=darwin
+                HOST_ABI=macosx
+                ;;
+        *freebsd*)
+                HOST_OS=freebsd
+                HOST_ABI=elf
+                ;;
+        *hpux*)
+                HOST_OS=hpux;
+                if test "`echo $CC | cut -d ' ' -f 1`" = "gcc" ; then
+                        CFLAGS="$CFLAGS -mlp64"
+                else
+                        CFLAGS="-g -O2 +DD64 $USER_CFLAGS"
+                fi
+                CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT"
+                AC_SUBST([PLATFORM_LDADD], ['-lpthread'])
+                ;;
+        *linux*)
+                HOST_OS=linux
+                HOST_ABI=elf
+                CPPFLAGS="$CPPFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
+                ;;
+        *netbsd*)
+                HOST_OS=netbsd
+                CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
+                ;;
+        *openbsd*)
+                HOST_ABI=elf
+                AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
+                ;;
+        *mingw*)
+                HOST_OS=win
+                CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D__USE_MINGW_ANSI_STDIO"
+                CPPFLAGS="$CPPFLAGS -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS"
+                CPPFLAGS="$CPPFLAGS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600"
+                CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG"
+                CFLAGS="$CFLAGS -static-libgcc"
+                LDFLAGS="$LDFLAGS -static-libgcc"
+                AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
+                ;;
+        *solaris*)
+                HOST_OS=solaris
+                HOST_ABI=elf
+                CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
+                AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket'])
+                ;;
+        *) ;;
+esac
+AM_CONDITIONAL([HOST_AIX],     [test x$HOST_OS = xaix])
+AM_CONDITIONAL([HOST_CYGWIN],  [test x$HOST_OS = xcygwin])
+AM_CONDITIONAL([HOST_DARWIN],  [test x$HOST_OS = xdarwin])
+AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd])
+AM_CONDITIONAL([HOST_HPUX],    [test x$HOST_OS = xhpux])
+AM_CONDITIONAL([HOST_LINUX],   [test x$HOST_OS = xlinux])
+AM_CONDITIONAL([HOST_NETBSD],  [test x$HOST_OS = xnetbsd])
+AM_CONDITIONAL([HOST_SOLARIS], [test x$HOST_OS = xsolaris])
+AM_CONDITIONAL([HOST_WIN],     [test x$HOST_OS = xwin])
+AC_MSG_CHECKING([if compiling with clang])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
+#ifndef __clang__
+        not clang
+#endif
+        ]])],
+        [CLANG=yes],
+        [CLANG=no]
+)
+AC_MSG_RESULT([$CLANG])
+AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Qunused-arguments])
+CFLAGS="$CFLAGS $CLANG_FLAGS"
+LDFLAGS="$LDFLAGS $CLANG_FLAGS"
+# We want to check for compiler flag support. Prior to clang v5.1, there was no
+# way to make clang's "argument unused" warning fatal.  So we invoke the
+# compiler through a wrapper script that greps for this message.
+saved_CC="$CC"
+saved_LD="$LD"
+flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
+CC="$flag_wrap $CC"
+LD="$flag_wrap $LD"
+AC_ARG_ENABLE([hardening],
+        [AS_HELP_STRING([--disable-hardening],
+                        [Disable options to frustrate memory corruption exploits])],
+        [], [enable_hardening=yes])
+AC_ARG_ENABLE([windows-ssp],
+        [AS_HELP_STRING([--enable-windows-ssp],
+                        [Enable building the stack smashing protection on
+                         Windows. This currently distributing libssp-0.dll.])])
+AC_DEFUN([CHECK_CFLAG], [
+         AC_LANG_ASSERT(C)
+         AC_MSG_CHECKING([if $saved_CC supports "$1"])
+         old_cflags="$CFLAGS"
+         CFLAGS="$1 -Wall -Werror"
+         AC_TRY_LINK([
+                      #include <stdio.h>
+                      ],
+                     [printf("Hello")],
+                     AC_MSG_RESULT([yes])
+                     CFLAGS=$old_cflags
+                     HARDEN_CFLAGS="$HARDEN_CFLAGS $1",
+                     AC_MSG_RESULT([no])
+                     CFLAGS=$old_cflags
+                     [$2])
+])
+AC_DEFUN([CHECK_LDFLAG], [
+         AC_LANG_ASSERT(C)
+         AC_MSG_CHECKING([if $saved_LD supports "$1"])
+         old_ldflags="$LDFLAGS"
+         LDFLAGS="$1 -Wall -Werror"
+         AC_TRY_LINK([
+                      #include <stdio.h>
+                      ],
+                     [printf("Hello")],
+                     AC_MSG_RESULT([yes])
+                     LDFLAGS=$old_ldflags
+                     HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1",
+                     AC_MSG_RESULT([no])
+                     LDFLAGS=$old_ldflags
+                     [$2])
+])
+AS_IF([test "x$enable_hardening" = "xyes"], [
+        # Tell GCC to NOT optimize based on signed arithmetic overflow
+        CHECK_CFLAG([[-fno-strict-overflow]])
+        # _FORTIFY_SOURCE replaces builtin functions with safer versions.
+        CHECK_CFLAG([[-D_FORTIFY_SOURCE=2]])
+        # Enable read only relocations
+        CHECK_LDFLAG([[-Wl,-z,relro]])
+        CHECK_LDFLAG([[-Wl,-z,now]])
+        # Windows security flags
+        AS_IF([test "x$HOST_OS" = "xwin"], [
+                CHECK_LDFLAG([[-Wl,--nxcompat]])
+                CHECK_LDFLAG([[-Wl,--dynamicbase]])
+                CHECK_LDFLAG([[-Wl,--high-entropy-va]])
+        ])
+        # Use stack-protector-strong if available; if not, fallback to
+        # stack-protector-all which is considered to be overkill
+        AS_IF([test "x$enable_windows_ssp" = "xyes" -o "x$HOST_OS" != "xwin"], [
+                CHECK_CFLAG([[-fstack-protector-strong]],
+                        CHECK_CFLAG([[-fstack-protector-all]],
+                                AC_MSG_WARN([compiler does not appear to support stack protection])
+                        )
+                )
+                AS_IF([test "x$HOST_OS" = "xwin"], [
+                        AC_SEARCH_LIBS([__stack_chk_guard],[ssp])
+                ])
+        ])
+])
+# Restore CC, LD
+CC="$saved_CC"
+LD="$saved_LD"
+CFLAGS="$CFLAGS $HARDEN_CFLAGS"
+LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
+# Removing the dependency on -Wno-pointer-sign should be a goal
+save_cflags="$CFLAGS"
+CFLAGS=-Wno-pointer-sign
+AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
+        [AC_MSG_RESULT([yes])]
+        [AM_CFLAGS=-Wno-pointer-sign],
+        [AC_MSG_RESULT([no])]
+)
+CFLAGS="$save_cflags $AM_CFLAGS"
+save_cflags="$CFLAGS"
+CFLAGS=
+AC_MSG_CHECKING([whether AS supports .note.GNU-stack])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+__asm__(".section .note.GNU-stack,\"\",@progbits");]])],
+        [AC_MSG_RESULT([yes])]
+        [AM_CFLAGS=-DHAVE_GNU_STACK],
+        [AC_MSG_RESULT([no])]
+)
+CFLAGS="$save_cflags $AM_CFLAGS"
+AM_PROG_AS
+AC_CHECK_FUNCS([explicit_bzero strsep])
+AM_CONDITIONAL([HAVE_EXPLICIT_BZERO], [test "x$ac_cv_func_explicit_bzero" = xyes])
+AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes])
+#AC_CHECK_FUNCS([arc4random_buf asprintf explicit_bzero funopen getauxval])
+#AC_CHECK_FUNCS([getentropy memmem poll reallocarray])
+#AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strtonum])
+#AC_CHECK_FUNCS([symlink])
+#AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
+#
+## Share test results with automake
+#AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])
+#AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes])
+#AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = xyes])
+#AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes])
+#AM_CONDITIONAL([HAVE_POLL], [test "x$ac_cv_func_poll" = xyes])
+#AM_CONDITIONAL([HAVE_REALLOCARRAY], [test "x$ac_cv_func_reallocarray" = xyes])
+#AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes])
+#AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes])
+#AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes])
+#AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
+#AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
+#AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
+#AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
+#AM_CONDITIONAL([BUILD_CERTHASH], [test "x$ac_cv_func_symlink" = xyes])
+AC_CONFIG_FILES([
+        Makefile
+        include/Makefile
+        src/Makefile
+        libtls.pc
+])
+AC_OUTPUT
diff --git a/libtls-standalone/include/Makefile.am b/libtls-standalone/include/Makefile.am
new file mode 100644
index 0000000..7fbefdc
--- /dev/null
+++ b/libtls-standalone/include/Makefile.am
@@ -0,0 +1,27 @@
+#noinst_HEADERS = err.h
+#noinst_HEADERS += netdb.h
+#noinst_HEADERS += poll.h
+#noinst_HEADERS += pqueue.h
+#noinst_HEADERS += stdio.h
+#noinst_HEADERS += stdlib.h
+#noinst_HEADERS += string.h
+#noinst_HEADERS += syslog.h
+#noinst_HEADERS += unistd.h
+#noinst_HEADERS += win32netcompat.h
+#
+#noinst_HEADERS += arpa/inet.h
+#
+#noinst_HEADERS += machine/endian.h
+#
+#noinst_HEADERS += netinet/in.h
+#noinst_HEADERS += netinet/tcp.h
+#
+#noinst_HEADERS += sys/ioctl.h
+#noinst_HEADERS += sys/mman.h
+#noinst_HEADERS += sys/select.h
+#noinst_HEADERS += sys/socket.h
+#noinst_HEADERS += sys/times.h
+#noinst_HEADERS += sys/types.h
+#noinst_HEADERS += sys/uio.h
+include_HEADERS = tls.h
diff --git a/libtls-standalone/include/string.h b/libtls-standalone/include/string.h
new file mode 100644
index 0000000..c42fcba
--- /dev/null
+++ b/libtls-standalone/include/string.h
@@ -0,0 +1,28 @@
+/*
+ * Public domain
+ * string.h compatibility shim
+ */
+#include_next <string.h>
+#ifndef LIBCRYPTOCOMPAT_STRING_H
+#define LIBCRYPTOCOMPAT_STRING_H
+#include <sys/types.h>
+#if defined(__sun) || defined(__hpux)
+/* Some functions historically defined in string.h were placed in strings.h by
+ * SUS. Use the same hack as OS X and FreeBSD use to work around on Solaris and HPUX.
+ */
+#include <strings.h>
+#endif
+#ifndef HAVE_EXPLICIT_BZERO
+void explicit_bzero(void *, size_t);
+#endif
+#ifndef HAVE_STRSEP
+char *strsep(char **stringp, const char *delim);
+#endif
+#endif
diff --git a/libtls-standalone/libtls.pc.in b/libtls-standalone/libtls.pc.in
new file mode 100644
index 0000000..64d7457
--- /dev/null
+++ b/libtls-standalone/libtls.pc.in
@@ -0,0 +1,16 @@
+#libtls pkg-config source file
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+Name: LibreSSL-libtls
+Description: Secure communications using the TLS socket protocol.
+Version: @LIBTLS_VERSION@
+Requires:
+Requires.private: libcrypto libssl
+Conflicts:
+Libs: -L${libdir} -ltls
+Libs.private: @LIBS@ -lcrypto -lssl
+Cflags: -I${includedir}
diff --git a/libtls-standalone/src/Makefile.am b/libtls-standalone/src/Makefile.am
new file mode 100644
index 0000000..d5bcc49
--- /dev/null
+++ b/libtls-standalone/src/Makefile.am
@@ -0,0 +1,18 @@
+AM_CFLAGS = -I$(top_srcdir)/include
+lib_LTLIBRARIES = libtls.la
+libtls_la_LDFLAGS = -no-undefined
+libtls_la_LIBADD = -lcrypto -lssl $(PLATFORM_LDADD)
+libtls_la_SOURCES = tls.c
+libtls_la_SOURCES += tls_client.c
+libtls_la_SOURCES += tls_config.c
+libtls_la_SOURCES += tls_server.c
+libtls_la_SOURCES += tls_util.c
+libtls_la_SOURCES += tls_verify.c
+noinst_HEADERS = tls_internal.h
+if !HAVE_STRSEP
+libtls_la_SOURCES += strsep.c
+endif
diff --git a/tls/Makefile.am b/tls/Makefile.am
index e8c4713..d5bcc49 100644
--- a/tls/Makefile.am
+++ b/tls/Makefile.am
@@ -1,11 +1,9 @@
-include $(top_srcdir)/Makefile.am.common
+AM_CFLAGS = -I$(top_srcdir)/include
 lib_LTLIBRARIES = libtls.la
-EXTRA_DIST = VERSION
+libtls_la_LDFLAGS = -no-undefined
+libtls_la_LIBADD = -lcrypto -lssl $(PLATFORM_LDADD)
-libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined
-libtls_la_LIBADD = ../crypto/libcrypto.la ../ssl/libssl.la $(PLATFORM_LDADD)
 libtls_la_SOURCES = tls.c
 libtls_la_SOURCES += tls_client.c
diff --git a/update.sh b/update.sh
index 7863b18..d2e74c7 100755
--- a/update.sh
+++ b/update.sh
@@ -43,6 +43,7 @@ source $libtls_src/shlib_version
 libtls_version=$major:$minor:0
 echo "libtls version $libtls_version"
 echo $libtls_version > tls/VERSION
+echo $libtls_version > libtls-standalone/VERSION
 do_mv() {
        if ! cmp -s "$1" "$2"
@@ -62,6 +63,7 @@ $CP $libssl_src/src/crypto/opensslfeatures.h include/openssl
 $CP $libssl_src/src/e_os2.h include/openssl
 $CP $libssl_src/src/ssl/pqueue.h include
 $CP $libtls_src/tls.h include
+$CP $libtls_src/tls.h libtls-standalone/include
 for i in explicit_bzero.c strlcpy.c strlcat.c strndup.c strnlen.c \
                timingsafe_bcmp.c timingsafe_memcmp.c; do
@@ -73,6 +75,9 @@ $CP $libc_src/crypt/chacha_private.h crypto/compat
 $CP $libcrypto_src/crypto/getentropy_*.c crypto/compat
 $CP $libcrypto_src/crypto/arc4random_*.h crypto/compat
+$CP $libcrypto_src/crypto/getentropy_*.c libtls-standalone/src/compat
+$CP $libcrypto_src/crypto/arc4random_*.h libtls-standalone/src/compat
 (cd $libssl_src/src/crypto/objects/;
        perl objects.pl objects.txt obj_mac.num obj_mac.h;
        perl obj_dat.pl obj_mac.h obj_dat.h )
@@ -166,14 +171,15 @@ done
 # copy libtls source
 echo copying libtls source
-rm -f tls/*.c tls/*.h
+rm -f tls/*.c tls/*.h libtls/src/*.c libtls/src/*.h
 for i in `awk '/SOURCES|HEADERS/ { print $3 }' tls/Makefile.am` ; do
        if [ -e $libtls_src/$i ]; then
                $CP $libtls_src/$i tls
-        else
+                $CP $libtls_src/$i libtls-standalone/src
-                $CP $libc_src/string/$i tls
        fi
 done
+$CP $libc_src/string/strsep.c tls
+$CP $libc_src/string/strsep.c libtls-standalone/src/compat
 # copy openssl(1) source
 echo "copying openssl(1) source"
author	Brent Cook <busterb@gmail.com>	2015-04-30 04:44:35 -0500
committer	Brent Cook <busterb@gmail.com>	2015-05-23 19:26:51 -0500
commit	28353c1df15c3d0482a10ffe33fa34c053af2c2e (patch)
tree	580bf87a6db90c492dd55594f9612d2442331376
parent	7de7605b95f2cd2d061720376544d511f71dc063 (diff)
download	portable-28353c1df15c3d0482a10ffe33fa34c053af2c2e.tar.gz portable-28353c1df15c3d0482a10ffe33fa34c053af2c2e.tar.bz2 portable-28353c1df15c3d0482a10ffe33fa34c053af2c2e.zip

diff --git a/.gitignore b/.gitignore index 28cf002..5c62f55 100644 --- a/.gitignore +++ b/.gitignore
@@ -63,34 +63,30 @@ tests/*.txt
63	# ctags stuff	63	# ctags stuff
64	TAGS	64	TAGS
65		65
66	## The initial / makes these files only get ignored in particular directories.	66	autom4te.cache
67	/autom4te.cache
68		67
69	# Libtool adds these, at least sometimes	68	# Libtool adds these, at least sometimes
70	INSTALL	69	INSTALL
71	/m4/libtool.m4	70	COPYING
72	/m4/ltoptions.m4	71	m4
73	/m4/ltsugar.m4	72
74	/m4/ltversion.m4	73	aclocal.m4
75	/m4/lt~obsolete.m4	74	compile
76		75	doxygen
77	/aclocal.m4	76	config.guess
78	/compile	77	config.log
79	/doxygen	78	config.status
80	/config.guess	79	config.sub
81	/config.log	80	configure
82	/config.status	81	depcomp
83	/config.sub	82	config.h
84	/configure	83	config.h.in
85	/depcomp	84	install-sh
86	/config.h	85	libtool
87	/config.h.in	86	ltmain.sh
88	/install-sh	87	missing
89	/libtool	88	stamp-h1
90	/ltmain.sh	89	stamp-h2
91	/missing
92	/stamp-h1
93	/stamp-h2
94		90
95	include/openssl/Makefile.am	91	include/openssl/Makefile.am
96		92
@@ -106,97 +102,31 @@ include/pqueue.h
106	include/tls.h	102	include/tls.h
107	include/openssl/*.h	103	include/openssl/*.h
108	include/openssl/*.he	104	include/openssl/*.he
109	apps/*.h	105
110	apps/*.c	106	/apps/*.h
111	apps/openssl	107	/apps/*.c
112	apps/openssl.cnf	108	/apps/openssl
113	!apps/apps_win.c	109	/apps/openssl.cnf
114	!apps/poll_win.c	110	!/apps/apps_win.c
115	!apps/certhash_disabled.c	111	!/apps/poll_win.c
116		112	!/apps/certhash_disabled.c
117	crypto/compat/arc4random.c	113
118	crypto/compat/chacha_private.h	114	/crypto
119	crypto/compat/explicit_bzero.c	115	!/crypto/Makefile.am.*
120	crypto/compat/getentropy_*.c	116	!/crypto/compat/arc4random.h
121	crypto/compat/reallocarray.c	117	!/crypto/compat/b_win.c
122	crypto/compat/strlcat.c	118	!/crypto/compat/bsd_asprintf.c
123	crypto/compat/strlcpy.c	119	!/crypto/compat/ui_openssl_win.c
124	crypto/compat/strndup.c	120
125	crypto/compat/strnlen.c	121	/libtls-standalone/include/*.h
126	crypto/compat/timingsafe_bcmp.c	122	/libtls-standalone/src/*.c
127	crypto/compat/timingsafe_memcmp.c	123	/libtls-standalone/src/*.h
128	crypto/compat/arc4random_*.h	124	/libtls-standalone/src/compat
129		125
130	crypto/aes/
131	crypto/asn1/
132	crypto/bf/
133	crypto/bio/
134	crypto/bn/
135	crypto/buffer/
136	crypto/camellia/
137	crypto/cast/
138	crypto/camellia/
139	crypto/chacha/
140	crypto/cmac/
141	crypto/comp/
142	crypto/conf/
143	crypto/cpt_err.c
144	crypto/cryptlib.c
145	crypto/cryptlib.h
146	crypto/cversion.c
147	crypto/des/
148	crypto/dh/
149	crypto/dsa/
150	crypto/dso/
151	crypto/ec/
152	crypto/ecdh/
153	crypto/ecdsa/
154	crypto/engine/
155	crypto/err/
156	crypto/evp/
157	crypto/ex_data.c
158	crypto/gost/
159	crypto/hmac/
160	crypto/idea/
161	crypto/krb5/
162	crypto/lhash/
163	crypto/malloc-wrapper.c
164	crypto/md32_common.h
165	crypto/md4/
166	crypto/md5/
167	crypto/mdc2/
168	crypto/mem_clr.c
169	crypto/mem_dbg.c
170	crypto/modes/
171	crypto/o_init.c
172	crypto/o_str.c
173	crypto/o_time.c
174	crypto/o_time.h
175	crypto/objects
176	crypto/ocsp/
177	crypto/pem/
178	crypto/pkcs12/
179	crypto/pkcs7/
180	crypto/poly1305/
181	crypto/pqueue/
182	crypto/rand/
183	crypto/rc2/
184	crypto/rc4/
185	crypto/ripemd/
186	crypto/rsa/
187	crypto/sha/
188	crypto/stack/
189	crypto/ts/
190	crypto/txt_db/
191	crypto/ui/
192	crypto/whrlpool/
193	crypto/x509/
194	crypto/x509v3/
195	openbsd/	126	openbsd/
		127
196	*.tar.gz	128	*.tar.gz
197	apps/.1	129	apps/.1
198	man/*.3	130	man/*.3
199	man/*.1	131	man/*.1
200	man/Makefile.am	132	man/Makefile.am
201	.gitmodules
202	COPYING


diff --git a/libtls-standalone/AUTHORS b/libtls-standalone/AUTHORS new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/libtls-standalone/AUTHORS


diff --git a/libtls-standalone/ChangeLog b/libtls-standalone/ChangeLog new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/libtls-standalone/ChangeLog


diff --git a/libtls-standalone/Makefile.am b/libtls-standalone/Makefile.am new file mode 100644 index 0000000..8881d8c --- /dev/null +++ b/libtls-standalone/Makefile.am
@@ -0,0 +1,7 @@
		1	SUBDIRS = include src
		2	ACLOCAL_AMFLAGS = -I m4
		3
		4	pkgconfigdir = $(libdir)/pkgconfig
		5	pkgconfig_DATA = libtls.pc
		6
		7	EXTRA_DIST = README VERSION


diff --git a/libtls-standalone/NEWS b/libtls-standalone/NEWS new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/libtls-standalone/NEWS


diff --git a/libtls-standalone/README b/libtls-standalone/README new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/libtls-standalone/README


diff --git a/libtls-standalone/VERSION b/libtls-standalone/VERSION new file mode 100644 index 0000000..81ece01 --- /dev/null +++ b/libtls-standalone/VERSION
@@ -0,0 +1 @@
			3:1:0


diff --git a/libtls-standalone/configure.ac b/libtls-standalone/configure.ac new file mode 100644 index 0000000..babb266 --- /dev/null +++ b/libtls-standalone/configure.ac
@@ -0,0 +1,254 @@
		1	AC_INIT([libtls], m4_esyscmd([tr -d '\n' < VERSION]))
		2
		3	AC_CANONICAL_HOST
		4	AM_INIT_AUTOMAKE([subdir-objects])
		5	AC_CONFIG_MACRO_DIR([m4])
		6
		7	m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
		8
		9	# This must be called before AC_PROG_CC
		10	USER_CFLAGS="$CFLAGS"
		11
		12	AC_PROG_CC
		13	AC_PROG_CC_STDC
		14	AM_PROG_CC_C_O
		15	AC_PROG_LIBTOOL
		16	LT_INIT
		17
		18	CFLAGS="$CFLAGS -Wall -std=gnu99"
		19
		20	case $host_os in
		21	aix)
		22	HOST_OS=aix
		23	if test "`echo $CC \| cut -d ' ' -f 1`" != "gcc" ; then
		24	CFLAGS="$USER_CFLAGS"
		25	fi
		26	;;
		27	cygwin)
		28	HOST_OS=cygwin
		29	;;
		30	darwin)
		31	HOST_OS=darwin
		32	HOST_ABI=macosx
		33	;;
		34	freebsd)
		35	HOST_OS=freebsd
		36	HOST_ABI=elf
		37	;;
		38	hpux)
		39	HOST_OS=hpux;
		40	if test "`echo $CC \| cut -d ' ' -f 1`" = "gcc" ; then
		41	CFLAGS="$CFLAGS -mlp64"
		42	else
		43	CFLAGS="-g -O2 +DD64 $USER_CFLAGS"
		44	fi
		45	CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT"
		46	AC_SUBST([PLATFORM_LDADD], ['-lpthread'])
		47	;;
		48	linux)
		49	HOST_OS=linux
		50	HOST_ABI=elf
		51	CPPFLAGS="$CPPFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
		52	;;
		53	netbsd)
		54	HOST_OS=netbsd
		55	CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
		56	;;
		57	openbsd)
		58	HOST_ABI=elf
		59	AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
		60	;;
		61	mingw)
		62	HOST_OS=win
		63	CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D__USE_MINGW_ANSI_STDIO"
		64	CPPFLAGS="$CPPFLAGS -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS"
		65	CPPFLAGS="$CPPFLAGS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600"
		66	CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG"
		67	CFLAGS="$CFLAGS -static-libgcc"
		68	LDFLAGS="$LDFLAGS -static-libgcc"
		69	AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
		70	;;
		71	solaris)
		72	HOST_OS=solaris
		73	HOST_ABI=elf
		74	CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
		75	AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket'])
		76	;;
		77	*) ;;
		78	esac
		79
		80	AM_CONDITIONAL([HOST_AIX], [test x$HOST_OS = xaix])
		81	AM_CONDITIONAL([HOST_CYGWIN], [test x$HOST_OS = xcygwin])
		82	AM_CONDITIONAL([HOST_DARWIN], [test x$HOST_OS = xdarwin])
		83	AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd])
		84	AM_CONDITIONAL([HOST_HPUX], [test x$HOST_OS = xhpux])
		85	AM_CONDITIONAL([HOST_LINUX], [test x$HOST_OS = xlinux])
		86	AM_CONDITIONAL([HOST_NETBSD], [test x$HOST_OS = xnetbsd])
		87	AM_CONDITIONAL([HOST_SOLARIS], [test x$HOST_OS = xsolaris])
		88	AM_CONDITIONAL([HOST_WIN], [test x$HOST_OS = xwin])
		89
		90	AC_MSG_CHECKING([if compiling with clang])
		91	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
		92	#ifndef __clang__
		93	not clang
		94	#endif
		95	]])],
		96	[CLANG=yes],
		97	[CLANG=no]
		98	)
		99	AC_MSG_RESULT([$CLANG])
		100	AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Qunused-arguments])
		101
		102	CFLAGS="$CFLAGS $CLANG_FLAGS"
		103	LDFLAGS="$LDFLAGS $CLANG_FLAGS"
		104
		105	# We want to check for compiler flag support. Prior to clang v5.1, there was no
		106	# way to make clang's "argument unused" warning fatal. So we invoke the
		107	# compiler through a wrapper script that greps for this message.
		108	saved_CC="$CC"
		109	saved_LD="$LD"
		110	flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
		111	CC="$flag_wrap $CC"
		112	LD="$flag_wrap $LD"
		113
		114	AC_ARG_ENABLE([hardening],
		115	[AS_HELP_STRING([--disable-hardening],
		116	[Disable options to frustrate memory corruption exploits])],
		117	[], [enable_hardening=yes])
		118
		119	AC_ARG_ENABLE([windows-ssp],
		120	[AS_HELP_STRING([--enable-windows-ssp],
		121	[Enable building the stack smashing protection on
		122	Windows. This currently distributing libssp-0.dll.])])
		123
		124	AC_DEFUN([CHECK_CFLAG], [
		125	AC_LANG_ASSERT(C)
		126	AC_MSG_CHECKING([if $saved_CC supports "$1"])
		127	old_cflags="$CFLAGS"
		128	CFLAGS="$1 -Wall -Werror"
		129	AC_TRY_LINK([
		130	#include <stdio.h>
		131	],
		132	[printf("Hello")],
		133	AC_MSG_RESULT([yes])
		134	CFLAGS=$old_cflags
		135	HARDEN_CFLAGS="$HARDEN_CFLAGS $1",
		136	AC_MSG_RESULT([no])
		137	CFLAGS=$old_cflags
		138	[$2])
		139	])
		140
		141	AC_DEFUN([CHECK_LDFLAG], [
		142	AC_LANG_ASSERT(C)
		143	AC_MSG_CHECKING([if $saved_LD supports "$1"])
		144	old_ldflags="$LDFLAGS"
		145	LDFLAGS="$1 -Wall -Werror"
		146	AC_TRY_LINK([
		147	#include <stdio.h>
		148	],
		149	[printf("Hello")],
		150	AC_MSG_RESULT([yes])
		151	LDFLAGS=$old_ldflags
		152	HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1",
		153	AC_MSG_RESULT([no])
		154	LDFLAGS=$old_ldflags
		155	[$2])
		156	])
		157
		158	AS_IF([test "x$enable_hardening" = "xyes"], [
		159	# Tell GCC to NOT optimize based on signed arithmetic overflow
		160	CHECK_CFLAG([[-fno-strict-overflow]])
		161
		162	# _FORTIFY_SOURCE replaces builtin functions with safer versions.
		163	CHECK_CFLAG([[-D_FORTIFY_SOURCE=2]])
		164
		165	# Enable read only relocations
		166	CHECK_LDFLAG([[-Wl,-z,relro]])
		167	CHECK_LDFLAG([[-Wl,-z,now]])
		168
		169	# Windows security flags
		170	AS_IF([test "x$HOST_OS" = "xwin"], [
		171	CHECK_LDFLAG([[-Wl,--nxcompat]])
		172	CHECK_LDFLAG([[-Wl,--dynamicbase]])
		173	CHECK_LDFLAG([[-Wl,--high-entropy-va]])
		174	])
		175
		176	# Use stack-protector-strong if available; if not, fallback to
		177	# stack-protector-all which is considered to be overkill
		178	AS_IF([test "x$enable_windows_ssp" = "xyes" -o "x$HOST_OS" != "xwin"], [
		179	CHECK_CFLAG([[-fstack-protector-strong]],
		180	CHECK_CFLAG([[-fstack-protector-all]],
		181	AC_MSG_WARN([compiler does not appear to support stack protection])
		182	)
		183	)
		184	AS_IF([test "x$HOST_OS" = "xwin"], [
		185	AC_SEARCH_LIBS([__stack_chk_guard],[ssp])
		186	])
		187	])
		188	])
		189
		190
		191	# Restore CC, LD
		192	CC="$saved_CC"
		193	LD="$saved_LD"
		194
		195	CFLAGS="$CFLAGS $HARDEN_CFLAGS"
		196	LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
		197
		198	# Removing the dependency on -Wno-pointer-sign should be a goal
		199	save_cflags="$CFLAGS"
		200	CFLAGS=-Wno-pointer-sign
		201	AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])
		202	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
		203	[AC_MSG_RESULT([yes])]
		204	[AM_CFLAGS=-Wno-pointer-sign],
		205	[AC_MSG_RESULT([no])]
		206	)
		207	CFLAGS="$save_cflags $AM_CFLAGS"
		208
		209	save_cflags="$CFLAGS"
		210	CFLAGS=
		211	AC_MSG_CHECKING([whether AS supports .note.GNU-stack])
		212	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
		213	__asm__(".section .note.GNU-stack,\"\",@progbits");]])],
		214	[AC_MSG_RESULT([yes])]
		215	[AM_CFLAGS=-DHAVE_GNU_STACK],
		216	[AC_MSG_RESULT([no])]
		217	)
		218	CFLAGS="$save_cflags $AM_CFLAGS"
		219	AM_PROG_AS
		220
		221	AC_CHECK_FUNCS([explicit_bzero strsep])
		222	AM_CONDITIONAL([HAVE_EXPLICIT_BZERO], [test "x$ac_cv_func_explicit_bzero" = xyes])
		223	AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes])
		224
		225	#AC_CHECK_FUNCS([arc4random_buf asprintf explicit_bzero funopen getauxval])
		226	#AC_CHECK_FUNCS([getentropy memmem poll reallocarray])
		227	#AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strtonum])
		228	#AC_CHECK_FUNCS([symlink])
		229	#AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
		230	#
		231	## Share test results with automake
		232	#AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])
		233	#AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes])
		234	#AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = xyes])
		235	#AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes])
		236	#AM_CONDITIONAL([HAVE_POLL], [test "x$ac_cv_func_poll" = xyes])
		237	#AM_CONDITIONAL([HAVE_REALLOCARRAY], [test "x$ac_cv_func_reallocarray" = xyes])
		238	#AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes])
		239	#AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes])
		240	#AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes])
		241	#AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
		242	#AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
		243	#AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
		244	#AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
		245	#AM_CONDITIONAL([BUILD_CERTHASH], [test "x$ac_cv_func_symlink" = xyes])
		246
		247	AC_CONFIG_FILES([
		248	Makefile
		249	include/Makefile
		250	src/Makefile
		251	libtls.pc
		252	])
		253
		254	AC_OUTPUT


diff --git a/libtls-standalone/include/Makefile.am b/libtls-standalone/include/Makefile.am new file mode 100644 index 0000000..7fbefdc --- /dev/null +++ b/libtls-standalone/include/Makefile.am
@@ -0,0 +1,27 @@
		1	#noinst_HEADERS = err.h
		2	#noinst_HEADERS += netdb.h
		3	#noinst_HEADERS += poll.h
		4	#noinst_HEADERS += pqueue.h
		5	#noinst_HEADERS += stdio.h
		6	#noinst_HEADERS += stdlib.h
		7	#noinst_HEADERS += string.h
		8	#noinst_HEADERS += syslog.h
		9	#noinst_HEADERS += unistd.h
		10	#noinst_HEADERS += win32netcompat.h
		11	#
		12	#noinst_HEADERS += arpa/inet.h
		13	#
		14	#noinst_HEADERS += machine/endian.h
		15	#
		16	#noinst_HEADERS += netinet/in.h
		17	#noinst_HEADERS += netinet/tcp.h
		18	#
		19	#noinst_HEADERS += sys/ioctl.h
		20	#noinst_HEADERS += sys/mman.h
		21	#noinst_HEADERS += sys/select.h
		22	#noinst_HEADERS += sys/socket.h
		23	#noinst_HEADERS += sys/times.h
		24	#noinst_HEADERS += sys/types.h
		25	#noinst_HEADERS += sys/uio.h
		26
		27	include_HEADERS = tls.h


diff --git a/libtls-standalone/include/string.h b/libtls-standalone/include/string.h new file mode 100644 index 0000000..c42fcba --- /dev/null +++ b/libtls-standalone/include/string.h
@@ -0,0 +1,28 @@
		1	/*
		2	* Public domain
		3	* string.h compatibility shim
		4	*/
		5
		6	#include_next <string.h>
		7
		8	#ifndef LIBCRYPTOCOMPAT_STRING_H
		9	#define LIBCRYPTOCOMPAT_STRING_H
		10
		11	#include <sys/types.h>
		12
		13	#if defined(__sun) \|\| defined(__hpux)
		14	/* Some functions historically defined in string.h were placed in strings.h by
		15	* SUS. Use the same hack as OS X and FreeBSD use to work around on Solaris and HPUX.
		16	*/
		17	#include <strings.h>
		18	#endif
		19
		20	#ifndef HAVE_EXPLICIT_BZERO
		21	void explicit_bzero(void *, size_t);
		22	#endif
		23
		24	#ifndef HAVE_STRSEP
		25	char strsep(char stringp, const char delim);
		26	#endif
		27
		28	#endif


diff --git a/libtls-standalone/libtls.pc.in b/libtls-standalone/libtls.pc.in new file mode 100644 index 0000000..64d7457 --- /dev/null +++ b/libtls-standalone/libtls.pc.in
@@ -0,0 +1,16 @@
		1	#libtls pkg-config source file
		2
		3	prefix=@prefix@
		4	exec_prefix=@exec_prefix@
		5	libdir=@libdir@
		6	includedir=@includedir@
		7
		8	Name: LibreSSL-libtls
		9	Description: Secure communications using the TLS socket protocol.
		10	Version: @LIBTLS_VERSION@
		11	Requires:
		12	Requires.private: libcrypto libssl
		13	Conflicts:
		14	Libs: -L${libdir} -ltls
		15	Libs.private: @LIBS@ -lcrypto -lssl
		16	Cflags: -I${includedir}


diff --git a/libtls-standalone/src/Makefile.am b/libtls-standalone/src/Makefile.am new file mode 100644 index 0000000..d5bcc49 --- /dev/null +++ b/libtls-standalone/src/Makefile.am
@@ -0,0 +1,18 @@
		1	AM_CFLAGS = -I$(top_srcdir)/include
		2
		3	lib_LTLIBRARIES = libtls.la
		4
		5	libtls_la_LDFLAGS = -no-undefined
		6	libtls_la_LIBADD = -lcrypto -lssl $(PLATFORM_LDADD)
		7
		8	libtls_la_SOURCES = tls.c
		9	libtls_la_SOURCES += tls_client.c
		10	libtls_la_SOURCES += tls_config.c
		11	libtls_la_SOURCES += tls_server.c
		12	libtls_la_SOURCES += tls_util.c
		13	libtls_la_SOURCES += tls_verify.c
		14	noinst_HEADERS = tls_internal.h
		15
		16	if !HAVE_STRSEP
		17	libtls_la_SOURCES += strsep.c
		18	endif


diff --git a/tls/Makefile.am b/tls/Makefile.am index e8c4713..d5bcc49 100644 --- a/tls/Makefile.am +++ b/tls/Makefile.am
@@ -1,11 +1,9 @@
1	include $(top_srcdir)/Makefile.am.common	1	AM_CFLAGS = -I$(top_srcdir)/include
2		2
3	lib_LTLIBRARIES = libtls.la	3	lib_LTLIBRARIES = libtls.la
4		4
5	EXTRA_DIST = VERSION	5	libtls_la_LDFLAGS = -no-undefined
6		6	libtls_la_LIBADD = -lcrypto -lssl $(PLATFORM_LDADD)
7	libtls_la_LDFLAGS = -version-info @LIBTLS_VERSION@ -no-undefined
8	libtls_la_LIBADD = ../crypto/libcrypto.la ../ssl/libssl.la $(PLATFORM_LDADD)
9		7
10	libtls_la_SOURCES = tls.c	8	libtls_la_SOURCES = tls.c
11	libtls_la_SOURCES += tls_client.c	9	libtls_la_SOURCES += tls_client.c


diff --git a/update.sh b/update.sh index 7863b18..d2e74c7 100755 --- a/update.sh +++ b/update.sh
@@ -43,6 +43,7 @@ source $libtls_src/shlib_version
43	libtls_version=$major:$minor:0	43	libtls_version=$major:$minor:0
44	echo "libtls version $libtls_version"	44	echo "libtls version $libtls_version"
45	echo $libtls_version > tls/VERSION	45	echo $libtls_version > tls/VERSION
		46	echo $libtls_version > libtls-standalone/VERSION
46		47
47	do_mv() {	48	do_mv() {
48	if ! cmp -s "$1" "$2"	49	if ! cmp -s "$1" "$2"
@@ -62,6 +63,7 @@ $CP $libssl_src/src/crypto/opensslfeatures.h include/openssl
62	$CP $libssl_src/src/e_os2.h include/openssl	63	$CP $libssl_src/src/e_os2.h include/openssl
63	$CP $libssl_src/src/ssl/pqueue.h include	64	$CP $libssl_src/src/ssl/pqueue.h include
64	$CP $libtls_src/tls.h include	65	$CP $libtls_src/tls.h include
		66	$CP $libtls_src/tls.h libtls-standalone/include
65		67
66	for i in explicit_bzero.c strlcpy.c strlcat.c strndup.c strnlen.c \	68	for i in explicit_bzero.c strlcpy.c strlcat.c strndup.c strnlen.c \
67	timingsafe_bcmp.c timingsafe_memcmp.c; do	69	timingsafe_bcmp.c timingsafe_memcmp.c; do
@@ -73,6 +75,9 @@ $CP $libc_src/crypt/chacha_private.h crypto/compat
73	$CP $libcrypto_src/crypto/getentropy_*.c crypto/compat	75	$CP $libcrypto_src/crypto/getentropy_*.c crypto/compat
74	$CP $libcrypto_src/crypto/arc4random_*.h crypto/compat	76	$CP $libcrypto_src/crypto/arc4random_*.h crypto/compat
75		77
		78	$CP $libcrypto_src/crypto/getentropy_*.c libtls-standalone/src/compat
		79	$CP $libcrypto_src/crypto/arc4random_*.h libtls-standalone/src/compat
		80
76	(cd $libssl_src/src/crypto/objects/;	81	(cd $libssl_src/src/crypto/objects/;
77	perl objects.pl objects.txt obj_mac.num obj_mac.h;	82	perl objects.pl objects.txt obj_mac.num obj_mac.h;
78	perl obj_dat.pl obj_mac.h obj_dat.h )	83	perl obj_dat.pl obj_mac.h obj_dat.h )
@@ -166,14 +171,15 @@ done
166		171
167	# copy libtls source	172	# copy libtls source
168	echo copying libtls source	173	echo copying libtls source
169	rm -f tls/.c tls/.h	174	rm -f tls/.c tls/.h libtls/src/.c libtls/src/.h
170	for i in `awk '/SOURCES\|HEADERS/ { print $3 }' tls/Makefile.am` ; do	175	for i in `awk '/SOURCES\|HEADERS/ { print $3 }' tls/Makefile.am` ; do
171	if [ -e $libtls_src/$i ]; then	176	if [ -e $libtls_src/$i ]; then
172	$CP $libtls_src/$i tls	177	$CP $libtls_src/$i tls
173	else	178	$CP $libtls_src/$i libtls-standalone/src
174	$CP $libc_src/string/$i tls
175	fi	179	fi
176	done	180	done
		181	$CP $libc_src/string/strsep.c tls
		182	$CP $libc_src/string/strsep.c libtls-standalone/src/compat
177		183
178	# copy openssl(1) source	184	# copy openssl(1) source
179	echo "copying openssl(1) source"	185	echo "copying openssl(1) source"