Merge pull request #1 from OpenSC/master

merge to master

INSTALL.md

@@ -33,11 +33,67 @@ For x64 bit builds, make sure you opened the Native x64 VS Command Prompt and ru
 
 If any of your builds fail for any reason, ensure you clean the src directory of obj files before re-making.
 
-### Mingw
+### MSYS2
 
-TODO
+To build libp11, download and install msys2-i686-*.exe from https://msys2.github.io
+
+then start a MSYS2 MSYS console from the Start menu and use:
+
+  pacman -S git pkg-config libtool autoconf automake make gcc openssl-devel
+
+  git clone https://github.com/OpenSC/libp11.git
+
+  cd libp11
+
+  autoreconf -fi
+
+  ./configure --prefix=/usr/local
+
+  make && make install
 
 ### Cygwin
 
-TODO
+As above, assuming that you have mentioned packages already installed.
+
+### MINGW / MSYS
+
+To build libp11, download and install mingw-get-setup.exe from https://sourceforge.net/projects/mingw/
+
+I'm assuming that you have selected all necessary MINGW and MSYS packages during install 
+
+(useful hint - after clicking at checkbox press key I).
+
+You also need to install pkg-config or pkg-config-lite and update autoconf and openssl.
+
+http://www.gaia-gis.it/spatialite-3.0.0-BETA/mingw_how_to.html#pkg-config
+
+https://sourceforge.net/p/mingw/mailman/message/31908633/
+
+https://sourceforge.net/projects/pkgconfiglite/files/
+
+http://ftp.gnu.org/gnu/autoconf/autoconf-latest.tar.gz
+
+https://www.openssl.org/source/
+
+You need to configure OpenSSL to replace very old mingw's version like this:
+
+  ./configure --prefix=/mingw threads shared mingw
+
+  make depend && make && make install
+
+Then download and unpack libp11, in its directory use:
+
+  libtoolize --force
+
+  aclocal -I m4 --install
+
+  autoheader
+
+  automake --force-missing --add-missing
+
+  autoconf
+
+  ./configure --prefix=/usr/local
+
+  make && make install
 

NEWS

@@ -1,8 +1,9 @@
 NEWS for Libp11 -- History of user visible changes
 
 New in 0.4.3; unreleased
-* Use UI to get the CKU_CONTEXT_SPECIFIC PIN (Michał Trojnara).
-* Fixed an EVP_PKEY refcount leak (David Woodhouse).
+* Use UI to get the CKU_CONTEXT_SPECIFIC PIN (Michał Trojnara)
+* Fixed an EVP_PKEY refcount leak (David Woodhouse)
+* OpenSSL 1.1.0 build fixes (Nikos Mavrogiannopoulos, Michał Trojnara)
 
 New in 0.4.2; 2016-09-25; Michał Trojnara
 * Fixed a 0.4.0 regression bug causing the engine finish function to

configure.ac

@@ -2,6 +2,7 @@ dnl -*- mode: m4; -*-
 
 AC_PREREQ(2.60)
 
+# When bumping versions see also the LT vesion numbers below.
 define([PACKAGE_VERSION_MAJOR], [0])
 define([PACKAGE_VERSION_MINOR], [4])
 define([PACKAGE_VERSION_FIX], [3])
@@ -17,15 +18,6 @@ LIBP11_VERSION_MAJOR="PACKAGE_VERSION_MAJOR"
 LIBP11_VERSION_MINOR="PACKAGE_VERSION_MINOR"
 LIBP11_VERSION_FIX="PACKAGE_VERSION_FIX"
 
-# LT Version numbers, remember to change them just *before* a release.
-#   (Code changed:                      REVISION++)
-#   (Oldest interface removed:          OLDEST++)
-#   (Interfaces added:                  CURRENT++, REVISION=0)
-LIBP11_LT_CURRENT="6"
-LIBP11_LT_OLDEST="2"
-LIBP11_LT_REVISION="2"
-LIBP11_LT_AGE="$((${LIBP11_LT_CURRENT}-${LIBP11_LT_OLDEST}))"
-
 AC_CONFIG_SRCDIR([src/libp11.h])
 
 # silent build by default
@@ -36,6 +28,37 @@ AC_PROG_CC
 PKG_PROG_PKG_CONFIG
 AC_C_BIGENDIAN
 
+# we need to set our soversion based on openssl's soversion to avoid
+# issues with applications linking to new openssl, old libp11, and vice versa
+case "`$PKG_CONFIG --modversion --silence-errors libcrypto || \
+	$PKG_CONFIG --modversion openssl`" in
+	1.1.*) # Predicted engines directory prefix for OpenSSL 1.1.x
+	    LIBP11_LT_OLDEST="3"
+	    debian_ssl_prefix="openssl-1.1.0";;
+	1.0.*) # Engines directory prefix for OpenSSL 1.0.x
+	    LIBP11_LT_OLDEST="2"
+	    debian_ssl_prefix="openssl-1.0.0";;
+	*) # Engines directory prefix for OpenSSL 0.9.x
+	    LIBP11_LT_OLDEST="2"
+	    debian_ssl_prefix="ssl";;
+esac
+
+
+# LT Version numbers, remember to change them just *before* a release.
+#   (Code changed:                      REVISION++)
+#   (Oldest interface removed:          OLDEST++)
+#   (Interfaces added:                  CURRENT++, REVISION=0)
+#
+# Note that at this moment we tie the oldest (soname) version to
+# the openssl version we link to. If the ABI is broken on a later
+# release, we should either stick to supporting a single openssl ABI
+# or bump the LT_OLDEST version sufficiently to avoid clashes.
+LIBP11_LT_REVISION="2"
+LIBP11_LT_CURRENT="6"
+LIBP11_LT_AGE="$((${LIBP11_LT_CURRENT}-${LIBP11_LT_OLDEST}))"
+
+gl_LD_VERSION_SCRIPT
+
 AC_ARG_WITH(
 	[cygwin-native],
 	[AS_HELP_STRING([--with-cygwin-native],[compile native win32])],
@@ -100,30 +123,21 @@ AC_ARG_WITH(
 AC_ARG_WITH(
 	[enginesdir],
 	[AS_HELP_STRING([--with-enginesdir], [OpenSSL engines directory])],
-	[enginesdir="${withval}"],
+	[enginesexecdir="${withval}"],
 	[
-		enginesdir="`$PKG_CONFIG --variable=enginesdir --silence-errors libcrypto`"
-		if test "${enginesdir}" = ""; then
+		enginesexecdir="`$PKG_CONFIG --variable=enginesdir --silence-errors libcrypto`"
+		if test "${enginesexecdir}" = ""; then
 		    libcryptodir="`$PKG_CONFIG --variable=libdir --silence-errors libcrypto || \
 			$PKG_CONFIG --variable=libdir openssl`"
-		    case "`$PKG_CONFIG --modversion --silence-errors libcrypto || \
-			$PKG_CONFIG --modversion openssl`" in
-			1.1.*) # Predicted engines directory prefix for OpenSSL 1.1.x
-			    debian_ssl_prefix="openssl-1.1.0";;
-			1.0.*) # Engines directory prefix for OpenSSL 1.0.x
-			    debian_ssl_prefix="openssl-1.0.0";;
-			*) # Engines directory prefix for OpenSSL 0.9.x
-			    debian_ssl_prefix="ssl";;
-		    esac
 		    if test -d "$libcryptodir/$debian_ssl_prefix/engines"; then
 			# Debian-based OpenSSL package (for example Ubuntu)
-			enginesdir="$libcryptodir/$debian_ssl_prefix/engines"
+			enginesexecdir="$libcryptodir/$debian_ssl_prefix/engines"
 		    else # Default OpenSSL engines directory
-			enginesdir="$libcryptodir/engines"
+			enginesexecdir="$libcryptodir/engines"
 		    fi
 		    if test "${prefix}" != "NONE" -o "${exec_prefix}" != "NONE"; then
 			# Override the autodetected value with the default
-			enginesdir="${libdir}"
+			enginesexecdir="\$(libdir)"
 		    fi
 		fi
 	]
@@ -198,7 +212,7 @@ pkgconfigdir="\$(libdir)/pkgconfig"
 
 AC_SUBST([pkgconfigdir])
 AC_SUBST([apidocdir])
-AC_SUBST([enginesdir])
+AC_SUBST([enginesexecdir])
 AC_SUBST([LIBP11_VERSION_MAJOR])
 AC_SUBST([LIBP11_VERSION_MINOR])
 AC_SUBST([LIBP11_VERSION_FIX])
@@ -221,6 +235,31 @@ if test "${enable_strict}" = "yes"; then
 	CFLAGS="${CFLAGS} -Wall -Wextra"
 fi
 
+rm -f src/libp11.map
+echo "LIBP11_${LIBP11_LT_OLDEST}" > src/libp11.map
+echo "{" >> src/libp11.map
+echo "global:" >> src/libp11.map
+tr '\n' ';' <src/libp11.exports >>src/libp11.map
+echo "" >> src/libp11.map
+echo "local:" >> src/libp11.map
+echo '*;' >> src/libp11.map
+echo "};" >> src/libp11.map
+
+chmod ugo-w src/libp11.map
+
+AC_MSG_CHECKING([if libtool needs -no-undefined flag to build shared libraries])
+case "`uname`" in
+  CYGWIN*|MSYS*|MINGW*|AIX*)
+    ## Add in the -no-undefined flag to LDFLAGS for libtool.
+    AC_MSG_RESULT([yes])
+    LDFLAGS="$LDFLAGS -no-undefined"
+    ;;
+  *)
+    ## Don't add in anything.
+    AC_MSG_RESULT([no])
+    ;;
+esac
+
 AC_CONFIG_FILES([
 	Makefile
 	src/Makefile
@@ -240,7 +279,7 @@ libp11 has been configured with the following options:
 
 Version:                 ${PACKAGE_VERSION}
 libp11 directory:        $(eval eval eval echo "${libdir}")
-Engine directory:        ${enginesdir}
+Engine directory:        ${enginesexecdir}
 Default PKCS11 module:   ${pkcs11_module}
 API doc support:         ${enable_api_doc}
 

examples/auth.c

@@ -10,7 +10,9 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
+#if !defined(_WIN32) || defined(__CYGWIN__)
 #include <termios.h>
+#endif
 #include <stdio.h>
 #include <unistd.h>
 #include <string.h>
@@ -81,6 +83,7 @@ int main(int argc, char *argv[])
 	if (argc > 2) {
 		strcpy(password, argv[2]);
 	} else {
+#if !defined(_WIN32) || defined(__CYGWIN__)
 		struct termios old, new;
 
 		/* Turn echoing off and fail if we can't. */
@@ -91,15 +94,15 @@ int main(int argc, char *argv[])
 		new.c_lflag &= ~ECHO;
 		if (tcsetattr(0, TCSAFLUSH, &new) != 0)
 			goto failed;
-
+#endif
 		/* Read the password. */
 		printf("Password for token %.32s: ", slot->token->label);
 		if (fgets(password, sizeof(password), stdin) == NULL)
 			goto failed;
-
+#if !defined(_WIN32) || defined(__CYGWIN__)
 		/* Restore terminal. */
 		(void)tcsetattr(0, TCSAFLUSH, &old);
-
+#endif
 		/* strip tailing \n from password */
 		rc = strlen(password);
 		if (rc <= 0)

examples/decrypt.c

@@ -11,7 +11,9 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <unistd.h>
+#if !defined(_WIN32) || defined(__CYGWIN__)
 #include <termios.h>
+#endif
 #include <stdio.h>
 #include <string.h>
 #include <libp11.h>
@@ -37,8 +39,9 @@ int main(int argc, char *argv[])
 	unsigned int nslots, ncerts;
 
 	/* get password */
+#if !defined(_WIN32) || defined(__CYGWIN__)
 	struct termios old, new;
-
+#endif
 	if (argc != 2) {
 		fprintf(stderr, "usage: auth /usr/lib/opensc-pkcs11.so\n");
 		return 1;
@@ -155,6 +158,7 @@ int main(int argc, char *argv[])
 	if (!slot->token->loginRequired)
 		goto loggedin;
 
+#if !defined(_WIN32) || defined(__CYGWIN__)
 	/* Turn echoing off and fail if we can't. */
 	if (tcgetattr(0, &old) != 0)
 		goto failed;
@@ -163,15 +167,16 @@ int main(int argc, char *argv[])
 	new.c_lflag &= ~ECHO;
 	if (tcsetattr(0, TCSAFLUSH, &new) != 0)
 		goto failed;
-
+#endif
 	/* Read the password. */
 	printf("Password for token %.32s: ", slot->token->label);
 	if (fgets(password, sizeof(password), stdin) == NULL)
 		goto failed;
 
+#if !defined(_WIN32) || defined(__CYGWIN__)
 	/* Restore terminal. */
 	(void)tcsetattr(0, TCSAFLUSH, &old);
-
+#endif
 	/* strip tailing \n from password */
 	rc = strlen(password);
 	if (rc <= 0)

examples/listkeys.c

@@ -10,12 +10,10 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
-#include <termios.h>
 #include <stdio.h>
 #include <unistd.h>
 #include <string.h>
 #include <sys/types.h>
-#include <sys/wait.h>
 #include <libp11.h>
 #include <unistd.h>
 

m4/ld-version-script.m4

@@ -0,0 +1,48 @@
+# ld-version-script.m4 serial 4
+dnl Copyright (C) 2008-2016 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Simon Josefsson
+
+# FIXME: The test below returns a false positive for mingw
+# cross-compiles, 'local:' statements does not reduce number of
+# exported symbols in a DLL.  Use --disable-ld-version-script to work
+# around the problem.
+
+# gl_LD_VERSION_SCRIPT
+# --------------------
+# Check if LD supports linker scripts, and define automake conditional
+# HAVE_LD_VERSION_SCRIPT if so.
+AC_DEFUN([gl_LD_VERSION_SCRIPT],
+[
+  AC_ARG_ENABLE([ld-version-script],
+    [AS_HELP_STRING([--enable-ld-version-script],
+       [enable linker version script (default is enabled when possible)])],
+    [have_ld_version_script=$enableval],
+    [AC_CACHE_CHECK([if LD -Wl,--version-script works],
+       [gl_cv_sys_ld_version_script],
+       [gl_cv_sys_ld_version_script=no
+        save_LDFLAGS=$LDFLAGS
+        LDFLAGS="$LDFLAGS -Wl,--version-script=conftest.map"
+        echo foo >conftest.map
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
+          [],
+          [cat > conftest.map <<EOF
+VERS_1 {
+        global: sym;
+};
+
+VERS_2 {
+        global: sym;
+} VERS_1;
+EOF
+           AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])],
+             [gl_cv_sys_ld_version_script=yes])])
+        rm -f conftest.map
+        LDFLAGS=$save_LDFLAGS])
+     have_ld_version_script=$gl_cv_sys_ld_version_script])
+  AM_CONDITIONAL([HAVE_LD_VERSION_SCRIPT],
+    [test "$have_ld_version_script" = yes])
+])