diff --git a/CHANGES b/CHANGES index 6393413e0348e4ae74800dc502231186433a42bc..c5dffa6280a7cf32b258f5aaaf76b4dbaef93882 100644 --- a/CHANGES +++ b/CHANGES @@ -12,6 +12,9 @@ *) applies to 0.9.6a/0.9.6b and 0.9.7 +) applies to 0.9.7 only + +) Add configuration choices to get zlib compression for TLS. + [Richard Levitte] + +) Changes to Kerberos SSL for RFC 2712 compliance: 1. Implemented real KerberosWrapper, instead of just using KRB5 AP_REQ message. [Thanks to Simon Wilkinson ] diff --git a/Configure b/Configure index b20e663328e44f40c79dd41b7a77948384c5a7de..610336c4b14a8f6fd9e4e3377e824963a40780b4 100755 --- a/Configure +++ b/Configure @@ -10,7 +10,7 @@ use strict; # see INSTALL for instructions. -my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [no-threads] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx=vvv] os/compiler[:flags]\n"; +my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] os/compiler[:flags]\n"; # Options: # @@ -25,13 +25,15 @@ my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # # --with-krb5-dir Declare where Kerberos 5 lives. The libraries are expected # to live in the subdirectory lib/ and the header files in -# include/. -# --with-krb5-lib Declare where the Kerberos 5 libraries live. +# include/. A value is required. +# --with-krb5-lib Declare where the Kerberos 5 libraries live. A value is +# required. # (Default: KRB5_DIR/lib) -# --with-krb5-include Declare where the Kerberos 5 header files live. +# --with-krb5-include Declare where the Kerberos 5 header files live. A +# value is required. # (Default: KRB5_DIR/include) # --with-krb5-flavor Declare what flavor of Kerberos 5 is used. Currently -# supported values are "MIT" and "Heimdal". +# supported values are "MIT" and "Heimdal". A value is required. # # no-hw-xxx do not compile support for specific crypto hardware. # Generic OpenSSL-style methods relating to this support @@ -46,6 +48,9 @@ my $usage="Usage: Configure [no- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [- # no-dso do not compile in any native shared-library methods. This # will ensure that all methods just return NULL. # no-krb5 do not compile in any KRB5 library or code. +# [no-]zlib [don't] compile support for zlib compression. +# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared +# library and will be loaded in run-time by the OpenSSL library. # 386 generate 80386 code # no- build without specified algorithm (rsa, idea, rc5, ...) # - + compiler options are passed through @@ -467,6 +472,7 @@ my $exe_ext=""; my $install_prefix=""; my $no_threads=0; my $no_shared=1; +my $zlib=2; my $no_krb5=0; my $threads=0; my $no_asm=0; @@ -567,6 +573,12 @@ PROCESS_ARGS: { $no_shared=1; } elsif (/^shared$/) { $no_shared=0; } + elsif (/^no-zlib$/) + { $zlib=0; } + elsif (/^zlib$/) + { $zlib=1; } + elsif (/^zlib-dynamic$/) + { $zlib=2; } elsif (/^no-symlinks$/) { $symlink=0; } elsif (/^no-(.+)$/) @@ -827,8 +839,15 @@ if ($no_asm) if ($threads) { - $cflags=$thread_cflags; - $openssl_thread_defines .= $thread_defines; + $cflags=$thread_cflags; + $openssl_thread_defines .= $thread_defines; + } + +if ($zlib) + { + $cflags = "-DZLIB $cflags"; + $cflags = "-DZLIB_SHARED $cflags" if $zlib == 2; + $lflags = "$lflags -lz" if $zlib == 2; } # You will find shlib_mark1 and shlib_mark2 explained in Makefile.org diff --git a/INSTALL b/INSTALL index 6634316cca93ae2b270a93ea5285ec9bdf77aa6f..cc8c38aed8c236d42c1a3c748ac0724a2538dcfe 100644 --- a/INSTALL +++ b/INSTALL @@ -53,6 +53,15 @@ This will usually require additional system-dependent options! See "Note on multi-threading" below. + no-zlib Don't try to build with support for zlib compression and + decompression. + + zlib Build with support for zlib compression/decompression. + + zlib-dynamic Like "zlib", but has OpenSSL load the zlib library dynamically + when needed. This is only supported on systems where loading + of shared libraries is supported. + no-shared Don't try to create shared libraries. shared In addition to the usual static libraries, create shared