History of generic/tls.c of 050fe3b49c5d80a7c4c5cf11d8f5e0873bbc7edb3b11bf4ae04411661bddf948

History of file generic/tls.c at check-in 050fe3b49c5d80a7c4c5cf11d8f5e0873bbc7edb3b11bf4ae04411661bddf948

2024-10-26
17:34
Added support for loading CA certificates from virtual file systems. Source: https://core.tcl-lang.org/tcltls/tktview/030c713ca2 file: [25505d8d36] check-in: [b70fbfd8cf] user: bohagan, branch: tls-1.8, size: 99869 [annotate] [blame] [check-ins using] [diff]
16:38
Removed obsolete RCS version strings. Added file header info. file: [99b0260693] check-in: [fbdf0eae0a] user: bohagan, branch: tls-1.8, size: 96531 [annotate] [blame] [check-ins using] [diff]
16:08
Removed extra padding, convert spaces to tabs, etc. file: [87532f6227] check-in: [1ef3d3faef] user: bohagan, branch: tls-1.8, size: 96456 [annotate] [blame] [check-ins using] [diff]
2024-10-25
05:13
More TCL9 updates file: [08752c37a7] check-in: [ea36bcf6c4] user: bohagan, branch: tls-1.8, size: 96457 [annotate] [blame] [check-ins using] [diff]
2024-10-05
17:46
Changes to fix warnings file: [25bb520bd7] check-in: [c747afd200] user: bohagan, branch: tls-1.8, size: 96444 [annotate] [blame] [check-ins using] [diff]
2024-07-07
15:23
Changed to use Tcl_PkgRequireEx, only call if not using stubs. file: [c902e2c2b4] check-in: [57cd9143b5] user: bohagan, branch: tls-1.8, size: 96400 [annotate] [blame] [check-ins using] [diff]
2024-07-06
04:17
Made updates to enhance event processing, I/O operations, etc. to address reports of stalled connections, etc. file: [99e542a0c2] check-in: [e3d4330c95] user: bohagan, branch: tls-1.8, size: 96386 [annotate] [blame] [check-ins using] [diff]
2024-07-01
01:08
Changed to send SSL_shutdown as part of BIO close channel handler rather than Tls_Clean. file: [2cf7b99093] check-in: [1505883e4a] user: bohagan, branch: tls-1.8, size: 96220 [annotate] [blame] [check-ins using] [diff]
2024-06-29
19:21
Backed out changes to provide error status when setting -cadir, -cafile, and -castore options. Breaks IO test cases. file: [6e62c9c865] check-in: [89536252d5] user: bohagan, branch: tls-1.8, size: 96561 [annotate] [blame] [check-ins using] [diff]
02:46
Added comments and function preamble comments to BIO and IO files. file: [636b102381] check-in: [9e79f40ed5] user: bohagan, branch: tls-1.8, size: 97011 [annotate] [blame] [check-ins using] [diff]
2024-06-28
19:33
Updated Tls_NewX509Obj to use Tcl_Objs for returned hex values. Use a dynamically allocated temp buffer. file: [d5754546f3] check-in: [121a81e392] user: bohagan, branch: tls-1.8, size: 96932 [annotate] [blame] [check-ins using] [diff]
2024-06-25
22:22
Changed Tls_NewX509Obj to not use stack space for all and certificate buffers. This reduces the possibility of a stack overflow. file: [d36478ef49] check-in: [17ee565eed] user: bohagan, branch: tls-1.8, size: 96636 [annotate] [blame] [check-ins using] [diff]
2024-06-23
01:46
Updates to provide error status when setting -cadir, -cafile, and -castore options. file: [bba2dae983] check-in: [568f5bc7ec] user: bohagan, branch: tls-1.8, size: 96630 [annotate] [blame] [check-ins using] [diff]
01:39
Undo change in OpenSSL 1.1.1 which enabled SSL_MODE_AUTO_RETRY. This will avoid hangs in blocking mode after an non-app record is received, but an app record is not yet available. Also enabled SSL_MODE_ENABLE_PARTIAL_WRITE, which allows writes with fewer than all records written to be successful. file: [b62ec44bb1] check-in: [991ab74cdd] user: bohagan, branch: tls-1.8, size: 96153 [annotate] [blame] [check-ins using] [diff]
2024-06-20
01:01
Added support for setting the certificate store file: [9112e257e3] check-in: [1cabc3b8f2] user: bohagan, branch: tls-1.8, size: 95865 [annotate] [blame] [check-ins using] [diff]
2024-06-19
20:40
Added more connection status file: [1e500c198d] check-in: [ab1aa551c0] user: bohagan, branch: tls-1.8, size: 94832 [annotate] [blame] [check-ins using] [diff]
2024-06-16
20:23
Added shutdown handler file: [c568200b91] check-in: [2e607e483a] user: bohagan, branch: tls-1.8, size: 93854 [annotate] [blame] [check-ins using] [diff]
2024-06-15
21:49
Removed obsolete locking code and added support for checking system OpenSSL config file for crypto policies. file: [5d61adfac5] check-in: [449470132e] user: bohagan, branch: tls-1.8, size: 93485 [annotate] [blame] [check-ins using] [diff]
2024-06-06
05:20
Added back option to enable debug mode that was lost in conversion to new TEA build system file: [ec7ae85081] check-in: [7e60e66f64] user: bohagan, branch: tls-1.8, size: 94786 [annotate] [blame] [check-ins using] [diff]
01:21
Merged in generate tls.tcl.h and debug mode option changes file: [c4b8d40b20] check-in: [d00f5eca5d] user: bohagan, branch: crypto, size: 89316 [annotate] [blame] [check-ins using] [diff]
2024-06-05
03:02
Replaced old method of including tls.tcl file in compiled library with a cross-platform compatible method file: [b933816499] check-in: [1f8b36d9a4] user: bohagan, branch: tls-1.8, size: 94642 [annotate] [blame] [check-ins using] [diff]
2024-05-29
20:34
Eliminate tls_free_type, that can be done smarter without the typecasts everywhere file: [0bbe388ea9] check-in: [216954cfae] user: jan.nijtmans, branch: trunk, size: 93314 [annotate] [blame] [check-ins using] [diff]
01:30
Merged in changes from master file: [5693b2c98c] check-in: [9d265b298a] user: bohagan, branch: crypto, size: 89308 [annotate] [blame] [check-ins using] [diff]
01:07
Optimized types and casting file: [f31356b00f] check-in: [5deb755d1d] user: bohagan, branch: tls-1.8, size: 94634 [annotate] [blame] [check-ins using] [diff]
2024-05-28
15:27
Smarter way to handle typecasting in Tls_Free() file: [4f26995be5] check-in: [402b6db186] user: jan.nijtmans, branch: nijtmans, size: 53159 [annotate] [blame] [check-ins using] [diff]
15:08
Fix Tls_Error() signature file: [6655a24c69] check-in: [bc6ff74449] user: jan.nijtmans, branch: bohagan, size: 89910 [annotate] [blame] [check-ins using] [diff]
15:00
Fix Tls_Error() signature file: [2dddb83a48] check-in: [53b28536f9] user: jan.nijtmans, branch: nijtmans, size: 53191 [annotate] [blame] [check-ins using] [diff]
14:12
tlsUuid.h should be built in $(TMP_DIR), not $(WIN_DIR). Eliminate some MSVC warnings file: [ebb46352fe] check-in: [6bd083aecb] user: jan.nijtmans, branch: trunk, size: 93438 [annotate] [blame] [check-ins using] [diff]
2024-05-27
22:45
Make error message a const string file: [4a79a9db30] check-in: [c5a4009f73] user: bohagan, branch: tls-1.8, size: 94607 [annotate] [blame] [check-ins using] [diff]
15:11
Fix Tls_Error() function signature file: [1921191aca] check-in: [86bf966f5b] user: jan.nijtmans, branch: trunk, size: 93428 [annotate] [blame] [check-ins using] [diff]
15:01
Make TCL_UNUSED() work here. Some indenting changes. file: [4bb905fa6a] check-in: [c3b40dfa2a] user: jan.nijtmans, branch: trunk, size: 93422 [annotate] [blame] [check-ins using] [diff]
2024-05-19
18:50
Merge in changes from master file: [15ea667e37] check-in: [911e1b65a9] user: bohagan, branch: crypto, size: 89274 [annotate] [blame] [check-ins using] [diff]
17:16
Updated unimport channel so it restores channel config after unstack. Will now work on any stacked channel. file: [cd25c54305] check-in: [b3f0973a4c] user: bohagan, branch: tls-1.8, size: 94601 [annotate] [blame] [check-ins using] [diff]
15:59
Fixed memory leak in unimport channel file: [94f84a44e7] check-in: [262ec2d5d9] user: bohagan, branch: tls-1.8, size: 92898 [annotate] [blame] [check-ins using] [diff]
2024-05-11
01:46
Added version check for SSL_get_signature_type_nid API added in OpenSSL 1.1.1a. This is needed for Ubuntu 18.04 LTS. file: [5901aadd4f] check-in: [8af8ef15f0] user: bohagan, branch: tls-1.8, size: 92877 [annotate] [blame] [check-ins using] [diff]
2024-03-26
21:28
Minor cleanups to remove obsolete code and add missing change log entry file: [eb71938a0b] check-in: [bb89d73224] user: bohagan, branch: tls-1.8, size: 92795 [annotate] [blame] [check-ins using] [diff]
2024-03-15
22:17
Fix warnings for compile with GCC on TCL 9.0 file: [62e132dc18] check-in: [562bd95399] user: bohagan, branch: trunk, size: 93693 [annotate] [blame] [check-ins using] [diff]
22:17
Fix warnings for compile with GCC on TCL 9.0 file: [bcc60fdf89] check-in: [eae5afbb83] user: bohagan, branch: crypto, size: 88529 [annotate] [blame] [check-ins using] [diff]
2024-03-12
14:30
Merge trunk file: [3dad396c4f] check-in: [c005e3d09b] user: jan.nijtmans, branch: bohagan, size: 89904 [annotate] [blame] [check-ins using] [diff]
14:21
More simple code formatting ... no change in functionality file: [02ab8298f1] check-in: [f69776b946] user: jan.nijtmans, branch: nijtmans, size: 53185 [annotate] [blame] [check-ins using] [diff]
2024-03-11
02:15
Merge in build-info command and TEA updates file: [cad12de55d] check-in: [3d9a852fc6] user: bohagan, branch: crypto, size: 88421 [annotate] [blame] [check-ins using] [diff]
2024-03-10
23:26
Added TCL 9.0 build-info command including support for UUID files. Altered scripts from sample extension to put tlsUuid.h in WIN_DIR not TMP_DIR. file: [a34923e145] check-in: [c5526c14fd] user: bohagan, branch: trunk, size: 93585 [annotate] [blame] [check-ins using] [diff]
05:56
Added global namespace qualifier to command names. Catch error for eval embedded tls.tcl script. file: [1e32f24336] check-in: [c0bbfde5a4] user: bohagan, branch: crypto, size: 86656 [annotate] [blame] [check-ins using] [diff]
05:48
Added global namespace qualifier to command names. Catch error for eval embedded tls.tcl script. file: [3d6d35a575] check-in: [17e4fbdf88] user: bohagan, branch: trunk, size: 91819 [annotate] [blame] [check-ins using] [diff]
2024-03-05
14:37
Formatting (taken over from bohagan) file: [e096bf5253] check-in: [2568fd9c5d] user: jan.nijtmans, branch: bohagan, size: 89602 [annotate] [blame] [check-ins using] [diff]
2024-02-28
05:26
Merged changes from master file: [6611dfd0b6] check-in: [bfb516156c] user: bohagan, branch: crypto, size: 86614 [annotate] [blame] [check-ins using] [diff]
04:42
In password callback, added check for password > max size. Also added null terminator. file: [074ad76419] check-in: [3866a025e0] user: bohagan, branch: trunk, size: 91771 [annotate] [blame] [check-ins using] [diff]
2024-02-27
16:29
Take over change in tls.c too (from same commit) file: [be27cdc273] check-in: [eecbce78ef] user: jan.nijtmans, branch: bohagan, size: 89628 [annotate] [blame] [check-ins using] [diff]
05:05
Removed unneeded initialize dstrings. file: [0e25730e3b] check-in: [6ffc298e51] user: bohagan, branch: trunk, size: 91605 [annotate] [blame] [check-ins using] [diff]
2024-02-24
22:32
Merge trunk file: [41a05faa4a] check-in: [47f7634a14] user: jan.nijtmans, branch: bohagan, size: 89615 [annotate] [blame] [check-ins using] [diff]
22:22
Clean-up gcc compiler warnings file: [5e701cf08b] check-in: [d966a301eb] user: bohagan, branch: trunk, size: 91791 [annotate] [blame] [check-ins using] [diff]
22:07
Eliminate some deprecated function usages. Disable ssl3 by default too (just as ssl2) file: [688305c24b] check-in: [3090c676df] user: jan.nijtmans, branch: nijtmans, size: 52628 [annotate] [blame] [check-ins using] [diff]
21:07
Improve error-handling, e.g. using Tcl_SetErrorCode() file: [22deb29539] check-in: [e8f554a732] user: jan.nijtmans, branch: nijtmans, size: 52508 [annotate] [blame] [check-ins using] [diff]
03:57
Merged in changes from master file: [2435fc4bff] check-in: [603eb0c0ba] user: bohagan, branch: crypto, size: 86634 [annotate] [blame] [check-ins using] [diff]
03:26
Added back initialize dynamic strings since Tcl_TranslateFileName doesn't initialize them file: [69b432401c] check-in: [ccb3824e44] user: bohagan, branch: trunk, size: 91754 [annotate] [blame] [check-ins using] [diff]
03:02
Clean up return statements file: [2c8caab3b7] check-in: [a9e4d32d68] user: bohagan, branch: trunk, size: 91533 [annotate] [blame] [check-ins using] [diff]
02:02
Added missing cast nulls to char pointer file: [d1d4cc8897] check-in: [ea98e5c0da] user: bohagan, branch: trunk, size: 91550 [annotate] [blame] [check-ins using] [diff]
2024-02-23
23:57
Optimized get string from object file: [9c4ead6c33] check-in: [5130ce9e72] user: bohagan, branch: trunk, size: 91433 [annotate] [blame] [check-ins using] [diff]
22:57
Use LAPPEND_STR() and friends file: [6f7de4fd54] check-in: [6e95e7672d] user: jan.nijtmans, branch: nijtmans, size: 52210 [annotate] [blame] [check-ins using] [diff]
21:27
REASON() -> GET_ERR_REASON(). Add some more utilities to tlsInt.h (not used yet) file: [cf8594fd4b] check-in: [42f5f29486] user: jan.nijtmans, branch: nijtmans, size: 52674 [annotate] [blame] [check-ins using] [diff]
15:08
Merge trunk file: [c4917ab97f] check-in: [ea8c67f798] user: jan.nijtmans, branch: bohagan, size: 90482 [annotate] [blame] [check-ins using] [diff]
14:48
Merge "dh" branch from: [https://chiselapp.com/user/bohagan/repository/TCLTLS/timeline?r=dh]. The "gen_dh_params" script is no longer necessary file: [f15837cdac] check-in: [6aeb4fa6ee] user: jan.nijtmans, branch: nijtmans, size: 52652 [annotate] [blame] [check-ins using] [diff]
13:21
Merge trunk file: [d656aab335] check-in: [c7b67bc013] user: jan.nijtmans, branch: bohagan, size: 90511 [annotate] [blame] [check-ins using] [diff]
13:08
Add "tls::build-info" command file: [a40898e09d] check-in: [355a10cf0e] user: jan.nijtmans, branch: nijtmans, size: 52470 [annotate] [blame] [check-ins using] [diff]
2024-02-22
15:27
Merge trunk file: [b894390529] check-in: [c61ea12657] user: jan.nijtmans, branch: bohagan, size: 89101 [annotate] [blame] [check-ins using] [diff]
13:49
A lot of formatting, no change in functionality. file: [0d8631d8e5] check-in: [46ffe75283] user: jan.nijtmans, branch: nijtmans, size: 51083 [annotate] [blame] [check-ins using] [diff]
2024-02-21
23:10
Few more tweaks file: [d561fadbc4] check-in: [195f14da6c] user: jan.nijtmans, branch: nijtmans, size: 51382 [annotate] [blame] [check-ins using] [diff]
22:57
Stop support for OpenSSL < v1.1.1 file: [7287ba0204] check-in: [f2101dcc16] user: jan.nijtmans, branch: nijtmans, size: 51349 [annotate] [blame] [check-ins using] [diff]
2024-02-20
22:09
Merge trunk file: [c996e233ea] check-in: [6853760139] user: jan.nijtmans, branch: bohagan, size: 91461 [annotate] [blame] [check-ins using] [diff]
20:57
"make install" now works on MacOS too (uses .dylib in stead of .so, no "doc" yet) file: [ac73771fae] check-in: [6778f7f147] user: jan.nijtmans, branch: nijtmans, size: 51577 [annotate] [blame] [check-ins using] [diff]
14:58
Renamed tls.c → generic/tls.c. Move all *.c and *.h files to the /generic/ directory. Update win/makefile.vc from [https://chiselapp.com/user/bohagan/repository/TCLTLS/index] file: [90806f56c7] check-in: [b921cb3e6e] user: jan.nijtmans, branch: nijtmans, size: 51578 [annotate] [blame] [check-ins using]
14:58
Renamed to generic/tls.c. Move all *.c and *.h files to the /generic/ directory. Update win/makefile.vc from [https://chiselapp.com/user/bohagan/repository/TCLTLS/index] check-in: [b921cb3e6e] user: jan.nijtmans, branch: nijtmans, size: 0
13:30
Use (char *)NULL as sentinel in Tcl_AppendResult() file: [90806f56c7] check-in: [ab6b683a51] user: jan.nijtmans, branch: nijtmans, size: 51578 [annotate] [blame] [check-ins using] [diff]
13:00
Make all C-/H-files Tcl 9-ready, with all kinds of code-cleanup. Build environment not handled yet. file: [03228c38ef] check-in: [ceb72b0012] user: jan.nijtmans, branch: nijtmans, size: 51434 [annotate] [blame] [check-ins using] [diff]
2024-02-19
21:55
Less compiler warnings file: [b29b9e852d] check-in: [0cfe6dfb3c] user: jan.nijtmans, branch: nijtmans, size: 52394 [annotate] [blame] [check-ins using] [diff]
20:16
Merge tls-1.7 file: [5ad13a5c03] check-in: [8e0be2f6e9] user: jan.nijtmans, branch: nijtmans, size: 52448 [annotate] [blame] [check-ins using] [diff]
19:23
No need to allocate a Tcl_ChannelType file: [afc2bb3178] check-in: [7af51313f8] user: jan.nijtmans, branch: tls-1.7, size: 52482 [annotate] [blame] [check-ins using] [diff]
2024-02-16
13:54
Merge 1.7 file: [484811ec37] check-in: [b8b1970122] user: jan.nijtmans, branch: nijtmans, size: 52461 [annotate] [blame] [check-ins using] [diff]
13:53
Remove all end-of-line spacing file: [833e387a32] check-in: [9345b54eaa] user: jan.nijtmans, branch: tls-1.7, size: 52463 [annotate] [blame] [check-ins using] [diff]
2024-02-12
10:39
Merge 1.8 file: [66160cd5f2] check-in: [3824e80ab5] user: jan.nijtmans, branch: codebykevin, size: 52557 [annotate] [blame] [check-ins using] [diff]
10:32
Merge 1.7. Forget about Tcl < 8.6 for this branch file: [959c6dc2b0] check-in: [01caf8a372] user: jan.nijtmans, branch: nijtmans, size: 52492 [annotate] [blame] [check-ins using] [diff]
10:22
Tcl_GetStringFromObj() -> Tcl_GetString(). Update ChangeLog/README.txt file: [490c867d5b] check-in: [663996a17b] user: jan.nijtmans, branch: tls-1.7, size: 52494 [annotate] [blame] [check-ins using] [diff]
2024-02-11
20:51
Merged changes from master. file: [e039ae1932] check-in: [45be9618dc] user: bohagan, branch: crypto, size: 86494 [annotate] [blame] [check-ins using] [diff]
02:16
Corrected memory leaks in use of dynamic strings file: [489d26f33a] check-in: [6287936460] user: bohagan, branch: trunk, size: 91587 [annotate] [blame] [check-ins using] [diff]
2024-02-10
22:03
Updated callback info in doc file file: [26178e45e1] check-in: [a1c3e96ef5] user: bohagan, branch: trunk, size: 91448 [annotate] [blame] [check-ins using] [diff]
20:37
Refactored set default CA certificates path and file to allow env vars to override defaults. file: [0fd30b2572] check-in: [cdb6cd6aa6] user: bohagan, branch: trunk, size: 91020 [annotate] [blame] [check-ins using] [diff]
2024-02-09
19:24
Added more error messages and quoted certificate fail message. file: [675528fb5b] check-in: [e3e0021e31] user: bohagan, branch: trunk, size: 90904 [annotate] [blame] [check-ins using] [diff]
2024-02-06
02:42
Added provider test cases file: [08e7f9d341] check-in: [5a41ff9aa1] user: bohagan, branch: crypto, size: 85654 [annotate] [blame] [check-ins using] [diff]
2024-02-05
00:55
Code updates for gcc warnings file: [76576d8a94] check-in: [7e672606f5] user: bohagan, branch: trunk, size: 90713 [annotate] [blame] [check-ins using] [diff]
2024-02-04
23:25
Code updates for gcc warnings file: [0f9a22b39e] check-in: [e58f2c78c8] user: bohagan, branch: crypto, size: 85654 [annotate] [blame] [check-ins using] [diff]
03:31
Merged changes from master branch file: [9e57ea75de] check-in: [fa17431520] user: bohagan, branch: crypto, size: 85498 [annotate] [blame] [check-ins using] [diff]
2024-02-03
03:15
Added more IO logging and error callback messages. Removed duplicate messages. file: [893e5c4546] check-in: [a3728bd654] user: bohagan, branch: trunk, size: 90539 [annotate] [blame] [check-ins using] [diff]
2024-02-02
03:33
Added more logging messages and updated get error message macro name file: [ea83c6521f] check-in: [fad32ff05f] user: bohagan, branch: trunk, size: 90571 [annotate] [blame] [check-ins using] [diff]
2024-01-25
22:56
Extracted from https://www.codebykevin.com/fossil.cgi/tcltls file: [8a6e3d7442] check-in: [737ebb9576] user: jan.nijtmans, branch: codebykevin, size: 52708 [annotate] [blame] [check-ins using] [diff]
2024-01-24
14:35
First changes needed for Tcl 9.0 file: [ff2cf80f27] check-in: [3057d6e2e0] user: jan.nijtmans, branch: nijtmans, size: 52568 [annotate] [blame] [check-ins using] [diff]
2023-12-29
21:12
Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f file: [afd3785b3b] check-in: [41e1203724] user: bohagan, branch: trunk, size: 90378 [annotate] [blame] [check-ins using] [diff]
21:09
Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f file: [4d8cd20913] check-in: [f586ebd433] user: bohagan, branch: crypto, size: 85296 [annotate] [blame] [check-ins using] [diff]
03:09
Merged in master changes file: [b9807f7867] check-in: [d2d04c75a0] user: bohagan, branch: crypto, size: 85272 [annotate] [blame] [check-ins using] [diff]
03:09
Updated to auto set DH parameters. Updated to use well known Diffie-Hellman (DH) parameters that have built-in support in OpenSSL. This means the DH parameters will be selected to be consistent with the size of the key associated with the server's certificate. If there is no certificate (e.g. for PSK ciphersuites), then it it will be consistent with the size of the negotiated symmetric cipher key. file: [54886bd843] check-in: [d3d16ea77f] user: bohagan, branch: dh, size: 90364 [annotate] [blame] [check-ins using] [diff]
03:09
Merged in dh branch file: [a4e2c18a75] check-in: [594dfd3195] user: bohagan, branch: trunk, size: 90369 [annotate] [blame] [check-ins using] [diff]
2023-12-28
20:01
Created DH branch file: [7c1b9c1884] check-in: [22f9df2429] user: bohagan, branch: dh, size: 90219 [annotate] [blame] [check-ins using] [diff]
03:00
Added random bytes command to generate random bytes using a cryptographically secure pseudo random generator (CSPRNG). file: [c0cfa2b008] check-in: [baa34f4208] user: bohagan, branch: crypto, size: 84798 [annotate] [blame] [check-ins using] [diff]
2023-12-21
20:15
Merged in master changes file: [578f1e1218] check-in: [265ace08fe] user: bohagan, branch: crypto, size: 84768 [annotate] [blame] [check-ins using] [diff]
19:56
Optimized Init stub load and package require. Use general pkhIndex.tcl file. file: [42a5997f51] check-in: [c498845865] user: bohagan, branch: trunk, size: 90221 [annotate] [blame] [check-ins using] [diff]
2023-12-16
04:56
Changed options processing from using string compares in macros to using Tcl_GetIndexFromObj and switch. file: [5f4251e5e6] check-in: [c7540ccbf1] user: bohagan, branch: crypto, size: 84893 [annotate] [blame] [check-ins using] [diff]
2023-12-11
05:24
Added KDF module to derive keys and ivs from passwords and salts. Added -hash option as alias for -digest. file: [4273abe6e0] check-in: [d4c2159faf] user: bohagan, branch: crypto, size: 82968 [annotate] [blame] [check-ins using] [diff]
2023-12-04
03:56
Split list operations into separate functions to make it easier for OpenSSL 3.0 changes. Added pkey list function. Added mac info and pkey info placeholder functions. More checks for NULL pointers. Moved legacy load ciphers and digest to init routine. file: [63ca861d17] check-in: [9e6e94200c] user: bohagan, branch: crypto, size: 82939 [annotate] [blame] [check-ins using] [diff]
2023-12-02
04:25
Added function to encrypt and decrypt data file: [3ece83c57b] check-in: [b395f93924] user: bohagan, branch: crypto, size: 82722 [annotate] [blame] [check-ins using] [diff]
2023-11-27
02:15
Backport changes from crypto branch including change -securitylevel option to -security_level. Optimized binary to hex conversion. file: [d44fcd8515] check-in: [d351d79642] user: bohagan, branch: trunk, size: 90346 [annotate] [blame] [check-ins using] [diff]
2023-11-21
03:44
Add digest and MAC use of EVP_DigestFinalXOF for XOF hash functions. Renamed security level option from -securitylevel to -security_level. Added more description info to digest and hash documentation. Added examples for tls::digest command to documentation. file: [66b088c361] check-in: [c5c9b26ac8] user: bohagan, branch: crypto, size: 82689 [annotate] [blame] [check-ins using] [diff]
2023-11-18
05:59
Optimized DigestInputProc to use common digest functions. Fixed write to channel digest transform. Updated comments file: [0db9f8be24] check-in: [3120c0a647] user: bohagan, branch: crypto, size: 82686 [annotate] [blame] [check-ins using] [diff]
2023-11-03
22:03
Moved info commands to tlsInfo.c file. Moved REASON macro definition to tlsInt.h file so all files can use. file: [2858ec05c6] check-in: [61a7c2c15a] user: bohagan, branch: crypto, size: 82682 [annotate] [blame] [check-ins using] [diff]
2023-10-27
23:01
Moved digest command to new tlsDigest.c file file: [860bf39ae0] check-in: [b120c6d336] user: bohagan, branch: crypto, size: 91841 [annotate] [blame] [check-ins using] [diff]
2023-10-14
23:16
Updated digests command to filter out RSA digests since only used for signature algorithms. file: [5aecfbd855] check-in: [0a899f2c18] user: bohagan, branch: crypto, size: 95326 [annotate] [blame] [check-ins using] [diff]
21:35
Optimized byte array to hex conversions file: [e558c674d7] check-in: [049f9cb970] user: bohagan, branch: crypto, size: 95180 [annotate] [blame] [check-ins using] [diff]
2023-10-11
23:13
Renamed hash command to digest and hashes command to digests. file: [33f81c89e9] check-in: [38f5e78596] user: bohagan, branch: crypto, size: 95121 [annotate] [blame] [check-ins using] [diff]
22:34
Modified ciphers command to make protocol arg optional to list all supported ciphers. file: [3f80fde031] check-in: [a44d361c13] user: bohagan, branch: crypto, size: 95021 [annotate] [blame] [check-ins using] [diff]
2023-10-10
04:10
Added hashes command to list OpenSSL supported hash digests. file: [d77314704b] check-in: [78cf378796] user: bohagan, branch: crypto, size: 94288 [annotate] [blame] [check-ins using] [diff]
02:43
Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. file: [30dc12770e] check-in: [cafd2dc6ba] user: bohagan, branch: crypto, size: 93252 [annotate] [blame] [check-ins using] [diff]
00:06
Created cryptography branch file: [a4b3c334bf] check-in: [0cd384c2ff] user: bohagan, branch: crypto, size: 89897 [annotate] [blame] [check-ins using] [diff]
2023-09-24
20:12
Moved definition of Append to List macros to tlsInt.h. Updated tls.c to use Append to List macros. file: [f4a59d7949] check-in: [28d6418fa7] user: bohagan, branch: trunk, size: 90229 [annotate] [blame] [check-ins using] [diff]
2023-09-23
22:37
Updates for TCL 9.0 and Tcl_Size change file: [6525346f21] check-in: [c740ba0cb8] user: bohagan, branch: trunk, size: 93217 [annotate] [blame] [check-ins using] [diff]
2023-09-02
22:07
Added verify result to handshake fail error message. file: [b2882089e7] check-in: [2e3a232d85] user: bohagan, branch: trunk, size: 92696 [annotate] [blame] [check-ins using] [diff]
21:13
Set automatic curve selection for ECDH temporary keys used during key exchange. Used to make a server always choose the most appropriate curve for a client. Disable compression even if supported. file: [050ef8b065] check-in: [1dbae1afec] user: bohagan, branch: trunk, size: 92512 [annotate] [blame] [check-ins using] [diff]
20:03
Changed to only allow SSL2 and SSL3 to be manually enabled. See RFC 8996, Deprecating TLS 1.0 and TLS 1.1. Also see NIST SP 800-52r2 which requires TLS 1.2 and TLS 1.3, should not use TLS 1.1, and shall not use TLS 1.0, SSL 3.0, or SSL 2.0. file: [a404941892] check-in: [9d1bdab9a6] user: bohagan, branch: trunk, size: 92162 [annotate] [blame] [check-ins using] [diff]
2023-08-28
01:56
Added load CA file comments file: [18bce24fbb] check-in: [d4b5b9bd2a] user: bohagan, branch: status_x509, size: 92428 [annotate] [blame] [check-ins using] [diff]
2023-08-19
20:30
Updated ConnectionInfoObjCmd to localize variables file: [4969f5a74b] check-in: [070af72ccb] user: bohagan, branch: status_x509, size: 91951 [annotate] [blame] [check-ins using] [diff]
18:04
Optimized CiphersObjCmd to use method variable. file: [8772a03dc7] check-in: [543e7ab6d3] user: bohagan, branch: status_x509, size: 91855 [annotate] [blame] [check-ins using] [diff]
2023-08-13
01:00
Added get CA list to connection status file: [3a81d8a8fc] check-in: [c95df396da] user: bohagan, branch: status_x509, size: 91801 [annotate] [blame] [check-ins using] [diff]
2023-08-12
04:07
Added session context, basic constraints, and publickeyhash status file: [59bf4e72f6] check-in: [4a0a74f238] user: bohagan, branch: status_x509, size: 91234 [annotate] [blame] [check-ins using] [diff]
2023-08-10
03:16
Reordered get parameters in Tls_NewX509Obj to follow RFC 5280 section order. Added get self issued, Key usage, Extended Key usage, and purpose values. Added more comments, optimized code, etc. file: [5b3a9ccd27] check-in: [10bcd4c88f] user: bohagan, branch: status_x509, size: 90876 [annotate] [blame] [check-ins using] [diff]
2023-07-31
02:17
Added verify depth and mode status to connection status, renamed signatureType and signatureType file: [876a0b1ced] check-in: [87010ba1d9] user: bohagan, branch: status_x509, size: 90773 [annotate] [blame] [check-ins using] [diff]
2023-07-30
02:53
Updated default callbacks in tls.tcl file file: [b314eff29c] check-in: [cdb51c799e] user: bohagan, branch: errors_and_callbacks, size: 89573 [annotate] [blame] [check-ins using] [diff]
02:09
Add match result to ALPN callback parameters. This indicates if a common protocol was found or not. file: [45bcc590a0] check-in: [75f1cfb376] user: bohagan, branch: errors_and_callbacks, size: 89137 [annotate] [blame] [check-ins using] [diff]
00:20
Updated password callback to add rwflag size arguments to callback. Callback now works like other callbacks with the function followed by args. Refactored get result processing. Added more info to doc file. file: [c6cfb160ec] check-in: [c072b00aeb] user: bohagan, branch: errors_and_callbacks, size: 89046 [annotate] [blame] [check-ins using] [diff]
2023-07-29
21:33
Added message status to callback command results. It is only available when OpenSSL is complied with the enable-ssl-trace option. file: [a5b24e4b6d] check-in: [5ddead759f] user: bohagan, branch: errors_and_callbacks, size: 88623 [annotate] [blame] [check-ins using] [diff]
2023-07-28
19:42
Set ErrorCode for returned errors file: [d37fbac857] check-in: [d7ece0aec4] user: bohagan, branch: errors_and_callbacks, size: 85356 [annotate] [blame] [check-ins using] [diff]
17:01
Disabled skip channel IO during verify callback processing. Call Tcl_Error for connect/handshake errors. file: [fa1e23179a] check-in: [6866efe8ea] user: bohagan, branch: errors_and_callbacks, size: 84348 [annotate] [blame] [check-ins using] [diff]
16:07
Refactored Tls_Error handler to not set errorCode. Use error message, return result, or if none, fall-back to OpenSSL error queue. Added clear OpenSSL errors to start of each command function to remove old error messages. file: [477116b5a6] check-in: [e85a439068] user: bohagan, branch: errors_and_callbacks, size: 84210 [annotate] [blame] [check-ins using] [diff]
2023-07-24
23:12
Comment and documentation updates. Added more checks for supported protocol versions. file: [8e541b360a] check-in: [a4c50c7c74] user: bohagan, branch: errors_and_callbacks, size: 84023 [annotate] [blame] [check-ins using] [diff]
2023-07-21
23:29
Removed connect or handshake errors trigger background error. Removed Tls_Error call to background error handler when a callback command isn't defined. This would occur during connect/handshake errors. Fixes bug: https://core.tcl-lang.org/tcltls/tktview/2c7b748796 file: [459c02ba4b] check-in: [6a11f12158] user: bohagan, branch: errors_and_callbacks, size: 83745 [annotate] [blame] [check-ins using] [diff]
23:01
Added new option -validatecommand to handle callbacks that require a return value. Consolidated evaluate callback commands into one function EvalCallback. Return alert codes for callbacks. Added more comments to callback functions. file: [d05c00dc5b] check-in: [91ff651d51] user: bohagan, branch: errors_and_callbacks, size: 84109 [annotate] [blame] [check-ins using] [diff]
2023-07-16
18:41
Added Next Protocol Negotiation (NPN) for TLS 1.0 to TLS 1.2. file: [6f8aac6c9a] check-in: [f7b84d671a] user: bohagan, branch: errors_and_callbacks, size: 82875 [annotate] [blame] [check-ins using] [diff]
17:26
Added alert type to info callback parameters and refactored code. file: [a232f29e3c] check-in: [0aa8ad9487] user: bohagan, branch: errors_and_callbacks, size: 81255 [annotate] [blame] [check-ins using] [diff]
16:02
Register ALPN callbacks only if protocols defined. Catch more errors in callbacks, return after set return values. file: [459b6052cb] check-in: [3b2e00d8a5] user: bohagan, branch: errors_and_callbacks, size: 81208 [annotate] [blame] [check-ins using] [diff]
2023-07-09
22:46
Changed to pass verify ok results string to callback. Renamed certificate status signature_hash to signatureHashAlgorithm. file: [55d19f65b6] check-in: [a5858c387a] user: bohagan, branch: status_x509, size: 81017 [annotate] [blame] [check-ins using] [diff]
2023-06-18
21:47
Added post handshake cert request option file: [57bb811cee] check-in: [fec0e414e9] user: bohagan, branch: status_x509, size: 81100 [annotate] [blame] [check-ins using] [diff]
2023-06-17
23:09
Added signature hash and type to connection status Changed validation result to verification. file: [15b3de1fe1] check-in: [e02e24c84a] user: bohagan, branch: status_x509, size: 80626 [annotate] [blame] [check-ins using] [diff]
2023-06-16
18:04
Change to use NULL for empty pointers file: [03a1400f39] check-in: [ee0728f6d6] user: bohagan, branch: status_x509, size: 79882 [annotate] [blame] [check-ins using] [diff]
2023-06-11
23:26
Use client or server methods instead of generic methods for protocol version selection file: [311a8c5ace] check-in: [f9da715266] user: bohagan, branch: status_x509, size: 80037 [annotate] [blame] [check-ins using] [diff]
20:12
Optimized get X509 certificate extensions file: [65ec9cb148] check-in: [eccad70fa9] user: bohagan, branch: status_x509, size: 79701 [annotate] [blame] [check-ins using] [diff]
02:27
Added more X509 certificate status info, show algorithm names, list used extensions, etc. file: [fb9e2c2ae2] check-in: [7265279af2] user: bohagan, branch: status_x509, size: 79702 [annotate] [blame] [check-ins using] [diff]
2023-06-10
21:25
Added master key, is server, and ticket lifetime to connection status. Reordered connection status results for better grouping. file: [34dae888de] check-in: [4e75be42e6] user: bohagan, branch: status_x509, size: 79783 [annotate] [blame] [check-ins using] [diff]
20:33
Set protocol version method based on client or server option. file: [a24507cd1f] check-in: [50c71137cb] user: bohagan, branch: status_x509, size: 78524 [annotate] [blame] [check-ins using] [diff]
19:45
Added ALPN callback update to catch and return errors in select next protocol. file: [3072fade94] check-in: [1a03a74d6e] user: bohagan, branch: status_x509, size: 78444 [annotate] [blame] [check-ins using] [diff]
2023-06-05
02:47
More callback error checking. Added session ticket callback handling. Split set client and server session caching callbacks. file: [bf31ce69c0] check-in: [e1f08bc122] user: bohagan, branch: status_x509, size: 77953 [annotate] [blame] [check-ins using] [diff]
02:09
Use SSL connection states instead of custom states. file: [a126391165] check-in: [3d083cdfaf] user: bohagan, branch: status_x509, size: 77524 [annotate] [blame] [check-ins using] [diff]
2023-06-04
03:20
Set host name for certificate checks. Pass peer specified host name to Hello callback. Set host name for certificate checks. This is separate from SNI. Added peername to status command results. Source: https://core.tcl-lang.org/tcltls/tktview/b023257dcf and https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 file: [62ec7882d5] check-in: [65f84287e7] user: bohagan, branch: status_x509, size: 77639 [annotate] [blame] [check-ins using] [diff]
2023-06-03
22:33
Added ALPN callback protocol selection. In ALPNCallback, server select from client provided protocol list uses -alpn protocols list to find first common protocol. file: [36d88366bc] check-in: [f50ee33fd6] user: bohagan, branch: status_x509, size: 76135 [annotate] [blame] [check-ins using] [diff]
2023-06-02
22:23
Added compression state to connection status file: [edf428a0fb] check-in: [e5975c8072] user: bohagan, branch: status_x509, size: 75712 [annotate] [blame] [check-ins using] [diff]
2023-05-29
23:15
Added server callbacks for ALPN, SNI, and Hello messages file: [30923f52a9] check-in: [a04a3aef6b] user: bohagan, branch: status_x509, size: 75640 [annotate] [blame] [check-ins using] [diff]
2023-05-27
21:14
Optimized use of pointers and comment format updates. file: [78a5edc11d] check-in: [500c6b97d6] user: bohagan, branch: status_x509, size: 68331 [annotate] [blame] [check-ins using] [diff]
19:20
Added session id and ticket to connection status. Added callback to handle session id and ticket updates after the handshake. file: [6e32fbd0db] check-in: [489f45bd81] user: bohagan, branch: status_x509, size: 68304 [annotate] [blame] [check-ins using] [diff]
03:06
Removed support for obsolete OpenSSL versions prior to v1.1.1. file: [c78a7d27a7] check-in: [0de7b4fc0a] user: bohagan, branch: status_x509, size: 64125 [annotate] [blame] [check-ins using] [diff]
2023-05-26
22:43
Added set security level option to set all relevant parameters including cipher suite, encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms in one operation. file: [0c71e3381c] check-in: [32ce5d6220] user: bohagan, branch: status_x509, size: 67292 [annotate] [blame] [check-ins using] [diff]
2023-05-24
02:40
Added new option -ciphersuites to set ciphers suites for TLS 1.3. Addresses defect: https://core.tcl-lang.org/tcltls/tktview/d0518a5645 file: [57a6f16cff] check-in: [cd11c125e8] user: bohagan, branch: status_x509, size: 66797 [annotate] [blame] [check-ins using] [diff]
01:18
Updated ciphers command to use current APIs and added an option to return only ciphers as would be sent in ClientHello. Updated test suite to use OpenSSL executable to get ciphers comparison data. Added more test cases. Addresses defects: https://core.tcl-lang.org/tcltls/tktview/688788a45c and https://sourceforge.net/p/tls/bugs/36/ file: [f33536e873] check-in: [05b2dd47be] user: bohagan, branch: status_x509, size: 66321 [annotate] [blame] [check-ins using] [diff]
2023-05-20
04:46
Added get supported protocol versions command file: [138bbe9b64] check-in: [168ce6abb1] user: bohagan, branch: status_x509, size: 65830 [annotate] [blame] [check-ins using] [diff]
00:56
Added new connection info command which returns connection configuration and status. file: [4728c9082f] check-in: [04e10976f7] user: bohagan, branch: status_x509, size: 64046 [annotate] [blame] [check-ins using] [diff]
2023-05-13
20:25
Deleted: Merged TEA branch into master check-in: [6c02d4d029] user: bohagan, branch: trunk, size: 0
2023-05-06
19:35
Replaced custom build scripts with TEA scripts. Removed custom build scripts and replaced with latest TEA config files. Updated pkgIndex.tcl.in to support static builds. Incorporated relevant previous build macros into scripts. file: [e3d417c077] check-in: [a329ea2ff4] user: bohagan, branch: TEA, size: 58725 [annotate] [blame] [check-ins using] [diff]
2023-04-30
16:07
Added: Moved files to subdirectories per TEA directory structure. file: [4c6200b506] check-in: [3dcd70f98e] user: bohagan, branch: TEA, size: 58688 [annotate] [blame] [check-ins using]
16:07
Deleted: Moved files to subdirectories per TEA directory structure. check-in: [3dcd70f98e] user: bohagan, branch: TEA, size: 0
02:08
Format clean-ups. file: [4c6200b506] check-in: [e02b79f82f] user: bohagan, branch: TEA, size: 58688 [annotate] [blame] [check-ins using] [diff]
2023-04-23
03:34
Use server cipher preference order. Source: https://sourceforge.net/p/tls/bugs/60/ and https://www.androwish.org/home/info/5718c3eb47cced4d and https://core.tcl-lang.org/tcltls/tktview/305ee10b86 file: [9adcbda92a] check-in: [ba1403b62c] user: bohagan, branch: trunk, size: 58860 [annotate] [blame] [check-ins using] [diff]
02:36
Applied patch to add OpenSSL3 KTLS trivial processing. Description: Patch adds trivial processing for BIO_CTRL_GET_KTLS_SEND and BIO_CTRL_GET_KTLS_RECV control commands to make tcltls working with OpenSSL 3.0. See also: - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006587 - https://bugzilla.redhat.com/show_bug.cgi?id=2088363 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/openssl3.patch file: [07454bb7bd] check-in: [6f19aa6623] user: bohagan, branch: trunk, size: 58774 [annotate] [blame] [check-ins using] [diff]
02:08
Changes for OpenSSL v1.1.1 to make compatible with no deprecated option. file: [e79ec1582f] check-in: [2ed802a7af] user: bohagan, branch: trunk, size: 58775 [annotate] [blame] [check-ins using] [diff]
2023-04-10
01:27
Initial changes for TCL 9.0. Fixed package requires to work with TCL 9.0. Removed obsolete macro _ANSI_ARGS_, use ANSI arg definitions, etc. Macros: CONST84 to const, WIN32 to _WIN32, CONST to const, VOID to void, etc. Replaced Tcl_SaveResult with Tcl_SaveInterpState, Tcl_RestoreResult with Tcl_RestoreInterpState, and Tcl_DiscardResult with Tcl_DiscardInterpState. Use Tcl_BackgroundError for pre TCL 8.6 and Tcl_BackgroundException for TCL 8.6+. file: [28a1c0e368] check-in: [275ecbcc5d] user: bohagan, branch: trunk, size: 54660 [annotate] [blame] [check-ins using] [diff]
2023-03-04
23:33
Patch by Sergei Golovan (Debian) to fix the compiler warnings about implicit fall-through in case. Source: File: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/fall-through.patch file: [5e9f95c600] check-in: [e2e798877b] user: bohagan, branch: trunk, size: 55593 [annotate] [blame] [check-ins using] [diff]
20:19
Added key and PEM output to variables and updated keytest1 test script. Source: https://www.androwish.org/home/info/80b11e9594532414 and https://www.androwish.org/home/info/56087b886c6c105f and https://core.tcl-lang.org/tcltls/tktview/04d6bb909b ids: [80b11e9594] and [56087b886c] file: [c5b2929595] check-in: [899a950204] user: bohagan, branch: trunk, size: 55555 [annotate] [blame] [check-ins using] [diff]
19:33
Casting clean-ups to fix compiler warnings. Source: https://sourceforge.net/p/tls/patches/11/ and https://sourceforge.net/p/tls/patches/_discuss/thread/988300e7/b6bb/attachment/patch-warnings file: [fe25c88f91] check-in: [227a7d7d10] user: bohagan, branch: trunk, size: 54893 [annotate] [blame] [check-ins using] [diff]
18:54
Added names of unavailable protocols to error messages so its easier to understand. Source: https://sourceforge.net/p/tls/patches/14/ File: protocols.patch file: [2c09b41ecd] check-in: [6a3f83340d] user: bohagan, branch: trunk, size: 54851 [annotate] [blame] [check-ins using] [diff]
16:14
Merge feature-dump-keys into main file: [65324f8bcd] check-in: [bed86d3303] user: bohagan, branch: trunk, size: 54701 [annotate] [blame] [check-ins using] [diff]
2022-05-30
16:14
Bug [8de7f5aa07]: Add support for dumping SSL keys file: [6b3fa216e0] check-in: [2c773b9a38] user: schelte, branch: feature-dump-keys, size: 52900 [annotate] [blame] [check-ins using] [diff]
16:08
Bug [e1f9a21c67]: Start of ALPN support file: [48a25c8f03] check-in: [07bafe02de] user: schelte, branch: add-support-alpn, size: 54373 [annotate] [blame] [check-ins using] [diff]
2020-10-15
10:36
Ticket [604bb68b5c]. Add first sketch of a nmake build. file: [b7a88587d1] check-in: [2babef91c5] user: oehhar, branch: bug-604bb68b5c-nmake, size: 52572 [annotate] [blame] [check-ins using] [diff]
2020-10-12
20:32
add "version" element with SSL/TLS protocol version to tls::status file: [2675578b45] check-in: [9c32a526ed] user: resuna, branch: trunk, size: 52552 [annotate] [blame] [check-ins using] [diff]
2020-05-04
15:09
Only load private key if we loaded a non-default certificate file: [93c7ba9ac0] check-in: [51a2b1ec9a] user: rkeene, branch: mjanssen-asn1-certs, size: 52369 [annotate] [blame] [check-ins using] [diff]
15:02
Updated to support cert/certfile independantly of key/keyfile file: [e32cfd6f1e] check-in: [952ef184e6] user: rkeene, branch: mjanssen-asn1-certs, size: 52228 [annotate] [blame] [check-ins using] [diff]
14:57
Corrected wrong use of "key" file: [f5c55ed5c6] check-in: [f3a497fc67] user: rkeene, branch: mjanssen-asn1-certs, size: 51997 [annotate] [blame] [check-ins using] [diff]
2019-06-17
18:08
Align code with option names file: [cb66151e80] check-in: [4945b7588e] user: mjanssen, branch: mjanssen-asn1-certs, size: 51978 [annotate] [blame] [check-ins using] [diff]
14:27
Do not expose implementation details in user interface file: [d8dd86370e] check-in: [ef0be0d731] user: mjanssen, branch: mjanssen-asn1-certs, size: 52016 [annotate] [blame] [check-ins using] [diff]
12:05
Add support for ASN1 blobs for certificates and keys file: [8332b7761d] check-in: [49278969f2] user: mjanssen, branch: mjanssen-asn1-certs, size: 52053 [annotate] [blame] [check-ins using] [diff]
2019-05-29
18:52
Try to find headers in a specific path and do not allow "mp_int"/"mp_digit" to conflict with other things file: [391c72843c] check-in: [bd8b53ced2] user: rkeene, branch: x-header-work, size: 50430 [annotate] [blame] [check-ins using] [diff]
2019-04-09
17:04
Added remaining TLSv1.3 support file: [c565bf20f1] check-in: [569c10f3b2] user: rkeene, branch: enhancement/tls-1.3, size: 50402 [annotate] [blame] [check-ins using] [diff]
2018-11-07
23:51
Added missing TLSv1.3 support file: [b408a25024] check-in: [efc1e122f2] user: rkeene, branch: enhancement/tls-1.3, size: 49325 [annotate] [blame] [check-ins using] [diff]
23:27
Started adding support for TLSv1.3 file: [f0ecc97895] check-in: [e245d231ee] user: rkeene, branch: enhancement/tls-1.3, size: 49228 [annotate] [blame] [check-ins using] [diff]
2018-02-07
15:37
Updated to reset "eofchar" and "encoding" when importing channels as well as translation and blocking (part of [f798e2ea12]) file: [7d9b3af7fe] check-in: [1d757f7e2d] user: rkeene, branch: trunk, size: 49023 [annotate] [blame] [check-ins using] [diff]
2017-12-21
05:34
Added experiment patch for [f798e2ea12] to preserve channel state when importing a channel file: [73f6874245] check-in: [60f37290f3] user: rkeene, branch: bug-f798e2ea12, size: 48553 [annotate] [blame] [check-ins using] [diff]
2017-05-01
14:42
Print a debug message when handshaking works but an error is being captured file: [0dc23990ac] check-in: [87d7c791f5] user: rkeene, branch: trunk, size: 48010 [annotate] [blame] [check-ins using] [diff]
14:41
Fixed an issue where EAGAIN was translated into a successful handshake, addressing [1367823d51] file: [8221535697] check-in: [689d55e070] user: rkeene, branch: trunk, size: 47917 [annotate] [blame] [check-ins using] [diff]
14:32
Reformatted handshake command code file: [325d38b6f1] check-in: [2893572aa6] user: rkeene, branch: trunk, size: 47909 [annotate] [blame] [check-ins using] [diff]
2017-04-18
14:29
Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely file: [57028b60c1] check-in: [83b1dea4d4] user: rkeene, branch: trunk, size: 48085 [annotate] [blame] [check-ins using] [diff]
2016-12-13
16:00
Updated to return soft errors on during SSL negotiation retries on reads and hard errors on SSL negotiation during writes or handshake commands file: [347d650461] check-in: [b9557ba691] user: rkeene, branch: trunk, size: 48083 [annotate] [blame] [check-ins using] [diff]
06:56
Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available file: [6c127f2542] check-in: [aaac45cfca] user: rkeene, branch: trunk, size: 48013 [annotate] [blame] [check-ins using] [diff]
06:39
Commented out debugging printf for returning from the locking function as well file: [f62df33327] check-in: [8e27f5595c] user: rkeene, branch: trunk, size: 47916 [annotate] [blame] [check-ins using] [diff]
06:27
Updated to use POSIX tool "od" to create tls.tcl.h and since we can now rebuild this file more freely, do so to "fully" support out-of-source-dir builds file: [fa35866bf7] check-in: [34ff31cd97] user: rkeene, branch: trunk, size: 47910 [annotate] [blame] [check-ins using] [diff]
05:11
Updated to properly sanitize memory needed for the dynamically allocated locks file: [8eeae8c00a] check-in: [f73f94ae35] user: rkeene, branch: wip-fix-io-layer, size: 47912 [annotate] [blame] [check-ins using] [diff]
03:46
Made all unused variables self-assignments file: [f6e2948561] check-in: [7b169db8a3] user: rkeene, branch: wip-fix-io-layer, size: 47484 [annotate] [blame] [check-ins using] [diff]
03:21
Merged in trunk file: [87308823ff] check-in: [e5c9bfe50f] user: rkeene, branch: wip-fix-io-layer, size: 47131 [annotate] [blame] [check-ins using] [diff]
03:20
Updated to deal with locking slightly better, maybe file: [96e2a45ac0] check-in: [387697ce68] user: rkeene, branch: trunk, size: 46292 [annotate] [blame] [check-ins using] [diff]
2016-12-12
22:29
Merged in trunk file: [21bebdaf3c] check-in: [77c3091474] user: rkeene, branch: wip-fix-io-layer, size: 47229 [annotate] [blame] [check-ins using] [diff]
22:10
Updated to dynamically allocate mutexes and support being de-initialized file: [5a902a9319] check-in: [abf861e4d5] user: rkeene, branch: trunk, size: 46390 [annotate] [blame] [check-ins using] [diff]
01:14
More work on improving I/O routines file: [2904872c77] check-in: [7df7a8696e] user: rkeene, branch: wip-fix-io-layer, size: 46867 [annotate] [blame] [check-ins using] [diff]
2016-12-11
19:10
Added a lot of work towards fixing the I/O layer file: [04ea01d342] check-in: [ee7ea6a917] user: rkeene, branch: wip-fix-io-layer, size: 46806 [annotate] [blame] [check-ins using] [diff]
2016-12-10
05:12
More clean-up and modernization file: [788b6c9daa] check-in: [5fc38beddb] user: rkeene, branch: trunk, size: 46028 [annotate] [blame] [check-ins using] [diff]
05:02
Remove obsolete references file: [0322248de8] check-in: [fc00b36be8] user: rkeene, branch: trunk, size: 46277 [annotate] [blame] [check-ins using] [diff]
02:55
Removed backwards compatibility hacks and much reformatting file: [ae2cba46b1] check-in: [f087e1fe61] user: rkeene, branch: trunk, size: 46321 [annotate] [blame] [check-ins using] [diff]
2016-12-08
08:36
Moved BIO_ wrappers into the BIO source and added more debugging output file: [a1d0fac62c] check-in: [333d833f31] user: rkeene, branch: trunk, size: 47922 [annotate] [blame] [check-ins using] [diff]
07:32
Do not try to set memory functions -- prototype is broken in newer version and older versions have bugs related to it file: [6dd111d1a2] check-in: [bbe273b3dc] user: rkeene, branch: openssl-1.1, size: 47816 [annotate] [blame] [check-ins using] [diff]
07:25
Whitspace formatting changes file: [1ee30f1327] check-in: [2ed4afb942] user: rkeene, branch: openssl-1.1, size: 48031 [annotate] [blame] [check-ins using] [diff]
06:53
Initial working version of OpenSSL 1.1.0 API support adapted from patch from Sergei Golovan and Jeremy Sowden file: [6e0707c50a] check-in: [af83631fbb] user: rkeene, branch: openssl-1.1, size: 48056 [annotate] [blame] [check-ins using] [diff]
2016-12-07
16:41
Set a default channel type version file: [9b5d593b52] check-in: [fe5bc0bc67] user: rkeene, branch: tls-1-7, size: 47958 [annotate] [blame] [check-ins using] [diff]
14:38
Added additional debugging around asyncronous sockets file: [9a523164da] check-in: [033849bf66] user: rkeene, branch: tls-1-7, size: 47934 [annotate] [blame] [check-ins using] [diff]
2016-12-05
17:04
Disable protocols if they are not compiled in file: [829214fd98] check-in: [8e510a3598] user: rkeene, branch: tls-1-7, size: 47879 [annotate] [blame] [check-ins using] [diff]
2016-12-02
19:00
Minor casting to address compiler warnings file: [606371c2d5] check-in: [e3b94c4a74] user: rkeene, branch: tls-1-7, size: 47715 [annotate] [blame] [check-ins using] [diff]
18:58
Double check that we got a usable value at all from the verification callback file: [95469d79b3] check-in: [664badad67] user: rkeene, branch: tls-1-7, size: 47589 [annotate] [blame] [check-ins using] [diff]
18:55
Fixed signed-ness issue with init script file: [8652a6d576] check-in: [fa844b3fcc] user: rkeene, branch: tls-1-7, size: 47571 [annotate] [blame] [check-ins using] [diff]
16:41
Ensure initialization happens only once even with unthreaded Tcl file: [31dba4da9e] check-in: [10e3f2e20c] user: rkeene, branch: tls-1-7, size: 47580 [annotate] [blame] [check-ins using] [diff]
16:25
Added an --enable-debug and made debug-printf macro more fancy file: [63f1a729cf] check-in: [8a3f4fc732] user: rkeene, branch: tls-1-7, size: 47616 [annotate] [blame] [check-ins using] [diff]
16:09
Minor cleanup of global variables and void function file: [898daed710] check-in: [ee18d6c91e] user: rkeene, branch: tls-1-7, size: 47646 [annotate] [blame] [check-ins using] [diff]
2016-12-01
21:36
Updated to generate DH parameters more dynamically file: [05e974345e] check-in: [3d5e70d1d5] user: rkeene, branch: tls-1-7, size: 47630 [annotate] [blame] [check-ins using] [diff]
2016-11-24
05:18
Updated to use a meaningful package name and version file: [b151916d75] check-in: [8f8805845f] user: rkeene, branch: tls-1-7, size: 49350 [annotate] [blame] [check-ins using] [diff]
04:09
Updated to build the "tls.tcl" file into the library file: [a38b0196bb] check-in: [195000fcab] user: rkeene, branch: tls-1-7, size: 49357 [annotate] [blame] [check-ins using] [diff]
2016-11-23
05:14
Fixed issue with building without Tcl threads file: [40d53c0b7a] check-in: [3135e8cc5c] user: rkeene, branch: tls-1-7, size: 49212 [annotate] [blame] [check-ins using] [diff]
2016-11-22
22:11
Removed artifacts from conversion from CVS file: [25af59055a] check-in: [c75816429f] user: rkeene, branch: tls-1-7, size: 49179 [annotate] [blame] [check-ins using] [diff]
17:58
Applied patch file: [15a7d7809d] check-in: [db95f55e95] user: rkeene, branch: rkeene-unthreaded, size: 49295 [annotate] [blame] [check-ins using] [diff]
2015-07-07
17:16
Updated with dhparam.2.patch for tls ticket #59. file: [5f36052c70] check-in: [2aadaa4c28] user: andreas_kupries, branch: trunk, size: 49235 [annotate] [blame] [check-ins using] [diff]
2015-05-01
18:44
* configure.in: Bump to version 1.6.5. * win/makefile.vc: * configure: regen with ac-2.59 * tls.c: Accepted SF TLS [bug/patch #57](https://sourceforge.net/p/tls/bugs/57/). * tlsIO.c: Accepted core Tcl patch in [ticket](http://core.tcl.tk/tcl/tktview/0f94f855cafed92d0e174b7d835453a02831b4dd). file: [2da923fe43] check-in: [b3dc06600e] user: andreas_kupries, branch: trunk, size: 47182 [annotate] [blame] [check-ins using] [diff]
2014-12-08
19:09
Applied patches #12 and #13 for Server Name Indication (SNI) support, and TLS 1.1, 1.2 support. file: [343f6572a7] check-in: [54d14de805] user: andreas_kupries, branch: trunk, size: 47012 [annotate] [blame] [check-ins using] [diff]
2014-04-16
18:33
Ticket 47, applied patch with last suggested change by Jeff (moving setting of "initialization"-flag). file: [34519f36fc] check-in: [d248bc5f5e] user: andreas_kupries, branch: trunk, size: 44839 [annotate] [blame] [check-ins using] [diff]
2012-07-09
23:28
* configure.in: Bump to version 1.6.3. * win/makefile.vc: * configure: regen with ac-2.59 * tls.c (MiscObjCmd): Fixed non-static string array used in call of Tcl_GetIndexFromObj(). Memory smash waiting to happen. Thanks to Brian Griffin for alerting us all to the problem. file: [493d79f8dc] check-in: [c1eb553b32] user: andreas_kupries, branch: trunk, size: 44101 [annotate] [blame] [check-ins using] [diff]
2012-06-01
22:59
* tls.c: Applied Jeff's patch from http://www.mail-archive.com/[email protected]/msg12356.html file: [36929764b9] check-in: [a652b4f6a7] user: andreas_kupries, branch: trunk, size: 44094 [annotate] [blame] [check-ins using] [diff]
2010-08-11
19:50
* tls.c (StatusObjCmd): memleak: free peer if loaded. [Bug 3041925] file: [510496cc5c] check-in: [366542d9a0] user: hobbs2, branch: trunk, size: 42550 [annotate] [blame] [check-ins using] [diff]
2008-03-19
22:06
* tests/tlsIO.test (tlsIO-14.*): Add tls::unimport for symmetry * tls.htm, tls.c (UnimportObjCmd): to tls::import. [Bug 1203273] file: [863315bd45] check-in: [61890c4886] user: hobbs2, branch: trunk, size: 42501 [annotate] [blame] [check-ins using] [diff]
21:31
Use better Eval APIs, cleaner Tcl_Obj-handling. file: [66ecdb7d9a] check-in: [5804017ad3] user: hobbs2, branch: trunk, size: 41015 [annotate] [blame] [check-ins using] [diff]
19:59
* tls.c (Tls_Clean, ImportObjCmd): Fix cleanup mem leak [Bug 1414045] file: [ad0e17ca78] check-in: [8dd7366fcc] user: hobbs2, branch: trunk, size: 40998 [annotate] [blame] [check-ins using] [diff]
02:34
Updated the nmake build files with MSVC9 support and fixed to run the test-suite properly. Corrected namespace handling in tls::initlib on Windows. Applied #1890223 to fix handshake on non-blocking sockets file: [531e26fa4b] check-in: [5fb2d63afa] user: patthoyts, branch: trunk, size: 40791 [annotate] [blame] [check-ins using] [diff]
2007-09-06
21:01
Silence 64 bit integer conversion warnings Update build system to support AMD64 target with MSVC8 file: [0abefbb942] check-in: [0fdb07692d] user: patthoyts, branch: trunk, size: 40715 [annotate] [blame] [check-ins using] [diff]
2007-06-22
21:20
* tlsIO.c (TlsInputProc, TlsOutputProc, TlsWatchProc): * tls.c (VerifyCallback): add an state flag in the verify callback that prevents possibly recursion (on 'update'). [Bug 1652380] file: [7da5f18bba] check-in: [c692cb9684] user: hobbs2, branch: trunk, size: 40699 [annotate] [blame] [check-ins using] [diff]
2004-12-17
16:01
* win/makefile.vc: Added the MSVC build system (from the Tcl * win/rules.vc: sampleextension). * win/nmakehlp.c: * win/tls.rc Added Windows resource file. * tls.tcl: From patch #948155, added support for alternate socket commands. * tls.c: Quieten some MSVC warnings. Prefer ckalloc over Tcl_Alloc. (David Graveraux). file: [c3a95bcf2f] check-in: [fe79338a36] user: patthoyts, branch: trunk, size: 40915 [annotate] [blame] [check-ins using] [diff]
2004-06-29
11:07
* tls.c: Fixup to build against tcl 8.3.3. Handle * tlsIO.c: 8.4 constification. file: [823c68fcb0] check-in: [9633ce0e5c] user: patthoyts, branch: trunk, size: 40840 [annotate] [blame] [check-ins using] [diff]
2004-03-24
05:22
Fix build warnings. file: [e35ed3b05f] check-in: [67bf2dd40d] user: razzell, branch: trunk, size: 40834 [annotate] [blame] [check-ins using] [diff]
2004-03-19
21:05
* tls.c (Tls_Init): replaced older TEA config with newer * config/* (removed): * pkgIndex.tcl.in, strncasecmp.c (removed): * Makefile.in, aclocal.m4, configure, configure.in: * tclconfig/README.txt, tclconfig/install-sh, tclconfig/tcl.m4: file: [f2f5d0dfc5] check-in: [bf83205ca8] user: hobbs, branch: trunk, size: 40771 [annotate] [blame] [check-ins using] [diff]
2004-02-13
02:09
Unify result handling in callback options. file: [e64436e2e3] check-in: [20fd9291ba] user: razzell, branch: trunk, size: 40760 [annotate] [blame] [check-ins using] [diff]
2004-02-04
04:02
Fix build warnings. file: [ebec730afe] check-in: [bc575f4a87] user: razzell, branch: trunk, size: 40444 [annotate] [blame] [check-ins using] [diff]
2003-10-07
22:57
Added CONST with intent similar to Revision 1.14. file: [b31fec4fee] check-in: [bb720c804e] user: razzell, branch: trunk, size: 40441 [annotate] [blame] [check-ins using] [diff]
2003-07-07
20:24
* tls.c (Tls_Init): added tls::misc command provided by * tlsX509.c: Wojciech Kocjan (wojciech kocjan.org) * tests/keytest1.tcl: to expose more low-level SSL commands * tests/keytest2.tcl: file: [f43c6403f5] check-in: [b423807e0e] user: hobbs, branch: trunk, size: 40433 [annotate] [blame] [check-ins using] [diff]
2003-05-15
21:02
Added password callback support and version command. Fixed memory leak. file: [85e46e8624] check-in: [509dd7a9b6] user: razzell, branch: trunk, size: 36240 [annotate] [blame] [check-ins using] [diff]
20:44
*** empty log message *** file: [32f77b5e42] check-in: [3631274d64] user: razzell, branch: trunk, size: 36239 [annotate] [blame] [check-ins using] [diff]
2002-02-04
22:46
* tls.htm: * tls.c: added support for local certificate status check, as well as returning the # of bits in the session key. [Patch #505698] (rose) * tls.c: * tlsIO.c: * tlsBIO.c: added CONSTs to satisfy Tcl 8.4 sources. This may give warnings when compiled against 8.3, but they can be ignored. file: [1f1f2854e3] check-in: [c34385bbcd] user: hobbs, branch: trunk, size: 34229 [annotate] [blame] [check-ins using] [diff]
2001-03-14
22:04
* tls.c (Tls_Init): add do/while for random number initialization to work around some OSes quirks. ([email protected]) file: [7a7ec2f3d3] check-in: [dfc33d3b84] user: hobbs, branch: trunk, size: 33681 [annotate] [blame] [check-ins using] [diff]
2000-08-18
19:22
* tls.c (Tls_Init): added call to RAND_seed to seed the SSL random number generator. Without this, OpenSSL 0.9.5 chokes, and in any case it is a big security hole to do without it. file: [860e712dac] check-in: [4b5fd24dad] user: hobbs, branch: trunk, size: 33223 [annotate] [blame] [check-ins using] [diff]
2000-08-16
17:44
* tls.c (Tls_Init): corrected interpretation of version number (patchlevel and release/serial were swapped). file: [e741b6dd44] check-in: [090741a97a] user: hobbs, branch: trunk, size: 32889 [annotate] [blame] [check-ins using] [diff]
2000-08-15
18:49
* tlsInt.h: * tls.c: * tlsIO.c: corrected structure initialization to work when compiling with 8.2. Now compiles with 8.2+ and tested to work with 8.2+ and dynamically adjust to the version of Tcl it was loaded into. TLS will fail the test suite with Tcl 8.2-8.3.1. file: [bc1abaf8b3] check-in: [e7ef654f47] user: hobbs, branch: trunk, size: 32877 [annotate] [blame] [check-ins using] [diff]
00:02
* tlsInt.h: * tlsIO.c: * tlsBIO.c: * tls.c: changed around to only working with 8.2.0+ (8.3.2+ preferred), with runtime checks for pre- and post-io-rewrite. file: [468d0efc89] check-in: [33ea0b5a9d] user: hobbs, branch: trunk, size: 32838 [annotate] [blame] [check-ins using] [diff]
2000-08-14
21:55
* tls.c (Tls_Init): changed it to require 8.3.2 when Tcl_InitStubs was called because we don't want people using TLS with the original stacked channel implementation. file: [5bbd225a1e] check-in: [2b0ce3e01b] user: hobbs, branch: trunk, size: 32154 [annotate] [blame] [check-ins using] [diff]
2000-07-27
01:58
* merged all changes from tls-1-3-io-rewrite back into main branch file: [a379b2ee3e] check-in: [a636fa7c56] user: hobbs, branch: trunk, size: 31891 [annotate] [blame] [check-ins using] [diff]
2000-07-26
22:15
* tls.c (ImportObjCmd): removed unnecessary use of 'bio' arg. (Tls_Init): check return value of SSL_library_init. Also lots of whitespace cleanup (more like Tcl Eng style guide), but not all code was cleaned up. * tlsBIO.c: minor whitespace cleanup * tlsIO.c: minor whitespace cleanup. (TlsInputProc, TlsOutputProc): Added ERR_clear_error before calls to BIO_read or BIO_write, because we could otherwise end up pulling an error off the stack that didn't belong to us. Also cleanup up excessive use of gotos. file: [d793bbc229] check-in: [e64e21d80e] user: hobbs, branch: tls-1-3-io-rewrite, size: 31895 [annotate] [blame] [check-ins using] [diff]
2000-07-21
05:32
* tests/tlsIO.test: corrected various tests to be correct for TLS stacked channels (as opposed to the standard sockets the test suite was adopted from). Key differences are that TLS cannot operate in one process without all channels being non-blocking, or the handshake will block, and handshaking must be forced in some cases. Also, handshakes don't seem to complete unless the client has placed at least one byte for the server to read in the channel. * tests/remote.tcl: corrected the finding of tests certificates * tlsIO.c (TlsCloseProc): removed deleting of timer handler as that is handled by Tls_Clean. * tls.tcl (tls::_accept): corrected the internal _accept to trickle callback errors to the user. * Makefile.in: made the install-binaries target regenerate the pkgIndex.tcl correctly. The test target probably shouldn't screw it up, but this is to be on the safe side. file: [82fbf20832] check-in: [977988aed6] user: hobbs, branch: tls-1-3-io-rewrite, size: 31604 [annotate] [blame] [check-ins using] [diff]
2000-07-11
04:58
* tlsBIO.c (BioWrite, BioRead): changed Tcl_Read/Write to Tcl_ReadRaw/TclWriteRaw. * tls.c: added use of Tcl_GetTopChannel after Tcl_GetChannel and got return value from Tcl_StackChannel. * tests/tlsIO.test: added some handshaking that shouldn't be necessary, but we crash otherwise (needs more testing). * tlsIO.c: added support for "corrected" stacked channels. All the above channels are in TCL_CHANNEL_VERSION_2 #ifdefs. file: [f0ce1e5480] check-in: [fb9a612600] user: hobbs, branch: tls-1-3-io-rewrite, size: 31581 [annotate] [blame] [check-ins using] [diff]
2000-06-06
01:34
Merging with similar changes by Scott S. file: [1fe77384fc] check-in: [08fc9629ab] user: welch, branch: trunk, size: 30869 [annotate] [blame] [check-ins using] [diff]
01:04
* tlsInt.h: * tls.c: Cleaned up declarations of Tls_Clean to avoid errors on Windows (lint). file: [caad573382] check-in: [5ab4c35956] user: stanton, branch: trunk, size: 30795 [annotate] [blame] [check-ins using] [diff]
2000-06-05
18:09
Moved SSL shutdown up into the CloseProc, away from the asynchronous EventuallyFree file: [574ea1f12d] check-in: [b3abc0c1c4] user: welch, branch: trunk, size: 30959 [annotate] [blame] [check-ins using] [diff]
2000-05-04
20:40
added code to allow compilation with either OpenSSL or BSAFE file: [58fc6e64f6] check-in: [cc4e8de2d7] user: aborr, branch: trunk, size: 30262 [annotate] [blame] [check-ins using] [diff]
2000-01-20
01:50
added Matt's patches for the tclhttpd server file: [230e3f6e31] check-in: [efd347fa7e] user: aborr, branch: trunk, size: 30050 [annotate] [blame] [check-ins using] [diff]
2000-01-19
22:10
Added: Initial import of tls extension. file: [65b25f6ccd] check-in: [27770ce26d] user: aborr, branch: tls-vendor-branch, size: 29804 [annotate] [blame] [check-ins using]