From b3270494f043104b7d63d5b30f47464b5bf253db Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Thu, 4 Dec 2014 22:37:22 -0600 Subject: add support for building libtls Use './configure --enable-libtls' to build the library and install the associated manpages. Note that the API and ABI of this library may change still, though feedback is welcome. ok deraadt@ jsing@ tedu@ --- .gitignore | 4 ++++ Makefile.am | 6 +++++- configure.ac | 8 +++++++- include/Makefile.am | 6 ++++++ libtls.pc.in | 16 ++++++++++++++++ man/Makefile.am.tpl | 1 - man/links | 30 +++++++++++++++++++++++++++++- tls/Makefile.am.tpl | 10 ++++++++++ update.sh | 49 +++++++++++++++++++++++++++++++++++++++++-------- 9 files changed, 118 insertions(+), 12 deletions(-) create mode 100644 libtls.pc.in create mode 100644 tls/Makefile.am.tpl diff --git a/.gitignore b/.gitignore index cbeb21e..28ec955 100644 --- a/.gitignore +++ b/.gitignore @@ -87,12 +87,16 @@ INSTALL crypto/Makefile.am include/openssl/Makefile.am ssl/Makefile.am +tls/Makefile.am apps/Makefile.am tests/Makefile.am ssl/*.c ssl/*.h +tls/*.c +tls/*.h include/pqueue.h +include/tls.h include/openssl/*.h include/openssl/*.he apps/*.c diff --git a/Makefile.am b/Makefile.am index 12d8be7..a9cd1ac 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,11 @@ -SUBDIRS = crypto ssl include apps tests man +SUBDIRS = crypto ssl tls include apps tests man ACLOCAL_AMFLAGS = -I m4 pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libcrypto.pc libssl.pc openssl.pc +if ENABLE_LIBTLS +pkgconfig_DATA += libtls.pc +endif + EXTRA_DIST = VERSION diff --git a/configure.ac b/configure.ac index b434190..491e4b8 100644 --- a/configure.ac +++ b/configure.ac @@ -143,14 +143,20 @@ AC_ARG_ENABLE([asm], AS_HELP_STRING([--disable-asm], [Disable assembly])) AS_IF([test "x$enable_asm" = "xno"], [CFLAGS="$CFLAGS -DOPENSSL_NO_ASM"]) +AC_ARG_ENABLE([libtls], + AS_HELP_STRING([--enable-libtls], [Enable building the libtls library])) +AM_CONDITIONAL([ENABLE_LIBTLS], [test "x$enable_libtls" = xyes]) +AM_COND_IF([ENABLE_LIBTLS], [AC_CONFIG_FILES([libtls.pc])]) + LT_INIT AC_CONFIG_FILES([ Makefile include/Makefile include/openssl/Makefile - ssl/Makefile crypto/Makefile + ssl/Makefile + tls/Makefile tests/Makefile apps/Makefile man/Makefile diff --git a/include/Makefile.am b/include/Makefile.am index 543713e..ad06032 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -1,3 +1,5 @@ +include $(top_srcdir)/Makefile.am.common + SUBDIRS = openssl noinst_HEADERS = err.h @@ -24,3 +26,7 @@ noinst_HEADERS += sys/select.h noinst_HEADERS += sys/socket.h noinst_HEADERS += sys/times.h noinst_HEADERS += sys/types.h + +if ENABLE_LIBTLS +include_HEADERS = tls.h +endif diff --git a/libtls.pc.in b/libtls.pc.in new file mode 100644 index 0000000..19e6b32 --- /dev/null +++ b/libtls.pc.in @@ -0,0 +1,16 @@ +#libtls pkg-config source file + +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: LibreSSL-libtls +Description: Secure communications using the TLS socket protocol. +Version: @VERSION@ +Requires: +Requires.private: libcrypto libssl +Conflicts: +Libs: -L${libdir} -ltls +Libs.private: @LIBS@ -lcrypto -lssl +Cflags: -I${includedir} diff --git a/man/Makefile.am.tpl b/man/Makefile.am.tpl index 0078a64..4e562a0 100644 --- a/man/Makefile.am.tpl +++ b/man/Makefile.am.tpl @@ -1,3 +1,2 @@ include $(top_srcdir)/Makefile.am.common dist_man_MANS= - diff --git a/man/links b/man/links index bb48556..92ae1dd 100644 --- a/man/links +++ b/man/links @@ -1,4 +1,32 @@ -MLINKS="ASN1_OBJECT_new.3,ASN1_OBJECT_free.3 \ +TLS_MLINKS="tls_init.3,tls_config_new.3 + tls_init.3,tls_config_free.3 + tls_init.3,tls_config_set_ca_file.3 + tls_init.3,tls_config_set_ca_path.3 + tls_init.3,tls_config_set_cert_file.3 + tls_init.3,tls_config_set_cert_mem.3 + tls_init.3,tls_config_set_ciphers.3 + tls_init.3,tls_config_set_ecdhcurve.3 + tls_init.3,tls_config_set_key_file.3 + tls_init.3,tls_config_set_key_mem.3 + tls_init.3,tls_config_set_protocols.3 + tls_init.3,tls_config_set_verify_depth.3 + tls_init.3,tls_config_clear_keys.3 + tls_init.3,tls_config_insecure_noverifyhost.3 + tls_init.3,tls_config_insecure_noverifycert.3 + tls_init.3,tls_config_verify.3 + tls_init.3,tls_client.3 + tls_init.3,tls_server.3 + tls_init.3,tls_configure.3 + tls_init.3,tls_error.3 + tls_init.3,tls_reset.3 + tls_init.3,tls_free.3 + tls_init.3,tls_close.3 + tls_init.3,tls_connect.3 + tls_init.3,tls_connect_socket.3 + tls_init.3,tls_read.3 + tls_init.3,tls_write.3" + +SSL_MLINKS="ASN1_OBJECT_new.3,ASN1_OBJECT_free.3 \ ASN1_STRING_length.3,ASN1_STRING_cmp.3 \ ASN1_STRING_length.3,ASN1_STRING_data.3 \ ASN1_STRING_length.3,ASN1_STRING_dup.3 \ diff --git a/tls/Makefile.am.tpl b/tls/Makefile.am.tpl new file mode 100644 index 0000000..7c4bf5c --- /dev/null +++ b/tls/Makefile.am.tpl @@ -0,0 +1,10 @@ +include $(top_srcdir)/Makefile.am.common + +lib_LTLIBRARIES = libtls.la + +libtls_la_LDFLAGS = -version-info libtls-version + +libtls_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS) +libtls_la_SOURCES = +noinst_HEADERS = + diff --git a/update.sh b/update.sh index 14823f5..bb651a4 100755 --- a/update.sh +++ b/update.sh @@ -16,21 +16,26 @@ fi git pull --rebase) dir=`pwd` -libssl_src=$dir/openbsd/src/lib/libssl -libssl_regress=$dir/openbsd/src/regress/lib/libssl libc_src=$dir/openbsd/src/lib/libc libc_regress=$dir/openbsd/src/regress/lib/libc libcrypto_src=$dir/openbsd/src/lib/libcrypto -openssl_cmd_src=$dir/openbsd/src/usr.bin/openssl libcrypto_regress=$dir/openbsd/src/regress/lib/libcrypto +libssl_src=$dir/openbsd/src/lib/libssl +libssl_regress=$dir/openbsd/src/regress/lib/libssl +libtls_src=$dir/openbsd/src/lib/libtls +openssl_cmd_src=$dir/openbsd/src/usr.bin/openssl + +source $libcrypto_src/crypto/shlib_version +libcrypto_version=$major:$minor:0 +echo "libcrypto version $libcrypto_version" source $libssl_src/ssl/shlib_version libssl_version=$major:$minor:0 -echo libssl version $libssl_version +echo "libssl version $libssl_version" -source $libcrypto_src/crypto/shlib_version -libcrypto_version=$major:$minor:0 -echo libcrypto version $libcrypto_version +source $libtls_src/shlib_version +libtls_version=$major:$minor:0 +echo "libtls version $libtls_version" CP='cp -p' @@ -63,6 +68,7 @@ $CP $libcrypto_src/crypto/arch/amd64/opensslconf.h include/openssl $CP $libssl_src/src/crypto/opensslfeatures.h include/openssl $CP $libssl_src/src/e_os2.h include/openssl $CP $libssl_src/src/ssl/pqueue.h include +$CP $libtls_src/tls.h include for i in explicit_bzero.c strlcpy.c strlcat.c strndup.c strnlen.c \ timingsafe_bcmp.c timingsafe_memcmp.c; do @@ -386,6 +392,23 @@ echo "EXTRA_DIST += testssl ca.pem server.pem" >> tests/Makefile.am done ) +rm -f tls/*.c tls/*.h +for i in tls_internal.h tls.c tls_server.c tls_client.c tls_util.c \ + tls_config.c tls_verify.c; do + cp $libtls_src/$i tls +done +(cd tls + sed -e "s/libtls-version/${libtls_version}/" Makefile.am.tpl > Makefile.am + echo "if ENABLE_LIBTLS" >> Makefile.am + for i in `ls -1 *.c|sort`; do + echo "libtls_la_SOURCES += $i" >> Makefile.am + done + for i in `ls -1 *.h|sort`; do + echo "noinst_HEADERS += $i" >> Makefile.am + done + echo "endif" >> Makefile.am +) + # do not directly compile C files that are included in other C files crypto_excludes=( des/ncbc_enc.c @@ -478,6 +501,10 @@ apps_win32_only=( done $CP $openssl_cmd_src/openssl.1 . echo "dist_man_MANS += openssl.1" >> Makefile.am + $CP $libtls_src/tls_init.3 . + echo "if ENABLE_LIBTLS" >> Makefile.am + echo "dist_man_MANS += tls_init.3" >> Makefile.am + echo "endif" >> Makefile.am # convert remaining POD manpages for i in `ls -1 $libssl_src/src/doc/crypto/*.pod | sort`; do @@ -494,8 +521,14 @@ apps_win32_only=( echo "install-data-hook:" >> Makefile.am source ./links - for i in $MLINKS; do + for i in $SSL_MLINKS; do + IFS=","; set $i; unset IFS + echo " ln -f \$(DESTDIR)\$(mandir)/man3/$1 \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am + done + echo "if ENABLE_LIBTLS" >> Makefile.am + for i in $TLS_MLINKS; do IFS=","; set $i; unset IFS echo " ln -f \$(DESTDIR)\$(mandir)/man3/$1 \$(DESTDIR)\$(mandir)/man3/$2" >> Makefile.am done + echo "endif" >> Makefile.am ) -- cgit v1.2.3-55-g6feb