@@ -445,11 +445,11 @@
     Tcl_ListObjAppendElement(interp, cmdPtr,
 	    Tcl_NewStringObj(Tcl_GetChannelName(statePtr->self), -1));
     if (msg != NULL) {
 	Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(msg, -1));
 
-    } else if ((msg = Tcl_GetStringFromObj(Tcl_GetObjResult(interp), (Tcl_Size *) NULL)) != NULL) {
+    } else if ((msg = Tcl_GetString(Tcl_GetObjResult(interp))) != NULL) {
 	Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(msg, -1));
 
     } else {
 	listPtr = Tcl_NewListObj(0, NULL);
 	while ((err = ERR_get_error()) != 0) {
@@ -920,14 +920,10 @@
     }
     Tcl_DecrRefCount(cmdPtr);
     return res;
 }
 
-/********************/
-/* Commands         */
-/********************/
-
 /*
  *-------------------------------------------------------------------
  *
  * CiphersObjCmd -- list available ciphers
  *
@@ -987,11 +983,11 @@
     case TLS_SSL2:
 	Tcl_AppendResult(interp, protocols[index], ": protocol not supported", (char *)NULL);
 	return TCL_ERROR;
     case TLS_SSL3:
 #if defined(NO_SSL3) || defined(OPENSSL_NO_SSL3) || defined(OPENSSL_NO_SSL3_METHOD)
-	Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL);
+	Tcl_AppendResult(interp, protocols[index], ": protocol not supported", (char *)NULL);
 	return TCL_ERROR;
 #else
 	method = SSLv3_method(); break;
 #endif
     case TLS_TLS1:
@@ -1014,11 +1010,11 @@
 	return TCL_ERROR;
 #else
 	method = TLSv1_2_method(); break;
 #endif
     case TLS_TLS1_3:
-#if defined(NO_TLS1_3) || defined(OPENSSL_NO_TLS1_3)
+#if defined(NO_TLS1_3) || defined(OPENSSL_NO_TLS1_3) || defined(OPENSSL_NO_TLS1_3_METHOD)
 	Tcl_AppendResult(interp, protocols[index], ": protocol not supported", (char *)NULL);
 	return TCL_ERROR;
 #else
 	method = TLS_method();
 	SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
@@ -1027,17 +1023,15 @@
 #endif
     default:
 	method = TLS_method();
 	break;
     }
-
     ctx = SSL_CTX_new(method);
     if (ctx == NULL) {
 	Tcl_AppendResult(interp, GET_ERR_REASON(), (char *)NULL);
 	return TCL_ERROR;
     }
-
     ssl = SSL_new(ctx);
     if (ssl == NULL) {
 	Tcl_AppendResult(interp, GET_ERR_REASON(), (char *)NULL);
 	SSL_CTX_free(ctx);
 	return TCL_ERROR;
@@ -1826,11 +1820,11 @@
 #if !defined(NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_2_METHOD)
     case TLS_PROTO_TLS1_2:
 	method = isServer ? TLSv1_2_server_method() : TLSv1_2_client_method();
 	break;
 #endif
-#if !defined(NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_3)
+#if !defined(NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_3_METHOD)
     case TLS_PROTO_TLS1_3:
 	/* Use the generic method and constraint range after context is created */
 	method = isServer ? TLS_server_method() : TLS_client_method();
 	break;
 #endif
@@ -1934,11 +1928,10 @@
 		SSL_CTX_free(ctx);
 		return NULL;
 	    }
 	    SSL_CTX_set_tmp_dh(ctx, dh);
 	    DH_free(dh);
-
 	} else {
 	    /* Use well known DH parameters that have built-in support in OpenSSL */
 	    if (!SSL_CTX_set_dh_auto(ctx, 1)) {
 		Tcl_AppendResult(interp, "Could not enable set DH auto: ", GET_ERR_REASON(), (char *)NULL);
 		SSL_CTX_free(ctx);
@@ -2016,12 +2009,12 @@
 	}
 	/* Now we know that a key and cert have been set against
 	 * the SSL context */
 	if (!SSL_CTX_check_private_key(ctx)) {
 	    Tcl_AppendResult(interp,
-			    "private key does not match the certificate public key",
-			    (char *)NULL);
+		    "private key does not match the certificate public key",
+		    (char *)NULL);
 	    SSL_CTX_free(ctx);
 	    return NULL;
 	}
     }
 
@@ -2114,22 +2107,22 @@
     if (objc < 2 || objc > 3 || (objc == 3 && !strcmp(Tcl_GetString(objv[1]), "-local"))) {
 	Tcl_WrongNumArgs(interp, 1, objv, "?-local? channel");
 	return TCL_ERROR;
     }
 
-    /* Get channel Id */
-    channelName = Tcl_GetStringFromObj(objv[(objc == 2 ? 1 : 2)], (Tcl_Size *) NULL);
+    channelName = Tcl_GetString(objv[(objc == 2 ? 1 : 2)]);
     chan = Tcl_GetChannel(interp, channelName, &mode);
     if (chan == (Tcl_Channel) NULL) {
 	return TCL_ERROR;
     }
-
-    /* Make sure to operate on the topmost channel */
+    /*
+     * Make sure to operate on the topmost channel
+     */
     chan = Tcl_GetTopChannel(chan);
     if (Tcl_GetChannelType(chan) != Tls_ChannelType()) {
 	Tcl_AppendResult(interp, "bad channel \"", Tcl_GetChannelName(chan),
-		"\": not a TLS channel", NULL);
+		"\": not a TLS channel", (char *)NULL);
 	Tcl_SetErrorCode(interp, "TLS", "STATUS", "CHANNEL", "INVALID", (char *)NULL);
 	return TCL_ERROR;
     }
     statePtr = (State *) Tcl_GetChannelInstanceData(chan);
 
@@ -2239,11 +2232,11 @@
     if (objc != 2) {
 	Tcl_WrongNumArgs(interp, 1, objv, "channel");
 	return(TCL_ERROR);
     }
 
-    chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], (Tcl_Size *)NULL), NULL);
+    chan = Tcl_GetChannel(interp, Tcl_GetString(objv[1]), NULL);
     if (chan == (Tcl_Channel) NULL) {
 	return(TCL_ERROR);
     }
 
     /* Make sure to operate on the topmost channel */
@@ -2825,10 +2818,13 @@
 {
     Tcl_CmdInfo info;
 
     dprintf("Called");
 
+	/*
+	 * We only support Tcl 8.6 or newer
+	 */
     if (Tcl_InitStubs(interp, "8.6-", 0) == NULL) {
 	return TCL_ERROR;
     }
 
     if (TlsLibInit(0) != TCL_OK) {