All files named "generic/tls.c"

History for generic/tls.c

2024-10-26
17:34
Added support for loading CA certificates from virtual file systems. Source: https://core.tcl-lang.org/tcltls/tktview/030c713ca2 file: [25505d8d36] check-in: [b70fbfd8cf] user: bohagan, branch: tls-1.8, size: 99869 [annotate] [blame] [check-ins using] [diff]
16:38
Removed obsolete RCS version strings. Added file header info. file: [99b0260693] check-in: [fbdf0eae0a] user: bohagan, branch: tls-1.8, size: 96531 [annotate] [blame] [check-ins using] [diff]
16:08
Removed extra padding, convert spaces to tabs, etc. file: [87532f6227] check-in: [1ef3d3faef] user: bohagan, branch: tls-1.8, size: 96456 [annotate] [blame] [check-ins using] [diff]
2024-10-25
05:13
More TCL9 updates file: [08752c37a7] check-in: [ea36bcf6c4] user: bohagan, branch: tls-1.8, size: 96457 [annotate] [blame] [check-ins using] [diff]
2024-10-05
17:46
Changes to fix warnings file: [25bb520bd7] check-in: [c747afd200] user: bohagan, branch: tls-1.8, size: 96444 [annotate] [blame] [check-ins using] [diff]
2024-07-07
15:23
Changed to use Tcl_PkgRequireEx, only call if not using stubs. file: [c902e2c2b4] check-in: [57cd9143b5] user: bohagan, branch: tls-1.8, size: 96400 [annotate] [blame] [check-ins using] [diff]
2024-07-06
04:17
Made updates to enhance event processing, I/O operations, etc. to address reports of stalled connections, etc. file: [99e542a0c2] check-in: [e3d4330c95] user: bohagan, branch: tls-1.8, size: 96386 [annotate] [blame] [check-ins using] [diff]
2024-07-01
01:08
Changed to send SSL_shutdown as part of BIO close channel handler rather than Tls_Clean. file: [2cf7b99093] check-in: [1505883e4a] user: bohagan, branch: tls-1.8, size: 96220 [annotate] [blame] [check-ins using] [diff]
2024-06-29
19:21
Backed out changes to provide error status when setting -cadir, -cafile, and -castore options. Breaks IO test cases. file: [6e62c9c865] check-in: [89536252d5] user: bohagan, branch: tls-1.8, size: 96561 [annotate] [blame] [check-ins using] [diff]
02:46
Added comments and function preamble comments to BIO and IO files. file: [636b102381] check-in: [9e79f40ed5] user: bohagan, branch: tls-1.8, size: 97011 [annotate] [blame] [check-ins using] [diff]
2024-06-28
19:33
Updated Tls_NewX509Obj to use Tcl_Objs for returned hex values. Use a dynamically allocated temp buffer. file: [d5754546f3] check-in: [121a81e392] user: bohagan, branch: tls-1.8, size: 96932 [annotate] [blame] [check-ins using] [diff]
2024-06-25
22:22
Changed Tls_NewX509Obj to not use stack space for all and certificate buffers. This reduces the possibility of a stack overflow. file: [d36478ef49] check-in: [17ee565eed] user: bohagan, branch: tls-1.8, size: 96636 [annotate] [blame] [check-ins using] [diff]
2024-06-23
01:46
Updates to provide error status when setting -cadir, -cafile, and -castore options. file: [bba2dae983] check-in: [568f5bc7ec] user: bohagan, branch: tls-1.8, size: 96630 [annotate] [blame] [check-ins using] [diff]
01:39
Undo change in OpenSSL 1.1.1 which enabled SSL_MODE_AUTO_RETRY. This will avoid hangs in blocking mode after an non-app record is received, but an app record is not yet available. Also enabled SSL_MODE_ENABLE_PARTIAL_WRITE, which allows writes with fewer than all records written to be successful. file: [b62ec44bb1] check-in: [991ab74cdd] user: bohagan, branch: tls-1.8, size: 96153 [annotate] [blame] [check-ins using] [diff]
2024-06-20
01:01
Added support for setting the certificate store file: [9112e257e3] check-in: [1cabc3b8f2] user: bohagan, branch: tls-1.8, size: 95865 [annotate] [blame] [check-ins using] [diff]
2024-06-19
20:40
Added more connection status file: [1e500c198d] check-in: [ab1aa551c0] user: bohagan, branch: tls-1.8, size: 94832 [annotate] [blame] [check-ins using] [diff]
2024-06-16
20:23
Added shutdown handler file: [c568200b91] check-in: [2e607e483a] user: bohagan, branch: tls-1.8, size: 93854 [annotate] [blame] [check-ins using] [diff]
2024-06-15
21:49
Removed obsolete locking code and added support for checking system OpenSSL config file for crypto policies. file: [5d61adfac5] check-in: [449470132e] user: bohagan, branch: tls-1.8, size: 93485 [annotate] [blame] [check-ins using] [diff]
2024-06-06
05:20
Added back option to enable debug mode that was lost in conversion to new TEA build system file: [ec7ae85081] check-in: [7e60e66f64] user: bohagan, branch: tls-1.8, size: 94786 [annotate] [blame] [check-ins using] [diff]
01:21
Merged in generate tls.tcl.h and debug mode option changes file: [c4b8d40b20] check-in: [d00f5eca5d] user: bohagan, branch: crypto, size: 89316 [annotate] [blame] [check-ins using] [diff]
2024-06-05
03:02
Replaced old method of including tls.tcl file in compiled library with a cross-platform compatible method file: [b933816499] check-in: [1f8b36d9a4] user: bohagan, branch: tls-1.8, size: 94642 [annotate] [blame] [check-ins using] [diff]
2024-05-29
20:34
Eliminate tls_free_type, that can be done smarter without the typecasts everywhere file: [0bbe388ea9] check-in: [216954cfae] user: jan.nijtmans, branch: trunk, size: 93314 [annotate] [blame] [check-ins using] [diff]
01:30
Merged in changes from master file: [5693b2c98c] check-in: [9d265b298a] user: bohagan, branch: crypto, size: 89308 [annotate] [blame] [check-ins using] [diff]
01:07
Optimized types and casting file: [f31356b00f] check-in: [5deb755d1d] user: bohagan, branch: tls-1.8, size: 94634 [annotate] [blame] [check-ins using] [diff]
2024-05-28
15:27
Smarter way to handle typecasting in Tls_Free() file: [4f26995be5] check-in: [402b6db186] user: jan.nijtmans, branch: nijtmans, size: 53159 [annotate] [blame] [check-ins using] [diff]
15:08
Fix Tls_Error() signature file: [6655a24c69] check-in: [bc6ff74449] user: jan.nijtmans, branch: bohagan, size: 89910 [annotate] [blame] [check-ins using] [diff]
15:00
Fix Tls_Error() signature file: [2dddb83a48] check-in: [53b28536f9] user: jan.nijtmans, branch: nijtmans, size: 53191 [annotate] [blame] [check-ins using] [diff]
14:12
tlsUuid.h should be built in $(TMP_DIR), not $(WIN_DIR). Eliminate some MSVC warnings file: [ebb46352fe] check-in: [6bd083aecb] user: jan.nijtmans, branch: trunk, size: 93438 [annotate] [blame] [check-ins using] [diff]
2024-05-27
22:45
Make error message a const string file: [4a79a9db30] check-in: [c5a4009f73] user: bohagan, branch: tls-1.8, size: 94607 [annotate] [blame] [check-ins using] [diff]
15:11
Fix Tls_Error() function signature file: [1921191aca] check-in: [86bf966f5b] user: jan.nijtmans, branch: trunk, size: 93428 [annotate] [blame] [check-ins using] [diff]
15:01
Make TCL_UNUSED() work here. Some indenting changes. file: [4bb905fa6a] check-in: [c3b40dfa2a] user: jan.nijtmans, branch: trunk, size: 93422 [annotate] [blame] [check-ins using] [diff]
2024-05-19
18:50
Merge in changes from master file: [15ea667e37] check-in: [911e1b65a9] user: bohagan, branch: crypto, size: 89274 [annotate] [blame] [check-ins using] [diff]
17:16
Updated unimport channel so it restores channel config after unstack. Will now work on any stacked channel. file: [cd25c54305] check-in: [b3f0973a4c] user: bohagan, branch: tls-1.8, size: 94601 [annotate] [blame] [check-ins using] [diff]
15:59
Fixed memory leak in unimport channel file: [94f84a44e7] check-in: [262ec2d5d9] user: bohagan, branch: tls-1.8, size: 92898 [annotate] [blame] [check-ins using] [diff]
2024-05-11
01:46
Added version check for SSL_get_signature_type_nid API added in OpenSSL 1.1.1a. This is needed for Ubuntu 18.04 LTS. file: [5901aadd4f] check-in: [8af8ef15f0] user: bohagan, branch: tls-1.8, size: 92877 [annotate] [blame] [check-ins using] [diff]
2024-03-26
21:28
Minor cleanups to remove obsolete code and add missing change log entry file: [eb71938a0b] check-in: [bb89d73224] user: bohagan, branch: tls-1.8, size: 92795 [annotate] [blame] [check-ins using] [diff]
2024-03-15
22:17
Fix warnings for compile with GCC on TCL 9.0 file: [62e132dc18] check-in: [562bd95399] user: bohagan, branch: trunk, size: 93693 [annotate] [blame] [check-ins using] [diff]
22:17
Fix warnings for compile with GCC on TCL 9.0 file: [bcc60fdf89] check-in: [eae5afbb83] user: bohagan, branch: crypto, size: 88529 [annotate] [blame] [check-ins using] [diff]
2024-03-12
14:30
Merge trunk file: [3dad396c4f] check-in: [c005e3d09b] user: jan.nijtmans, branch: bohagan, size: 89904 [annotate] [blame] [check-ins using] [diff]
14:21
More simple code formatting ... no change in functionality file: [02ab8298f1] check-in: [f69776b946] user: jan.nijtmans, branch: nijtmans, size: 53185 [annotate] [blame] [check-ins using] [diff]
2024-03-11
02:15
Merge in build-info command and TEA updates file: [cad12de55d] check-in: [3d9a852fc6] user: bohagan, branch: crypto, size: 88421 [annotate] [blame] [check-ins using] [diff]
2024-03-10
23:26
Added TCL 9.0 build-info command including support for UUID files. Altered scripts from sample extension to put tlsUuid.h in WIN_DIR not TMP_DIR. file: [a34923e145] check-in: [c5526c14fd] user: bohagan, branch: trunk, size: 93585 [annotate] [blame] [check-ins using] [diff]
05:56
Added global namespace qualifier to command names. Catch error for eval embedded tls.tcl script. file: [1e32f24336] check-in: [c0bbfde5a4] user: bohagan, branch: crypto, size: 86656 [annotate] [blame] [check-ins using] [diff]
05:48
Added global namespace qualifier to command names. Catch error for eval embedded tls.tcl script. file: [3d6d35a575] check-in: [17e4fbdf88] user: bohagan, branch: trunk, size: 91819 [annotate] [blame] [check-ins using] [diff]
2024-03-05
14:37
Formatting (taken over from bohagan) file: [e096bf5253] check-in: [2568fd9c5d] user: jan.nijtmans, branch: bohagan, size: 89602 [annotate] [blame] [check-ins using] [diff]
2024-02-28
05:26
Merged changes from master file: [6611dfd0b6] check-in: [bfb516156c] user: bohagan, branch: crypto, size: 86614 [annotate] [blame] [check-ins using] [diff]
04:42
In password callback, added check for password > max size. Also added null terminator. file: [074ad76419] check-in: [3866a025e0] user: bohagan, branch: trunk, size: 91771 [annotate] [blame] [check-ins using] [diff]
2024-02-27
16:29
Take over change in tls.c too (from same commit) file: [be27cdc273] check-in: [eecbce78ef] user: jan.nijtmans, branch: bohagan, size: 89628 [annotate] [blame] [check-ins using] [diff]
05:05
Removed unneeded initialize dstrings. file: [0e25730e3b] check-in: [6ffc298e51] user: bohagan, branch: trunk, size: 91605 [annotate] [blame] [check-ins using] [diff]
2024-02-24
22:32
Merge trunk file: [41a05faa4a] check-in: [47f7634a14] user: jan.nijtmans, branch: bohagan, size: 89615 [annotate] [blame] [check-ins using] [diff]
22:22
Clean-up gcc compiler warnings file: [5e701cf08b] check-in: [d966a301eb] user: bohagan, branch: trunk, size: 91791 [annotate] [blame] [check-ins using] [diff]
22:07
Eliminate some deprecated function usages. Disable ssl3 by default too (just as ssl2) file: [688305c24b] check-in: [3090c676df] user: jan.nijtmans, branch: nijtmans, size: 52628 [annotate] [blame] [check-ins using] [diff]
21:07
Improve error-handling, e.g. using Tcl_SetErrorCode() file: [22deb29539] check-in: [e8f554a732] user: jan.nijtmans, branch: nijtmans, size: 52508 [annotate] [blame] [check-ins using] [diff]
03:57
Merged in changes from master file: [2435fc4bff] check-in: [603eb0c0ba] user: bohagan, branch: crypto, size: 86634 [annotate] [blame] [check-ins using] [diff]
03:26
Added back initialize dynamic strings since Tcl_TranslateFileName doesn't initialize them file: [69b432401c] check-in: [ccb3824e44] user: bohagan, branch: trunk, size: 91754 [annotate] [blame] [check-ins using] [diff]
03:02
Clean up return statements file: [2c8caab3b7] check-in: [a9e4d32d68] user: bohagan, branch: trunk, size: 91533 [annotate] [blame] [check-ins using] [diff]
02:02
Added missing cast nulls to char pointer file: [d1d4cc8897] check-in: [ea98e5c0da] user: bohagan, branch: trunk, size: 91550 [annotate] [blame] [check-ins using] [diff]
2024-02-23
23:57
Optimized get string from object file: [9c4ead6c33] check-in: [5130ce9e72] user: bohagan, branch: trunk, size: 91433 [annotate] [blame] [check-ins using] [diff]
22:57
Use LAPPEND_STR() and friends file: [6f7de4fd54] check-in: [6e95e7672d] user: jan.nijtmans, branch: nijtmans, size: 52210 [annotate] [blame] [check-ins using] [diff]
21:27
REASON() -> GET_ERR_REASON(). Add some more utilities to tlsInt.h (not used yet) file: [cf8594fd4b] check-in: [42f5f29486] user: jan.nijtmans, branch: nijtmans, size: 52674 [annotate] [blame] [check-ins using] [diff]
15:08
Merge trunk file: [c4917ab97f] check-in: [ea8c67f798] user: jan.nijtmans, branch: bohagan, size: 90482 [annotate] [blame] [check-ins using] [diff]
14:48
Merge "dh" branch from: [https://chiselapp.com/user/bohagan/repository/TCLTLS/timeline?r=dh]. The "gen_dh_params" script is no longer necessary file: [f15837cdac] check-in: [6aeb4fa6ee] user: jan.nijtmans, branch: nijtmans, size: 52652 [annotate] [blame] [check-ins using] [diff]
13:21
Merge trunk file: [d656aab335] check-in: [c7b67bc013] user: jan.nijtmans, branch: bohagan, size: 90511 [annotate] [blame] [check-ins using] [diff]
13:08
Add "tls::build-info" command file: [a40898e09d] check-in: [355a10cf0e] user: jan.nijtmans, branch: nijtmans, size: 52470 [annotate] [blame] [check-ins using] [diff]
2024-02-22
15:27
Merge trunk file: [b894390529] check-in: [c61ea12657] user: jan.nijtmans, branch: bohagan, size: 89101 [annotate] [blame] [check-ins using] [diff]
13:49
A lot of formatting, no change in functionality. file: [0d8631d8e5] check-in: [46ffe75283] user: jan.nijtmans, branch: nijtmans, size: 51083 [annotate] [blame] [check-ins using] [diff]
2024-02-21
23:10
Few more tweaks file: [d561fadbc4] check-in: [195f14da6c] user: jan.nijtmans, branch: nijtmans, size: 51382 [annotate] [blame] [check-ins using] [diff]
22:57
Stop support for OpenSSL < v1.1.1 file: [7287ba0204] check-in: [f2101dcc16] user: jan.nijtmans, branch: nijtmans, size: 51349 [annotate] [blame] [check-ins using] [diff]
2024-02-20
22:09
Merge trunk file: [c996e233ea] check-in: [6853760139] user: jan.nijtmans, branch: bohagan, size: 91461 [annotate] [blame] [check-ins using] [diff]
20:57
"make install" now works on MacOS too (uses .dylib in stead of .so, no "doc" yet) file: [ac73771fae] check-in: [6778f7f147] user: jan.nijtmans, branch: nijtmans, size: 51577 [annotate] [blame] [check-ins using] [diff]
14:58
Renamed tls.c → generic/tls.c. Move all *.c and *.h files to the /generic/ directory. Update win/makefile.vc from [https://chiselapp.com/user/bohagan/repository/TCLTLS/index] file: [90806f56c7] check-in: [b921cb3e6e] user: jan.nijtmans, branch: nijtmans, size: 51578 [annotate] [blame] [check-ins using]
2024-02-11
20:51
Merged changes from master. file: [e039ae1932] check-in: [45be9618dc] user: bohagan, branch: crypto, size: 86494 [annotate] [blame] [check-ins using] [diff]
02:16
Corrected memory leaks in use of dynamic strings file: [489d26f33a] check-in: [6287936460] user: bohagan, branch: trunk, size: 91587 [annotate] [blame] [check-ins using] [diff]
2024-02-10
22:03
Updated callback info in doc file file: [26178e45e1] check-in: [a1c3e96ef5] user: bohagan, branch: trunk, size: 91448 [annotate] [blame] [check-ins using] [diff]
20:37
Refactored set default CA certificates path and file to allow env vars to override defaults. file: [0fd30b2572] check-in: [cdb6cd6aa6] user: bohagan, branch: trunk, size: 91020 [annotate] [blame] [check-ins using] [diff]
2024-02-09
19:24
Added more error messages and quoted certificate fail message. file: [675528fb5b] check-in: [e3e0021e31] user: bohagan, branch: trunk, size: 90904 [annotate] [blame] [check-ins using] [diff]
2024-02-06
02:42
Added provider test cases file: [08e7f9d341] check-in: [5a41ff9aa1] user: bohagan, branch: crypto, size: 85654 [annotate] [blame] [check-ins using] [diff]
2024-02-05
00:55
Code updates for gcc warnings file: [76576d8a94] check-in: [7e672606f5] user: bohagan, branch: trunk, size: 90713 [annotate] [blame] [check-ins using] [diff]
2024-02-04
23:25
Code updates for gcc warnings file: [0f9a22b39e] check-in: [e58f2c78c8] user: bohagan, branch: crypto, size: 85654 [annotate] [blame] [check-ins using] [diff]
03:31
Merged changes from master branch file: [9e57ea75de] check-in: [fa17431520] user: bohagan, branch: crypto, size: 85498 [annotate] [blame] [check-ins using] [diff]
2024-02-03
03:15
Added more IO logging and error callback messages. Removed duplicate messages. file: [893e5c4546] check-in: [a3728bd654] user: bohagan, branch: trunk, size: 90539 [annotate] [blame] [check-ins using] [diff]
2024-02-02
03:33
Added more logging messages and updated get error message macro name file: [ea83c6521f] check-in: [fad32ff05f] user: bohagan, branch: trunk, size: 90571 [annotate] [blame] [check-ins using] [diff]
2023-12-29
21:12
Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f file: [afd3785b3b] check-in: [41e1203724] user: bohagan, branch: trunk, size: 90378 [annotate] [blame] [check-ins using] [diff]
21:09
Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f file: [4d8cd20913] check-in: [f586ebd433] user: bohagan, branch: crypto, size: 85296 [annotate] [blame] [check-ins using] [diff]
03:09
Merged in master changes file: [b9807f7867] check-in: [d2d04c75a0] user: bohagan, branch: crypto, size: 85272 [annotate] [blame] [check-ins using] [diff]
03:09
Updated to auto set DH parameters. Updated to use well known Diffie-Hellman (DH) parameters that have built-in support in OpenSSL. This means the DH parameters will be selected to be consistent with the size of the key associated with the server's certificate. If there is no certificate (e.g. for PSK ciphersuites), then it it will be consistent with the size of the negotiated symmetric cipher key. file: [54886bd843] check-in: [d3d16ea77f] user: bohagan, branch: dh, size: 90364 [annotate] [blame] [check-ins using] [diff]
03:09
Merged in dh branch file: [a4e2c18a75] check-in: [594dfd3195] user: bohagan, branch: trunk, size: 90369 [annotate] [blame] [check-ins using] [diff]
2023-12-28
20:01
Created DH branch file: [7c1b9c1884] check-in: [22f9df2429] user: bohagan, branch: dh, size: 90219 [annotate] [blame] [check-ins using] [diff]
03:00
Added random bytes command to generate random bytes using a cryptographically secure pseudo random generator (CSPRNG). file: [c0cfa2b008] check-in: [baa34f4208] user: bohagan, branch: crypto, size: 84798 [annotate] [blame] [check-ins using] [diff]
2023-12-21
20:15
Merged in master changes file: [578f1e1218] check-in: [265ace08fe] user: bohagan, branch: crypto, size: 84768 [annotate] [blame] [check-ins using] [diff]
19:56
Optimized Init stub load and package require. Use general pkhIndex.tcl file. file: [42a5997f51] check-in: [c498845865] user: bohagan, branch: trunk, size: 90221 [annotate] [blame] [check-ins using] [diff]
2023-12-16
04:56
Changed options processing from using string compares in macros to using Tcl_GetIndexFromObj and switch. file: [5f4251e5e6] check-in: [c7540ccbf1] user: bohagan, branch: crypto, size: 84893 [annotate] [blame] [check-ins using] [diff]
2023-12-11
05:24
Added KDF module to derive keys and ivs from passwords and salts. Added -hash option as alias for -digest. file: [4273abe6e0] check-in: [d4c2159faf] user: bohagan, branch: crypto, size: 82968 [annotate] [blame] [check-ins using] [diff]
2023-12-04
03:56
Split list operations into separate functions to make it easier for OpenSSL 3.0 changes. Added pkey list function. Added mac info and pkey info placeholder functions. More checks for NULL pointers. Moved legacy load ciphers and digest to init routine. file: [63ca861d17] check-in: [9e6e94200c] user: bohagan, branch: crypto, size: 82939 [annotate] [blame] [check-ins using] [diff]
2023-12-02
04:25
Added function to encrypt and decrypt data file: [3ece83c57b] check-in: [b395f93924] user: bohagan, branch: crypto, size: 82722 [annotate] [blame] [check-ins using] [diff]
2023-11-27
02:15
Backport changes from crypto branch including change -securitylevel option to -security_level. Optimized binary to hex conversion. file: [d44fcd8515] check-in: [d351d79642] user: bohagan, branch: trunk, size: 90346 [annotate] [blame] [check-ins using] [diff]
2023-11-21
03:44
Add digest and MAC use of EVP_DigestFinalXOF for XOF hash functions. Renamed security level option from -securitylevel to -security_level. Added more description info to digest and hash documentation. Added examples for tls::digest command to documentation. file: [66b088c361] check-in: [c5c9b26ac8] user: bohagan, branch: crypto, size: 82689 [annotate] [blame] [check-ins using] [diff]
2023-11-18
05:59
Optimized DigestInputProc to use common digest functions. Fixed write to channel digest transform. Updated comments file: [0db9f8be24] check-in: [3120c0a647] user: bohagan, branch: crypto, size: 82686 [annotate] [blame] [check-ins using] [diff]
2023-11-03
22:03
Moved info commands to tlsInfo.c file. Moved REASON macro definition to tlsInt.h file so all files can use. file: [2858ec05c6] check-in: [61a7c2c15a] user: bohagan, branch: crypto, size: 82682 [annotate] [blame] [check-ins using] [diff]
2023-10-27
23:01
Moved digest command to new tlsDigest.c file file: [860bf39ae0] check-in: [b120c6d336] user: bohagan, branch: crypto, size: 91841 [annotate] [blame] [check-ins using] [diff]
2023-10-14
23:16
Updated digests command to filter out RSA digests since only used for signature algorithms. file: [5aecfbd855] check-in: [0a899f2c18] user: bohagan, branch: crypto, size: 95326 [annotate] [blame] [check-ins using] [diff]
21:35
Optimized byte array to hex conversions file: [e558c674d7] check-in: [049f9cb970] user: bohagan, branch: crypto, size: 95180 [annotate] [blame] [check-ins using] [diff]
2023-10-11
23:13
Renamed hash command to digest and hashes command to digests. file: [33f81c89e9] check-in: [38f5e78596] user: bohagan, branch: crypto, size: 95121 [annotate] [blame] [check-ins using] [diff]
22:34
Modified ciphers command to make protocol arg optional to list all supported ciphers. file: [3f80fde031] check-in: [a44d361c13] user: bohagan, branch: crypto, size: 95021 [annotate] [blame] [check-ins using] [diff]
2023-10-10
04:10
Added hashes command to list OpenSSL supported hash digests. file: [d77314704b] check-in: [78cf378796] user: bohagan, branch: crypto, size: 94288 [annotate] [blame] [check-ins using] [diff]
02:43
Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. file: [30dc12770e] check-in: [cafd2dc6ba] user: bohagan, branch: crypto, size: 93252 [annotate] [blame] [check-ins using] [diff]
00:06
Created cryptography branch file: [a4b3c334bf] check-in: [0cd384c2ff] user: bohagan, branch: crypto, size: 89897 [annotate] [blame] [check-ins using] [diff]
2023-09-24
20:12
Moved definition of Append to List macros to tlsInt.h. Updated tls.c to use Append to List macros. file: [f4a59d7949] check-in: [28d6418fa7] user: bohagan, branch: trunk, size: 90229 [annotate] [blame] [check-ins using] [diff]
2023-09-23
22:37
Updates for TCL 9.0 and Tcl_Size change file: [6525346f21] check-in: [c740ba0cb8] user: bohagan, branch: trunk, size: 93217 [annotate] [blame] [check-ins using] [diff]
2023-09-02
22:07
Added verify result to handshake fail error message. file: [b2882089e7] check-in: [2e3a232d85] user: bohagan, branch: trunk, size: 92696 [annotate] [blame] [check-ins using] [diff]
21:13
Set automatic curve selection for ECDH temporary keys used during key exchange. Used to make a server always choose the most appropriate curve for a client. Disable compression even if supported. file: [050ef8b065] check-in: [1dbae1afec] user: bohagan, branch: trunk, size: 92512 [annotate] [blame] [check-ins using] [diff]
20:03
Changed to only allow SSL2 and SSL3 to be manually enabled. See RFC 8996, Deprecating TLS 1.0 and TLS 1.1. Also see NIST SP 800-52r2 which requires TLS 1.2 and TLS 1.3, should not use TLS 1.1, and shall not use TLS 1.0, SSL 3.0, or SSL 2.0. file: [a404941892] check-in: [9d1bdab9a6] user: bohagan, branch: trunk, size: 92162 [annotate] [blame] [check-ins using] [diff]
2023-08-28
01:56
Added load CA file comments file: [18bce24fbb] check-in: [d4b5b9bd2a] user: bohagan, branch: status_x509, size: 92428 [annotate] [blame] [check-ins using] [diff]
2023-08-19
20:30
Updated ConnectionInfoObjCmd to localize variables file: [4969f5a74b] check-in: [070af72ccb] user: bohagan, branch: status_x509, size: 91951 [annotate] [blame] [check-ins using] [diff]
18:04
Optimized CiphersObjCmd to use method variable. file: [8772a03dc7] check-in: [543e7ab6d3] user: bohagan, branch: status_x509, size: 91855 [annotate] [blame] [check-ins using] [diff]
2023-08-13
01:00
Added get CA list to connection status file: [3a81d8a8fc] check-in: [c95df396da] user: bohagan, branch: status_x509, size: 91801 [annotate] [blame] [check-ins using] [diff]
2023-08-12
04:07
Added session context, basic constraints, and publickeyhash status file: [59bf4e72f6] check-in: [4a0a74f238] user: bohagan, branch: status_x509, size: 91234 [annotate] [blame] [check-ins using] [diff]
2023-08-10
03:16
Reordered get parameters in Tls_NewX509Obj to follow RFC 5280 section order. Added get self issued, Key usage, Extended Key usage, and purpose values. Added more comments, optimized code, etc. file: [5b3a9ccd27] check-in: [10bcd4c88f] user: bohagan, branch: status_x509, size: 90876 [annotate] [blame] [check-ins using] [diff]
2023-07-31
02:17
Added verify depth and mode status to connection status, renamed signatureType and signatureType file: [876a0b1ced] check-in: [87010ba1d9] user: bohagan, branch: status_x509, size: 90773 [annotate] [blame] [check-ins using] [diff]
2023-07-30
02:53
Updated default callbacks in tls.tcl file file: [b314eff29c] check-in: [cdb51c799e] user: bohagan, branch: errors_and_callbacks, size: 89573 [annotate] [blame] [check-ins using] [diff]
02:09
Add match result to ALPN callback parameters. This indicates if a common protocol was found or not. file: [45bcc590a0] check-in: [75f1cfb376] user: bohagan, branch: errors_and_callbacks, size: 89137 [annotate] [blame] [check-ins using] [diff]
00:20
Updated password callback to add rwflag size arguments to callback. Callback now works like other callbacks with the function followed by args. Refactored get result processing. Added more info to doc file. file: [c6cfb160ec] check-in: [c072b00aeb] user: bohagan, branch: errors_and_callbacks, size: 89046 [annotate] [blame] [check-ins using] [diff]
2023-07-29
21:33
Added message status to callback command results. It is only available when OpenSSL is complied with the enable-ssl-trace option. file: [a5b24e4b6d] check-in: [5ddead759f] user: bohagan, branch: errors_and_callbacks, size: 88623 [annotate] [blame] [check-ins using] [diff]
2023-07-28
19:42
Set ErrorCode for returned errors file: [d37fbac857] check-in: [d7ece0aec4] user: bohagan, branch: errors_and_callbacks, size: 85356 [annotate] [blame] [check-ins using] [diff]
17:01
Disabled skip channel IO during verify callback processing. Call Tcl_Error for connect/handshake errors. file: [fa1e23179a] check-in: [6866efe8ea] user: bohagan, branch: errors_and_callbacks, size: 84348 [annotate] [blame] [check-ins using] [diff]
16:07
Refactored Tls_Error handler to not set errorCode. Use error message, return result, or if none, fall-back to OpenSSL error queue. Added clear OpenSSL errors to start of each command function to remove old error messages. file: [477116b5a6] check-in: [e85a439068] user: bohagan, branch: errors_and_callbacks, size: 84210 [annotate] [blame] [check-ins using] [diff]
2023-07-24
23:12
Comment and documentation updates. Added more checks for supported protocol versions. file: [8e541b360a] check-in: [a4c50c7c74] user: bohagan, branch: errors_and_callbacks, size: 84023 [annotate] [blame] [check-ins using] [diff]
2023-07-21
23:29
Removed connect or handshake errors trigger background error. Removed Tls_Error call to background error handler when a callback command isn't defined. This would occur during connect/handshake errors. Fixes bug: https://core.tcl-lang.org/tcltls/tktview/2c7b748796 file: [459c02ba4b] check-in: [6a11f12158] user: bohagan, branch: errors_and_callbacks, size: 83745 [annotate] [blame] [check-ins using] [diff]
23:01
Added new option -validatecommand to handle callbacks that require a return value. Consolidated evaluate callback commands into one function EvalCallback. Return alert codes for callbacks. Added more comments to callback functions. file: [d05c00dc5b] check-in: [91ff651d51] user: bohagan, branch: errors_and_callbacks, size: 84109 [annotate] [blame] [check-ins using] [diff]
2023-07-16
18:41
Added Next Protocol Negotiation (NPN) for TLS 1.0 to TLS 1.2. file: [6f8aac6c9a] check-in: [f7b84d671a] user: bohagan, branch: errors_and_callbacks, size: 82875 [annotate] [blame] [check-ins using] [diff]
17:26
Added alert type to info callback parameters and refactored code. file: [a232f29e3c] check-in: [0aa8ad9487] user: bohagan, branch: errors_and_callbacks, size: 81255 [annotate] [blame] [check-ins using] [diff]
16:02
Register ALPN callbacks only if protocols defined. Catch more errors in callbacks, return after set return values. file: [459b6052cb] check-in: [3b2e00d8a5] user: bohagan, branch: errors_and_callbacks, size: 81208 [annotate] [blame] [check-ins using] [diff]
2023-07-09
22:46
Changed to pass verify ok results string to callback. Renamed certificate status signature_hash to signatureHashAlgorithm. file: [55d19f65b6] check-in: [a5858c387a] user: bohagan, branch: status_x509, size: 81017 [annotate] [blame] [check-ins using] [diff]
2023-06-18
21:47
Added post handshake cert request option file: [57bb811cee] check-in: [fec0e414e9] user: bohagan, branch: status_x509, size: 81100 [annotate] [blame] [check-ins using] [diff]
2023-06-17
23:09
Added signature hash and type to connection status Changed validation result to verification. file: [15b3de1fe1] check-in: [e02e24c84a] user: bohagan, branch: status_x509, size: 80626 [annotate] [blame] [check-ins using] [diff]
2023-06-16
18:04
Change to use NULL for empty pointers file: [03a1400f39] check-in: [ee0728f6d6] user: bohagan, branch: status_x509, size: 79882 [annotate] [blame] [check-ins using] [diff]
2023-06-11
23:26
Use client or server methods instead of generic methods for protocol version selection file: [311a8c5ace] check-in: [f9da715266] user: bohagan, branch: status_x509, size: 80037 [annotate] [blame] [check-ins using] [diff]
20:12
Optimized get X509 certificate extensions file: [65ec9cb148] check-in: [eccad70fa9] user: bohagan, branch: status_x509, size: 79701 [annotate] [blame] [check-ins using] [diff]
02:27
Added more X509 certificate status info, show algorithm names, list used extensions, etc. file: [fb9e2c2ae2] check-in: [7265279af2] user: bohagan, branch: status_x509, size: 79702 [annotate] [blame] [check-ins using] [diff]
2023-06-10
21:25
Added master key, is server, and ticket lifetime to connection status. Reordered connection status results for better grouping. file: [34dae888de] check-in: [4e75be42e6] user: bohagan, branch: status_x509, size: 79783 [annotate] [blame] [check-ins using] [diff]
20:33
Set protocol version method based on client or server option. file: [a24507cd1f] check-in: [50c71137cb] user: bohagan, branch: status_x509, size: 78524 [annotate] [blame] [check-ins using] [diff]
19:45
Added ALPN callback update to catch and return errors in select next protocol. file: [3072fade94] check-in: [1a03a74d6e] user: bohagan, branch: status_x509, size: 78444 [annotate] [blame] [check-ins using] [diff]
2023-06-05
02:47
More callback error checking. Added session ticket callback handling. Split set client and server session caching callbacks. file: [bf31ce69c0] check-in: [e1f08bc122] user: bohagan, branch: status_x509, size: 77953 [annotate] [blame] [check-ins using] [diff]
02:09
Use SSL connection states instead of custom states. file: [a126391165] check-in: [3d083cdfaf] user: bohagan, branch: status_x509, size: 77524 [annotate] [blame] [check-ins using] [diff]
2023-06-04
03:20
Set host name for certificate checks. Pass peer specified host name to Hello callback. Set host name for certificate checks. This is separate from SNI. Added peername to status command results. Source: https://core.tcl-lang.org/tcltls/tktview/b023257dcf and https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 file: [62ec7882d5] check-in: [65f84287e7] user: bohagan, branch: status_x509, size: 77639 [annotate] [blame] [check-ins using] [diff]
2023-06-03
22:33
Added ALPN callback protocol selection. In ALPNCallback, server select from client provided protocol list uses -alpn protocols list to find first common protocol. file: [36d88366bc] check-in: [f50ee33fd6] user: bohagan, branch: status_x509, size: 76135 [annotate] [blame] [check-ins using] [diff]
2023-06-02
22:23
Added compression state to connection status file: [edf428a0fb] check-in: [e5975c8072] user: bohagan, branch: status_x509, size: 75712 [annotate] [blame] [check-ins using] [diff]
2023-05-29
23:15
Added server callbacks for ALPN, SNI, and Hello messages file: [30923f52a9] check-in: [a04a3aef6b] user: bohagan, branch: status_x509, size: 75640 [annotate] [blame] [check-ins using] [diff]
2023-05-27
21:14
Optimized use of pointers and comment format updates. file: [78a5edc11d] check-in: [500c6b97d6] user: bohagan, branch: status_x509, size: 68331 [annotate] [blame] [check-ins using] [diff]
19:20
Added session id and ticket to connection status. Added callback to handle session id and ticket updates after the handshake. file: [6e32fbd0db] check-in: [489f45bd81] user: bohagan, branch: status_x509, size: 68304 [annotate] [blame] [check-ins using] [diff]
03:06
Removed support for obsolete OpenSSL versions prior to v1.1.1. file: [c78a7d27a7] check-in: [0de7b4fc0a] user: bohagan, branch: status_x509, size: 64125 [annotate] [blame] [check-ins using] [diff]
2023-05-26
22:43
Added set security level option to set all relevant parameters including cipher suite, encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms in one operation. file: [0c71e3381c] check-in: [32ce5d6220] user: bohagan, branch: status_x509, size: 67292 [annotate] [blame] [check-ins using] [diff]
2023-05-24
02:40
Added new option -ciphersuites to set ciphers suites for TLS 1.3. Addresses defect: https://core.tcl-lang.org/tcltls/tktview/d0518a5645 file: [57a6f16cff] check-in: [cd11c125e8] user: bohagan, branch: status_x509, size: 66797 [annotate] [blame] [check-ins using] [diff]
01:18
Updated ciphers command to use current APIs and added an option to return only ciphers as would be sent in ClientHello. Updated test suite to use OpenSSL executable to get ciphers comparison data. Added more test cases. Addresses defects: https://core.tcl-lang.org/tcltls/tktview/688788a45c and https://sourceforge.net/p/tls/bugs/36/ file: [f33536e873] check-in: [05b2dd47be] user: bohagan, branch: status_x509, size: 66321 [annotate] [blame] [check-ins using] [diff]
2023-05-20
04:46
Added get supported protocol versions command file: [138bbe9b64] check-in: [168ce6abb1] user: bohagan, branch: status_x509, size: 65830 [annotate] [blame] [check-ins using] [diff]
00:56
Added new connection info command which returns connection configuration and status. file: [4728c9082f] check-in: [04e10976f7] user: bohagan, branch: status_x509, size: 64046 [annotate] [blame] [check-ins using] [diff]
2023-05-06
19:35
Replaced custom build scripts with TEA scripts. Removed custom build scripts and replaced with latest TEA config files. Updated pkgIndex.tcl.in to support static builds. Incorporated relevant previous build macros into scripts. file: [e3d417c077] check-in: [a329ea2ff4] user: bohagan, branch: TEA, size: 58725 [annotate] [blame] [check-ins using] [diff]
2023-04-30
16:07
Added: Moved files to subdirectories per TEA directory structure. file: [4c6200b506] check-in: [3dcd70f98e] user: bohagan, branch: TEA, size: 58688 [annotate] [blame] [check-ins using]