| ︙ | | |
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
|
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
|
-
+
|
Tcl_IncrRefCount(cmdPtr);
ok = EvalCallback(interp, statePtr, cmdPtr);
Tcl_DecrRefCount(cmdPtr);
dprintf("VerifyCallback: command result = %d", ok);
/* statePtr->flags &= ~(TLS_TCL_CALLBACK); */
return(ok); /* By default, leave verification unchanged. */
return ok; /* By default, leave verification unchanged. */
}
�
/*
*-------------------------------------------------------------------
*
* Tls_Error --
*
|
| ︙ | | |
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
|
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
|
-
+
|
char *ret = (char *) Tcl_GetStringFromObj(Tcl_GetObjResult(interp), &len);
if (len > (Tcl_Size) size-1) {
len = (Tcl_Size) size-1;
}
strncpy(buf, ret, (size_t) len);
buf[len] = '\0';
Tcl_Release((ClientData) interp);
return((int) len);
return (int) len;
}
Tcl_Release((ClientData) interp);
return -1;
}
�
/*
*-------------------------------------------------------------------
|
| ︙ | | |
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
|
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
|
-
+
-
+
-
+
|
int err = 0;
(void) clientData;
dprintf("Called");
if (objc != 2) {
Tcl_WrongNumArgs(interp, 1, objv, "channel");
return(TCL_ERROR);
return TCL_ERROR;
}
ERR_clear_error();
chan = Tcl_GetChannel(interp, Tcl_GetString(objv[1]), NULL);
if (chan == (Tcl_Channel) NULL) {
return(TCL_ERROR);
return TCL_ERROR;
}
/* Make sure to operate on the topmost channel */
chan = Tcl_GetTopChannel(chan);
if (Tcl_GetChannelType(chan) != Tls_ChannelType()) {
Tcl_AppendResult(interp, "bad channel \"", Tcl_GetChannelName(chan),
"\": not a TLS channel", (char *) NULL);
Tcl_SetErrorCode(interp, "TLS", "HANDSHAKE", "CHANNEL", "INVALID", (char *) NULL);
return(TCL_ERROR);
return TCL_ERROR;
}
statePtr = (State *)Tcl_GetChannelInstanceData(chan);
dprintf("Calling Tls_WaitForConnect");
ret = Tls_WaitForConnect(statePtr, &err, 1);
dprintf("Tls_WaitForConnect returned: %i", ret);
|
| ︙ | | |
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
|
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
|
-
+
-
+
|
Tcl_AppendResult(interp, "handshake failed: ", errStr, (char *) NULL);
if ((result = SSL_get_verify_result(statePtr->ssl)) != X509_V_OK) {
Tcl_AppendResult(interp, " due to \"", X509_verify_cert_error_string(result), "\"", (char *) NULL);
}
Tcl_SetErrorCode(interp, "TLS", "HANDSHAKE", "FAILED", (char *) NULL);
dprintf("Returning TCL_ERROR with handshake failed: %s", errStr);
return(TCL_ERROR);
return TCL_ERROR;
} else {
if (err != 0) {
dprintf("Got an error with a completed handshake: err = %i", err);
}
ret = 1;
}
dprintf("Returning TCL_OK with data \"%i\"", ret);
Tcl_SetObjResult(interp, Tcl_NewIntObj(ret));
return(TCL_OK);
return TCL_OK;
}
/*
*-------------------------------------------------------------------
*
* ImportObjCmd --
*
|
| ︙ | | |
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
|
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
|
-
+
|
break;
}
ERR_clear_error();
ctx = SSL_CTX_new(method);
if (!ctx) {
return(NULL);
return NULL;
}
if (getenv(SSLKEYLOGFILE)) {
SSL_CTX_set_keylog_callback(ctx, KeyLogCallback);
}
#if !defined(NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_3)
|
| ︙ | | |
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
|
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
|
-
+
-
+
-
+
|
const SSL_CIPHER *cipher;
const SSL_SESSION *session;
const EVP_MD *md;
(void) clientData;
if (objc != 2) {
Tcl_WrongNumArgs(interp, 1, objv, "channel");
return(TCL_ERROR);
return TCL_ERROR;
}
chan = Tcl_GetChannel(interp, Tcl_GetString(objv[1]), NULL);
if (chan == (Tcl_Channel) NULL) {
return(TCL_ERROR);
return TCL_ERROR;
}
/* Make sure to operate on the topmost channel */
chan = Tcl_GetTopChannel(chan);
if (Tcl_GetChannelType(chan) != Tls_ChannelType()) {
Tcl_AppendResult(interp, "bad channel \"", Tcl_GetChannelName(chan),
"\": not a TLS channel", (char *) NULL);
Tcl_SetErrorCode(interp, "TLS", "CONNECTION", "CHANNEL", "INVALID", (char *) NULL);
return(TCL_ERROR);
return TCL_ERROR;
}
objPtr = Tcl_NewListObj(0, NULL);
/* Connection info */
statePtr = (State *)Tcl_GetChannelInstanceData(chan);
ssl = statePtr->ssl;
|
| ︙ | | |
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
|
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
|
-
+
|
if ((cert=X509_new())==NULL) {
Tcl_SetResult(interp,"Error generating certificate request",NULL);
EVP_PKEY_free(pkey);
#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_free(bne);
#endif
return(TCL_ERROR);
return TCL_ERROR;
}
X509_set_version(cert,2);
ASN1_INTEGER_set(X509_get_serialNumber(cert),serial);
X509_gmtime_adj(X509_getm_notBefore(cert),0);
X509_gmtime_adj(X509_getm_notAfter(cert),(long)60*60*24*days);
X509_set_pubkey(cert,pkey);
|
| ︙ | | |
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
|
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
|
-
+
|
* Result:
* A standard Tcl error code.
*
*------------------------------------------------------*
*/
DLLEXPORT int Tls_SafeInit(Tcl_Interp *interp) {
dprintf("Called");
return(Tls_Init(interp));
return Tls_Init(interp);
}
/*
*------------------------------------------------------*
*
* TlsLibInit --
*
|
| ︙ | | |
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
|
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
|
-
+
-
+
-
+
|
size_t num_locks;
#endif
if (uninitialize) {
if (!initialized) {
dprintf("Asked to uninitialize, but we are not initialized");
return(TCL_OK);
return TCL_OK;
}
dprintf("Asked to uninitialize");
#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
Tcl_MutexLock(&init_mx);
if (locks) {
free(locks);
locks = NULL;
locksCount = 0;
}
#endif
initialized = 0;
#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
Tcl_MutexUnlock(&init_mx);
#endif
return(TCL_OK);
return TCL_OK;
}
if (initialized) {
dprintf("Called, but using cached value");
return(status);
return status;
}
dprintf("Called");
#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
Tcl_MutexLock(&init_mx);
#endif
|
| ︙ | | |
2949
2950
2951
2952
2953
2954
2955
2956
2957
|
2949
2950
2951
2952
2953
2954
2955
2956
2957
|
-
+
|
} while (RAND_status() != 1);
#endif
#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
Tcl_MutexUnlock(&init_mx);
#endif
return(status);
return status;
}
|