diff options
author | Adam Chlipala <adam@chlipala.net> | 2010-12-26 11:13:37 -0500 |
---|---|---|
committer | Adam Chlipala <adam@chlipala.net> | 2010-12-26 11:13:37 -0500 |
commit | bc7000ce141d30e4db4842edd8fa067ac1ec191d (patch) | |
tree | d59424249e21ce243abae8ec042deb0fdeccb3d7 | |
parent | a090c56aad2934d397d23df2a7b17156b12695a1 (diff) |
Switch from libmhash to OpenSSL
-rw-r--r-- | Makefile.in | 13 | ||||
-rw-r--r-- | aclocal.m4 | 1 | ||||
-rwxr-xr-x | configure | 210 | ||||
-rw-r--r-- | configure.ac | 17 | ||||
-rw-r--r-- | doc/manual.tex | 4 | ||||
-rw-r--r-- | m4/ax_check_openssl.m4 | 124 | ||||
-rw-r--r-- | src/c/Makefile.am | 4 | ||||
-rw-r--r-- | src/c/Makefile.in | 21 | ||||
-rw-r--r-- | src/c/openssl.c (renamed from src/c/mhash.c) | 42 | ||||
-rw-r--r-- | src/compiler.sml | 10 | ||||
-rw-r--r-- | src/config.sig | 2 | ||||
-rw-r--r-- | src/config.sml.in | 2 |
12 files changed, 321 insertions, 129 deletions
diff --git a/Makefile.in b/Makefile.in index 59e1c71e..abe8e811 100644 --- a/Makefile.in +++ b/Makefile.in @@ -39,10 +39,10 @@ DIST_COMMON = $(am__configure_deps) $(srcdir)/Makefile.am \ $(top_srcdir)/configure $(top_srcdir)/src/config.sml.in \ config.guess config.sub depcomp install-sh ltmain.sh missing ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ - $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ - $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/configure.ac +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_openssl.m4 \ + $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ + $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ + $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ @@ -146,7 +146,6 @@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MHASH_LIB_DIR = @MHASH_LIB_DIR@ MKDIR_P = @MKDIR_P@ MLLEX = @MLLEX@ MLTON := mlton @@ -155,6 +154,9 @@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OPENSSL_INCLUDES = @OPENSSL_INCLUDES@ +OPENSSL_LDFLAGS = @OPENSSL_LDFLAGS@ +OPENSSL_LIBS = @OPENSSL_LIBS@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ @@ -165,6 +167,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -949,6 +949,7 @@ AC_SUBST([am__tar]) AC_SUBST([am__untar]) ]) # _AM_PROG_TAR +m4_include([m4/ax_check_openssl.m4]) m4_include([m4/libtool.m4]) m4_include([m4/ltoptions.m4]) m4_include([m4/ltsugar.m4]) @@ -743,7 +743,6 @@ ac_subst_vars='am__EXEEXT_FALSE am__EXEEXT_TRUE LTLIBOBJS LIBOBJS -MHASH_LIB_DIR GCCARGS SITELISP INCLUDE @@ -752,6 +751,10 @@ BIN MLYACC MLLEX MLTON +OPENSSL_LDFLAGS +OPENSSL_LIBS +OPENSSL_INCLUDES +PKG_CONFIG OTOOL64 OTOOL LIPO @@ -867,7 +870,7 @@ with_pic enable_fast_install with_gnu_ld enable_libtool_lock -with_mhash_dir +with_openssl ' ac_precious_vars='build_alias host_alias @@ -1512,7 +1515,7 @@ Optional Packages: --with-pic try to use only PIC/non-PIC objects [default=use both] --with-gnu-ld assume the C compiler uses GNU ld [default=no] - --with-mhash-dir=DIR mhash directory; default = /usr + --with-openssl=DIR root of the OpenSSL directory Some influential environment variables: CC C compiler command @@ -5329,13 +5332,13 @@ if test "${lt_cv_nm_interface+set}" = set; then : else lt_cv_nm_interface="BSD nm" echo "int some_variable = 0;" > conftest.$ac_ext - (eval echo "\"\$as_me:5332: $ac_compile\"" >&5) + (eval echo "\"\$as_me:5335: $ac_compile\"" >&5) (eval "$ac_compile" 2>conftest.err) cat conftest.err >&5 - (eval echo "\"\$as_me:5335: $NM \\\"conftest.$ac_objext\\\"\"" >&5) + (eval echo "\"\$as_me:5338: $NM \\\"conftest.$ac_objext\\\"\"" >&5) (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) cat conftest.err >&5 - (eval echo "\"\$as_me:5338: output\"" >&5) + (eval echo "\"\$as_me:5341: output\"" >&5) cat conftest.out >&5 if $GREP 'External.*some_variable' conftest.out > /dev/null; then lt_cv_nm_interface="MS dumpbin" @@ -6540,7 +6543,7 @@ ia64-*-hpux*) ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 6543 "configure"' > conftest.$ac_ext + echo '#line 6546 "configure"' > conftest.$ac_ext if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -7802,11 +7805,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:7805: $lt_compile\"" >&5) + (eval echo "\"\$as_me:7808: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:7809: \$? = $ac_status" >&5 + echo "$as_me:7812: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8141,11 +8144,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8144: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8147: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:8148: \$? = $ac_status" >&5 + echo "$as_me:8151: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8246,11 +8249,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8249: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8252: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:8253: \$? = $ac_status" >&5 + echo "$as_me:8256: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -8301,11 +8304,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8304: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8307: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:8308: \$? = $ac_status" >&5 + echo "$as_me:8311: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -10685,7 +10688,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<_LT_EOF -#line 10688 "configure" +#line 10691 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -10781,7 +10784,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<_LT_EOF -#line 10784 "configure" +#line 10787 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -11013,67 +11016,154 @@ ac_config_headers="$ac_config_headers config.h" -# Check whether --with-mhash-dir was given. -if test "${with_mhash_dir+set}" = set; then : - withval=$with_mhash_dir; with_mhash_dir="$withval" -else - with_mhash_dir="/usr" -fi + found=false +# Check whether --with-openssl was given. +if test "${with_openssl+set}" = set; then : + withval=$with_openssl; + case "$withval" in + "" | y | ye | yes | n | no) + as_fn_error $? "Invalid --with-openssl value" "$LINENO" 5 + ;; + *) ssldirs="$withval" + ;; + esac -LIBS_save="$LIBS" -LIBS="-L${with_mhash_dir}/lib/ -lmhash" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for mhash_get_block_size in -lmhash" >&5 -$as_echo_n "checking for mhash_get_block_size in -lmhash... " >&6; } -if test "${ac_cv_lib_mhash_mhash_get_block_size+set}" = set; then : +else + + # if pkg-config is installed and openssl has installed a .pc file, + # then use that information and don't search ssldirs + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_path_PKG_CONFIG+set}" = set; then : $as_echo_n "(cached) " >&6 else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lmhash $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ + case $PKG_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char mhash_get_block_size (); + ;; +esac +fi +PKG_CONFIG=$ac_cv_path_PKG_CONFIG +if test -n "$PKG_CONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5 +$as_echo "$PKG_CONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + if test x"$PKG_CONFIG" != x""; then + OPENSSL_LDFLAGS=`$PKG_CONFIG openssl --libs-only-L 2>/dev/null` + if test $? = 0; then + OPENSSL_LIBS=`$PKG_CONFIG openssl --libs-only-l 2>/dev/null` + OPENSSL_INCLUDES=`$PKG_CONFIG openssl --cflags-only-I 2>/dev/null` + found=true + fi + fi + + # no such luck; use some default ssldirs + if ! $found; then + ssldirs="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr" + fi + + +fi + + + + # note that we #include <openssl/foo.h>, so the OpenSSL headers have to be in + # an 'openssl' subdirectory + + if ! $found; then + OPENSSL_INCLUDES= + for ssldir in $ssldirs; do + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for openssl/ssl.h in $ssldir" >&5 +$as_echo_n "checking for openssl/ssl.h in $ssldir... " >&6; } + if test -f "$ssldir/include/openssl/ssl.h"; then + OPENSSL_INCLUDES="-I$ssldir/include" + OPENSSL_LDFLAGS="-L$ssldir/lib" + OPENSSL_LIBS="-lssl -lcrypto" + found=true + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + break + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + fi + done + + # if the file wasn't found, well, go ahead and try the link anyway -- maybe + # it will just work! + fi + + # try the preprocessor and linker with our new flags, + # being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether compiling and linking against OpenSSL works" >&5 +$as_echo_n "checking whether compiling and linking against OpenSSL works... " >&6; } + echo "Trying link with OPENSSL_LDFLAGS=$OPENSSL_LDFLAGS;" \ + "OPENSSL_LIBS=$OPENSSL_LIBS; OPENSSL_INCLUDES=$OPENSSL_INCLUDES" >&5 + + save_LIBS="$LIBS" + save_LDFLAGS="$LDFLAGS" + save_CPPFLAGS="$CPPFLAGS" + LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS" + LIBS="$OPENSSL_LIBS $LIBS" + CPPFLAGS="$OPENSSL_INCLUDES $CPPFLAGS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include <openssl/ssl.h> int main () { -return mhash_get_block_size (); +SSL_new(NULL) ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_mhash_mhash_get_block_size=yes + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + echo >/dev/null + else - ac_cv_lib_mhash_mhash_get_block_size=no + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + echo "You must install OpenSSL development files."; exit1 + fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_mhash_mhash_get_block_size" >&5 -$as_echo "$ac_cv_lib_mhash_mhash_get_block_size" >&6; } -if test "x$ac_cv_lib_mhash_mhash_get_block_size" = x""yes; then : - MHASH_LIB_DIR="${with_mhash_dir}/lib" -else - echo "You must install libmhash."; exit 1 -fi + CPPFLAGS="$save_CPPFLAGS" + LDFLAGS="$save_LDFLAGS" + LIBS="$save_LIBS" + -LIBS="${LIBS_save}" -as_ac_Header=`$as_echo "ac_cv_header_"${with_mhash_dir}/include/mhash.h"" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" ""${with_mhash_dir}/include/mhash.h"" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - CPPFLAGS="${CPPFLAGS} -I${with_mhash_dir}/include" -else - echo "You must install libmhash dev files."; exit 1 -fi @@ -11232,7 +11322,6 @@ fi - ac_config_files="$ac_config_files Makefile src/c/Makefile src/config.sml" @@ -13582,6 +13671,5 @@ Ur/Web configuration: lib directory: LIB $LIB include directory: INCLUDE $INCLUDE site-lisp directory: SITELISP $SITELISP - mhash lib directory: MHASH_LIB_DIR $MHASH_LIB_DIR Extra GCC args: GCCARGS $GCCARGS EOF diff --git a/configure.ac b/configure.ac index fbb75892..f9cd72c0 100644 --- a/configure.ac +++ b/configure.ac @@ -6,20 +6,7 @@ AC_PROG_LIBTOOL() AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_HEADERS([config.h]) -dnl Setting the search directory for mhash. -AC_ARG_WITH(mhash-dir, AS_HELP_STRING([--with-mhash-dir=DIR], [mhash directory; default = /usr]), - with_mhash_dir="$withval", with_mhash_dir="/usr") - -dnl Check for libmhash -LIBS_save="$LIBS" -LIBS="-L${with_mhash_dir}/lib/ -lmhash" -AC_CHECK_LIB(mhash, mhash_get_block_size, - [MHASH_LIB_DIR="${with_mhash_dir}/lib"], [echo "You must install libmhash."; exit 1]) -LIBS="${LIBS_save}" - -dnl Check for mhash.h -AC_CHECK_HEADER(["${with_mhash_dir}/include/mhash.h"], - [CPPFLAGS="${CPPFLAGS} -I${with_mhash_dir}/include"], [echo "You must install libmhash dev files."; exit 1]) +AX_CHECK_OPENSSL([echo >/dev/null], [echo "You must install OpenSSL development files."; exit1]) AC_CHECK_PROG(MLTON, mlton, yes, []) @@ -67,7 +54,6 @@ AC_SUBST(LIB) AC_SUBST(INCLUDE) AC_SUBST(SITELISP) AC_SUBST(GCCARGS) -AC_SUBST(MHASH_LIB_DIR) AC_CONFIG_FILES([ Makefile @@ -84,6 +70,5 @@ Ur/Web configuration: lib directory: LIB $LIB include directory: INCLUDE $INCLUDE site-lisp directory: SITELISP $SITELISP - mhash lib directory: MHASH_LIB_DIR $MHASH_LIB_DIR Extra GCC args: GCCARGS $GCCARGS EOF diff --git a/doc/manual.tex b/doc/manual.tex index 067d5aa4..c59caac7 100644 --- a/doc/manual.tex +++ b/doc/manual.tex @@ -56,9 +56,9 @@ make sudo make install \end{verbatim} -Some other packages must be installed for the above to work. At a minimum, you need a standard UNIX shell, with standard UNIX tools like sed and GCC in your execution path; MLton, the whole-program optimizing compiler for Standard ML; and the mhash C library. As of this writing, in the ``testing'' version of Debian Linux, this command will install the more uncommon of these dependencies: +Some other packages must be installed for the above to work. At a minimum, you need a standard UNIX shell, with standard UNIX tools like sed and GCC in your execution path; MLton, the whole-program optimizing compiler for Standard ML; and the development files for the OpenSSL C library. As of this writing, in the ``testing'' version of Debian Linux, this command will install the more uncommon of these dependencies: \begin{verbatim} -apt-get install mlton libmhash-dev +apt-get install mlton libssl-dev \end{verbatim} To build programs that access SQL databases, you also need one of these client libraries for supported backends. diff --git a/m4/ax_check_openssl.m4 b/m4/ax_check_openssl.m4 new file mode 100644 index 00000000..ea77008e --- /dev/null +++ b/m4/ax_check_openssl.m4 @@ -0,0 +1,124 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_check_openssl.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_OPENSSL([action-if-found[, action-if-not-found]]) +# +# DESCRIPTION +# +# Look for OpenSSL in a number of default spots, or in a user-selected +# spot (via --with-openssl). Sets +# +# OPENSSL_INCLUDES to the include directives required +# OPENSSL_LIBS to the -l directives required +# OPENSSL_LDFLAGS to the -L or -R flags required +# +# and calls ACTION-IF-FOUND or ACTION-IF-NOT-FOUND appropriately +# +# This macro sets OPENSSL_INCLUDES such that source files should use the +# openssl/ directory in include directives: +# +# #include <openssl/hmac.h> +# +# LICENSE +# +# Copyright (c) 2009,2010 Zmanda Inc. <http://www.zmanda.com/> +# Copyright (c) 2009,2010 Dustin J. Mitchell <dustin@zmanda.com> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 7 + +AU_ALIAS([CHECK_SSL], [AX_CHECK_OPENSSL]) +AC_DEFUN([AX_CHECK_OPENSSL], [ + found=false + AC_ARG_WITH(openssl, + AS_HELP_STRING([--with-openssl=DIR], + [root of the OpenSSL directory]), + [ + case "$withval" in + "" | y | ye | yes | n | no) + AC_MSG_ERROR([Invalid --with-openssl value]) + ;; + *) ssldirs="$withval" + ;; + esac + ], [ + # if pkg-config is installed and openssl has installed a .pc file, + # then use that information and don't search ssldirs + AC_PATH_PROG(PKG_CONFIG, pkg-config) + if test x"$PKG_CONFIG" != x""; then + OPENSSL_LDFLAGS=`$PKG_CONFIG openssl --libs-only-L 2>/dev/null` + if test $? = 0; then + OPENSSL_LIBS=`$PKG_CONFIG openssl --libs-only-l 2>/dev/null` + OPENSSL_INCLUDES=`$PKG_CONFIG openssl --cflags-only-I 2>/dev/null` + found=true + fi + fi + + # no such luck; use some default ssldirs + if ! $found; then + ssldirs="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr" + fi + ] + ) + + + # note that we #include <openssl/foo.h>, so the OpenSSL headers have to be in + # an 'openssl' subdirectory + + if ! $found; then + OPENSSL_INCLUDES= + for ssldir in $ssldirs; do + AC_MSG_CHECKING([for openssl/ssl.h in $ssldir]) + if test -f "$ssldir/include/openssl/ssl.h"; then + OPENSSL_INCLUDES="-I$ssldir/include" + OPENSSL_LDFLAGS="-L$ssldir/lib" + OPENSSL_LIBS="-lssl -lcrypto" + found=true + AC_MSG_RESULT([yes]) + break + else + AC_MSG_RESULT([no]) + fi + done + + # if the file wasn't found, well, go ahead and try the link anyway -- maybe + # it will just work! + fi + + # try the preprocessor and linker with our new flags, + # being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS + + AC_MSG_CHECKING([whether compiling and linking against OpenSSL works]) + echo "Trying link with OPENSSL_LDFLAGS=$OPENSSL_LDFLAGS;" \ + "OPENSSL_LIBS=$OPENSSL_LIBS; OPENSSL_INCLUDES=$OPENSSL_INCLUDES" >&AS_MESSAGE_LOG_FD + + save_LIBS="$LIBS" + save_LDFLAGS="$LDFLAGS" + save_CPPFLAGS="$CPPFLAGS" + LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS" + LIBS="$OPENSSL_LIBS $LIBS" + CPPFLAGS="$OPENSSL_INCLUDES $CPPFLAGS" + AC_LINK_IFELSE( + AC_LANG_PROGRAM([#include <openssl/ssl.h>], [SSL_new(NULL)]), + [ + AC_MSG_RESULT([yes]) + $1 + ], [ + AC_MSG_RESULT([no]) + $2 + ]) + CPPFLAGS="$save_CPPFLAGS" + LDFLAGS="$save_LDFLAGS" + LIBS="$save_LIBS" + + AC_SUBST([OPENSSL_INCLUDES]) + AC_SUBST([OPENSSL_LIBS]) + AC_SUBST([OPENSSL_LDFLAGS]) +]) diff --git a/src/c/Makefile.am b/src/c/Makefile.am index 91b48df5..613c2452 100644 --- a/src/c/Makefile.am +++ b/src/c/Makefile.am @@ -1,9 +1,9 @@ lib_LTLIBRARIES = liburweb.la liburweb_http.la liburweb_cgi.la liburweb_fastcgi.la -liburweb_la_SOURCES = memmem.c mhash.c urweb.c request.c queue.c +liburweb_la_SOURCES = memmem.c openssl.c urweb.c request.c queue.c liburweb_http_la_SOURCES = http.c liburweb_cgi_la_SOURCES = cgi.c liburweb_fastcgi_la_SOURCES = fastcgi.c -AM_CPPFLAGS = -I../../include +AM_CPPFLAGS = -I../../include @OPENSSL_INCLUDES@ AM_CFLAGS = -Wimplicit -Wall -Werror diff --git a/src/c/Makefile.in b/src/c/Makefile.in index afbd033e..a3684165 100644 --- a/src/c/Makefile.in +++ b/src/c/Makefile.in @@ -37,10 +37,10 @@ host_triplet = @host@ subdir = src/c DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ - $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ - $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/configure.ac +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_openssl.m4 \ + $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ + $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ + $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -71,7 +71,7 @@ am__base_list = \ am__installdirs = "$(DESTDIR)$(libdir)" LTLIBRARIES = $(lib_LTLIBRARIES) liburweb_la_LIBADD = -am_liburweb_la_OBJECTS = memmem.lo mhash.lo urweb.lo request.lo \ +am_liburweb_la_OBJECTS = memmem.lo openssl.lo urweb.lo request.lo \ queue.lo liburweb_la_OBJECTS = $(am_liburweb_la_OBJECTS) liburweb_cgi_la_LIBADD = @@ -145,7 +145,6 @@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MHASH_LIB_DIR = @MHASH_LIB_DIR@ MKDIR_P = @MKDIR_P@ MLLEX = @MLLEX@ MLTON = @MLTON@ @@ -154,6 +153,9 @@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OPENSSL_INCLUDES = @OPENSSL_INCLUDES@ +OPENSSL_LDFLAGS = @OPENSSL_LDFLAGS@ +OPENSSL_LIBS = @OPENSSL_LIBS@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ @@ -164,6 +166,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -224,11 +227,11 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ lib_LTLIBRARIES = liburweb.la liburweb_http.la liburweb_cgi.la liburweb_fastcgi.la -liburweb_la_SOURCES = memmem.c mhash.c urweb.c request.c queue.c +liburweb_la_SOURCES = memmem.c openssl.c urweb.c request.c queue.c liburweb_http_la_SOURCES = http.c liburweb_cgi_la_SOURCES = cgi.c liburweb_fastcgi_la_SOURCES = fastcgi.c -AM_CPPFLAGS = -I../../include +AM_CPPFLAGS = -I../../include @OPENSSL_INCLUDES@ AM_CFLAGS = -Wimplicit -Wall -Werror all: all-am @@ -314,7 +317,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fastcgi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/http.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/memmem.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mhash.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/queue.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/request.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/urweb.Plo@am__quote@ diff --git a/src/c/mhash.c b/src/c/openssl.c index 069eff2a..6a998e29 100644 --- a/src/c/mhash.c +++ b/src/c/openssl.c @@ -1,19 +1,20 @@ #include "config.h" -#include <mhash.h> +#include <stdlib.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/stat.h> #include <fcntl.h> +#include <stdio.h> +#include <string.h> -#define KEYSIZE 16 -#define PASSSIZE 4 +#include <openssl/sha.h> -#define HASH_ALGORITHM MHASH_SHA256 -#define HASH_BLOCKSIZE 32 -#define KEYGEN_ALGORITHM KEYGEN_MCRYPT +#define PASSSIZE 4 -int uw_hash_blocksize = HASH_BLOCKSIZE; +int uw_hash_blocksize = 32; static int password[PASSSIZE]; -static unsigned char private_key[KEYSIZE]; char *uw_sig_file = NULL; @@ -25,10 +26,6 @@ static void random_password() { } void uw_init_crypto() { - KEYGEN kg = {{HASH_ALGORITHM, HASH_ALGORITHM}}; - - assert(mhash_get_block_size(HASH_ALGORITHM) == HASH_BLOCKSIZE); - if (uw_sig_file) { int fd; @@ -63,22 +60,13 @@ void uw_init_crypto() { } } else random_password(); - - if (mhash_keygen_ext(KEYGEN_ALGORITHM, kg, - private_key, sizeof(private_key), - (unsigned char*)password, sizeof(password)) < 0) { - fprintf(stderr, "Key generation failed\n"); - exit(1); - } } -void uw_sign(const char *in, char *out) { - MHASH td; +void uw_sign(const char *in, unsigned char *out) { + SHA256_CTX c; - td = mhash_hmac_init(HASH_ALGORITHM, private_key, sizeof(private_key), - mhash_get_hash_pblock(HASH_ALGORITHM)); - - mhash(td, in, strlen(in)); - if (mhash_hmac_deinit(td, out) < 0) - fprintf(stderr, "Signing failed\n"); + SHA256_Init(&c); + SHA256_Update(&c, password, sizeof password); + SHA256_Update(&c, in, strlen(in)); + SHA256_Final(out, &c); } diff --git a/src/compiler.sml b/src/compiler.sml index 0c0a527f..0668ac42 100644 --- a/src/compiler.sml +++ b/src/compiler.sml @@ -1285,16 +1285,16 @@ fun compileC {cname, oname, ename, libs, profile, debug, link = link'} = let val proto = Settings.currentProtocol () - val (lib, mhash) = if Settings.getStaticLinking () then - (#linkStatic proto ^ " " ^ Config.lib ^ "/../liburweb.a", Config.libMhash ^ "/libmhash.a") - else - ("-L" ^ Config.lib ^ "/.. -lurweb " ^ #linkDynamic proto, "-L" ^ Config.libMhash ^ " -lmhash") + val lib = if Settings.getStaticLinking () then + #linkStatic proto ^ " " ^ Config.lib ^ "/../liburweb.a" + else + "-L" ^ Config.lib ^ "/.. -lurweb " ^ #linkDynamic proto val compile = "gcc " ^ Config.gccArgs ^ " -Wimplicit -Werror -O3 -fno-inline -I " ^ Config.includ ^ " " ^ #compile proto ^ " -c " ^ cname ^ " -o " ^ oname - val link = "gcc -Werror -O3 -lm -lcrypt -pthread " ^ Config.gccArgs ^ " " ^ libs ^ " " ^ lib ^ " " ^ mhash ^ " " ^ oname + val link = "gcc -Werror -O3 -lm -lcrypt -pthread " ^ Config.gccArgs ^ " " ^ libs ^ " " ^ lib ^ " " ^ Config.openssl ^ " " ^ oname ^ " -o " ^ ename val (compile, link) = diff --git a/src/config.sig b/src/config.sig index 0e8a03c5..6afd9910 100644 --- a/src/config.sig +++ b/src/config.sig @@ -9,5 +9,5 @@ signature CONFIG = sig val libJs : string val gccArgs : string - val libMhash : string + val openssl : string end diff --git a/src/config.sml.in b/src/config.sml.in index 24ef2ca2..bb76ea73 100644 --- a/src/config.sml.in +++ b/src/config.sml.in @@ -13,6 +13,6 @@ val libJs = OS.Path.joinDirFile {dir = lib, file = "js"} val gccArgs = "@GCCARGS@" -val libMhash = "@MHASH_LIB_DIR@" +val openssl = "@OPENSSL_LDFLAGS@ @OPENSSL_LIBS@" end |