File History

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

History of tls.c

2019-05-29
18:52
Try to find headers in a specific path and do not allow "mp_int"/"mp_digit" to conflict with other things file: [391c72843c] check-in: [bd8b53ced2] user: rkeene branch: x-header-work, size: 50430
2019-04-09
17:04
Added remaining TLSv1.3 support file: [c565bf20f1] check-in: [569c10f3b2] user: rkeene branch: enhancement/tls-1.3, size: 50402
2018-11-07
23:51
Added missing TLSv1.3 support file: [b408a25024] check-in: [efc1e122f2] user: rkeene branch: enhancement/tls-1.3, size: 49325
23:27
Started adding support for TLSv1.3 file: [f0ecc97895] check-in: [e245d231ee] user: rkeene branch: enhancement/tls-1.3, size: 49228
2018-02-07
15:37
Updated to reset "eofchar" and "encoding" when importing channels as well as translation and blocking (part of [f798e2ea12]) file: [7d9b3af7fe] check-in: [1d757f7e2d] user: rkeene branch: trunk, size: 49023
2017-12-21
05:34
Added experiment patch for [f798e2ea12] to preserve channel state when importing a channel file: [73f6874245] check-in: [60f37290f3] user: rkeene branch: bug-f798e2ea12, size: 48553
2017-05-01
14:42
Print a debug message when handshaking works but an error is being captured file: [0dc23990ac] check-in: [87d7c791f5] user: rkeene branch: trunk, size: 48010
14:41
Fixed an issue where EAGAIN was translated into a successful handshake, addressing [1367823d51] file: [8221535697] check-in: [689d55e070] user: rkeene branch: trunk, size: 47917
14:32
Reformatted handshake command code file: [325d38b6f1] check-in: [2893572aa6] user: rkeene branch: trunk, size: 47909
2017-04-18
14:29
Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely file: [57028b60c1] check-in: [83b1dea4d4] user: rkeene branch: trunk, size: 48085
2016-12-13
16:00
Updated to return soft errors on during SSL negotiation retries on reads and hard errors on SSL negotiation during writes or handshake commands file: [347d650461] check-in: [b9557ba691] user: rkeene branch: trunk, size: 48083
06:56
Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available file: [6c127f2542] check-in: [aaac45cfca] user: rkeene branch: trunk, size: 48013
06:39
Commented out debugging printf for returning from the locking function as well file: [f62df33327] check-in: [8e27f5595c] user: rkeene branch: trunk, size: 47916
06:27
Updated to use POSIX tool "od" to create tls.tcl.h and since we can now rebuild this file more freely, do so to "fully" support out-of-source-dir builds file: [fa35866bf7] check-in: [34ff31cd97] user: rkeene branch: trunk, size: 47910
05:11
Updated to properly sanitize memory needed for the dynamically allocated locks file: [8eeae8c00a] check-in: [f73f94ae35] user: rkeene branch: wip-fix-io-layer, size: 47912
03:46
Made all unused variables self-assignments file: [f6e2948561] check-in: [7b169db8a3] user: rkeene branch: wip-fix-io-layer, size: 47484
03:21
Merged in trunk file: [87308823ff] check-in: [e5c9bfe50f] user: rkeene branch: wip-fix-io-layer, size: 47131
03:20
Updated to deal with locking slightly better, maybe file: [96e2a45ac0] check-in: [387697ce68] user: rkeene branch: trunk, size: 46292
2016-12-12
22:29
Merged in trunk file: [21bebdaf3c] check-in: [77c3091474] user: rkeene branch: wip-fix-io-layer, size: 47229
22:10
Updated to dynamically allocate mutexes and support being de-initialized file: [5a902a9319] check-in: [abf861e4d5] user: rkeene branch: trunk, size: 46390
01:14
More work on improving I/O routines file: [2904872c77] check-in: [7df7a8696e] user: rkeene branch: wip-fix-io-layer, size: 46867
2016-12-11
19:10
Added a lot of work towards fixing the I/O layer file: [04ea01d342] check-in: [ee7ea6a917] user: rkeene branch: wip-fix-io-layer, size: 46806
2016-12-10
05:12
More clean-up and modernization file: [788b6c9daa] check-in: [5fc38beddb] user: rkeene branch: trunk, size: 46028
05:02
Remove obsolete references file: [0322248de8] check-in: [fc00b36be8] user: rkeene branch: trunk, size: 46277
02:55
Removed backwards compatibility hacks and much reformatting file: [ae2cba46b1] check-in: [f087e1fe61] user: rkeene branch: trunk, size: 46321
2016-12-08
08:36
Moved BIO_ wrappers into the BIO source and added more debugging output file: [a1d0fac62c] check-in: [333d833f31] user: rkeene branch: trunk, size: 47922
07:32
Do not try to set memory functions -- prototype is broken in newer version and older versions have bugs related to it file: [6dd111d1a2] check-in: [bbe273b3dc] user: rkeene branch: openssl-1.1, size: 47816
07:25
Whitspace formatting changes file: [1ee30f1327] check-in: [2ed4afb942] user: rkeene branch: openssl-1.1, size: 48031
06:53
Initial working version of OpenSSL 1.1.0 API support adapted from patch from Sergei Golovan and Jeremy Sowden file: [6e0707c50a] check-in: [af83631fbb] user: rkeene branch: openssl-1.1, size: 48056
2016-12-07
16:41
Set a default channel type version file: [9b5d593b52] check-in: [fe5bc0bc67] user: rkeene branch: tls-1-7, size: 47958
14:38
Added additional debugging around asyncronous sockets file: [9a523164da] check-in: [033849bf66] user: rkeene branch: tls-1-7, size: 47934
2016-12-05
17:04
Disable protocols if they are not compiled in file: [829214fd98] check-in: [8e510a3598] user: rkeene branch: tls-1-7, size: 47879
2016-12-02
19:00
Minor casting to address compiler warnings file: [606371c2d5] check-in: [e3b94c4a74] user: rkeene branch: tls-1-7, size: 47715
18:58
Double check that we got a usable value at all from the verification callback file: [95469d79b3] check-in: [664badad67] user: rkeene branch: tls-1-7, size: 47589
18:55
Fixed signed-ness issue with init script file: [8652a6d576] check-in: [fa844b3fcc] user: rkeene branch: tls-1-7, size: 47571
16:41
Ensure initialization happens only once even with unthreaded Tcl file: [31dba4da9e] check-in: [10e3f2e20c] user: rkeene branch: tls-1-7, size: 47580
16:25
Added an --enable-debug and made debug-printf macro more fancy file: [63f1a729cf] check-in: [8a3f4fc732] user: rkeene branch: tls-1-7, size: 47616
16:09
Minor cleanup of global variables and void function file: [898daed710] check-in: [ee18d6c91e] user: rkeene branch: tls-1-7, size: 47646
2016-12-01
21:36
Updated to generate DH parameters more dynamically file: [05e974345e] check-in: [3d5e70d1d5] user: rkeene branch: tls-1-7, size: 47630
2016-11-24
05:18
Updated to use a meaningful package name and version file: [b151916d75] check-in: [8f8805845f] user: rkeene branch: tls-1-7, size: 49350
04:09
Updated to build the "tls.tcl" file into the library file: [a38b0196bb] check-in: [195000fcab] user: rkeene branch: tls-1-7, size: 49357
2016-11-23
05:14
Fixed issue with building without Tcl threads file: [40d53c0b7a] check-in: [3135e8cc5c] user: rkeene branch: tls-1-7, size: 49212
2016-11-22
22:11
Removed artifacts from conversion from CVS file: [25af59055a] check-in: [c75816429f] user: rkeene branch: tls-1-7, size: 49179
17:58
Applied patch file: [15a7d7809d] check-in: [db95f55e95] user: rkeene branch: rkeene-unthreaded, size: 49295
2015-07-07
17:16
Updated with dhparam.2.patch for tls ticket #59. file: [5f36052c70] check-in: [2aadaa4c28] user: andreas_kupries branch: trunk, size: 49235
2015-05-01
18:44
* configure.in: Bump to version 1.6.5. * win/makefile.vc: * configure: regen with ac-2.59 * tls.c: Accepted SF TLS [bug/patch #57](https://sourceforge.net/p/tls/bugs/57/). * tlsIO.c: Accepted core Tcl patch in [ticket](http://core.tcl.tk/tcl/tktview/0f94f855cafed92d0e174b7d835453a02831b4dd). file: [2da923fe43] check-in: [b3dc06600e] user: andreas_kupries branch: trunk, size: 47182
2014-12-08
19:09
Applied patches #12 and #13 for Server Name Indication (SNI) support, and TLS 1.1, 1.2 support. file: [343f6572a7] check-in: [54d14de805] user: andreas_kupries branch: trunk, size: 47012
2014-04-16
18:33
Ticket 47, applied patch with last suggested change by Jeff (moving setting of "initialization"-flag). file: [34519f36fc] check-in: [d248bc5f5e] user: andreas_kupries branch: trunk, size: 44839
2012-07-09
23:28
* configure.in: Bump to version 1.6.3. * win/makefile.vc: * configure: regen with ac-2.59 * tls.c (MiscObjCmd): Fixed non-static string array used in call of Tcl_GetIndexFromObj(). Memory smash waiting to happen. Thanks to Brian Griffin for alerting us all to the problem. file: [493d79f8dc] check-in: [c1eb553b32] user: andreas_kupries branch: trunk, size: 44101
2012-06-01
22:59
* tls.c: Applied Jeff's patch from http://www.mail-archive.com/aolserver@listserv.aol.com/msg12356.html file: [36929764b9] check-in: [a652b4f6a7] user: andreas_kupries branch: trunk, size: 44094
2010-08-11
19:50
* tls.c (StatusObjCmd): memleak: free peer if loaded. [Bug 3041925] file: [510496cc5c] check-in: [366542d9a0] user: hobbs2 branch: trunk, size: 42550
2008-03-19
22:06
* tests/tlsIO.test (tlsIO-14.*): Add tls::unimport for symmetry * tls.htm, tls.c (UnimportObjCmd): to tls::import. [Bug 1203273] file: [863315bd45] check-in: [61890c4886] user: hobbs2 branch: trunk, size: 42501
21:31
Use better Eval APIs, cleaner Tcl_Obj-handling. file: [66ecdb7d9a] check-in: [5804017ad3] user: hobbs2 branch: trunk, size: 41015
19:59
* tls.c (Tls_Clean, ImportObjCmd): Fix cleanup mem leak [Bug 1414045] file: [ad0e17ca78] check-in: [8dd7366fcc] user: hobbs2 branch: trunk, size: 40998
02:34
Updated the nmake build files with MSVC9 support and fixed to run the test-suite properly. Corrected namespace handling in tls::initlib on Windows. Applied #1890223 to fix handshake on non-blocking sockets file: [531e26fa4b] check-in: [5fb2d63afa] user: patthoyts branch: trunk, size: 40791
2007-09-06
21:01
Silence 64 bit integer conversion warnings Update build system to support AMD64 target with MSVC8 file: [0abefbb942] check-in: [0fdb07692d] user: patthoyts branch: trunk, size: 40715
2007-06-22
21:20
* tlsIO.c (TlsInputProc, TlsOutputProc, TlsWatchProc): * tls.c (VerifyCallback): add an state flag in the verify callback that prevents possibly recursion (on 'update'). [Bug 1652380] file: [7da5f18bba] check-in: [c692cb9684] user: hobbs2 branch: trunk, size: 40699
2004-12-17
16:01
* win/makefile.vc: Added the MSVC build system (from the Tcl * win/rules.vc: sampleextension). * win/nmakehlp.c: * win/tls.rc Added Windows resource file. * tls.tcl: From patch #948155, added support for alternate socket commands. * tls.c: Quieten some MSVC warnings. Prefer ckalloc over Tcl_Alloc. (David Graveraux). file: [c3a95bcf2f] check-in: [fe79338a36] user: patthoyts branch: trunk, size: 40915
2004-06-29
11:07
* tls.c: Fixup to build against tcl 8.3.3. Handle * tlsIO.c: 8.4 constification. file: [823c68fcb0] check-in: [9633ce0e5c] user: patthoyts branch: trunk, size: 40840
2004-03-24
05:22
Fix build warnings. file: [e35ed3b05f] check-in: [67bf2dd40d] user: razzell branch: trunk, size: 40834
2004-03-19
21:05
* tls.c (Tls_Init): replaced older TEA config with newer * config/* (removed): * pkgIndex.tcl.in, strncasecmp.c (removed): * Makefile.in, aclocal.m4, configure, configure.in: * tclconfig/README.txt, tclconfig/install-sh, tclconfig/tcl.m4: file: [f2f5d0dfc5] check-in: [bf83205ca8] user: hobbs branch: trunk, size: 40771
2004-02-13
02:09
Unify result handling in callback options. file: [e64436e2e3] check-in: [20fd9291ba] user: razzell branch: trunk, size: 40760
2004-02-04
04:02
Fix build warnings. file: [ebec730afe] check-in: [bc575f4a87] user: razzell branch: trunk, size: 40444
2003-10-07
22:57
Added CONST with intent similar to Revision 1.14. file: [b31fec4fee] check-in: [bb720c804e] user: razzell branch: trunk, size: 40441
2003-07-07
20:24
* tls.c (Tls_Init): added tls::misc command provided by * tlsX509.c: Wojciech Kocjan (wojciech kocjan.org) * tests/keytest1.tcl: to expose more low-level SSL commands * tests/keytest2.tcl: file: [f43c6403f5] check-in: [b423807e0e] user: hobbs branch: trunk, size: 40433
2003-05-15
21:02
Added password callback support and version command. Fixed memory leak. file: [85e46e8624] check-in: [509dd7a9b6] user: razzell branch: trunk, size: 36240
20:44
*** empty log message *** file: [32f77b5e42] check-in: [3631274d64] user: razzell branch: trunk, size: 36239
2002-02-04
22:46
* tls.htm: * tls.c: added support for local certificate status check, as well as returning the # of bits in the session key. [Patch #505698] (rose) * tls.c: * tlsIO.c: * tlsBIO.c: added CONSTs to satisfy Tcl 8.4 sources. This may give warnings when compiled against 8.3, but they can be ignored. file: [1f1f2854e3] check-in: [c34385bbcd] user: hobbs branch: trunk, size: 34229
2001-03-14
22:04
* tls.c (Tls_Init): add do/while for random number initialization to work around some OSes quirks. (Ralph.Billes@teltech.com.au) file: [7a7ec2f3d3] check-in: [dfc33d3b84] user: hobbs branch: trunk, size: 33681
2000-08-18
19:22
* tls.c (Tls_Init): added call to RAND_seed to seed the SSL random number generator. Without this, OpenSSL 0.9.5 chokes, and in any case it is a big security hole to do without it. file: [860e712dac] check-in: [4b5fd24dad] user: hobbs branch: trunk, size: 33223
2000-08-16
17:44
* tls.c (Tls_Init): corrected interpretation of version number (patchlevel and release/serial were swapped). file: [e741b6dd44] check-in: [090741a97a] user: hobbs branch: trunk, size: 32889
2000-08-15
18:49
* tlsInt.h: * tls.c: * tlsIO.c: corrected structure initialization to work when compiling with 8.2. Now compiles with 8.2+ and tested to work with 8.2+ and dynamically adjust to the version of Tcl it was loaded into. TLS will fail the test suite with Tcl 8.2-8.3.1. file: [bc1abaf8b3] check-in: [e7ef654f47] user: hobbs branch: trunk, size: 32877
00:02
* tlsInt.h: * tlsIO.c: * tlsBIO.c: * tls.c: changed around to only working with 8.2.0+ (8.3.2+ preferred), with runtime checks for pre- and post-io-rewrite. file: [468d0efc89] check-in: [33ea0b5a9d] user: hobbs branch: trunk, size: 32838
2000-08-14
21:55
* tls.c (Tls_Init): changed it to require 8.3.2 when Tcl_InitStubs was called because we don't want people using TLS with the original stacked channel implementation. file: [5bbd225a1e] check-in: [2b0ce3e01b] user: hobbs branch: trunk, size: 32154
2000-07-27
01:58
* merged all changes from tls-1-3-io-rewrite back into main branch file: [a379b2ee3e] check-in: [a636fa7c56] user: hobbs branch: trunk, size: 31891
2000-07-26
22:15
* tls.c (ImportObjCmd): removed unnecessary use of 'bio' arg. (Tls_Init): check return value of SSL_library_init. Also lots of whitespace cleanup (more like Tcl Eng style guide), but not all code was cleaned up. * tlsBIO.c: minor whitespace cleanup * tlsIO.c: minor whitespace cleanup. (TlsInputProc, TlsOutputProc): Added ERR_clear_error before calls to BIO_read or BIO_write, because we could otherwise end up pulling an error off the stack that didn't belong to us. Also cleanup up excessive use of gotos. file: [d793bbc229] check-in: [e64e21d80e] user: hobbs branch: tls-1-3-io-rewrite, size: 31895
2000-07-21
05:32
* tests/tlsIO.test: corrected various tests to be correct for TLS stacked channels (as opposed to the standard sockets the test suite was adopted from). Key differences are that TLS cannot operate in one process without all channels being non-blocking, or the handshake will block, and handshaking must be forced in some cases. Also, handshakes don't seem to complete unless the client has placed at least one byte for the server to read in the channel. * tests/remote.tcl: corrected the finding of tests certificates * tlsIO.c (TlsCloseProc): removed deleting of timer handler as that is handled by Tls_Clean. * tls.tcl (tls::_accept): corrected the internal _accept to trickle callback errors to the user. * Makefile.in: made the install-binaries target regenerate the pkgIndex.tcl correctly. The test target probably shouldn't screw it up, but this is to be on the safe side. file: [82fbf20832] check-in: [977988aed6] user: hobbs branch: tls-1-3-io-rewrite, size: 31604
2000-07-11
04:58
* tlsBIO.c (BioWrite, BioRead): changed Tcl_Read/Write to Tcl_ReadRaw/TclWriteRaw. * tls.c: added use of Tcl_GetTopChannel after Tcl_GetChannel and got return value from Tcl_StackChannel. * tests/tlsIO.test: added some handshaking that shouldn't be necessary, but we crash otherwise (needs more testing). * tlsIO.c: added support for "corrected" stacked channels. All the above channels are in TCL_CHANNEL_VERSION_2 #ifdefs. file: [f0ce1e5480] check-in: [fb9a612600] user: hobbs branch: tls-1-3-io-rewrite, size: 31581
2000-06-06
01:34
Merging with similar changes by Scott S. file: [1fe77384fc] check-in: [08fc9629ab] user: welch branch: trunk, size: 30869
01:04
* tlsInt.h: * tls.c: Cleaned up declarations of Tls_Clean to avoid errors on Windows (lint). file: [caad573382] check-in: [5ab4c35956] user: stanton branch: trunk, size: 30795
2000-06-05
18:09
Moved SSL shutdown up into the CloseProc, away from the asynchronous EventuallyFree file: [574ea1f12d] check-in: [b3abc0c1c4] user: welch branch: trunk, size: 30959
2000-05-04
20:40
added code to allow compilation with either OpenSSL or BSAFE file: [58fc6e64f6] check-in: [cc4e8de2d7] user: aborr branch: trunk, size: 30262
2000-01-20
01:50
added Matt's patches for the tclhttpd server file: [230e3f6e31] check-in: [efd347fa7e] user: aborr branch: trunk, size: 30050
2000-01-19
22:10
Initial import of tls extension. file: [65b25f6ccd] check-in: [27770ce26d] user: aborr branch: tls-vendor-branch, size: 29804 Added