Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Merged in several outstanding patches |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
6aedc8c1b555605ff77c607a68f2562c |
| User & Date: | rkeene 2016-11-22 21:43:13 |
Context
|
2016-12-08
| ||
| 04:26 | Merged in work for TclTLS 1.7 to trunk check-in: 0409513536 user: rkeene tags: trunk | |
|
2016-11-22
| ||
| 22:07 | Create new branch named "tcltls-2" check-in: ae164b967d user: rkeene tags: tls-1-7 | |
| 21:43 | Merged in several outstanding patches check-in: 6aedc8c1b5 user: rkeene tags: trunk | |
| 21:36 | Applied patch Closed-Leaf check-in: 4ec3fe7449 user: rkeene tags: rkeene-eoffix | |
| 17:58 | Applied patch Closed-Leaf check-in: db95f55e95 user: rkeene tags: rkeene-unthreaded | |
| 17:58 | Applied patch Closed-Leaf check-in: a141858eec user: rkeene tags: rkeene-fixcrosscompile | |
| 17:58 | Applied patch Closed-Leaf check-in: 0c7fd93cac user: rkeene tags: rkeene-peercertificate | |
|
2015-07-07
| ||
| 17:16 | Updated with dhparam.2.patch for tls ticket #59. check-in: 2aadaa4c28 user: andreas_kupries tags: trunk | |
Changes
Changes to Makefile.in.
| ︙ | ︙ | |||
225 226 227 228 229 230 231 |
# library. In most cases these object files will correspond to the
# source files above.
#========================================================================
$(PKG_LIB_FILE): $(PKG_OBJECTS)
-rm -f $(PKG_LIB_FILE)
${MAKE_LIB}
| | | 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 |
# library. In most cases these object files will correspond to the
# source files above.
#========================================================================
$(PKG_LIB_FILE): $(PKG_OBJECTS)
-rm -f $(PKG_LIB_FILE)
${MAKE_LIB}
-$(RANLIB) $(PKG_LIB_FILE)
#========================================================================
# We need to enumerate the list of .c to .o lines here.
#
# In the following lines, $(srcdir) refers to the toplevel directory
# containing your extension. If your sources are in a subdirectory,
# you will have to modify the paths to reflect this:
|
| ︙ | ︙ |
Changes to configure.
| ︙ | ︙ | |||
1383 1384 1385 1386 1387 1388 1389 |
echo "${ECHO_T}$CYGPATH" >&6
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi
EXEEXT=".exe"
| > | > > | > | 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 |
echo "${ECHO_T}$CYGPATH" >&6
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi
EXEEXT=".exe"
if [ -z "${TEA_PLATFORM}" ]; then
TEA_PLATFORM="windows"
fi
;;
*CYGWIN_*)
CYGPATH=echo
EXEEXT=".exe"
# TEA_PLATFORM is determined later
;;
*)
CYGPATH=echo
EXEEXT=""
if [ -z "${TEA_PLATFORM}" ]; then
TEA_PLATFORM="unix"
fi
;;
esac
# Check if exec_prefix is set. If not use fall back to prefix.
# Note when adjusted, so that TEA_PREFIX can correct for this.
# This is needed for recursive configures, since autoconf propagates
# $prefix, but not $exec_prefix (doh!).
|
| ︙ | ︙ | |||
1678 1679 1680 1681 1682 1683 1684 |
case "`uname -s`" in
*CYGWIN_*)
echo "$as_me:$LINENO: checking for cygwin variant" >&5
echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6
case ${TCL_EXTRA_CFLAGS} in
*-mwin32*|*-mno-cygwin*)
| > | > > | > | 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 |
case "`uname -s`" in
*CYGWIN_*)
echo "$as_me:$LINENO: checking for cygwin variant" >&5
echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6
case ${TCL_EXTRA_CFLAGS} in
*-mwin32*|*-mno-cygwin*)
if [ -z "${TEA_PLATFORM}" ]; then
TEA_PLATFORM="windows"
fi
CFLAGS="$CFLAGS -mwin32"
echo "$as_me:$LINENO: result: win32" >&5
echo "${ECHO_T}win32" >&6
;;
*)
if [ -z "${TEA_PLATFORM}" ]; then
TEA_PLATFORM="unix"
fi
echo "$as_me:$LINENO: result: unix" >&5
echo "${ECHO_T}unix" >&6
;;
esac
EXEEXT=".exe"
;;
*)
|
| ︙ | ︙ | |||
10312 10313 10314 10315 10316 10317 10318 |
PKG_LIBS="$PKG_LIBS $i"
done
fi
if test -n "${OPENSSL}"; then
| | | 10320 10321 10322 10323 10324 10325 10326 10327 10328 10329 10330 10331 10332 10333 10334 |
PKG_LIBS="$PKG_LIBS $i"
done
fi
if test -n "${OPENSSL}"; then
vars="ssl.lib crypto.lib"
for i in $vars; do
if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then
# Convert foo.lib to -lfoo for GCC. No-op if not *.lib
i=`echo "$i" | sed -e 's/^\([^-].*\)\.lib$/-l\1/i'`
fi
PKG_LIBS="$PKG_LIBS $i"
done
|
| ︙ | ︙ |
Changes to tls.c.
| ︙ | ︙ | |||
1768 1769 1770 1771 1772 1773 1774 1775 1776 |
*------------------------------------------------------*
*/
static int
TlsLibInit ()
{
int i;
char rnd_seed[16] = "GrzSlplKqUdnnzP!"; /* 16 bytes */
#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
size_t num_locks;
| > < < > | 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 |
*------------------------------------------------------*
*/
static int
TlsLibInit ()
{
int i;
char rnd_seed[16] = "GrzSlplKqUdnnzP!"; /* 16 bytes */
int status=TCL_OK;
#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
size_t num_locks;
if (!initialized) {
Tcl_MutexLock(&init_mx);
if (!initialized) {
initialized = 1;
#endif
if (CRYPTO_set_mem_functions((void *(*)(size_t))Tcl_Alloc,
(void *(*)(void *, size_t))Tcl_Realloc,
(void(*)(void *))Tcl_Free) == 0) {
/* Not using Tcl's mem functions ... not critical */
}
|
| ︙ | ︙ | |||
1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 |
rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0));
}
RAND_seed(rnd_seed, sizeof(rnd_seed));
} while (RAND_status() != 1);
}
done:
Tcl_MutexUnlock(&init_mx);
}
return status;
}
| > > | 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 |
rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0));
}
RAND_seed(rnd_seed, sizeof(rnd_seed));
} while (RAND_status() != 1);
}
done:
#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
Tcl_MutexUnlock(&init_mx);
#endif
}
return status;
}
|
Changes to tlsIO.c.
| ︙ | ︙ | |||
929 930 931 932 933 934 935 936 937 938 939 940 941 942 |
dprintf(stderr,"E! ");
*errorCodePtr = EAGAIN;
return -1;
} else {
continue;
}
} else if (err == 0) {
dprintf(stderr,"CR! ");
*errorCodePtr = ECONNRESET;
return -1;
}
if (statePtr->flags & TLS_TCL_SERVER) {
err = SSL_get_verify_result(statePtr->ssl);
if (err != X509_V_OK) {
| > > > | 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 |
dprintf(stderr,"E! ");
*errorCodePtr = EAGAIN;
return -1;
} else {
continue;
}
} else if (err == 0) {
if (Tcl_Eof(statePtr->self)) {
return 0;
}
dprintf(stderr,"CR! ");
*errorCodePtr = ECONNRESET;
return -1;
}
if (statePtr->flags & TLS_TCL_SERVER) {
err = SSL_get_verify_result(statePtr->ssl);
if (err != X509_V_OK) {
|
| ︙ | ︙ |
Changes to tlsX509.c.
| ︙ | ︙ | |||
96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 |
int n;
unsigned long flags;
char subject[BUFSIZ];
char issuer[BUFSIZ];
char serial[BUFSIZ];
char notBefore[BUFSIZ];
char notAfter[BUFSIZ];
#ifndef NO_SSL_SHA
int shai;
char sha_hash[SHA_DIGEST_LENGTH*2];
const char *shachars="0123456789ABCDEF";
#endif
if ((bio = BIO_new(BIO_s_mem())) == NULL) {
subject[0] = 0;
issuer[0] = 0;
serial[0] = 0;
} else {
flags = XN_FLAG_RFC2253 | ASN1_STRFLGS_UTF8_CONVERT;
flags &= ~ASN1_STRFLGS_ESC_MSB;
| > > | 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 |
int n;
unsigned long flags;
char subject[BUFSIZ];
char issuer[BUFSIZ];
char serial[BUFSIZ];
char notBefore[BUFSIZ];
char notAfter[BUFSIZ];
char certStr[BUFSIZ];
#ifndef NO_SSL_SHA
int shai;
char sha_hash[SHA_DIGEST_LENGTH*2];
const char *shachars="0123456789ABCDEF";
#endif
certStr[0] = 0;
if ((bio = BIO_new(BIO_s_mem())) == NULL) {
subject[0] = 0;
issuer[0] = 0;
serial[0] = 0;
} else {
flags = XN_FLAG_RFC2253 | ASN1_STRFLGS_UTF8_CONVERT;
flags &= ~ASN1_STRFLGS_ESC_MSB;
|
| ︙ | ︙ | |||
127 128 129 130 131 132 133 134 135 136 137 138 139 140 |
BIO_flush(bio);
i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert));
n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1));
n = max(n, 0);
serial[n] = 0;
BIO_flush(bio);
BIO_free(bio);
}
strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) ));
strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) ));
| > > > > > > > | 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 |
BIO_flush(bio);
i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert));
n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1));
n = max(n, 0);
serial[n] = 0;
BIO_flush(bio);
if (PEM_write_bio_X509(bio, cert)) {
n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
n = max(n, 0);
certStr[n] = 0;
BIO_flush(bio);
}
BIO_free(bio);
}
strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) ));
strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) ));
|
| ︙ | ︙ | |||
170 171 172 173 174 175 176 177 178 179 |
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( notAfter, -1) );
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( "serial", -1) );
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( serial, -1) );
return certPtr;
}
| > > > > > | 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 |
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( notAfter, -1) );
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( "serial", -1) );
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( serial, -1) );
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( "certificate", -1) );
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( certStr, -1) );
return certPtr;
}
|