gnustep/libs-base
0
0
Fork 0
mirror of https://github.com/gnustep/libs-base.git synced 2025-04-25 01:31:08 +00:00
Code Issues Projects Releases Packages Wiki Activity

Updates for moving SSL support out of main library.

Browse source 
git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@11622 72102866-910b-0410-8b05-ffd578937521
This commit is contained in:
CaS 2001-12-04 14:59:09 +00:00
parent e7bbd6e347
commit bbcf4c1163
12 changed files with 793 additions and 649 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
ChangeLog
View file

@ -1,3 +1,20 @@
2001-12-04 Richard Frith-Macdonald <rfm@gnu.org>
* Source/GNUmakefile: Add flags for SSL and rules to build bundle
* Source/GSHTTPURLHandle.m: use +sslClass
* Source/GSUnixSSLHandle.m: Extract SSL support for bundle to this file.
* Source/Makefile.preamble: Add flags for SSL
* Source/NSFileHandle.m: Add +sslClass and automated loading of bundle
* Source/UnixFileHandle.m: Remove SSL support.
* Headers/gnustep/base/NSFileHandle.h: Add +sslClass
* Headers/gnustep/base/UnixFileHandle.h: Tidy a little.
* config.mak.in: Add variables needed by SSL bundle
* configure.in: Update to build SSL bundle by default.
* configure: regenerated
The above changes made to move SSL support into a bundle and add a
+sslClass to NSFileHandle to return the class from the bundle if it
is available. Changed the http url handle support to use this.
2001-12-04 Richard Frith-Macdonald <rfm@gnu.org> 2001-12-04 Richard Frith-Macdonald <rfm@gnu.org>
* Source/NSValue.m: polish last set of changes - * Source/NSValue.m: polish last set of changes -

4
Headers/gnustep/base/NSFileHandle.h
View file

@ -140,7 +140,7 @@ GS_EXPORT NSString* NSFileHandleOperationException;
@end @end
/* /*
* Where OpenSSL is available, you can use the GSUnixSSLHandle subclass * Where OpenSSL is available, you can use the subclass returned by +sslClass
* to handle SSL connections. * to handle SSL connections.
* The -sslConnect method is used to do SSL handlshake and start an * The -sslConnect method is used to do SSL handlshake and start an
* encrypted session. * encrypted session.
@ -148,8 +148,8 @@ GS_EXPORT NSString* NSFileHandleOperationException;
* The -sslSetCertificate:privateKey:PEMpasswd: method is used to * The -sslSetCertificate:privateKey:PEMpasswd: method is used to
* establish a client certificate before starting an encrypted session. * establish a client certificate before starting an encrypted session.
*/ */
@class GSUnixSSLHandle;
@interface NSFileHandle (GNUstepOpenSSL) @interface NSFileHandle (GNUstepOpenSSL)
+ (Class) sslClass;
- (BOOL) sslConnect; - (BOOL) sslConnect;
- (void) sslDisconnect; - (void) sslDisconnect;
- (void) sslSetCertificate: (NSString*)certFile - (void) sslSetCertificate: (NSString*)certFile

3
Headers/gnustep/base/UnixFileHandle.h
View file

@ -91,12 +91,11 @@
type: (RunLoopEventType)type type: (RunLoopEventType)type
extra: (void*)extra extra: (void*)extra
forMode: (NSString*)mode; forMode: (NSString*)mode;
- (void) setAddr: (struct sockaddr_in *)sin;
- (NSDate*) timedOutEvent: (void*)data - (NSDate*) timedOutEvent: (void*)data
type: (RunLoopEventType)type type: (RunLoopEventType)type
forMode: (NSString*)mode; forMode: (NSString*)mode;
#ifndef NO_GNUSTEP
- (BOOL) useCompression; - (BOOL) useCompression;
#endif
- (void) watchReadDescriptorForModes: (NSArray*)modes; - (void) watchReadDescriptorForModes: (NSArray*)modes;
- (void) watchWriteDescriptor; - (void) watchWriteDescriptor;

16
Source/GNUmakefile
View file

@ -40,6 +40,21 @@ LIBRARY_VAR = GNUSTEP_BASE
# The library to be compiled # The library to be compiled
LIBRARY_NAME=libgnustep-base LIBRARY_NAME=libgnustep-base
ifeq ($(HAVE_OPENSSL), yes)
# The bundles to be compiled
BUNDLE_NAME=SSL
# The bundle Objective-C source files to be compiled
SSL_OBJC_FILES = GSUnixSSLHandle.m
# The principal class in the bundle
SSL_PRINCIPAL_CLASS = GSUnixSSLHandle
SSL_BUNDLE_LIBS = $(SSLLIBS)
endif
# GNUSTEP_INSTALL_PREFIX must be defined here and not in config.h because # GNUSTEP_INSTALL_PREFIX must be defined here and not in config.h because
# the installing person may set it on the `make' command line. # the installing person may set it on the `make' command line.
@ -413,5 +428,6 @@ libgnustep-base_HEADER_FILES = $(FOUNDATION_HEADERS)
-include GNUmakefile.local -include GNUmakefile.local
include $(GNUSTEP_MAKEFILES)/library.make include $(GNUSTEP_MAKEFILES)/library.make
include $(GNUSTEP_MAKEFILES)/bundle.make
-include Makefile.postamble -include Makefile.postamble

25
Source/GSHTTPURLHandle.m
View file

@ -81,6 +81,8 @@ char emp[64] = {
static NSMutableDictionary *urlCache = nil; static NSMutableDictionary *urlCache = nil;
static NSLock *urlLock = nil; static NSLock *urlLock = nil;
static Class sslClass = 0;
static NSLock *debugLock = nil; static NSLock *debugLock = nil;
static char debugFile[128]; static char debugFile[128];
@ -143,6 +145,9 @@ static void debugWrite(NSData *data)
urlLock = [NSLock new]; urlLock = [NSLock new];
debugLock = [NSLock new]; debugLock = [NSLock new];
sprintf(debugFile, "/tmp/GSHTTP.%d", getpid()); sprintf(debugFile, "/tmp/GSHTTP.%d", getpid());
#ifndef __MINGW__
sslClass = [NSFileHandle sslClass];
#endif
} }
} }
@ -307,12 +312,16 @@ static void debugWrite(NSData *data)
{ {
if ([[url scheme] isEqualToString: @"https"]) if ([[url scheme] isEqualToString: @"https"])
{ {
#ifndef __MINGW__ if (sslClass == 0)
sock = [GSUnixSSLHandle {
[self backgroundLoadDidFailWithReason:
@"https not supported ... needs SSL bundle"];
return;
}
sock = [sslClass
fileHandleAsClientInBackgroundAtAddress: [url host] fileHandleAsClientInBackgroundAtAddress: [url host]
service: [url scheme] service: [url scheme]
protocol: @"tcp"]; protocol: @"tcp"];
#endif
} }
else else
{ {
@ -330,14 +339,18 @@ static void debugWrite(NSData *data)
} }
if ([[url scheme] isEqualToString: @"https"]) if ([[url scheme] isEqualToString: @"https"])
{ {
#ifndef __MINGW__ if (sslClass == 0)
sock = [GSUnixSSLHandle {
[self backgroundLoadDidFailWithReason:
@"https not supported ... needs SSL bundle"];
return;
}
sock = [sslClass
fileHandleAsClientInBackgroundAtAddress: fileHandleAsClientInBackgroundAtAddress:
[request objectForKey: GSHTTPPropertyProxyHostKey] [request objectForKey: GSHTTPPropertyProxyHostKey]
service: service:
[request objectForKey: GSHTTPPropertyProxyPortKey] [request objectForKey: GSHTTPPropertyProxyPortKey]
protocol: @"tcp"]; protocol: @"tcp"];
#endif
} }
else else
{ {

619
Source/GSUnixSSLHandle.m Normal file
View file

@ -0,0 +1,619 @@
/* Implementation for GSUnixSSLHandle for GNUStep
Copyright (C) 1997-1999 Free Software Foundation, Inc.
Written by: Richard Frith-Macdonald <richard@brainstorm.co.uk>
Date: 1997
This file is part of the GNUstep Base Library.
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Library General Public License for more details.
You should have received a copy of the GNU Library General Public
License along with this library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111 USA.
*/
#include <config.h>
/* Because openssl uses `id' as variable name sometime,
while it is an Objective-C reserved keyword. */
#define id id_x_
#include <openssl/ssl.h>
#undef id
#include <base/preface.h>
#include <Foundation/NSObject.h>
#include <Foundation/NSData.h>
#include <Foundation/NSArray.h>
#include <Foundation/NSString.h>
#include <Foundation/NSFileHandle.h>
#include <Foundation/UnixFileHandle.h>
#include <Foundation/NSException.h>
#include <Foundation/NSRunLoop.h>
#include <Foundation/NSNotification.h>
#include <Foundation/NSNotificationQueue.h>
#include <Foundation/NSHost.h>
#include <Foundation/NSByteOrder.h>
#if defined(__MINGW__)
#include <winsock.h>
#else
#include <time.h>
#include <sys/time.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <signal.h>
#endif /* __MINGW__ */
#include <sys/file.h>
#include <sys/stat.h>
#include <sys/fcntl.h>
#include <sys/ioctl.h>
#ifdef __svr4__
#include <sys/filio.h>
#endif
#include <netdb.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
// Maximum data in single I/O operation
#define NETBUF_SIZE 4096
// Key to info dictionary for operation mode.
static NSString* NotificationKey = @"NSFileHandleNotificationKey";
@interface GSUnixSSLHandle : UnixFileHandle <GCFinalization>
{
SSL_CTX *ctx;
SSL *ssl;
BOOL connected;
}
- (BOOL) sslConnect;
- (void) sslDisconnect;
- (void) sslSetCertificate: (NSString*)certFile
privateKey: (NSString*)privateKey
PEMpasswd: (NSString*)PEMpasswd;
@end
@implementation GSUnixSSLHandle
+ (void) initialize
{
if (self == [GSUnixSSLHandle class])
{
SSL_library_init();
}
}
- (NSData*) availableData
{
char buf[NETBUF_SIZE];
NSMutableData *d;
int len;
[self checkRead];
if (isNonBlocking == YES)
[self setNonBlocking: NO];
d = [NSMutableData dataWithCapacity: 0];
if (isStandardFile)
{
while ((len = read(descriptor, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
else
{
if (connected)
{
if ((len = SSL_read(ssl, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
else
{
if ((len = read(descriptor, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
}
if (len < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to read from descriptor - %s",
GSLastErrorStr(errno)];
}
return d;
}
- (void) closeFile
{
[self sslDisconnect];
[super closeFile];
}
- (void) gcFinalize
{
[self sslDisconnect];
[super gcFinalize];
}
- (NSData*) readDataOfLength: (unsigned)len
{
NSMutableData *d;
int got;
[self checkRead];
if (isNonBlocking == YES)
[self setNonBlocking: NO];
if (len <= 65536)
{
char *buf;
buf = NSZoneMalloc(NSDefaultMallocZone(), len);
d = [NSMutableData dataWithBytesNoCopy: buf length: len];
if ((got = SSL_read(ssl, [d mutableBytes], len)) < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to read from descriptor - %s",
GSLastErrorStr(errno)];
}
[d setLength: got];
}
else
{
char buf[NETBUF_SIZE];
d = [NSMutableData dataWithCapacity: 0];
do
{
int chunk = len > sizeof(buf) ? sizeof(buf) : len;
if (connected)
{
got = SSL_read(ssl, buf, chunk);
}
else
{
got = read(descriptor, buf, chunk);
}
if (got > 0)
{
[d appendBytes: buf length: got];
len -= got;
}
else if (got < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to read from descriptor - %s",
GSLastErrorStr(errno)];
}
}
while (len > 0 && got > 0);
}
return d;
}
- (NSData*) readDataToEndOfFile
{
char buf[NETBUF_SIZE];
NSMutableData *d;
int len;
[self checkRead];
if (isNonBlocking == YES)
[self setNonBlocking: NO];
d = [NSMutableData dataWithCapacity: 0];
if (connected)
{
while ((len = SSL_read(ssl, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
else
{
while ((len = read(descriptor, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
if (len < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to read from descriptor - %s",
GSLastErrorStr(errno)];
}
return d;
}
- (void) receivedEvent: (void*)data
type: (RunLoopEventType)type
extra: (void*)extra
forMode: (NSString*)mode
{
NSString *operation;
if (isNonBlocking == NO)
[self setNonBlocking: YES];
if (type == ET_RDESC)
{
operation = [readInfo objectForKey: NotificationKey];
if (operation == NSFileHandleConnectionAcceptedNotification)
{
struct sockaddr_in buf;
int desc;
int blen = sizeof(buf);
desc = accept(descriptor, (struct sockaddr*)&buf, &blen);
if (desc < 0)
{
NSString *s;
s = [NSString stringWithFormat: @"Accept attempt failed - %s",
GSLastErrorStr(errno)];
[readInfo setObject: s forKey: GSFileHandleNotificationError];
}
else
{ // Accept attempt completed.
UnixFileHandle *h;
struct sockaddr_in sin;
int size = sizeof(sin);
h = [[GSUnixSSLHandle alloc] initWithFileDescriptor: desc
closeOnDealloc: YES];
getpeername(desc, (struct sockaddr*)&sin, &size);
[h setAddr: &sin];
[readInfo setObject: h
forKey: NSFileHandleNotificationFileHandleItem];
RELEASE(h);
}
[self postReadNotification];
}
else if (operation == NSFileHandleDataAvailableNotification)
{
[self postReadNotification];
}
else
{
NSMutableData *item;
int length;
int received = 0;
char buf[NETBUF_SIZE];
item = [readInfo objectForKey: NSFileHandleNotificationDataItem];
length = [item length];
if (connected)
{
received = SSL_read(ssl, buf, sizeof(buf));
}
else
{
received = read(descriptor, buf, sizeof(buf));
}
if (received == 0)
{ // Read up to end of file.
[self postReadNotification];
}
else if (received < 0)
{
if (errno != EAGAIN && errno != EINTR)
{
NSString *s;
s = [NSString stringWithFormat: @"Read attempt failed - %s",
GSLastErrorStr(errno)];
[readInfo setObject: s forKey: GSFileHandleNotificationError];
[self postReadNotification];
}
}
else
{
[item appendBytes: buf length: received];
if (operation == NSFileHandleReadCompletionNotification)
{
// Read a single chunk of data
[self postReadNotification];
}
}
}
}
else if (type == ET_WDESC)
{
NSMutableDictionary *info;
info = [writeInfo objectAtIndex: 0];
operation = [info objectForKey: NotificationKey];
if (operation == GSFileHandleWriteCompletionNotification)
{
NSData *item;
int length;
const void *ptr;
item = [info objectForKey: NSFileHandleNotificationDataItem];
length = [item length];
ptr = [item bytes];
if (writePos < length)
{
int written;
if (connected)
{
written = SSL_write(ssl, (char*)ptr + writePos,
length - writePos);
}
else
{
written = write(descriptor, (char*)ptr + writePos,
length - writePos);
}
if (written <= 0)
{
if (written < 0 && errno != EAGAIN && errno != EINTR)
{
NSString *s;
s = [NSString stringWithFormat:
@"Write attempt failed - %s", GSLastErrorStr(errno)];
[info setObject: s forKey: GSFileHandleNotificationError];
[self postWriteNotification];
}
}
else
{
writePos += written;
}
}
if (writePos >= length)
{ // Write operation completed.
[self postWriteNotification];
}
}
else
{ // Connection attempt completed.
int result;
int len = sizeof(result);
if (getsockopt(descriptor, SOL_SOCKET, SO_ERROR,
(char*)&result, &len) == 0 && result != 0)
{
NSString *s;
s = [NSString stringWithFormat: @"Connect attempt failed - %s",
GSLastErrorStr(result)];
[info setObject: s forKey: GSFileHandleNotificationError];
}
else
{
readOK = YES;
writeOK = YES;
}
connectOK = NO;
[self postWriteNotification];
}
}
}
- (BOOL) sslConnect
{
int ret;
int err;
NSRunLoop *loop;
if (connected == YES)
{
return YES; /* Already connected. */
}
if (isStandardFile == YES)
{
NSLog(@"Attempt to make ssl connection to a standard file");
return NO;
}
/*
* Ensure we have a context and handle to connect with.
*/
if (ctx == 0)
{
ctx = SSL_CTX_new(SSLv23_client_method());
}
if (ssl == 0)
{
ssl = SSL_new(ctx);
}
ret = SSL_set_fd(ssl, descriptor);
loop = [NSRunLoop currentRunLoop];
[loop runUntilDate: [NSDate dateWithTimeIntervalSinceNow: 0.01]];
ret = SSL_connect(ssl);
if (ret != 1)
{
int e = errno;
NSDate *final;
NSDate *when;
NSTimeInterval last = 0.0;
NSTimeInterval limit = 0.1;
final = [[NSDate alloc] initWithTimeIntervalSinceNow: 20.0];
when = [NSDate alloc];
err = SSL_get_error(ssl, ret);
while ((err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE)
&& [final timeIntervalSinceNow] > 0.0)
{
NSTimeInterval tmp = limit;
limit += last;
last = tmp;
when = [when initWithTimeIntervalSinceNow: limit];
[loop runUntilDate: when];
ret = SSL_connect(ssl);
if (ret != 1)
{
e = errno;
err = SSL_get_error(ssl, ret);
}
else
{
err = SSL_ERROR_NONE;
}
}
RELEASE(when);
RELEASE(final);
if (err != SSL_ERROR_NONE)
{
NSString *str;
switch (err)
{
case SSL_ERROR_NONE:
str = @"No error: really helpful";
break;
case SSL_ERROR_ZERO_RETURN:
str = @"Zero Return error";
break;
case SSL_ERROR_WANT_READ:
str = @"Want Read Error";
break;
case SSL_ERROR_WANT_WRITE:
str = @"Want Write Error";
break;
case SSL_ERROR_WANT_X509_LOOKUP:
str = @"Want X509 Lookup Error";
break;
case SSL_ERROR_SYSCALL:
str = [NSString stringWithFormat: @"Syscall error %d - %s",
e, GSLastErrorStr(e)];
break;
case SSL_ERROR_SSL:
str = @"SSL Error: really helpful";
break;
default:
str = @"Standard Unix Error: really helpful";
break;
}
NSLog(@"unable to make SSL connection to %@:%@ - %@",
address, service, str);
return NO;
}
}
connected = YES;
return YES;
}
- (void) sslDisconnect
{
if (ssl != 0)
{
if (connected == YES)
{
SSL_shutdown(ssl);
}
SSL_clear(ssl);
SSL_free(ssl);
ssl = 0;
}
if (ctx != 0)
{
SSL_CTX_free(ctx);
ctx = 0;
}
connected = NO;
}
- (void) sslSetCertificate: (NSString*)certFile
privateKey: (NSString*)privateKey
PEMpasswd: (NSString*)PEMpasswd
{
if (isStandardFile == YES)
{
NSLog(@"Attempt to set ssl certificate for a standard file");
return;
}
/*
* Ensure we have a context to set the certificate for.
*/
if (ctx == 0)
{
ctx = SSL_CTX_new(SSLv23_client_method());
}
if ([PEMpasswd length] > 0)
{
SSL_CTX_set_default_passwd_cb_userdata(ctx, (char*)[PEMpasswd cString]);
}
if ([certFile length] > 0)
{
SSL_CTX_use_certificate_file(ctx, [certFile cString], X509_FILETYPE_PEM);
}
if ([privateKey length] > 0)
{
SSL_CTX_use_PrivateKey_file(ctx, [privateKey cString], X509_FILETYPE_PEM);
}
}
- (void) writeData: (NSData*)item
{
int rval = 0;
const void *ptr = [item bytes];
unsigned int len = [item length];
unsigned int pos = 0;
[self checkWrite];
if (isNonBlocking == YES)
{
[self setNonBlocking: NO];
}
while (pos < len)
{
int toWrite = len - pos;
if (toWrite > NETBUF_SIZE)
{
toWrite = NETBUF_SIZE;
}
if (connected)
{
rval = SSL_write(ssl, (char*)ptr+pos, toWrite);
}
else
{
rval = write(descriptor, (char*)ptr+pos, toWrite);
}
if (rval < 0)
{
if (errno == EAGAIN == errno == EINTR)
{
rval = 0;
}
else
{
break;
}
}
pos += rval;
}
if (rval < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to write to descriptor - %s",
GSLastErrorStr(errno)];
}
}
@end

2
Source/Makefile.preamble
View file

@ -42,7 +42,7 @@
ADDITIONAL_CPPFLAGS = $(DEFS) $(CONFIG_SYSTEM_DEFS) -Wall ADDITIONAL_CPPFLAGS = $(DEFS) $(CONFIG_SYSTEM_DEFS) -Wall
# Additional flags to pass to the Objective-C compiler # Additional flags to pass to the Objective-C compiler
ADDITIONAL_OBJCFLAGS = ADDITIONAL_OBJCFLAGS = $(SSLFLAGS)
# Additional flags to pass to the C compiler # Additional flags to pass to the C compiler
ADDITIONAL_CFLAGS = ADDITIONAL_CFLAGS =

21
Source/NSFileHandle.m
View file

@ -27,6 +27,8 @@
#include <Foundation/NSData.h> #include <Foundation/NSData.h>
#include <Foundation/NSString.h> #include <Foundation/NSString.h>
#include <Foundation/NSFileHandle.h> #include <Foundation/NSFileHandle.h>
#include <Foundation/NSPathUtilities.h>
#include <Foundation/NSBundle.h>
#ifdef __MINGW__ #ifdef __MINGW__
#include <Foundation/WindowsFileHandle.h> #include <Foundation/WindowsFileHandle.h>
#else #else
@ -35,10 +37,11 @@
static Class NSFileHandle_abstract_class = nil; static Class NSFileHandle_abstract_class = nil;
static Class NSFileHandle_concrete_class = nil; static Class NSFileHandle_concrete_class = nil;
static Class NSFileHandle_ssl_class = nil;
@implementation NSFileHandle @implementation NSFileHandle
+ (void)initialize + (void) initialize
{ {
if (self == [NSFileHandle class]) if (self == [NSFileHandle class])
{ {
@ -47,6 +50,17 @@ static Class NSFileHandle_concrete_class = nil;
NSFileHandle_concrete_class = [WindowsFileHandle class]; NSFileHandle_concrete_class = [WindowsFileHandle class];
#else #else
NSFileHandle_concrete_class = [UnixFileHandle class]; NSFileHandle_concrete_class = [UnixFileHandle class];
{
NSBundle *bundle;
NSString *path;
path = [NSSearchPathForDirectoriesInDomains(NSLibraryDirectory,
NSSystemDomainMask, NO) lastObject];
path = [path stringByAppendingPathComponent: @"Bundles"];
path = [path stringByAppendingPathComponent: @"SSL.bundle"];
bundle = [NSBundle bundleWithPath: path];
NSFileHandle_ssl_class = [bundle principalClass];
}
#endif #endif
} }
} }
@ -338,6 +352,11 @@ NSString* NSFileHandleOperationException =
protocol: protocol]); protocol: protocol]);
} }
+ (Class) sslClass
{
return NSFileHandle_ssl_class;
}
- (BOOL) readInProgress - (BOOL) readInProgress
{ {
[self subclassResponsibility: _cmd]; [self subclassResponsibility: _cmd];

587
Source/UnixFileHandle.m
View file

@ -24,14 +24,6 @@
#include <config.h> #include <config.h>
#if HAVE_OPENSSL
/* Because openssl uses `id' as variable name sometime,
while it is an Objective-C reserved keyword. */
#define id id_x_
#include <openssl/ssl.h>
#undef id
#endif
#include <base/preface.h> #include <base/preface.h>
#include <Foundation/NSObject.h> #include <Foundation/NSObject.h>
#include <Foundation/NSData.h> #include <Foundation/NSData.h>
@ -101,10 +93,6 @@ static UnixFileHandle* fh_stderr = nil;
// Key to info dictionary for operation mode. // Key to info dictionary for operation mode.
static NSString* NotificationKey = @"NSFileHandleNotificationKey"; static NSString* NotificationKey = @"NSFileHandleNotificationKey";
@interface UnixFileHandle (Private)
- (void) setAddr: (struct sockaddr_in *)sin;
@end
@implementation UnixFileHandle @implementation UnixFileHandle
static BOOL static BOOL
@ -1589,578 +1577,3 @@ getAddr(NSString* name, NSString* svc, NSString* pcl, struct sockaddr_in *sin)
} }
@end @end
#if HAVE_OPENSSL
@interface GSUnixSSLHandle : UnixFileHandle <GCFinalization>
{
SSL_CTX *ctx;
SSL *ssl;
BOOL connected;
}
- (BOOL) sslConnect;
- (void) sslDisconnect;
- (void) sslSetCertificate: (NSString*)certFile
privateKey: (NSString*)privateKey
PEMpasswd: (NSString*)PEMpasswd;
@end
@implementation GSUnixSSLHandle
+ (void) initialize
{
if (self == [GSUnixSSLHandle class])
{
SSL_library_init();
}
}
- (NSData*) availableData
{
char buf[NETBUF_SIZE];
NSMutableData *d;
int len;
[self checkRead];
if (isNonBlocking == YES)
[self setNonBlocking: NO];
d = [NSMutableData dataWithCapacity: 0];
if (isStandardFile)
{
while ((len = read(descriptor, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
else
{
if (connected)
{
if ((len = SSL_read(ssl, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
else
{
if ((len = read(descriptor, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
}
if (len < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to read from descriptor - %s",
GSLastErrorStr(errno)];
}
return d;
}
- (void) closeFile
{
[self sslDisconnect];
[super closeFile];
}
- (void) gcFinalize
{
[self sslDisconnect];
[super gcFinalize];
}
- (NSData*) readDataOfLength: (unsigned)len
{
NSMutableData *d;
int got;
[self checkRead];
if (isNonBlocking == YES)
[self setNonBlocking: NO];
if (len <= 65536)
{
char *buf;
buf = NSZoneMalloc(NSDefaultMallocZone(), len);
d = [NSMutableData dataWithBytesNoCopy: buf length: len];
if ((got = SSL_read(ssl, [d mutableBytes], len)) < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to read from descriptor - %s",
GSLastErrorStr(errno)];
}
[d setLength: got];
}
else
{
char buf[NETBUF_SIZE];
d = [NSMutableData dataWithCapacity: 0];
do
{
int chunk = len > sizeof(buf) ? sizeof(buf) : len;
if (connected)
{
got = SSL_read(ssl, buf, chunk);
}
else
{
got = read(descriptor, buf, chunk);
}
if (got > 0)
{
[d appendBytes: buf length: got];
len -= got;
}
else if (got < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to read from descriptor - %s",
GSLastErrorStr(errno)];
}
}
while (len > 0 && got > 0);
}
return d;
}
- (NSData*) readDataToEndOfFile
{
char buf[NETBUF_SIZE];
NSMutableData *d;
int len;
[self checkRead];
if (isNonBlocking == YES)
[self setNonBlocking: NO];
d = [NSMutableData dataWithCapacity: 0];
if (connected)
{
while ((len = SSL_read(ssl, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
else
{
while ((len = read(descriptor, buf, sizeof(buf))) > 0)
{
[d appendBytes: buf length: len];
}
}
if (len < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to read from descriptor - %s",
GSLastErrorStr(errno)];
}
return d;
}
- (void) receivedEvent: (void*)data
type: (RunLoopEventType)type
extra: (void*)extra
forMode: (NSString*)mode
{
NSString *operation;
if (isNonBlocking == NO)
[self setNonBlocking: YES];
if (type == ET_RDESC)
{
operation = [readInfo objectForKey: NotificationKey];
if (operation == NSFileHandleConnectionAcceptedNotification)
{
struct sockaddr_in buf;
int desc;
int blen = sizeof(buf);
desc = accept(descriptor, (struct sockaddr*)&buf, &blen);
if (desc < 0)
{
NSString *s;
s = [NSString stringWithFormat: @"Accept attempt failed - %s",
GSLastErrorStr(errno)];
[readInfo setObject: s forKey: GSFileHandleNotificationError];
}
else
{ // Accept attempt completed.
UnixFileHandle *h;
struct sockaddr_in sin;
int size = sizeof(sin);
h = [[GSUnixSSLHandle alloc] initWithFileDescriptor: desc
closeOnDealloc: YES];
getpeername(desc, (struct sockaddr*)&sin, &size);
[h setAddr: &sin];
[readInfo setObject: h
forKey: NSFileHandleNotificationFileHandleItem];
RELEASE(h);
}
[self postReadNotification];
}
else if (operation == NSFileHandleDataAvailableNotification)
{
[self postReadNotification];
}
else
{
NSMutableData *item;
int length;
int received = 0;
char buf[NETBUF_SIZE];
item = [readInfo objectForKey: NSFileHandleNotificationDataItem];
length = [item length];
if (connected)
{
received = SSL_read(ssl, buf, sizeof(buf));
}
else
{
received = read(descriptor, buf, sizeof(buf));
}
if (received == 0)
{ // Read up to end of file.
[self postReadNotification];
}
else if (received < 0)
{
if (errno != EAGAIN && errno != EINTR)
{
NSString *s;
s = [NSString stringWithFormat: @"Read attempt failed - %s",
GSLastErrorStr(errno)];
[readInfo setObject: s forKey: GSFileHandleNotificationError];
[self postReadNotification];
}
}
else
{
[item appendBytes: buf length: received];
if (operation == NSFileHandleReadCompletionNotification)
{
// Read a single chunk of data
[self postReadNotification];
}
}
}
}
else if (type == ET_WDESC)
{
NSMutableDictionary *info;
info = [writeInfo objectAtIndex: 0];
operation = [info objectForKey: NotificationKey];
if (operation == GSFileHandleWriteCompletionNotification)
{
NSData *item;
int length;
const void *ptr;
item = [info objectForKey: NSFileHandleNotificationDataItem];
length = [item length];
ptr = [item bytes];
if (writePos < length)
{
int written;
if (connected)
{
written = SSL_write(ssl, (char*)ptr + writePos,
length - writePos);
}
else
{
written = write(descriptor, (char*)ptr + writePos,
length - writePos);
}
if (written <= 0)
{
if (written < 0 && errno != EAGAIN && errno != EINTR)
{
NSString *s;
s = [NSString stringWithFormat:
@"Write attempt failed - %s", GSLastErrorStr(errno)];
[info setObject: s forKey: GSFileHandleNotificationError];
[self postWriteNotification];
}
}
else
{
writePos += written;
}
}
if (writePos >= length)
{ // Write operation completed.
[self postWriteNotification];
}
}
else
{ // Connection attempt completed.
int result;
int len = sizeof(result);
if (getsockopt(descriptor, SOL_SOCKET, SO_ERROR,
(char*)&result, &len) == 0 && result != 0)
{
NSString *s;
s = [NSString stringWithFormat: @"Connect attempt failed - %s",
GSLastErrorStr(result)];
[info setObject: s forKey: GSFileHandleNotificationError];
}
else
{
readOK = YES;
writeOK = YES;
}
connectOK = NO;
[self postWriteNotification];
}
}
}
- (BOOL) sslConnect
{
int ret;
int err;
NSRunLoop *loop;
if (connected == YES)
{
return YES; /* Already connected. */
}
if (isStandardFile == YES)
{
NSLog(@"Attempt to make ssl connection to a standard file");
return NO;
}
/*
* Ensure we have a context and handle to connect with.
*/
if (ctx == 0)
{
ctx = SSL_CTX_new(SSLv23_client_method());
}
if (ssl == 0)
{
ssl = SSL_new(ctx);
}
ret = SSL_set_fd(ssl, descriptor);
loop = [NSRunLoop currentRunLoop];
[loop runUntilDate: [NSDate dateWithTimeIntervalSinceNow: 0.01]];
ret = SSL_connect(ssl);
if (ret != 1)
{
int e = errno;
NSDate *final;
NSDate *when;
NSTimeInterval last = 0.0;
NSTimeInterval limit = 0.1;
final = [[NSDate alloc] initWithTimeIntervalSinceNow: 20.0];
when = [NSDate alloc];
err = SSL_get_error(ssl, ret);
while ((err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE)
&& [final timeIntervalSinceNow] > 0.0)
{
NSTimeInterval tmp = limit;
limit += last;
last = tmp;
when = [when initWithTimeIntervalSinceNow: limit];
[loop runUntilDate: when];
ret = SSL_connect(ssl);
if (ret != 1)
{
e = errno;
err = SSL_get_error(ssl, ret);
}
else
{
err = SSL_ERROR_NONE;
}
}
RELEASE(when);
RELEASE(final);
if (err != SSL_ERROR_NONE)
{
NSString *str;
switch (err)
{
case SSL_ERROR_NONE:
str = @"No error: really helpful";
break;
case SSL_ERROR_ZERO_RETURN:
str = @"Zero Return error";
break;
case SSL_ERROR_WANT_READ:
str = @"Want Read Error";
break;
case SSL_ERROR_WANT_WRITE:
str = @"Want Write Error";
break;
case SSL_ERROR_WANT_X509_LOOKUP:
str = @"Want X509 Lookup Error";
break;
case SSL_ERROR_SYSCALL:
str = [NSString stringWithFormat: @"Syscall error %d - %s",
e, GSLastErrorStr(e)];
break;
case SSL_ERROR_SSL:
str = @"SSL Error: really helpful";
break;
default:
str = @"Standard Unix Error: really helpful";
break;
}
NSLog(@"unable to make SSL connection to %@:%@ - %@",
address, service, str);
return NO;
}
}
connected = YES;
return YES;
}
- (void) sslDisconnect
{
if (ssl != 0)
{
if (connected == YES)
{
SSL_shutdown(ssl);
}
SSL_clear(ssl);
SSL_free(ssl);
ssl = 0;
}
if (ctx != 0)
{
SSL_CTX_free(ctx);
ctx = 0;
}
connected = NO;
}
- (void) sslSetCertificate: (NSString*)certFile
privateKey: (NSString*)privateKey
PEMpasswd: (NSString*)PEMpasswd
{
if (isStandardFile == YES)
{
NSLog(@"Attempt to set ssl certificate for a standard file");
return;
}
/*
* Ensure we have a context to set the certificate for.
*/
if (ctx == 0)
{
ctx = SSL_CTX_new(SSLv23_client_method());
}
if ([PEMpasswd length] > 0)
{
SSL_CTX_set_default_passwd_cb_userdata(ctx, (char*)[PEMpasswd cString]);
}
if ([certFile length] > 0)
{
SSL_CTX_use_certificate_file(ctx, [certFile cString], X509_FILETYPE_PEM);
}
if ([privateKey length] > 0)
{
SSL_CTX_use_PrivateKey_file(ctx, [privateKey cString], X509_FILETYPE_PEM);
}
}
- (void) writeData: (NSData*)item
{
int rval = 0;
const void *ptr = [item bytes];
unsigned int len = [item length];
unsigned int pos = 0;
[self checkWrite];
if (isNonBlocking == YES)
{
[self setNonBlocking: NO];
}
while (pos < len)
{
int toWrite = len - pos;
if (toWrite > NETBUF_SIZE)
{
toWrite = NETBUF_SIZE;
}
if (connected)
{
rval = SSL_write(ssl, (char*)ptr+pos, toWrite);
}
else
{
rval = write(descriptor, (char*)ptr+pos, toWrite);
}
if (rval < 0)
{
if (errno == EAGAIN == errno == EINTR)
{
rval = 0;
}
else
{
break;
}
}
pos += rval;
}
if (rval < 0)
{
[NSException raise: NSFileHandleOperationException
format: @"unable to write to descriptor - %s",
GSLastErrorStr(errno)];
}
}
@end
#else
@interface GSUnixSSLHandle : UnixFileHandle
{
}
- (BOOL) sslConnect;
- (void) sslDisconnect;
- (void) sslSetCertificate: (NSString*)certFile
privateKey: (NSString*)privateKey
PEMpasswd: (NSString*)PEMpasswd;
@end
@implementation GSUnixSSLHandle
- (BOOL) sslConnect
{
NSLog(@"SSL method called on system built without OpenSSL");
return NO;
}
- (void) sslDisconnect
{
NSLog(@"SSL method called on system built without OpenSSL");
}
- (void) sslSetCertificate: (NSString*)certFile
privateKey: (NSString*)privateKey
PEMpasswd: (NSString*)PEMpasswd
{
NSLog(@"SSL method called on system built without OpenSSL");
}
@end
#endif /* HAVE_OPENSSL */

4
config.mak.in
View file

@ -8,6 +8,10 @@ DYNAMIC_LINKER=@DYNAMIC_LINKER@
HAVE_LIBXML=@HAVE_LIBXML@ HAVE_LIBXML=@HAVE_LIBXML@
HAVE_OPENSSL=@HAVE_OPENSSL@
SSLLIBS=@SSLLIBS@
SSLFLAGS=@SSLFLAGS@
WITH_FFI=@WITH_FFI@ WITH_FFI=@WITH_FFI@
HAVE_PTHREAD_H=@HAVE_PTHREAD_H@ HAVE_PTHREAD_H=@HAVE_PTHREAD_H@

106
configure vendored
View file

@ -5246,7 +5246,7 @@ if test "${enable_openssl+set}" = set; then
enableval="$enable_openssl" enableval="$enable_openssl"
: :
else else
enable_openssl=no enable_openssl=yes
fi fi
# Check whether --with-openssl-include or --without-openssl-include was given. # Check whether --with-openssl-include or --without-openssl-include was given.
@ -5271,9 +5271,16 @@ libs_temp=$LIBS
if test "$openssl_incdir" != "no"; then if test "$openssl_incdir" != "no"; then
CPPFLAGS="$CPPFLAGS -I$openssl_incdir" CPPFLAGS="$CPPFLAGS -I$openssl_incdir"
SSLFLAGS="-I$openssl_incdir"
else
SSLFLAGS=
fi fi
if test "$openssl_libdir" != "no"; then if test "$openssl_libdir" != "no"; then
LIBS="$LIBS -L$openssl_libdir" LIBS="$LIBS -L$openssl_libdir"
SSLLIBS="-L$openssl_libdir"
else
SSLLIBS=
fi fi
if test $enable_openssl = yes; then if test $enable_openssl = yes; then
@ -5281,17 +5288,17 @@ if test $enable_openssl = yes; then
do do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
echo "configure:5285: checking for $ac_hdr" >&5 echo "configure:5292: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
else else
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5290 "configure" #line 5297 "configure"
#include "confdefs.h" #include "confdefs.h"
#include <$ac_hdr> #include <$ac_hdr>
EOF EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
{ (eval echo configure:5295: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } { (eval echo configure:5302: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then if test -z "$ac_err"; then
rm -rf conftest* rm -rf conftest*
@ -5320,11 +5327,13 @@ done
if test $ac_cv_header_openssl_ssl_h = no; then if test $ac_cv_header_openssl_ssl_h = no; then
echo "Could not find openssl headers" echo "Could not find openssl headers"
echo "Check to make sure you have a recent version of openssl installed" echo "Check to make sure you have a recent version of openssl installed"
echo "The SSL bundle will not be built"
echo "configure: warning: Could not find openssl headers" 1>&2 echo "configure: warning: Could not find openssl headers" 1>&2
echo "configure: warning: The SSL bundle will not be built" 1>&2
ssl_ok=no ssl_ok=no
else else
echo $ac_n "checking for CRYPTO_malloc in -lcrypto""... $ac_c" 1>&6 echo $ac_n "checking for CRYPTO_malloc in -lcrypto""... $ac_c" 1>&6
echo "configure:5328: checking for CRYPTO_malloc in -lcrypto" >&5 echo "configure:5337: checking for CRYPTO_malloc in -lcrypto" >&5
ac_lib_var=`echo crypto'_'CRYPTO_malloc | sed 'y%./+-:%__p__%'` ac_lib_var=`echo crypto'_'CRYPTO_malloc | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
@ -5332,7 +5341,7 @@ else
ac_save_LIBS="$LIBS" ac_save_LIBS="$LIBS"
LIBS="-lcrypto $LIBS" LIBS="-lcrypto $LIBS"
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5336 "configure" #line 5345 "configure"
#include "confdefs.h" #include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */ /* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2 /* We use char because int might match the return type of a gcc2
@ -5343,7 +5352,7 @@ int main() {
CRYPTO_malloc() CRYPTO_malloc()
; return 0; } ; return 0; }
EOF EOF
if { (eval echo configure:5347: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then if { (eval echo configure:5356: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest* rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes" eval "ac_cv_lib_$ac_lib_var=yes"
else else
@ -5368,7 +5377,7 @@ fi
base_libs="$LIBS" base_libs="$LIBS"
LIBS="$LIBS -lcrypto" LIBS="$LIBS -lcrypto"
echo $ac_n "checking for ssl2_clear in -lssl""... $ac_c" 1>&6 echo $ac_n "checking for ssl2_clear in -lssl""... $ac_c" 1>&6
echo "configure:5372: checking for ssl2_clear in -lssl" >&5 echo "configure:5381: checking for ssl2_clear in -lssl" >&5
ac_lib_var=`echo ssl'_'ssl2_clear | sed 'y%./+-:%__p__%'` ac_lib_var=`echo ssl'_'ssl2_clear | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
@ -5376,7 +5385,7 @@ else
ac_save_LIBS="$LIBS" ac_save_LIBS="$LIBS"
LIBS="-lssl $LIBS" LIBS="-lssl $LIBS"
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5380 "configure" #line 5389 "configure"
#include "confdefs.h" #include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */ /* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2 /* We use char because int might match the return type of a gcc2
@ -5387,7 +5396,7 @@ int main() {
ssl2_clear() ssl2_clear()
; return 0; } ; return 0; }
EOF EOF
if { (eval echo configure:5391: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then if { (eval echo configure:5400: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest* rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes" eval "ac_cv_lib_$ac_lib_var=yes"
else else
@ -5411,18 +5420,18 @@ fi
if test "$ssl_ok" = yes; then if test "$ssl_ok" = yes; then
echo "found openssl" echo "found openssl"
LIBS="$base_libs -lssl -lcrypto" LIBS="$base_libs -lssl -lcrypto"
cat >> confdefs.h <<\EOF SSLLIBS="$SSLLIBS -lssl -lcrypto"
#define HAVE_OPENSSL 1
EOF
else else
SSLLIBS="$SSLLIBS -lcrypto"
echo "Could not find openssl crypto library" echo "Could not find openssl crypto library"
echo "Check to make sure you have a recent version of openssl installed" echo "Check to make sure you have a recent version of openssl installed"
echo "configure: warning: Could not find openssl headers" 1>&2 echo "The SSL bundle will not be built"
echo "configure: warning: Could not find openssl libraries" 1>&2
echo "configure: warning: The SSL bundle will not be built" 1>&2
fi fi
echo $ac_n "checking for des_setkey in -lcipher""... $ac_c" 1>&6 echo $ac_n "checking for des_setkey in -lcipher""... $ac_c" 1>&6
echo "configure:5426: checking for des_setkey in -lcipher" >&5 echo "configure:5435: checking for des_setkey in -lcipher" >&5
ac_lib_var=`echo cipher'_'des_setkey | sed 'y%./+-:%__p__%'` ac_lib_var=`echo cipher'_'des_setkey | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
@ -5430,7 +5439,7 @@ else
ac_save_LIBS="$LIBS" ac_save_LIBS="$LIBS"
LIBS="-lcipher $LIBS" LIBS="-lcipher $LIBS"
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5434 "configure" #line 5443 "configure"
#include "confdefs.h" #include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */ /* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2 /* We use char because int might match the return type of a gcc2
@ -5441,7 +5450,7 @@ int main() {
des_setkey() des_setkey()
; return 0; } ; return 0; }
EOF EOF
if { (eval echo configure:5445: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then if { (eval echo configure:5454: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest* rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes" eval "ac_cv_lib_$ac_lib_var=yes"
else else
@ -5465,19 +5474,29 @@ fi
if test "$cipher_ok" = yes; then if test "$cipher_ok" = yes; then
echo "found cipher" echo "found cipher"
LIBS="$LIBS -lcipher" LIBS="$LIBS -lcipher"
SSLLIBS="$SSLLIBS -lcipher"
fi fi
else else
echo "Could not find openssl library" echo "Could not find openssl library"
echo "Check to make sure you have a recent version of openssl installed" echo "Check to make sure you have a recent version of openssl installed"
echo "configure: warning: Could not find openssl headers" 1>&2 echo "The SSL bundle will not be built"
echo "configure: warning: Could not find openssl libraries" 1>&2
echo "configure: warning: The SSL bundle will not be built" 1>&2
fi fi
fi fi
else
echo "The use of openssl was disabled"
echo "The SSL bundle will not be built"
echo "configure: warning: The use of openssl was disabled" 1>&2
echo "configure: warning: The SSL bundle will not be built" 1>&2
fi fi
HAVE_OPENSSL=$ssl_ok
if test "$ssl_ok" = "no"; then
CPPFLAGS="$cppflags_temp";
LIBS="$libs_temp";
fi CPPFLAGS="$cppflags_temp";
LIBS="$libs_temp";
#-------------------------------------------------------------------- #--------------------------------------------------------------------
# Check GMP for NSDecimal # Check GMP for NSDecimal
@ -5515,17 +5534,17 @@ for ac_hdr in gmp.h
do do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
echo "configure:5519: checking for $ac_hdr" >&5 echo "configure:5538: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
else else
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5524 "configure" #line 5543 "configure"
#include "confdefs.h" #include "confdefs.h"
#include <$ac_hdr> #include <$ac_hdr>
EOF EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
{ (eval echo configure:5529: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } { (eval echo configure:5548: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then if test -z "$ac_err"; then
rm -rf conftest* rm -rf conftest*
@ -5553,7 +5572,7 @@ done
if test $ac_cv_header_gmp_h = yes; then if test $ac_cv_header_gmp_h = yes; then
echo $ac_n "checking for mpf_abs in -lgmp""... $ac_c" 1>&6 echo $ac_n "checking for mpf_abs in -lgmp""... $ac_c" 1>&6
echo "configure:5557: checking for mpf_abs in -lgmp" >&5 echo "configure:5576: checking for mpf_abs in -lgmp" >&5
ac_lib_var=`echo gmp'_'mpf_abs | sed 'y%./+-:%__p__%'` ac_lib_var=`echo gmp'_'mpf_abs | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
@ -5561,7 +5580,7 @@ else
ac_save_LIBS="$LIBS" ac_save_LIBS="$LIBS"
LIBS="-lgmp $LIBS" LIBS="-lgmp $LIBS"
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5565 "configure" #line 5584 "configure"
#include "confdefs.h" #include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */ /* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2 /* We use char because int might match the return type of a gcc2
@ -5572,7 +5591,7 @@ int main() {
mpf_abs() mpf_abs()
; return 0; } ; return 0; }
EOF EOF
if { (eval echo configure:5576: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then if { (eval echo configure:5595: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest* rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes" eval "ac_cv_lib_$ac_lib_var=yes"
else else
@ -5595,7 +5614,7 @@ fi
if test "$gmp_ok" = no; then if test "$gmp_ok" = no; then
echo $ac_n "checking for __gmpf_abs in -lgmp""... $ac_c" 1>&6 echo $ac_n "checking for __gmpf_abs in -lgmp""... $ac_c" 1>&6
echo "configure:5599: checking for __gmpf_abs in -lgmp" >&5 echo "configure:5618: checking for __gmpf_abs in -lgmp" >&5
ac_lib_var=`echo gmp'_'__gmpf_abs | sed 'y%./+-:%__p__%'` ac_lib_var=`echo gmp'_'__gmpf_abs | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
@ -5603,7 +5622,7 @@ else
ac_save_LIBS="$LIBS" ac_save_LIBS="$LIBS"
LIBS="-lgmp $LIBS" LIBS="-lgmp $LIBS"
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5607 "configure" #line 5626 "configure"
#include "confdefs.h" #include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */ /* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2 /* We use char because int might match the return type of a gcc2
@ -5614,7 +5633,7 @@ int main() {
__gmpf_abs() __gmpf_abs()
; return 0; } ; return 0; }
EOF EOF
if { (eval echo configure:5618: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then if { (eval echo configure:5637: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest* rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes" eval "ac_cv_lib_$ac_lib_var=yes"
else else
@ -5656,12 +5675,12 @@ fi
for ac_func in iconv for ac_func in iconv
do do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
echo "configure:5660: checking for $ac_func" >&5 echo "configure:5679: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
else else
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5665 "configure" #line 5684 "configure"
#include "confdefs.h" #include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes, /* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */ which can conflict with char $ac_func(); below. */
@ -5685,7 +5704,7 @@ f = $ac_func;
; return 0; } ; return 0; }
EOF EOF
if { (eval echo configure:5689: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then if { (eval echo configure:5708: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest* rm -rf conftest*
eval "ac_cv_func_$ac_func=yes" eval "ac_cv_func_$ac_func=yes"
else else
@ -5727,7 +5746,7 @@ fi
# BSDs install this lib as libgiconv # BSDs install this lib as libgiconv
echo $ac_n "checking for main in -lgiconv""... $ac_c" 1>&6 echo $ac_n "checking for main in -lgiconv""... $ac_c" 1>&6
echo "configure:5731: checking for main in -lgiconv" >&5 echo "configure:5750: checking for main in -lgiconv" >&5
ac_lib_var=`echo giconv'_'main | sed 'y%./+-:%__p__%'` ac_lib_var=`echo giconv'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
@ -5735,14 +5754,14 @@ else
ac_save_LIBS="$LIBS" ac_save_LIBS="$LIBS"
LIBS="-lgiconv $LIBS" LIBS="-lgiconv $LIBS"
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5739 "configure" #line 5758 "configure"
#include "confdefs.h" #include "confdefs.h"
int main() { int main() {
main() main()
; return 0; } ; return 0; }
EOF EOF
if { (eval echo configure:5746: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then if { (eval echo configure:5765: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest* rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes" eval "ac_cv_lib_$ac_lib_var=yes"
else else
@ -5780,7 +5799,7 @@ EOF
else else
echo $ac_n "checking for main in -liconv""... $ac_c" 1>&6 echo $ac_n "checking for main in -liconv""... $ac_c" 1>&6
echo "configure:5784: checking for main in -liconv" >&5 echo "configure:5803: checking for main in -liconv" >&5
ac_lib_var=`echo iconv'_'main | sed 'y%./+-:%__p__%'` ac_lib_var=`echo iconv'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6 echo $ac_n "(cached) $ac_c" 1>&6
@ -5788,14 +5807,14 @@ else
ac_save_LIBS="$LIBS" ac_save_LIBS="$LIBS"
LIBS="-liconv $LIBS" LIBS="-liconv $LIBS"
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 5792 "configure" #line 5811 "configure"
#include "confdefs.h" #include "confdefs.h"
int main() { int main() {
main() main()
; return 0; } ; return 0; }
EOF EOF
if { (eval echo configure:5799: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then if { (eval echo configure:5818: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest* rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes" eval "ac_cv_lib_$ac_lib_var=yes"
else else
@ -5841,7 +5860,7 @@ subdirs="Source/mframe"
# Record the version # Record the version
#-------------------------------------------------------------------- #--------------------------------------------------------------------
echo $ac_n "checking for the version of gnustep-base we are compiling""... $ac_c" 1>&6 echo $ac_n "checking for the version of gnustep-base we are compiling""... $ac_c" 1>&6
echo "configure:5845: checking for the version of gnustep-base we are compiling" >&5 echo "configure:5864: checking for the version of gnustep-base we are compiling" >&5
if test -f "Version"; then if test -f "Version"; then
. ./Version . ./Version
fi fi
@ -6048,6 +6067,9 @@ s%@XML_CONFIG@%$XML_CONFIG%g
s%@XML_CFLAGS@%$XML_CFLAGS%g s%@XML_CFLAGS@%$XML_CFLAGS%g
s%@XML_LIBS@%$XML_LIBS%g s%@XML_LIBS@%$XML_LIBS%g
s%@HAVE_LIBXML@%$HAVE_LIBXML%g s%@HAVE_LIBXML@%$HAVE_LIBXML%g
s%@HAVE_OPENSSL@%$HAVE_OPENSSL%g
s%@SSLFLAGS@%$SSLFLAGS%g
s%@SSLLIBS@%$SSLLIBS%g
s%@HAVE_GMP@%$HAVE_GMP%g s%@HAVE_GMP@%$HAVE_GMP%g
s%@SYSTEM_DEFS@%$SYSTEM_DEFS%g s%@SYSTEM_DEFS@%$SYSTEM_DEFS%g
s%@subdirs@%$subdirs%g s%@subdirs@%$subdirs%g

38
configure.in
View file

@ -855,7 +855,7 @@ AC_SUBST(HAVE_LIBXML)
#-------------------------------------------------------------------- #--------------------------------------------------------------------
AC_ARG_ENABLE(openssl, AC_ARG_ENABLE(openssl,
[ --enable-openssl Enable support for openssl in URL classes],, [ --enable-openssl Enable support for openssl in URL classes],,
enable_openssl=no) enable_openssl=yes)
AC_ARG_WITH(openssl-include, AC_ARG_WITH(openssl-include,
[ --with-openssl-include=PATH include path for openssl headers], [ --with-openssl-include=PATH include path for openssl headers],
openssl_incdir="$withval", openssl_incdir="no") openssl_incdir="$withval", openssl_incdir="no")
@ -868,9 +868,16 @@ libs_temp=$LIBS
if test "$openssl_incdir" != "no"; then if test "$openssl_incdir" != "no"; then
CPPFLAGS="$CPPFLAGS -I$openssl_incdir" CPPFLAGS="$CPPFLAGS -I$openssl_incdir"
SSLFLAGS="-I$openssl_incdir"
else
SSLFLAGS=
fi fi
if test "$openssl_libdir" != "no"; then if test "$openssl_libdir" != "no"; then
LIBS="$LIBS -L$openssl_libdir" LIBS="$LIBS -L$openssl_libdir"
SSLLIBS="-L$openssl_libdir"
else
SSLLIBS=
fi fi
if test $enable_openssl = yes; then if test $enable_openssl = yes; then
@ -878,7 +885,9 @@ if test $enable_openssl = yes; then
if test $ac_cv_header_openssl_ssl_h = no; then if test $ac_cv_header_openssl_ssl_h = no; then
echo "Could not find openssl headers" echo "Could not find openssl headers"
echo "Check to make sure you have a recent version of openssl installed" echo "Check to make sure you have a recent version of openssl installed"
echo "The SSL bundle will not be built"
AC_MSG_WARN(Could not find openssl headers) AC_MSG_WARN(Could not find openssl headers)
AC_MSG_WARN(The SSL bundle will not be built)
ssl_ok=no ssl_ok=no
else else
AC_CHECK_LIB(crypto, CRYPTO_malloc, ssl_ok=yes, ssl_ok=no) AC_CHECK_LIB(crypto, CRYPTO_malloc, ssl_ok=yes, ssl_ok=no)
@ -889,30 +898,43 @@ if test $enable_openssl = yes; then
if test "$ssl_ok" = yes; then if test "$ssl_ok" = yes; then
echo "found openssl" echo "found openssl"
LIBS="$base_libs -lssl -lcrypto" LIBS="$base_libs -lssl -lcrypto"
AC_DEFINE(HAVE_OPENSSL) SSLLIBS="$SSLLIBS -lssl -lcrypto"
else else
SSLLIBS="$SSLLIBS -lcrypto"
echo "Could not find openssl crypto library" echo "Could not find openssl crypto library"
echo "Check to make sure you have a recent version of openssl installed" echo "Check to make sure you have a recent version of openssl installed"
AC_MSG_WARN(Could not find openssl headers) echo "The SSL bundle will not be built"
AC_MSG_WARN(Could not find openssl libraries)
AC_MSG_WARN(The SSL bundle will not be built)
fi fi
AC_CHECK_LIB(cipher,des_setkey,cipher_ok=yes,cipher_ok=no) AC_CHECK_LIB(cipher,des_setkey,cipher_ok=yes,cipher_ok=no)
if test "$cipher_ok" = yes; then if test "$cipher_ok" = yes; then
echo "found cipher" echo "found cipher"
LIBS="$LIBS -lcipher" LIBS="$LIBS -lcipher"
SSLLIBS="$SSLLIBS -lcipher"
fi fi
else else
echo "Could not find openssl library" echo "Could not find openssl library"
echo "Check to make sure you have a recent version of openssl installed" echo "Check to make sure you have a recent version of openssl installed"
AC_MSG_WARN(Could not find openssl headers) echo "The SSL bundle will not be built"
AC_MSG_WARN(Could not find openssl libraries)
AC_MSG_WARN(The SSL bundle will not be built)
fi fi
fi fi
else
echo "The use of openssl was disabled"
echo "The SSL bundle will not be built"
AC_MSG_WARN(The use of openssl was disabled)
AC_MSG_WARN(The SSL bundle will not be built)
fi fi
HAVE_OPENSSL=$ssl_ok
AC_SUBST(HAVE_OPENSSL)
AC_SUBST(SSLFLAGS)
AC_SUBST(SSLLIBS)
if test "$ssl_ok" = "no"; then CPPFLAGS="$cppflags_temp";
CPPFLAGS="$cppflags_temp"; LIBS="$libs_temp";
LIBS="$libs_temp";
fi
#-------------------------------------------------------------------- #--------------------------------------------------------------------
# Check GMP for NSDecimal # Check GMP for NSDecimal