Overview
| Comment: | Updated README file |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | tls-1.8 |
| Files: | files | file ages | folders |
| SHA3-256: |
4ef8ff423e653c100f504f926844ddb9 |
| User & Date: | bohagan on 2024-11-02 00:06:52 |
| Other Links: | branch diff | manifest | tags |
Context
|
2024-11-03
| ||
| 02:00 | BADSSL test updates for latest certificate status check-in: cf3d49b26b user: bohagan tags: tls-1.8 | |
|
2024-11-02
| ||
| 00:06 | Updated README file check-in: 4ef8ff423e user: bohagan tags: tls-1.8 | |
|
2024-11-01
| ||
| 22:01 | Makefile updates for tls.tcl.h to work for sh. Needed for FreeBSD. Made makefile optimizations. check-in: 97047919d0 user: bohagan tags: tls-1.8 | |
Changes
Modified README.txt from [20f98786f0] to [683b4d9f00].
1 2 3 4 5 6 7 | Tool Command Language (TCL) Transport Layer Security (TLS) Extension Intro ===== This package provides an extension which implements Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption over Transmission Control | | | | > > > | > | | < > > | < | | | | > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | Tool Command Language (TCL) Transport Layer Security (TLS) Extension Intro ===== This package provides an extension which implements Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption over Transmission Control Protocol (TCP) network communication channels utilizing the OpenSSL library. Description =========== This extension works by creating a layered TCL Channel on top of an existing bi-directional channel created by the TLS socket command. All existing socket functionality is supported in addition to several new options. Both client and server modes are supported. Documentation ============= See the doc directory for the full usage documentation. Compatibility ============= TCL --- This package requires TCL 8.5 or later. It will also work with TCL 9, but it is not binary compatible between major TCL versions. This means if this extension is built with TCL 8.x it will not load into TCL 9 or vice versa. It is best to compile both separately then install them with the compatible TCL versions. OpenSSL ------- This package is compatible with OpenSSL v1.1.1 or later, though 3.2 or later is preferred. See http://www.openssl.org/. Please note that there are a few API incompatibilities between OpenSSL 1.1.1 and 3.x, so if this extension is built against OpenSSL 1.1.1 it is not binary compatible with OpenSSL 3.x or vice versa. TCLTLS ------ There were several changes made in the callback command arguments between versions 1.7 and 2.0. See the doc/tls.html for what changed and library/tls.tcl for example handler functions that are backwards compatible. Installation ============ This package uses the TCL Extension Architecture (TEA) to build and install on any supported Unix, Mac, or MS Windows system. It depends on the OpenSSL |
| ︙ | ︙ | |||
115 116 117 118 119 120 121 | ========== Original TLS Copyright (C) 1997-2000 Matt Newman <[email protected]> TLS 1.4.1 Copyright (C) 2000 Ajuba Solutions TLS 1.6 Copyright (C) 2008 ActiveState Software Inc. TLS 1.7 Copyright (C) 2016 Matt Newman, Ajuba Solutions, ActiveState Software Inc, Roy Keene <[email protected]> | | | 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 | ========== Original TLS Copyright (C) 1997-2000 Matt Newman <[email protected]> TLS 1.4.1 Copyright (C) 2000 Ajuba Solutions TLS 1.6 Copyright (C) 2008 ActiveState Software Inc. TLS 1.7 Copyright (C) 2016 Matt Newman, Ajuba Solutions, ActiveState Software Inc, Roy Keene <[email protected]> TLS 1.8-2.0 Copyright (C) 2023-2024 Brian O'Hagan Acknowledgments =============== Non-exclusive credits for TLS are: Original work: Matt Newman @ Novadigm Updates: Jeff Hobbs @ ActiveState |
| ︙ | ︙ |
Modified library/tls.tcl from [c206365201] to [48423522ec].
| ︙ | ︙ | |||
349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 |
}
"session" {
lassign $args session_id ticket lifetime
log 0 "TLS/$chan: session: lifetime $lifetime"
}
"verify" {
return [tls::validate_command $option $chan {*}$args]
}
default {
return -code error "bad option \"$option\":\
must be one of error, info, message, or session"
}
}
}
#
| > | | 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 |
}
"session" {
lassign $args session_id ticket lifetime
log 0 "TLS/$chan: session: lifetime $lifetime"
}
"verify" {
# Backwards compatible for v1.7
return [tls::validate_command $option $chan {*}$args]
}
default {
return -code error "bad option \"$option\":\
must be one of error, info, message, or session"
}
}
}
#
# Sample callback when return value is needed. New for TLS 1.8+.
#
proc tls::validate_command {option chan args} {
variable debug
switch -- $option {
"alpn" {
lassign $args protocol match
|
| ︙ | ︙ | |||
422 423 424 425 426 427 428 429 430 431 432 433 434 435 |
}
if {$cb(handshake) == "done"} {
return 1
}
}
}
proc tls::password {{option password} {rwflag 0} {size 0}} {
log 0 "TLS/Password: did you forget to set your passwd!"
# Return the worlds best kept secret password.
return "secret"
}
proc tls::log {level msg} {
| > > > | 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 |
}
if {$cb(handshake) == "done"} {
return 1
}
}
}
#
# Sample callback to get password when needed. Args are new for TLS 1.8+.
#
proc tls::password {{option password} {rwflag 0} {size 0}} {
log 0 "TLS/Password: did you forget to set your passwd!"
# Return the worlds best kept secret password.
return "secret"
}
proc tls::log {level msg} {
|
| ︙ | ︙ |