TclTLS: Diff

Differences From Artifact [943fec2e44]:

File tlsX509.c — part of check-in [275ecbcc5d] at 2023-04-10 01:27:35 on branch trunk — Initial changes for TCL 9.0. Fixed package requires to work with TCL 9.0. Removed obsolete macro _ANSI_ARGS_, use ANSI arg definitions, etc. Macros: CONST84 to const, WIN32 to _WIN32, CONST to const, VOID to void, etc. Replaced Tcl_SaveResult with Tcl_SaveInterpState, Tcl_RestoreResult with Tcl_RestoreInterpState, and Tcl_DiscardResult with Tcl_DiscardInterpState. Use Tcl_BackgroundError for pre TCL 8.6 and Tcl_BackgroundException for TCL 8.6+. (user: bohagan, size: 5937) [annotate] [blame] [check-ins using]

To Artifact [87f16e34d8]:

File tlsX509.c — part of check-in [2ed802a7af] at 2023-04-23 02:08:22 on branch trunk — Changes for OpenSSL v1.1.1 to make compatible with no deprecated option. (user: bohagan, size: 6549) [annotate] [blame] [check-ins using]

1 2 3 4 5 6 7 8 9 10 11	/* * Copyright (C) 1997-2000 Sensus Consulting Ltd. * Matt Newman <[email protected]> / #include "tlsInt.h" / * Ensure these are not macros - known to be defined on Win32 */ #ifdef min #undef min	> > > > > >	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	/* * Copyright (C) 1997-2000 Sensus Consulting Ltd. * Matt Newman <[email protected]> / #include <tcl.h> #include <stdio.h> #include <openssl/bio.h> #include <openssl/sha.h> #include <openssl/x509.h> #include <openssl/asn1.h> #include "tlsInt.h" / * Ensure these are not macros - known to be defined on Win32 */ #ifdef min #undef min
︙			︙
31 32 33 34 35 36 37 ~~38 39~~ 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69	static char * ASN1_UTCTIME_tostr(ASN1_UTCTIME tm) { static char bp[128]; char v; int gmt=0; static char mon[12]={ ~~"Jan","Feb","Mar","Apr","May","Jun", "Jul","Aug","Sep","Oct","Nov","Dec"};~~ int i; int y=0,M=0,d=0,h=0,m=0,s=0; i=tm->length; v=(char )tm->data; if (i < 10) goto err; if (v[i-1] == 'Z') gmt=1; for (i=0; i<10; i++) ~~if ((v[i] > '9') \|\| (v[i] < '0')) goto err;~~ y= (v[0]-'0')10+(v[1]-'0'); if (y < 70) y+=100; M= (v[2]-'0')10+(v[3]-'0'); if ((M > 12) \|\| (M < 1)) goto err; d= (v[4]-'0')10+(v[5]-'0'); h= (v[6]-'0')10+(v[7]-'0'); m= (v[8]-'0')10+(v[9]-'0'); if ( (v[10] >= '0') && (v[10] <= '9') && (v[11] >= '0') && (v[11] <= '9')) ~~s= (v[10]-'0')10+(v[11]-'0');~~ sprintf(bp,"%s %2d %02d:%02d:%02d %d%s", ~~mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"");~~ return bp; err: return "Bad time value"; } /* ------------------------------------------------------	\| \| \| \| \|	37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75	static char * ASN1_UTCTIME_tostr(ASN1_UTCTIME tm) { static char bp[128]; char v; int gmt=0; static char mon[12]={ "Jan","Feb","Mar","Apr","May","Jun", "Jul","Aug","Sep","Oct","Nov","Dec"}; int i; int y=0,M=0,d=0,h=0,m=0,s=0; i=tm->length; v=(char )tm->data; if (i < 10) goto err; if (v[i-1] == 'Z') gmt=1; for (i=0; i<10; i++) if ((v[i] > '9') \|\| (v[i] < '0')) goto err; y= (v[0]-'0')10+(v[1]-'0'); if (y < 70) y+=100; M= (v[2]-'0')10+(v[3]-'0'); if ((M > 12) \|\| (M < 1)) goto err; d= (v[4]-'0')10+(v[5]-'0'); h= (v[6]-'0')10+(v[7]-'0'); m= (v[8]-'0')10+(v[9]-'0'); if ( (v[10] >= '0') && (v[10] <= '9') && (v[11] >= '0') && (v[11] <= '9')) s= (v[10]-'0')10+(v[11]-'0'); sprintf(bp,"%s %2d %02d:%02d:%02d %d%s", mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":""); return bp; err: return "Bad time value"; } /* ------------------------------------------------------
︙			︙
98 99 100 101 102 103 104 ~~105~~ 106 107 108 109 110 111 112	char notBefore[BUFSIZ]; char notAfter[BUFSIZ]; char certStr[CERT_STR_SIZE], certStr_p; int certStr_len, toRead; #ifndef NO_SSL_SHA char sha1_hash_ascii[SHA_DIGEST_LENGTH 2 + 1]; unsigned char sha1_hash_binary[SHA_DIGEST_LENGTH]; ~~char sha256_hash_ascii[SHA256_DIGEST_LENGTH2+1];~~ unsigned char sha256_hash_binary[SHA256_DIGEST_LENGTH]; const char shachars="0123456789ABCDEF"; sha1_hash_ascii[SHA_DIGEST_LENGTH * 2] = '\0'; sha256_hash_ascii[SHA256_DIGEST_LENGTH * 2] = '\0'; #endif	\|	104 105 106 107 108 109 110 111 112 113 114 115 116 117 118	char notBefore[BUFSIZ]; char notAfter[BUFSIZ]; char certStr[CERT_STR_SIZE], certStr_p; int certStr_len, toRead; #ifndef NO_SSL_SHA char sha1_hash_ascii[SHA_DIGEST_LENGTH 2 + 1]; unsigned char sha1_hash_binary[SHA_DIGEST_LENGTH]; char sha256_hash_ascii[SHA256_DIGEST_LENGTH * 2 + 1]; unsigned char sha256_hash_binary[SHA256_DIGEST_LENGTH]; const char shachars="0123456789ABCDEF"; sha1_hash_ascii[SHA_DIGEST_LENGTH 2] = '\0'; sha256_hash_ascii[SHA256_DIGEST_LENGTH * 2] = '\0'; #endif
︙			︙
133 134 135 136 137 138 139 ~~140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159~~ 160 161 162 163 164 165 166 167 168 169 170 ~~171 172~~ 173 174 175 176 177 178 179	i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert)); n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1)); n = max(n, 0); serial[n] = 0; (void)BIO_flush(bio); if (PEM_write_bio_X509(bio, cert)) { certStr_p = certStr; certStr_len = 0; while (1) { toRead = min(BIO_pending(bio), CERT_STR_SIZE - certStr_len - 1); toRead = min(toRead, BUFSIZ); if (toRead == 0) { break; } dprintf("Reading %i bytes from the certificate...", toRead); n = BIO_read(bio, certStr_p, toRead); if (n <= 0) { break; } certStr_len += n; certStr_p += n; } certStr_p = '\0'; (void)BIO_flush(bio); } BIO_free(bio); } strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) )); strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) )); #ifndef NO_SSL_SHA / SHA1 / X509_digest(cert, EVP_sha1(), sha1_hash_binary, NULL); for (int n = 0; n < SHA_DIGEST_LENGTH; n++) { ~~sha1_hash_ascii[n 2] = shachars[(sha1_hash_binary[n] & 0xF0) >> 4]; sha1_hash_ascii[n * 2 + 1] = shachars[(sha1_hash_binary[n] & 0x0F)];~~ } Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj("sha1_hash", -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj(sha1_hash_ascii, SHA_DIGEST_LENGTH * 2) ); /* SHA256 */ X509_digest(cert, EVP_sha256(), sha256_hash_binary, NULL); for (int n = 0; n < SHA256_DIGEST_LENGTH; n++) {	\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| > > > > > \| \|	139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190	i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert)); n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1)); n = max(n, 0); serial[n] = 0; (void)BIO_flush(bio); if (PEM_write_bio_X509(bio, cert)) { certStr_p = certStr; certStr_len = 0; while (1) { toRead = min(BIO_pending(bio), CERT_STR_SIZE - certStr_len - 1); toRead = min(toRead, BUFSIZ); if (toRead == 0) { break; } dprintf("Reading %i bytes from the certificate...", toRead); n = BIO_read(bio, certStr_p, toRead); if (n <= 0) { break; } certStr_len += n; certStr_p += n; } certStr_p = '\0'; (void)BIO_flush(bio); } BIO_free(bio); } #if OPENSSL_VERSION_NUMBER < 0x10100000L strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) )); strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) )); #else strcpy( notBefore, ASN1_UTCTIME_tostr( X509_getm_notBefore(cert) )); strcpy( notAfter, ASN1_UTCTIME_tostr( X509_getm_notAfter(cert) )); #endif #ifndef NO_SSL_SHA / SHA1 / X509_digest(cert, EVP_sha1(), sha1_hash_binary, NULL); for (int n = 0; n < SHA_DIGEST_LENGTH; n++) { sha1_hash_ascii[n2] = shachars[(sha1_hash_binary[n] & 0xF0) >> 4]; sha1_hash_ascii[n2+1] = shachars[(sha1_hash_binary[n] & 0x0F)]; } Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj("sha1_hash", -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj(sha1_hash_ascii, SHA_DIGEST_LENGTH 2) ); /* SHA256 */ X509_digest(cert, EVP_sha256(), sha256_hash_binary, NULL); for (int n = 0; n < SHA256_DIGEST_LENGTH; n++) {
︙			︙