From 769d58e4946b35976c4da2ab54c56f6430a45d89 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Sat, 2 May 2015 01:40:33 -0500 Subject: [PATCH] further refactoring, working libtls-standalone --- .gitignore | 6 +- crypto/Makefile.am | 44 +---- libtls-standalone/Makefile.am | 2 +- libtls-standalone/VERSION | 2 +- libtls-standalone/app/Makefile.am | 6 + libtls-standalone/app/test.c | 6 + libtls-standalone/compat/Makefile.am | 45 +++++ libtls-standalone/configure.ac | 246 +++----------------------- libtls-standalone/include/Makefile.am | 28 +-- libtls-standalone/include/string.h | 49 ++++- libtls-standalone/src/Makefile.am | 6 +- update.sh | 48 +++-- 12 files changed, 172 insertions(+), 316 deletions(-) create mode 100644 libtls-standalone/app/Makefile.am create mode 100644 libtls-standalone/app/test.c create mode 100644 libtls-standalone/compat/Makefile.am diff --git a/.gitignore b/.gitignore index 290088b..a3071b7 100644 --- a/.gitignore +++ b/.gitignore @@ -122,7 +122,11 @@ include/openssl/*.he /libtls-standalone/include/*.h /libtls-standalone/src/*.c /libtls-standalone/src/*.h -/libtls-standalone/src/compat +/libtls-standalone/src +/libtls-standalone/compat +!/libtls-standalone/compat/Makefile.am +/libtls-standalone/VERSION +/libtls-standalone/m4 openbsd/ diff --git a/crypto/Makefile.am b/crypto/Makefile.am index 757197f..ad26168 100644 --- a/crypto/Makefile.am +++ b/crypto/Makefile.am @@ -65,49 +65,7 @@ if !HAVE_TIMINGSAFE_BCMP libcompat_la_SOURCES += compat/timingsafe_bcmp.c endif -if !HAVE_ARC4RANDOM_BUF -libcompat_la_SOURCES += compat/arc4random.c - -if !HAVE_GETENTROPY -if HOST_AIX -libcompat_la_SOURCES += compat/getentropy_aix.c -endif -if HOST_FREEBSD -libcompat_la_SOURCES += compat/getentropy_freebsd.c -endif -if HOST_HPUX -libcompat_la_SOURCES += compat/getentropy_hpux.c -endif -if HOST_LINUX -libcompat_la_SOURCES += compat/getentropy_linux.c -endif -if HOST_NETBSD -libcompat_la_SOURCES += compat/getentropy_netbsd.c -endif -if HOST_DARWIN -libcompat_la_SOURCES += compat/getentropy_osx.c -endif -if HOST_SOLARIS -libcompat_la_SOURCES += compat/getentropy_solaris.c -endif -if HOST_WIN -libcompat_la_SOURCES += compat/getentropy_win.c -endif -endif - -endif - -noinst_HEADERS = -noinst_HEADERS += compat/arc4random.h -noinst_HEADERS += compat/arc4random_aix.h -noinst_HEADERS += compat/arc4random_freebsd.h -noinst_HEADERS += compat/arc4random_hpux.h -noinst_HEADERS += compat/arc4random_linux.h -noinst_HEADERS += compat/arc4random_netbsd.h -noinst_HEADERS += compat/arc4random_osx.h -noinst_HEADERS += compat/arc4random_solaris.h -noinst_HEADERS += compat/arc4random_win.h -noinst_HEADERS += compat/chacha_private.h +include Makefile.am.arc4random libcrypto_la_SOURCES = EXTRA_libcrypto_la_SOURCES = diff --git a/libtls-standalone/Makefile.am b/libtls-standalone/Makefile.am index 8881d8c..a108ada 100644 --- a/libtls-standalone/Makefile.am +++ b/libtls-standalone/Makefile.am @@ -1,4 +1,4 @@ -SUBDIRS = include src +SUBDIRS = include compat src app ACLOCAL_AMFLAGS = -I m4 pkgconfigdir = $(libdir)/pkgconfig diff --git a/libtls-standalone/VERSION b/libtls-standalone/VERSION index 81ece01..fd2a018 100644 --- a/libtls-standalone/VERSION +++ b/libtls-standalone/VERSION @@ -1 +1 @@ -3:1:0 +3.1.0 diff --git a/libtls-standalone/app/Makefile.am b/libtls-standalone/app/Makefile.am new file mode 100644 index 0000000..75a3dd6 --- /dev/null +++ b/libtls-standalone/app/Makefile.am @@ -0,0 +1,6 @@ +AM_CFLAGS = -I$(top_srcdir)/include + +bin_PROGRAMS = test + +test_SOURCES = test.c +test_LDADD = -lcrypto -lssl $(top_builddir)/src/libtls.la diff --git a/libtls-standalone/app/test.c b/libtls-standalone/app/test.c new file mode 100644 index 0000000..e3c3f76 --- /dev/null +++ b/libtls-standalone/app/test.c @@ -0,0 +1,6 @@ +#include + +int main() +{ + tls_init(); +} diff --git a/libtls-standalone/compat/Makefile.am b/libtls-standalone/compat/Makefile.am new file mode 100644 index 0000000..e1ec939 --- /dev/null +++ b/libtls-standalone/compat/Makefile.am @@ -0,0 +1,45 @@ +# +# Copyright (c) 2014-2015 Brent Cook +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/src + +noinst_LTLIBRARIES = libcompat.la libcompatnoopt.la + +# compatibility functions that need to be built without optimizations +libcompatnoopt_la_CFLAGS = -O0 +libcompatnoopt_la_SOURCES = + +if !HAVE_EXPLICIT_BZERO +libcompatnoopt_la_SOURCES += explicit_bzero.c +endif + +# other compatibility functions +libcompat_la_CFLAGS = $(CFLAGS) $(USER_CFLAGS) +libcompat_la_SOURCES = +libcompat_la_LIBADD = $(PLATFORM_LDADD) + +if !HAVE_ASPRINTF +libcompat_la_SOURCES += bsd-asprintf.c +endif + +if !HAVE_STRLCPY +libcompat_la_SOURCES += strlcpy.c +endif + +if !HAVE_STRSEP +libcompat_la_SOURCES += strsep.c +endif + +include Makefile.am.arc4random diff --git a/libtls-standalone/configure.ac b/libtls-standalone/configure.ac index babb266..d52e22a 100644 --- a/libtls-standalone/configure.ac +++ b/libtls-standalone/configure.ac @@ -1,3 +1,17 @@ +# Copyright (c) 2014-2015 Brent Cook +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + AC_INIT([libtls], m4_esyscmd([tr -d '\n' < VERSION])) AC_CANONICAL_HOST @@ -15,238 +29,20 @@ AM_PROG_CC_C_O AC_PROG_LIBTOOL LT_INIT -CFLAGS="$CFLAGS -Wall -std=gnu99" +CHECK_OS_OPTIONS -case $host_os in - *aix*) - HOST_OS=aix - if test "`echo $CC | cut -d ' ' -f 1`" != "gcc" ; then - CFLAGS="$USER_CFLAGS" - fi - ;; - *cygwin*) - HOST_OS=cygwin - ;; - *darwin*) - HOST_OS=darwin - HOST_ABI=macosx - ;; - *freebsd*) - HOST_OS=freebsd - HOST_ABI=elf - ;; - *hpux*) - HOST_OS=hpux; - if test "`echo $CC | cut -d ' ' -f 1`" = "gcc" ; then - CFLAGS="$CFLAGS -mlp64" - else - CFLAGS="-g -O2 +DD64 $USER_CFLAGS" - fi - CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT" - AC_SUBST([PLATFORM_LDADD], ['-lpthread']) - ;; - *linux*) - HOST_OS=linux - HOST_ABI=elf - CPPFLAGS="$CPPFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE" - ;; - *netbsd*) - HOST_OS=netbsd - CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE" - ;; - *openbsd*) - HOST_ABI=elf - AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded]) - ;; - *mingw*) - HOST_OS=win - CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D__USE_MINGW_ANSI_STDIO" - CPPFLAGS="$CPPFLAGS -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS" - CPPFLAGS="$CPPFLAGS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600" - CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG" - CFLAGS="$CFLAGS -static-libgcc" - LDFLAGS="$LDFLAGS -static-libgcc" - AC_SUBST([PLATFORM_LDADD], ['-lws2_32']) - ;; - *solaris*) - HOST_OS=solaris - HOST_ABI=elf - CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" - AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket']) - ;; - *) ;; -esac +CHECK_C_HARDENING_OPTIONS -AM_CONDITIONAL([HOST_AIX], [test x$HOST_OS = xaix]) -AM_CONDITIONAL([HOST_CYGWIN], [test x$HOST_OS = xcygwin]) -AM_CONDITIONAL([HOST_DARWIN], [test x$HOST_OS = xdarwin]) -AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd]) -AM_CONDITIONAL([HOST_HPUX], [test x$HOST_OS = xhpux]) -AM_CONDITIONAL([HOST_LINUX], [test x$HOST_OS = xlinux]) -AM_CONDITIONAL([HOST_NETBSD], [test x$HOST_OS = xnetbsd]) -AM_CONDITIONAL([HOST_SOLARIS], [test x$HOST_OS = xsolaris]) -AM_CONDITIONAL([HOST_WIN], [test x$HOST_OS = xwin]) +DISABLE_COMPILER_WARNINGS -AC_MSG_CHECKING([if compiling with clang]) -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[ -#ifndef __clang__ - not clang -#endif - ]])], - [CLANG=yes], - [CLANG=no] -) -AC_MSG_RESULT([$CLANG]) -AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Qunused-arguments]) - -CFLAGS="$CFLAGS $CLANG_FLAGS" -LDFLAGS="$LDFLAGS $CLANG_FLAGS" - -# We want to check for compiler flag support. Prior to clang v5.1, there was no -# way to make clang's "argument unused" warning fatal. So we invoke the -# compiler through a wrapper script that greps for this message. -saved_CC="$CC" -saved_LD="$LD" -flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check" -CC="$flag_wrap $CC" -LD="$flag_wrap $LD" - -AC_ARG_ENABLE([hardening], - [AS_HELP_STRING([--disable-hardening], - [Disable options to frustrate memory corruption exploits])], - [], [enable_hardening=yes]) - -AC_ARG_ENABLE([windows-ssp], - [AS_HELP_STRING([--enable-windows-ssp], - [Enable building the stack smashing protection on - Windows. This currently distributing libssp-0.dll.])]) - -AC_DEFUN([CHECK_CFLAG], [ - AC_LANG_ASSERT(C) - AC_MSG_CHECKING([if $saved_CC supports "$1"]) - old_cflags="$CFLAGS" - CFLAGS="$1 -Wall -Werror" - AC_TRY_LINK([ - #include - ], - [printf("Hello")], - AC_MSG_RESULT([yes]) - CFLAGS=$old_cflags - HARDEN_CFLAGS="$HARDEN_CFLAGS $1", - AC_MSG_RESULT([no]) - CFLAGS=$old_cflags - [$2]) -]) - -AC_DEFUN([CHECK_LDFLAG], [ - AC_LANG_ASSERT(C) - AC_MSG_CHECKING([if $saved_LD supports "$1"]) - old_ldflags="$LDFLAGS" - LDFLAGS="$1 -Wall -Werror" - AC_TRY_LINK([ - #include - ], - [printf("Hello")], - AC_MSG_RESULT([yes]) - LDFLAGS=$old_ldflags - HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1", - AC_MSG_RESULT([no]) - LDFLAGS=$old_ldflags - [$2]) -]) - -AS_IF([test "x$enable_hardening" = "xyes"], [ - # Tell GCC to NOT optimize based on signed arithmetic overflow - CHECK_CFLAG([[-fno-strict-overflow]]) - - # _FORTIFY_SOURCE replaces builtin functions with safer versions. - CHECK_CFLAG([[-D_FORTIFY_SOURCE=2]]) - - # Enable read only relocations - CHECK_LDFLAG([[-Wl,-z,relro]]) - CHECK_LDFLAG([[-Wl,-z,now]]) - - # Windows security flags - AS_IF([test "x$HOST_OS" = "xwin"], [ - CHECK_LDFLAG([[-Wl,--nxcompat]]) - CHECK_LDFLAG([[-Wl,--dynamicbase]]) - CHECK_LDFLAG([[-Wl,--high-entropy-va]]) - ]) - - # Use stack-protector-strong if available; if not, fallback to - # stack-protector-all which is considered to be overkill - AS_IF([test "x$enable_windows_ssp" = "xyes" -o "x$HOST_OS" != "xwin"], [ - CHECK_CFLAG([[-fstack-protector-strong]], - CHECK_CFLAG([[-fstack-protector-all]], - AC_MSG_WARN([compiler does not appear to support stack protection]) - ) - ) - AS_IF([test "x$HOST_OS" = "xwin"], [ - AC_SEARCH_LIBS([__stack_chk_guard],[ssp]) - ]) - ]) -]) - - -# Restore CC, LD -CC="$saved_CC" -LD="$saved_LD" - -CFLAGS="$CFLAGS $HARDEN_CFLAGS" -LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS" - -# Removing the dependency on -Wno-pointer-sign should be a goal -save_cflags="$CFLAGS" -CFLAGS=-Wno-pointer-sign -AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign]) -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_RESULT([yes])] - [AM_CFLAGS=-Wno-pointer-sign], - [AC_MSG_RESULT([no])] -) -CFLAGS="$save_cflags $AM_CFLAGS" - -save_cflags="$CFLAGS" -CFLAGS= -AC_MSG_CHECKING([whether AS supports .note.GNU-stack]) -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ -__asm__(".section .note.GNU-stack,\"\",@progbits");]])], - [AC_MSG_RESULT([yes])] - [AM_CFLAGS=-DHAVE_GNU_STACK], - [AC_MSG_RESULT([no])] -) -CFLAGS="$save_cflags $AM_CFLAGS" -AM_PROG_AS - -AC_CHECK_FUNCS([explicit_bzero strsep]) -AM_CONDITIONAL([HAVE_EXPLICIT_BZERO], [test "x$ac_cv_func_explicit_bzero" = xyes]) -AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes]) - -#AC_CHECK_FUNCS([arc4random_buf asprintf explicit_bzero funopen getauxval]) -#AC_CHECK_FUNCS([getentropy memmem poll reallocarray]) -#AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strtonum]) -#AC_CHECK_FUNCS([symlink]) -#AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp]) -# -## Share test results with automake -#AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes]) -#AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes]) -#AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = xyes]) -#AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes]) -#AM_CONDITIONAL([HAVE_POLL], [test "x$ac_cv_func_poll" = xyes]) -#AM_CONDITIONAL([HAVE_REALLOCARRAY], [test "x$ac_cv_func_reallocarray" = xyes]) -#AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes]) -#AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes]) -#AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes]) -#AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes]) -#AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes]) -#AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes]) -#AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes]) -#AM_CONDITIONAL([BUILD_CERTHASH], [test "x$ac_cv_func_symlink" = xyes]) +CHECK_LIBC_COMPAT +CHECK_LIBC_CRYPTO_COMPAT AC_CONFIG_FILES([ Makefile include/Makefile + app/Makefile + compat/Makefile src/Makefile libtls.pc ]) diff --git a/libtls-standalone/include/Makefile.am b/libtls-standalone/include/Makefile.am index 7fbefdc..0783318 100644 --- a/libtls-standalone/include/Makefile.am +++ b/libtls-standalone/include/Makefile.am @@ -1,27 +1,5 @@ -#noinst_HEADERS = err.h -#noinst_HEADERS += netdb.h -#noinst_HEADERS += poll.h -#noinst_HEADERS += pqueue.h -#noinst_HEADERS += stdio.h -#noinst_HEADERS += stdlib.h -#noinst_HEADERS += string.h -#noinst_HEADERS += syslog.h -#noinst_HEADERS += unistd.h -#noinst_HEADERS += win32netcompat.h -# -#noinst_HEADERS += arpa/inet.h -# -#noinst_HEADERS += machine/endian.h -# -#noinst_HEADERS += netinet/in.h -#noinst_HEADERS += netinet/tcp.h -# -#noinst_HEADERS += sys/ioctl.h -#noinst_HEADERS += sys/mman.h -#noinst_HEADERS += sys/select.h -#noinst_HEADERS += sys/socket.h -#noinst_HEADERS += sys/times.h -#noinst_HEADERS += sys/types.h -#noinst_HEADERS += sys/uio.h +noinst_HEADERS = stdlib.h +noinst_HEADERS += string.h +noinst_HEADERS += unistd.h include_HEADERS = tls.h diff --git a/libtls-standalone/include/string.h b/libtls-standalone/include/string.h index c42fcba..05d1ffc 100644 --- a/libtls-standalone/include/string.h +++ b/libtls-standalone/include/string.h @@ -17,12 +17,57 @@ #include #endif -#ifndef HAVE_EXPLICIT_BZERO -void explicit_bzero(void *, size_t); +#ifndef HAVE_STRLCPY +size_t strlcpy(char *dst, const char *src, size_t siz); +#endif + +#ifndef HAVE_STRLCAT +size_t strlcat(char *dst, const char *src, size_t siz); +#endif + +#ifndef HAVE_STRNDUP +char * strndup(const char *str, size_t maxlen); +/* the only user of strnlen is strndup, so only build it if needed */ +#ifndef HAVE_STRNLEN +size_t strnlen(const char *str, size_t maxlen); +#endif #endif #ifndef HAVE_STRSEP char *strsep(char **stringp, const char *delim); #endif +#ifndef HAVE_EXPLICIT_BZERO +void explicit_bzero(void *, size_t); +#endif + +#ifndef HAVE_TIMINGSAFE_BCMP +int timingsafe_bcmp(const void *b1, const void *b2, size_t n); +#endif + +#ifndef HAVE_TIMINGSAFE_MEMCMP +int timingsafe_memcmp(const void *b1, const void *b2, size_t len); +#endif + +#ifndef HAVE_MEMMEM +void * memmem(const void *big, size_t big_len, const void *little, + size_t little_len); +#endif + +#ifdef _WIN32 +#include + +static inline char * +posix_strerror(int errnum) +{ + if (errnum == ECONNREFUSED) { + return "Connection refused"; + } + return strerror(errnum); +} + +#define strerror(errnum) posix_strerror(errnum) + +#endif + #endif diff --git a/libtls-standalone/src/Makefile.am b/libtls-standalone/src/Makefile.am index d5bcc49..cb9dd7f 100644 --- a/libtls-standalone/src/Makefile.am +++ b/libtls-standalone/src/Makefile.am @@ -4,6 +4,8 @@ lib_LTLIBRARIES = libtls.la libtls_la_LDFLAGS = -no-undefined libtls_la_LIBADD = -lcrypto -lssl $(PLATFORM_LDADD) +libtls_la_LIBADD += $(top_builddir)/compat/libcompat.la +libtls_la_LIBADD += $(top_builddir)/compat/libcompatnoopt.la libtls_la_SOURCES = tls.c libtls_la_SOURCES += tls_client.c @@ -12,7 +14,3 @@ libtls_la_SOURCES += tls_server.c libtls_la_SOURCES += tls_util.c libtls_la_SOURCES += tls_verify.c noinst_HEADERS = tls_internal.h - -if !HAVE_STRSEP -libtls_la_SOURCES += strsep.c -endif diff --git a/update.sh b/update.sh index d2e74c7..06a70d7 100755 --- a/update.sh +++ b/update.sh @@ -43,7 +43,7 @@ source $libtls_src/shlib_version libtls_version=$major:$minor:0 echo "libtls version $libtls_version" echo $libtls_version > tls/VERSION -echo $libtls_version > libtls-standalone/VERSION +echo $major.$minor.0 > libtls-standalone/VERSION do_mv() { if ! cmp -s "$1" "$2" @@ -62,21 +62,35 @@ $CP $libcrypto_src/crypto/arch/amd64/opensslconf.h include/openssl $CP $libssl_src/src/crypto/opensslfeatures.h include/openssl $CP $libssl_src/src/e_os2.h include/openssl $CP $libssl_src/src/ssl/pqueue.h include -$CP $libtls_src/tls.h include -$CP $libtls_src/tls.h libtls-standalone/include -for i in explicit_bzero.c strlcpy.c strlcat.c strndup.c strnlen.c \ - timingsafe_bcmp.c timingsafe_memcmp.c; do - $CP $libc_src/string/$i crypto/compat +sed -e "s/#define HEADER_TLS_H/#define HEADER_TLS_H\n#include \n#include /" \ + $libtls_src/tls.h > include/tls.h +$CP include/tls.h libtls-standalone/include + +for i in crypto/compat libtls-standalone/compat; do + $CP $libc_src/crypt/arc4random.c \ + $libc_src/crypt/chacha_private.h \ + $libc_src/string/explicit_bzero.c \ + $libc_src/stdlib/reallocarray.c \ + $libc_src/string/strlcpy.c \ + $libc_src/string/strlcat.c \ + $libc_src/string/strndup.c \ + $libc_src/string/strnlen.c \ + $libc_src/string/timingsafe_bcmp.c \ + $libc_src/string/timingsafe_memcmp.c \ + $libcrypto_src/crypto/getentropy_*.c \ + $libcrypto_src/crypto/arc4random_*.h \ + $i done -$CP $libc_src/stdlib/reallocarray.c crypto/compat -$CP $libc_src/crypt/arc4random.c crypto/compat -$CP $libc_src/crypt/chacha_private.h crypto/compat -$CP $libcrypto_src/crypto/getentropy_*.c crypto/compat -$CP $libcrypto_src/crypto/arc4random_*.h crypto/compat -$CP $libcrypto_src/crypto/getentropy_*.c libtls-standalone/src/compat -$CP $libcrypto_src/crypto/arc4random_*.h libtls-standalone/src/compat +$CP include/stdlib.h \ + include/string.h \ + include/unistd.h \ + libtls-standalone/include + +$CP crypto/compat/arc4random*.h \ + crypto/compat/bsd-asprintf.c \ + libtls-standalone/compat (cd $libssl_src/src/crypto/objects/; perl objects.pl objects.txt obj_mac.num obj_mac.h; @@ -179,7 +193,13 @@ for i in `awk '/SOURCES|HEADERS/ { print $3 }' tls/Makefile.am` ; do fi done $CP $libc_src/string/strsep.c tls -$CP $libc_src/string/strsep.c libtls-standalone/src/compat +$CP $libc_src/string/strsep.c libtls-standalone/compat +mkdir -p libtls-standalone/m4 +$CP m4/check*.m4 \ + m4/disable*.m4 \ + libtls-standalone/m4 +sed -e "s/compat\///" crypto/Makefile.am.arc4random > \ + libtls-standalone/compat/Makefile.am.arc4random # copy openssl(1) source echo "copying openssl(1) source"