Mercurial > urweb
changeset 1368:b2bc8bcd546f
Switch from libmhash to OpenSSL
author | Adam Chlipala <adam@chlipala.net> |
---|---|
date | Sun, 26 Dec 2010 11:13:37 -0500 |
parents | 8301ee4ab58c |
children | 1a78ca089bd0 |
files | Makefile.in aclocal.m4 configure configure.ac doc/manual.tex m4/ax_check_openssl.m4 src/c/Makefile.am src/c/Makefile.in src/c/mhash.c src/c/openssl.c src/compiler.sml src/config.sig src/config.sml.in |
diffstat | 13 files changed, 385 insertions(+), 193 deletions(-) [+] |
line wrap: on
line diff
--- a/Makefile.in Sat Dec 25 08:58:25 2010 -0500 +++ b/Makefile.in Sun Dec 26 11:13:37 2010 -0500 @@ -39,10 +39,10 @@ $(top_srcdir)/configure $(top_srcdir)/src/config.sml.in \ config.guess config.sub depcomp install-sh ltmain.sh missing ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ - $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ - $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/configure.ac +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_openssl.m4 \ + $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ + $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ + $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ @@ -146,7 +146,6 @@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MHASH_LIB_DIR = @MHASH_LIB_DIR@ MKDIR_P = @MKDIR_P@ MLLEX = @MLLEX@ MLTON := mlton @@ -155,6 +154,9 @@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OPENSSL_INCLUDES = @OPENSSL_INCLUDES@ +OPENSSL_LDFLAGS = @OPENSSL_LDFLAGS@ +OPENSSL_LIBS = @OPENSSL_LIBS@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ @@ -165,6 +167,7 @@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ SED = @SED@ SET_MAKE = @SET_MAKE@
--- a/aclocal.m4 Sat Dec 25 08:58:25 2010 -0500 +++ b/aclocal.m4 Sun Dec 26 11:13:37 2010 -0500 @@ -949,6 +949,7 @@ AC_SUBST([am__untar]) ]) # _AM_PROG_TAR +m4_include([m4/ax_check_openssl.m4]) m4_include([m4/libtool.m4]) m4_include([m4/ltoptions.m4]) m4_include([m4/ltsugar.m4])
--- a/configure Sat Dec 25 08:58:25 2010 -0500 +++ b/configure Sun Dec 26 11:13:37 2010 -0500 @@ -743,7 +743,6 @@ am__EXEEXT_TRUE LTLIBOBJS LIBOBJS -MHASH_LIB_DIR GCCARGS SITELISP INCLUDE @@ -752,6 +751,10 @@ MLYACC MLLEX MLTON +OPENSSL_LDFLAGS +OPENSSL_LIBS +OPENSSL_INCLUDES +PKG_CONFIG OTOOL64 OTOOL LIPO @@ -867,7 +870,7 @@ enable_fast_install with_gnu_ld enable_libtool_lock -with_mhash_dir +with_openssl ' ac_precious_vars='build_alias host_alias @@ -1512,7 +1515,7 @@ --with-pic try to use only PIC/non-PIC objects [default=use both] --with-gnu-ld assume the C compiler uses GNU ld [default=no] - --with-mhash-dir=DIR mhash directory; default = /usr + --with-openssl=DIR root of the OpenSSL directory Some influential environment variables: CC C compiler command @@ -5329,13 +5332,13 @@ else lt_cv_nm_interface="BSD nm" echo "int some_variable = 0;" > conftest.$ac_ext - (eval echo "\"\$as_me:5332: $ac_compile\"" >&5) + (eval echo "\"\$as_me:5335: $ac_compile\"" >&5) (eval "$ac_compile" 2>conftest.err) cat conftest.err >&5 - (eval echo "\"\$as_me:5335: $NM \\\"conftest.$ac_objext\\\"\"" >&5) + (eval echo "\"\$as_me:5338: $NM \\\"conftest.$ac_objext\\\"\"" >&5) (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) cat conftest.err >&5 - (eval echo "\"\$as_me:5338: output\"" >&5) + (eval echo "\"\$as_me:5341: output\"" >&5) cat conftest.out >&5 if $GREP 'External.*some_variable' conftest.out > /dev/null; then lt_cv_nm_interface="MS dumpbin" @@ -6540,7 +6543,7 @@ ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 6543 "configure"' > conftest.$ac_ext + echo '#line 6546 "configure"' > conftest.$ac_ext if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -7802,11 +7805,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:7805: $lt_compile\"" >&5) + (eval echo "\"\$as_me:7808: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:7809: \$? = $ac_status" >&5 + echo "$as_me:7812: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8141,11 +8144,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8144: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8147: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:8148: \$? = $ac_status" >&5 + echo "$as_me:8151: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8246,11 +8249,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8249: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8252: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:8253: \$? = $ac_status" >&5 + echo "$as_me:8256: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -8301,11 +8304,11 @@ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8304: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8307: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:8308: \$? = $ac_status" >&5 + echo "$as_me:8311: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -10685,7 +10688,7 @@ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<_LT_EOF -#line 10688 "configure" +#line 10691 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -10781,7 +10784,7 @@ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<_LT_EOF -#line 10784 "configure" +#line 10787 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -11013,67 +11016,154 @@ -# Check whether --with-mhash-dir was given. -if test "${with_mhash_dir+set}" = set; then : - withval=$with_mhash_dir; with_mhash_dir="$withval" -else - with_mhash_dir="/usr" -fi - - -LIBS_save="$LIBS" -LIBS="-L${with_mhash_dir}/lib/ -lmhash" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for mhash_get_block_size in -lmhash" >&5 -$as_echo_n "checking for mhash_get_block_size in -lmhash... " >&6; } -if test "${ac_cv_lib_mhash_mhash_get_block_size+set}" = set; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lmhash $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext + found=false + +# Check whether --with-openssl was given. +if test "${with_openssl+set}" = set; then : + withval=$with_openssl; + case "$withval" in + "" | y | ye | yes | n | no) + as_fn_error $? "Invalid --with-openssl value" "$LINENO" 5 + ;; + *) ssldirs="$withval" + ;; + esac + +else + + # if pkg-config is installed and openssl has installed a .pc file, + # then use that information and don't search ssldirs + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_path_PKG_CONFIG+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + case $PKG_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PKG_CONFIG=$ac_cv_path_PKG_CONFIG +if test -n "$PKG_CONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5 +$as_echo "$PKG_CONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + if test x"$PKG_CONFIG" != x""; then + OPENSSL_LDFLAGS=`$PKG_CONFIG openssl --libs-only-L 2>/dev/null` + if test $? = 0; then + OPENSSL_LIBS=`$PKG_CONFIG openssl --libs-only-l 2>/dev/null` + OPENSSL_INCLUDES=`$PKG_CONFIG openssl --cflags-only-I 2>/dev/null` + found=true + fi + fi + + # no such luck; use some default ssldirs + if ! $found; then + ssldirs="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr" + fi + + +fi + + + + # note that we #include <openssl/foo.h>, so the OpenSSL headers have to be in + # an 'openssl' subdirectory + + if ! $found; then + OPENSSL_INCLUDES= + for ssldir in $ssldirs; do + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for openssl/ssl.h in $ssldir" >&5 +$as_echo_n "checking for openssl/ssl.h in $ssldir... " >&6; } + if test -f "$ssldir/include/openssl/ssl.h"; then + OPENSSL_INCLUDES="-I$ssldir/include" + OPENSSL_LDFLAGS="-L$ssldir/lib" + OPENSSL_LIBS="-lssl -lcrypto" + found=true + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + break + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + fi + done + + # if the file wasn't found, well, go ahead and try the link anyway -- maybe + # it will just work! + fi + + # try the preprocessor and linker with our new flags, + # being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether compiling and linking against OpenSSL works" >&5 +$as_echo_n "checking whether compiling and linking against OpenSSL works... " >&6; } + echo "Trying link with OPENSSL_LDFLAGS=$OPENSSL_LDFLAGS;" \ + "OPENSSL_LIBS=$OPENSSL_LIBS; OPENSSL_INCLUDES=$OPENSSL_INCLUDES" >&5 + + save_LIBS="$LIBS" + save_LDFLAGS="$LDFLAGS" + save_CPPFLAGS="$CPPFLAGS" + LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS" + LIBS="$OPENSSL_LIBS $LIBS" + CPPFLAGS="$OPENSSL_INCLUDES $CPPFLAGS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char mhash_get_block_size (); +#include <openssl/ssl.h> int main () { -return mhash_get_block_size (); +SSL_new(NULL) ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_mhash_mhash_get_block_size=yes -else - ac_cv_lib_mhash_mhash_get_block_size=no + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + echo >/dev/null + +else + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + echo "You must install OpenSSL development files."; exit1 + fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_mhash_mhash_get_block_size" >&5 -$as_echo "$ac_cv_lib_mhash_mhash_get_block_size" >&6; } -if test "x$ac_cv_lib_mhash_mhash_get_block_size" = x""yes; then : - MHASH_LIB_DIR="${with_mhash_dir}/lib" -else - echo "You must install libmhash."; exit 1 -fi - -LIBS="${LIBS_save}" - -as_ac_Header=`$as_echo "ac_cv_header_"${with_mhash_dir}/include/mhash.h"" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" ""${with_mhash_dir}/include/mhash.h"" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - CPPFLAGS="${CPPFLAGS} -I${with_mhash_dir}/include" -else - echo "You must install libmhash dev files."; exit 1 -fi + CPPFLAGS="$save_CPPFLAGS" + LDFLAGS="$save_LDFLAGS" + LIBS="$save_LIBS" + + + @@ -11232,7 +11322,6 @@ - ac_config_files="$ac_config_files Makefile src/c/Makefile src/config.sml" @@ -13582,6 +13671,5 @@ lib directory: LIB $LIB include directory: INCLUDE $INCLUDE site-lisp directory: SITELISP $SITELISP - mhash lib directory: MHASH_LIB_DIR $MHASH_LIB_DIR Extra GCC args: GCCARGS $GCCARGS EOF
--- a/configure.ac Sat Dec 25 08:58:25 2010 -0500 +++ b/configure.ac Sun Dec 26 11:13:37 2010 -0500 @@ -6,20 +6,7 @@ AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_HEADERS([config.h]) -dnl Setting the search directory for mhash. -AC_ARG_WITH(mhash-dir, AS_HELP_STRING([--with-mhash-dir=DIR], [mhash directory; default = /usr]), - with_mhash_dir="$withval", with_mhash_dir="/usr") - -dnl Check for libmhash -LIBS_save="$LIBS" -LIBS="-L${with_mhash_dir}/lib/ -lmhash" -AC_CHECK_LIB(mhash, mhash_get_block_size, - [MHASH_LIB_DIR="${with_mhash_dir}/lib"], [echo "You must install libmhash."; exit 1]) -LIBS="${LIBS_save}" - -dnl Check for mhash.h -AC_CHECK_HEADER(["${with_mhash_dir}/include/mhash.h"], - [CPPFLAGS="${CPPFLAGS} -I${with_mhash_dir}/include"], [echo "You must install libmhash dev files."; exit 1]) +AX_CHECK_OPENSSL([echo >/dev/null], [echo "You must install OpenSSL development files."; exit1]) AC_CHECK_PROG(MLTON, mlton, yes, []) @@ -67,7 +54,6 @@ AC_SUBST(INCLUDE) AC_SUBST(SITELISP) AC_SUBST(GCCARGS) -AC_SUBST(MHASH_LIB_DIR) AC_CONFIG_FILES([ Makefile @@ -84,6 +70,5 @@ lib directory: LIB $LIB include directory: INCLUDE $INCLUDE site-lisp directory: SITELISP $SITELISP - mhash lib directory: MHASH_LIB_DIR $MHASH_LIB_DIR Extra GCC args: GCCARGS $GCCARGS EOF
--- a/doc/manual.tex Sat Dec 25 08:58:25 2010 -0500 +++ b/doc/manual.tex Sun Dec 26 11:13:37 2010 -0500 @@ -56,9 +56,9 @@ sudo make install \end{verbatim} -Some other packages must be installed for the above to work. At a minimum, you need a standard UNIX shell, with standard UNIX tools like sed and GCC in your execution path; MLton, the whole-program optimizing compiler for Standard ML; and the mhash C library. As of this writing, in the ``testing'' version of Debian Linux, this command will install the more uncommon of these dependencies: +Some other packages must be installed for the above to work. At a minimum, you need a standard UNIX shell, with standard UNIX tools like sed and GCC in your execution path; MLton, the whole-program optimizing compiler for Standard ML; and the development files for the OpenSSL C library. As of this writing, in the ``testing'' version of Debian Linux, this command will install the more uncommon of these dependencies: \begin{verbatim} -apt-get install mlton libmhash-dev +apt-get install mlton libssl-dev \end{verbatim} To build programs that access SQL databases, you also need one of these client libraries for supported backends.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/ax_check_openssl.m4 Sun Dec 26 11:13:37 2010 -0500 @@ -0,0 +1,124 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_check_openssl.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_OPENSSL([action-if-found[, action-if-not-found]]) +# +# DESCRIPTION +# +# Look for OpenSSL in a number of default spots, or in a user-selected +# spot (via --with-openssl). Sets +# +# OPENSSL_INCLUDES to the include directives required +# OPENSSL_LIBS to the -l directives required +# OPENSSL_LDFLAGS to the -L or -R flags required +# +# and calls ACTION-IF-FOUND or ACTION-IF-NOT-FOUND appropriately +# +# This macro sets OPENSSL_INCLUDES such that source files should use the +# openssl/ directory in include directives: +# +# #include <openssl/hmac.h> +# +# LICENSE +# +# Copyright (c) 2009,2010 Zmanda Inc. <http://www.zmanda.com/> +# Copyright (c) 2009,2010 Dustin J. Mitchell <dustin@zmanda.com> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 7 + +AU_ALIAS([CHECK_SSL], [AX_CHECK_OPENSSL]) +AC_DEFUN([AX_CHECK_OPENSSL], [ + found=false + AC_ARG_WITH(openssl, + AS_HELP_STRING([--with-openssl=DIR], + [root of the OpenSSL directory]), + [ + case "$withval" in + "" | y | ye | yes | n | no) + AC_MSG_ERROR([Invalid --with-openssl value]) + ;; + *) ssldirs="$withval" + ;; + esac + ], [ + # if pkg-config is installed and openssl has installed a .pc file, + # then use that information and don't search ssldirs + AC_PATH_PROG(PKG_CONFIG, pkg-config) + if test x"$PKG_CONFIG" != x""; then + OPENSSL_LDFLAGS=`$PKG_CONFIG openssl --libs-only-L 2>/dev/null` + if test $? = 0; then + OPENSSL_LIBS=`$PKG_CONFIG openssl --libs-only-l 2>/dev/null` + OPENSSL_INCLUDES=`$PKG_CONFIG openssl --cflags-only-I 2>/dev/null` + found=true + fi + fi + + # no such luck; use some default ssldirs + if ! $found; then + ssldirs="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr" + fi + ] + ) + + + # note that we #include <openssl/foo.h>, so the OpenSSL headers have to be in + # an 'openssl' subdirectory + + if ! $found; then + OPENSSL_INCLUDES= + for ssldir in $ssldirs; do + AC_MSG_CHECKING([for openssl/ssl.h in $ssldir]) + if test -f "$ssldir/include/openssl/ssl.h"; then + OPENSSL_INCLUDES="-I$ssldir/include" + OPENSSL_LDFLAGS="-L$ssldir/lib" + OPENSSL_LIBS="-lssl -lcrypto" + found=true + AC_MSG_RESULT([yes]) + break + else + AC_MSG_RESULT([no]) + fi + done + + # if the file wasn't found, well, go ahead and try the link anyway -- maybe + # it will just work! + fi + + # try the preprocessor and linker with our new flags, + # being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS + + AC_MSG_CHECKING([whether compiling and linking against OpenSSL works]) + echo "Trying link with OPENSSL_LDFLAGS=$OPENSSL_LDFLAGS;" \ + "OPENSSL_LIBS=$OPENSSL_LIBS; OPENSSL_INCLUDES=$OPENSSL_INCLUDES" >&AS_MESSAGE_LOG_FD + + save_LIBS="$LIBS" + save_LDFLAGS="$LDFLAGS" + save_CPPFLAGS="$CPPFLAGS" + LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS" + LIBS="$OPENSSL_LIBS $LIBS" + CPPFLAGS="$OPENSSL_INCLUDES $CPPFLAGS" + AC_LINK_IFELSE( + AC_LANG_PROGRAM([#include <openssl/ssl.h>], [SSL_new(NULL)]), + [ + AC_MSG_RESULT([yes]) + $1 + ], [ + AC_MSG_RESULT([no]) + $2 + ]) + CPPFLAGS="$save_CPPFLAGS" + LDFLAGS="$save_LDFLAGS" + LIBS="$save_LIBS" + + AC_SUBST([OPENSSL_INCLUDES]) + AC_SUBST([OPENSSL_LIBS]) + AC_SUBST([OPENSSL_LDFLAGS]) +])
--- a/src/c/Makefile.am Sat Dec 25 08:58:25 2010 -0500 +++ b/src/c/Makefile.am Sun Dec 26 11:13:37 2010 -0500 @@ -1,9 +1,9 @@ lib_LTLIBRARIES = liburweb.la liburweb_http.la liburweb_cgi.la liburweb_fastcgi.la -liburweb_la_SOURCES = memmem.c mhash.c urweb.c request.c queue.c +liburweb_la_SOURCES = memmem.c openssl.c urweb.c request.c queue.c liburweb_http_la_SOURCES = http.c liburweb_cgi_la_SOURCES = cgi.c liburweb_fastcgi_la_SOURCES = fastcgi.c -AM_CPPFLAGS = -I../../include +AM_CPPFLAGS = -I../../include @OPENSSL_INCLUDES@ AM_CFLAGS = -Wimplicit -Wall -Werror
--- a/src/c/Makefile.in Sat Dec 25 08:58:25 2010 -0500 +++ b/src/c/Makefile.in Sun Dec 26 11:13:37 2010 -0500 @@ -37,10 +37,10 @@ subdir = src/c DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ - $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ - $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/configure.ac +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_openssl.m4 \ + $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ + $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ + $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -71,7 +71,7 @@ am__installdirs = "$(DESTDIR)$(libdir)" LTLIBRARIES = $(lib_LTLIBRARIES) liburweb_la_LIBADD = -am_liburweb_la_OBJECTS = memmem.lo mhash.lo urweb.lo request.lo \ +am_liburweb_la_OBJECTS = memmem.lo openssl.lo urweb.lo request.lo \ queue.lo liburweb_la_OBJECTS = $(am_liburweb_la_OBJECTS) liburweb_cgi_la_LIBADD = @@ -145,7 +145,6 @@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MHASH_LIB_DIR = @MHASH_LIB_DIR@ MKDIR_P = @MKDIR_P@ MLLEX = @MLLEX@ MLTON = @MLTON@ @@ -154,6 +153,9 @@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OPENSSL_INCLUDES = @OPENSSL_INCLUDES@ +OPENSSL_LDFLAGS = @OPENSSL_LDFLAGS@ +OPENSSL_LIBS = @OPENSSL_LIBS@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ @@ -164,6 +166,7 @@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -224,11 +227,11 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ lib_LTLIBRARIES = liburweb.la liburweb_http.la liburweb_cgi.la liburweb_fastcgi.la -liburweb_la_SOURCES = memmem.c mhash.c urweb.c request.c queue.c +liburweb_la_SOURCES = memmem.c openssl.c urweb.c request.c queue.c liburweb_http_la_SOURCES = http.c liburweb_cgi_la_SOURCES = cgi.c liburweb_fastcgi_la_SOURCES = fastcgi.c -AM_CPPFLAGS = -I../../include +AM_CPPFLAGS = -I../../include @OPENSSL_INCLUDES@ AM_CFLAGS = -Wimplicit -Wall -Werror all: all-am @@ -314,7 +317,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fastcgi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/http.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/memmem.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mhash.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/queue.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/request.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/urweb.Plo@am__quote@
--- a/src/c/mhash.c Sat Dec 25 08:58:25 2010 -0500 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,84 +0,0 @@ -#include "config.h" - -#include <mhash.h> -#include <fcntl.h> - -#define KEYSIZE 16 -#define PASSSIZE 4 - -#define HASH_ALGORITHM MHASH_SHA256 -#define HASH_BLOCKSIZE 32 -#define KEYGEN_ALGORITHM KEYGEN_MCRYPT - -int uw_hash_blocksize = HASH_BLOCKSIZE; - -static int password[PASSSIZE]; -static unsigned char private_key[KEYSIZE]; - -char *uw_sig_file = NULL; - -static void random_password() { - int i; - - for (i = 0; i < PASSSIZE; ++i) - password[i] = rand(); -} - -void uw_init_crypto() { - KEYGEN kg = {{HASH_ALGORITHM, HASH_ALGORITHM}}; - - assert(mhash_get_block_size(HASH_ALGORITHM) == HASH_BLOCKSIZE); - - if (uw_sig_file) { - int fd; - - if (access(uw_sig_file, F_OK)) { - random_password(); - - if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) { - fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); - perror("open"); - exit(1); - } - - if (write(fd, &password, sizeof password) != sizeof password) { - fprintf(stderr, "Error writing signature file\n"); - exit(1); - } - - close(fd); - } else { - if ((fd = open(uw_sig_file, O_RDONLY)) < 0) { - fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); - perror("open"); - exit(1); - } - - if (read(fd, &password, sizeof password) != sizeof password) { - fprintf(stderr, "Error reading signature file\n"); - exit(1); - } - - close(fd); - } - } else - random_password(); - - if (mhash_keygen_ext(KEYGEN_ALGORITHM, kg, - private_key, sizeof(private_key), - (unsigned char*)password, sizeof(password)) < 0) { - fprintf(stderr, "Key generation failed\n"); - exit(1); - } -} - -void uw_sign(const char *in, char *out) { - MHASH td; - - td = mhash_hmac_init(HASH_ALGORITHM, private_key, sizeof(private_key), - mhash_get_hash_pblock(HASH_ALGORITHM)); - - mhash(td, in, strlen(in)); - if (mhash_hmac_deinit(td, out) < 0) - fprintf(stderr, "Signing failed\n"); -}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/c/openssl.c Sun Dec 26 11:13:37 2010 -0500 @@ -0,0 +1,72 @@ +#include "config.h" + +#include <stdlib.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <openssl/sha.h> + +#define PASSSIZE 4 + +int uw_hash_blocksize = 32; + +static int password[PASSSIZE]; + +char *uw_sig_file = NULL; + +static void random_password() { + int i; + + for (i = 0; i < PASSSIZE; ++i) + password[i] = rand(); +} + +void uw_init_crypto() { + if (uw_sig_file) { + int fd; + + if (access(uw_sig_file, F_OK)) { + random_password(); + + if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) { + fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); + perror("open"); + exit(1); + } + + if (write(fd, &password, sizeof password) != sizeof password) { + fprintf(stderr, "Error writing signature file\n"); + exit(1); + } + + close(fd); + } else { + if ((fd = open(uw_sig_file, O_RDONLY)) < 0) { + fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); + perror("open"); + exit(1); + } + + if (read(fd, &password, sizeof password) != sizeof password) { + fprintf(stderr, "Error reading signature file\n"); + exit(1); + } + + close(fd); + } + } else + random_password(); +} + +void uw_sign(const char *in, unsigned char *out) { + SHA256_CTX c; + + SHA256_Init(&c); + SHA256_Update(&c, password, sizeof password); + SHA256_Update(&c, in, strlen(in)); + SHA256_Final(out, &c); +}
--- a/src/compiler.sml Sat Dec 25 08:58:25 2010 -0500 +++ b/src/compiler.sml Sun Dec 26 11:13:37 2010 -0500 @@ -1285,16 +1285,16 @@ let val proto = Settings.currentProtocol () - val (lib, mhash) = if Settings.getStaticLinking () then - (#linkStatic proto ^ " " ^ Config.lib ^ "/../liburweb.a", Config.libMhash ^ "/libmhash.a") - else - ("-L" ^ Config.lib ^ "/.. -lurweb " ^ #linkDynamic proto, "-L" ^ Config.libMhash ^ " -lmhash") + val lib = if Settings.getStaticLinking () then + #linkStatic proto ^ " " ^ Config.lib ^ "/../liburweb.a" + else + "-L" ^ Config.lib ^ "/.. -lurweb " ^ #linkDynamic proto val compile = "gcc " ^ Config.gccArgs ^ " -Wimplicit -Werror -O3 -fno-inline -I " ^ Config.includ ^ " " ^ #compile proto ^ " -c " ^ cname ^ " -o " ^ oname - val link = "gcc -Werror -O3 -lm -lcrypt -pthread " ^ Config.gccArgs ^ " " ^ libs ^ " " ^ lib ^ " " ^ mhash ^ " " ^ oname + val link = "gcc -Werror -O3 -lm -lcrypt -pthread " ^ Config.gccArgs ^ " " ^ libs ^ " " ^ lib ^ " " ^ Config.openssl ^ " " ^ oname ^ " -o " ^ ename val (compile, link) =