Previous Next Contents

4. Installation

To install SSLtcl you need the sources for tcl8.0 and either SSLeay-0.6.6 or SSLeay-0.8.1. As for now SSLeay-0.6.6 should be considered some what stabler than SSLeay-0.8..1, but on the other hand does 0.8.1 implement SSLv3, which 0.6.6 does not.

Both tcl and SSLeay works on many kinds of machines. SSLtcl however is only tested on Linux and incorporates special UNIX code from tcl which makes it quite unlikely that it will build on anything else than UNIX.

You can get tcl8.0 from ftp://ftp.smli.com/pub/tcl . Even if you have the binaries and libraries for tcl8.0 already installed you will also need the source code and the contents in tclConfig.sh has to contain information about where to find the source. (You may edit the Makefile to solve this but it is up to You).

You can get SSLeay from ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL or mirrors. On Linux You can build both static and shared libraries for SSLeay. To link SSLtcl dynamically against SSLeay You have to have shared libraries, see further down for instructions.

Get the source for SSLtcl and go to the directory where You wants to have it and unpack the source. The easiest place to have it is under /usr/local/src, especially if tcl and SSLeay is built and installed under /usr/local.

tar -xvzf SSLtcl-0.42.tar.gz

If the above conditions are fulfilled You can build and install SSLtcl with the following commands:


./configure

make

make install

This will build the shared library SSLtcl.so and install it in /usr/local/lib. It will also install the manual page ssltcl in /usr/local/man/mann

You can now read the manual with the command

man ssltcl

If You have any problem with that You can always use groff to read it.

groff -Tascii -man ssltcl.n| less

It is possible to build SSLtcl under more constrained conditions through the use of options to configure.

If you don't want to install under /usr/local you can use:

--prefix=PATH

If you don't have the sourcecode to tcl8.0 in the same directory as SSLtcl or you did not use the source-code to build tcl8.0 you can specify an alternative location. The point is that the configure script needs to know where the tclConfig.sh is.

--with-tcl=PATH

where PATH is the library where tclConfig.sh is.

If SSL is in a strange location You can tell configure where with the option

--with-ssl=PATH

If You have the SSL libraries in another location than under ssl/lib You can use the following option to tell where they are. For example if you have installed the shared SSL libraries under /usr/local/lib.

--with-ssl-lib-dir=PATH

Here is an example of building SSLtcl in /usr/src but with tcl8.0 and SSLeay under /usr/local and shared libraries in /usr/local/lib

./configure --prefix=/usr --with-tcl=/usr/local/lib --with-ssl=/usr/local/ssl --with-ssl-lib-dir=/usr/local/lib

To link SSLtcl dynamically against SSLeay you have to build shared SSLeay libraries. This is not done in the usual SSLeay build process, so you have to do it your self. First build it the usual way according to the INSTALL instructions in SSLeay. Then you may try the following command

sh shlib/linux.sh

If any error are reported check the following things.

1. If you are building SSLeay-0.8.1 its seems to be a bug in crypto/crypto.c. Uncomment the next last #endif statement, like this:

#endif
/*#endif*/
#ifdef CRYPTO_PKCS7_SUBSET /* I have an excplicit removal of 7 lines */

#include ''pkcs7/pk7_lib.c''
#include ''pkcs7/pkcs7err.c''
#endif
and try again

2. If you are building SSleay-0.6.6 you have to, at least I had to, build one of the needed assembly code files your self.

cd crypto/des/asm
perl des-som3.pl elf >dx86-elf.s

and try again

You then have to manually install the shared files. Copy all files, including symlinks, that contain an .so. That is libcrypto.so and libssl.so and friends to the place you want them. Remember to att the directory to /etc/ld.so.conf if its not there all ready an run:

ldconfig

You the load the module into your tcl applications by the command:


load /usr/local/lib/SSLtcl.so SSLtcl

and then you can use the socket command with ssl features.Read the manual pages or look in the demo directory.


Previous Next Contents