View Ticket
18:01 Closed ticket [2059171e7d]: tls::status return value differs depending on platform in use. plus 2 other changes artifact: d8c21f1599 user: rkeene
17:44 Fixed ticket [2059171e7d]. artifact: 3157a7e281 user: rkeene
Better handling of reading certificate PEM data, resolves [2059171e7d] check-in: 8e0ed4e723 user: rkeene tags: trunk
21:25 New ticket [2059171e7d] tls::status return value differs depending on platform in use.. artifact: c6366ab0bc user: anonymous

Ticket Hash: 2059171e7d45ad24bc4e649c71d4aa5fce4a709e
Title: tls::status return value differs depending on platform in use.
Status: Closed Type: Code Defect
Severity: Important Priority: Immediate
Subsystem: Resolution: Fixed
Last Modified: 2019-04-09 18:01:15
Version Found In: 1.7.16
User Comments:
anonymous added on 2019-03-10 21:25:58:
In tcltls-1.7.16 the command tls::status is supposed to return key-value pairs describing the connected peer.  
It does this however, there is a difference in what is returned that is platform dependent. The difference 
is associated with the value related to the "certificate" key within the list.

The section of code that produces the "defective" value in the list is in the following section of tlsX509.c

    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( "certificate", -1) );
    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( certStr, -1) );

In a Linux environment the full string of the certificate is returned as expected.  In a windows environment,
the certificate is truncated (I think the returned value is consistently truncated to 1040 characters).

Unfortunately, I do not have the knowledge/skills to debug this but thought it was significant enough to report.
I would expect the behavior of this library to be the same despite the platform.

This was tested/confirmed with different versions of openssl(1.0.2), Linux, and Windows.

rkeene added on 2019-04-09 17:44:46:
This will be fixed in TclTLS V1.7.17 and later