Check-in [a23045b659]
Overview
Comment:Made SSLv2/SSLv3 compiled in by default (since they are now disabled by default) and made other options more consistently checked
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: a23045b659aafce84ee1e7f53be860971bf43500
User & Date: rkeene on 2016-12-13 07:00:15
Other Links: manifest | tags
Context
2016-12-13
07:00
Remove the address sanitizer from the debugging build since it may cause problems when used as a library -- a special build should be available for it check-in: 717a5d1c42 user: rkeene tags: trunk
07:00
Made SSLv2/SSLv3 compiled in by default (since they are now disabled by default) and made other options more consistently checked check-in: a23045b659 user: rkeene tags: trunk
06:56
Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available check-in: aaac45cfca user: rkeene tags: trunk
Changes
55
56
57
58
59
60
61
62
63
64



65
66


67
68
69
70
71
72



73
74


75
76
77
78
79
80
81



82
83
84
85
86
87
88
89



90
91
92
93
94
95
96
97



98
99
100
101
102
103
104
55
56
57
58
59
60
61



62
63
64
65
66
67
68
69
70
71



72
73
74
75
76
77
78
79
80
81
82
83
84

85
86
87
88
89
90
91
92
93
94

95
96
97
98
99
100
101
102
103
104

105
106
107
108
109
110
111
112
113
114







-
-
-
+
+
+


+
+



-
-
-
+
+
+


+
+






-
+
+
+







-
+
+
+







-
+
+
+







	GEN_DH_PARAMS_ARGS='fallback'
else
	GEN_DH_PARAMS_ARGS=''
fi
AC_SUBST(GEN_DH_PARAMS_ARGS)

dnl Allow the user to manually disable protocols
dnl ## SSLv2: Disabled by default
tcltls_ssl_ssl2='false'
AC_ARG_ENABLE([sslv2], AS_HELP_STRING([--enable-sslv2], [enable SSLv2 protocol]), [
dnl ## SSLv2: Enabled by default
tcltls_ssl_ssl2='true'
AC_ARG_ENABLE([sslv2], AS_HELP_STRING([--disable-sslv2], [disable SSLv2 protocol]), [
	if test "$enableval" = "yes"; then
		tcltls_ssl_ssl2='force'
	else
		tcltls_ssl_ssl2='false'
	fi
])

dnl ## SSLv3: Disabled by default
tcltls_ssl_ssl3='false'
AC_ARG_ENABLE([sslv3], AS_HELP_STRING([--enable-sslv3], [enable SSLv3 protocol]), [
dnl ## SSLv3: Enabled by default
tcltls_ssl_ssl3='true'
AC_ARG_ENABLE([sslv3], AS_HELP_STRING([--disable-sslv3], [disable SSLv3 protocol]), [
	if test "$enableval" = "yes"; then
		tcltls_ssl_ssl3='force'
	else
		tcltls_ssl_ssl3='false'
	fi
])

dnl ## TLSv1.0: Enabled by default
tcltls_ssl_tls1_0='true'
AC_ARG_ENABLE([tlsv1.0], AS_HELP_STRING([--disable-tlsv1.0], [disable TLSv1.0 protocol]), [
	if test "$enableval" = "no"; then
	if test "$enableval" = "yes"; then
		tcltls_ssl_tls1_0='force'
	else
		tcltls_ssl_tls1_0='false'
	fi
])

dnl ## TLSv1.1: Enabled by default
tcltls_ssl_tls1_1='true'
AC_ARG_ENABLE([tlsv1.1], AS_HELP_STRING([--disable-tlsv1.1], [disable TLSv1.1 protocol]), [
	if test "$enableval" = "no"; then
	if test "$enableval" = "yes"; then
		tcltls_ssl_tls1_1='force'
	else
		tcltls_ssl_tls1_1='false'
	fi
])

dnl ## TLSv1.1: Enabled by default
tcltls_ssl_tls1_2='true'
AC_ARG_ENABLE([tlsv1.2], AS_HELP_STRING([--disable-tlsv1.2], [disable TLSv1.2 protocol]), [
	if test "$enableval" = "no"; then
	if test "$enableval" = "yes"; then
		tcltls_ssl_tls1_2='force'
	else
		tcltls_ssl_tls1_2='false'
	fi
])

dnl Enable support for a debugging build
tcltls_debug='false'
AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug], [enable debugging parameters]), [