TclTLS
Diff
Login
HomeTimelineDownloadBrowse SourceBranchesTagsTicketsWiki
Annotate Patch Side-by-side Diff

Differences From Artifact [08483551ff]:

To Artifact [5132bf407b]:

1101
1102
1103
1104
1105
1106
1107

1108
1109
1110
1111
1112
1113
1114

1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115








+








    # return the channel to line buffering mode (TLS sets it to 'none').
    fconfigure $s1 -blocking 0 -buffering line
    vwait x
    # TLS handshaking needs one byte from the client...
    puts $s1 a
    # need update to complete TLS handshake in-process
    update
    fconfigure $s1 -blocking 1
    set z [gets $s1]
    close $s
    close $s1
    set z
} bye

test tlsIO-9.1 {testing spurious events} {socket} {

2010
2011
2012
2013
2014
2015
2016
2017
2018

2019
2020
2021

2022
2023
2024
2025
2026
2027
2028

2011
2012
2013
2014
2015
2016
2017


2018
2019


2020
2021
2022
2023
2024
2025
2026
2027








-
-
+

-
-
+








	}
    }
    proc accept {s a p} {
	fconfigure $s -blocking 0
	fileevent $s readable [list do_handshake $s readable readlittle \
		-buffering none]
    }
    set s [tls::socket \
	    -certfile $serverCert -cafile $caCert -keyfile $serverKey \
    set s [tls::socket -certfile $serverCert -cafile $caCert -keyfile $serverKey \
	    -server accept 8831]
    set c [tls::socket \
	    -certfile $clientCert -cafile $caCert -keyfile $clientKey \
    set c [tls::socket -certfile $clientCert -cafile $caCert -keyfile $clientKey \
	    localhost 8831]
    # only the client gets tls::import
    set res [tls::unimport $c]
    list $res [catch {close $c} err] $err \
	[catch {close $s} err] $err
} {{} 0 {} 0 {}}


2039
2040
2041
2042
2043
2044
2045
2046
2047
2048



2049
2050

2051
2052

2053
2054
2055
2056
2057
2058
2059
2060

2038
2039
2040
2041
2042
2043
2044



2045
2046
2047
2048

2049


2050

2051
2052
2053
2054
2055
2056
2057








-
-
-
+
+
+

-
+
-
-
+
-








        set ::done $msg
    }
    # NOTE: when doing an in-process client/server test, both sides need
    # to be non-blocking for the TLS handshake

    # Server - Only accept TLS 1.2
    set s [tls::socket \
               -certfile $serverCert -cafile $caCert -keyfile $serverKey \
               -request 0 -require 0 -ssl2 0 -ssl3 0 -tls1 0 -tls1.1 0 -tls1.2 1 \
               -server Accept 8831]
	    -certfile $serverCert -cafile $caCert -keyfile $serverKey -request 0 \
	    -require 0 -ssl2 0 -ssl3 0 -tls1 0 -tls1.1 0 -tls1.2 1 \
	    -server Accept 8831]
    # Client - Only propose TLS1.0
    set c [tls::socket -async \
    set c [tls::socket -async -cafile $caCert -request 0 -require 0 \
               -cafile $caCert \
               -request 0 -require 0 -ssl2 0 -ssl3 0 -tls1 1 -tls1.1 0 -tls1.2 0 \
	    -ssl2 0 -ssl3 0 -tls1 1 -tls1.1 0 -tls1.2 0 localhost 8831]
               localhost 8831]
    fconfigure $c -blocking 0
    puts $c a ; flush $c
    after 5000 [list set ::done timeout]
    vwait ::done
    switch -exact -- $::done {
        "handshake failed: wrong ssl version" -
        "handshake failed: unsupported protocol" {
Powered by Fossil · RSS