TclTLS: Check-in [74ebe7ccce]

Overview

Comment:	Made changes to dereference objects returned by Tcl_ListObjIndex and Tcl_ListObjGetElements for TCL 9 abstract lists
Downloads:	Tarball \| ZIP archive \| SQL archive
Timelines:	family \| ancestors \| descendants \| both \| trunk \| tls-2.0
Files:	files \| file ages \| folders
SHA3-256:	74ebe7ccced22ffd2ca7a54c3c808c0076592f9e7025625d3eeb7e24e73bc805
User & Date:	bohagan on 2025-02-01 23:36:34
Other Links:	branch diff \| manifest \| tags

Context

2025-02-08
21:05		Corrections to previous commit check-in: b565c0a12a user: bohagan tags: trunk, tls-2.0
2025-02-01
23:36		Made changes to dereference objects returned by Tcl_ListObjIndex and Tcl_ListObjGetElements for TCL 9 abstract lists check-in: 74ebe7ccce user: bohagan tags: trunk, tls-2.0
2025-01-06
21:50		Added compatibility notes to documentation check-in: 521ce8a625 user: bohagan tags: trunk, tls-2.0

Changes

Modified generic/tls.c from [a490a47cab] to [df5d7390df].

︙			︙
80 81 82 83 84 85 86 87 88 89 90 91 92 93 94	* 1 = Command returned success or eval returned TCL_OK * * Side effects: * Evaluates callback command * ------------------------------------------------------------------- / static int EvalCallback( Tcl_Interp interp, / Tcl interpreter / State statePtr, /* Client state for TLS socket / Tcl_Obj cmdPtr) /* Command to eval as a Tcl object */ { int code, ok = 0;	\|	80 81 82 83 84 85 86 87 88 89 90 91 92 93 94	* 1 = Command returned success or eval returned TCL_OK * * Side effects: * Evaluates callback command * ------------------------------------------------------------------- / static int EvalCallback( Tcl_Interp interp, / Tcl interpreter / State statePtr, /* Client state for TLS socket / Tcl_Obj cmdPtr) /* Command to eval as a Tcl object */ { int code, ok = 0;
︙			︙
135 136 137 138 139 140 141 ~~142~~ 143 144 145 146 147 148 149	* None * * Side effects: * Calls callback (if defined) * ------------------------------------------------------------------- / static void InfoCallback( const SSL ssl, / SSL context / int where, / Source of info / int ret) / message enum / { State statePtr = (State)SSL_get_app_data((SSL )ssl);	\|	135 136 137 138 139 140 141 142 143 144 145 146 147 148 149	* None * * Side effects: * Calls callback (if defined) * ------------------------------------------------------------------- / static void InfoCallback( const SSL ssl, / SSL context / int where, / Source of info / int ret) / message enum / { State statePtr = (State)SSL_get_app_data((SSL )ssl);
︙			︙
212 213 214 215 216 217 218 ~~219~~ 220 221 222 223 224 225 226	* None * * Side effects: * Calls callback (if defined) * ------------------------------------------------------------------- / #ifndef OPENSSL_NO_SSL_TRACE static void MessageCallback( int write_p, /* Message 0=received, 1=sent / int version, / TLS version / int content_type, / Protocol content type / const void buf, /* Protocol message */	\|	212 213 214 215 216 217 218 219 220 221 222 223 224 225 226	* None * * Side effects: * Calls callback (if defined) * ------------------------------------------------------------------- / #ifndef OPENSSL_NO_SSL_TRACE static void MessageCallback( int write_p, /* Message 0=received, 1=sent / int version, / TLS version / int content_type, / Protocol content type / const void buf, /* Protocol message */
︙			︙
362 363 364 365 366 367 368 ~~369~~ 370 371 372 373 374 375 376	* * Side effects: * The err field of the currently operative State is set * to a string describing the SSL negotiation failure reason * ------------------------------------------------------------------- / static int VerifyCallback( int ok, /* Verify result / X509_STORE_CTX ctx) /* CTX context / { Tcl_Obj cmdPtr; SSL ssl = (SSL)X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());	\|	362 363 364 365 366 367 368 369 370 371 372 373 374 375 376	* * Side effects: * The err field of the currently operative State is set * to a string describing the SSL negotiation failure reason * ------------------------------------------------------------------- / static int VerifyCallback( int ok, /* Verify result / X509_STORE_CTX ctx) /* CTX context / { Tcl_Obj cmdPtr; SSL ssl = (SSL)X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
︙			︙
432 433 434 435 436 437 438 ~~439~~ 440 441 442 443 444 445 446	* * Side effects: * The err field of the currently operative State is set to a * string describing the SSL negotiation failure reason * ------------------------------------------------------------------- / void Tls_Error( State statePtr, / Client state for TLS socket / const char msg) /* Error message / { Tcl_Interp interp = statePtr->interp; Tcl_Obj cmdPtr, listPtr;	\|	432 433 434 435 436 437 438 439 440 441 442 443 444 445 446	* * Side effects: * The err field of the currently operative State is set to a * string describing the SSL negotiation failure reason * ------------------------------------------------------------------- / void Tls_Error( State statePtr, / Client state for TLS socket / const char msg) /* Error message / { Tcl_Interp interp = statePtr->interp; Tcl_Obj cmdPtr, listPtr;
︙			︙
490 491 492 493 494 495 496 ~~497~~ 498 499 500 501 502 503 504	* Write received key data to log file. * * Side effects: * none * ------------------------------------------------------------------- / void KeyLogCallback( const SSL ssl, / Client state for TLS socket / const char line) /* Key data to be logged / { char str = getenv(SSLKEYLOGFILE); FILE *fd;	\|	490 491 492 493 494 495 496 497 498 499 500 501 502 503 504	* Write received key data to log file. * * Side effects: * none * ------------------------------------------------------------------- / void KeyLogCallback( const SSL ssl, / Client state for TLS socket / const char line) /* Key data to be logged / { char str = getenv(SSLKEYLOGFILE); FILE *fd;
︙			︙
527 528 529 530 531 532 533 ~~534~~ 535 536 537 538 539 540 541	* Calls callback (if defined) * * Returns: * Password size in bytes or -1 for an error. * ------------------------------------------------------------------- / static int PasswordCallback( char buf, / Pointer to buffer to store password in / int size, / Buffer length in bytes / int rwflag, / Whether password is needed for read or write / void udata) /* Client state for TLS socket */ {	\|	527 528 529 530 531 532 533 534 535 536 537 538 539 540 541	* Calls callback (if defined) * * Returns: * Password size in bytes or -1 for an error. * ------------------------------------------------------------------- / static int PasswordCallback( char buf, / Pointer to buffer to store password in / int size, / Buffer length in bytes / int rwflag, / Whether password is needed for read or write / void udata) /* Client state for TLS socket */ {
︙			︙
612 613 614 615 616 617 618 ~~619~~ 620 621 622 623 624 625 626	* * Return codes: * 0 = error where session will be immediately removed from the internal cache. * 1 = success where app retains session in session cache, and must call SSL_SESSION_free() when done. * ------------------------------------------------------------------- / static int SessionCallback( SSL ssl, / SSL context / SSL_SESSION session) /* Session context / { State statePtr = (State)SSL_get_app_data((SSL )ssl); Tcl_Interp *interp = statePtr->interp;	\|	612 613 614 615 616 617 618 619 620 621 622 623 624 625 626	* * Return codes: * 0 = error where session will be immediately removed from the internal cache. * 1 = success where app retains session in session cache, and must call SSL_SESSION_free() when done. * ------------------------------------------------------------------- / static int SessionCallback( SSL ssl, / SSL context / SSL_SESSION session) /* Session context / { State statePtr = (State)SSL_get_app_data((SSL )ssl); Tcl_Interp *interp = statePtr->interp;
︙			︙
685 686 687 688 689 690 691 ~~692~~ 693 694 695 696 697 698 699	* SSL_TLSEXT_ERR_ALERT_FATAL: There was no overlap between the client's * supplied list and the server configuration. The connection will be aborted. * SSL_TLSEXT_ERR_NOACK: ALPN protocol not selected, e.g., because no ALPN * protocols are configured for this connection. The connection continues. * ------------------------------------------------------------------- / static int ALPNCallback( SSL ssl, / SSL context / const unsigned char out, / Return buffer to store selected protocol / unsigned char outlen, /* Return buffer size / const unsigned char in, /* Peer provided protocols / unsigned int inlen, / Peer buffer size */	\|	685 686 687 688 689 690 691 692 693 694 695 696 697 698 699	* SSL_TLSEXT_ERR_ALERT_FATAL: There was no overlap between the client's * supplied list and the server configuration. The connection will be aborted. * SSL_TLSEXT_ERR_NOACK: ALPN protocol not selected, e.g., because no ALPN * protocols are configured for this connection. The connection continues. * ------------------------------------------------------------------- / static int ALPNCallback( SSL ssl, / SSL context / const unsigned char out, / Return buffer to store selected protocol / unsigned char outlen, /* Return buffer size / const unsigned char in, /* Peer provided protocols / unsigned int inlen, / Peer buffer size */
︙			︙
760 761 762 763 764 765 766 ~~767~~ 768 769 770 771 772 773 774	* * Return codes: * SSL_TLSEXT_ERR_OK: NPN protocol selected. The connection continues. * SSL_TLSEXT_ERR_NOACK: NPN protocol not selected. The connection continues. * ------------------------------------------------------------------- / #ifdef USE_NPN static int NPNCallback( const SSL ssl, / SSL context / const unsigned char out, / Return buffer to store selected protocol / unsigned int outlen, /* Return buffer size / void arg) /* Client state for TLS socket */	\|	760 761 762 763 764 765 766 767 768 769 770 771 772 773 774	* * Return codes: * SSL_TLSEXT_ERR_OK: NPN protocol selected. The connection continues. * SSL_TLSEXT_ERR_NOACK: NPN protocol not selected. The connection continues. * ------------------------------------------------------------------- / #ifdef USE_NPN static int NPNCallback( const SSL ssl, / SSL context / const unsigned char out, / Return buffer to store selected protocol / unsigned int outlen, /* Return buffer size / void arg) /* Client state for TLS socket */
︙			︙
815 816 817 818 819 820 821 ~~822~~ 823 824 825 826 827 828 829	* SSL_TLSEXT_ERR_ALERT_WARNING: SNI hostname is not accepted, warning alert * sent (not supported in TLSv1.3). The connection continues. * SSL_TLSEXT_ERR_NOACK: SNI hostname is not accepted and not acknowledged, * e.g. if SNI has not been configured. The connection continues. * ------------------------------------------------------------------- / static int SNICallback( const SSL ssl, / SSL context / int alert, /* Returned alert message / void arg) /* Client state for TLS socket / { State statePtr = (State*)arg;	\|	815 816 817 818 819 820 821 822 823 824 825 826 827 828 829	* SSL_TLSEXT_ERR_ALERT_WARNING: SNI hostname is not accepted, warning alert * sent (not supported in TLSv1.3). The connection continues. * SSL_TLSEXT_ERR_NOACK: SNI hostname is not accepted and not acknowledged, * e.g. if SNI has not been configured. The connection continues. * ------------------------------------------------------------------- / static int SNICallback( const SSL ssl, / SSL context / int alert, /* Returned alert message / void arg) /* Client state for TLS socket / { State statePtr = (State*)arg;
︙			︙
892 893 894 895 896 897 898 ~~899~~ 900 901 902 903 904 905 906	* Return codes: * SSL_CLIENT_HELLO_RETRY: suspend the handshake, and the handshake function will return immediately * SSL_CLIENT_HELLO_ERROR: failure, terminate connection. Set alert to error code. * SSL_CLIENT_HELLO_SUCCESS: success * ------------------------------------------------------------------- / static int HelloCallback( SSL ssl, / SSL context / int alert, /* Returned alert message / void arg) /* Client state for TLS socket / { State statePtr = (State*)arg;	\|	892 893 894 895 896 897 898 899 900 901 902 903 904 905 906	* Return codes: * SSL_CLIENT_HELLO_RETRY: suspend the handshake, and the handshake function will return immediately * SSL_CLIENT_HELLO_ERROR: failure, terminate connection. Set alert to error code. * SSL_CLIENT_HELLO_SUCCESS: success * ------------------------------------------------------------------- / static int HelloCallback( SSL ssl, / SSL context / int alert, /* Returned alert message / void arg) /* Client state for TLS socket / { State statePtr = (State*)arg;
︙			︙
993 994 995 996 997 998 999 ~~1000~~ 1001 1002 1003 1004 1005 1006 1007	* A standard Tcl result list. * * Side effects: * constructs and destroys SSL context (CTX) * ------------------------------------------------------------------- / static const char *protocols[] = { "ssl2", "ssl3", "tls1", "tls1.1", "tls1.2", "tls1.3", NULL }; enum protocol { TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_TLS1_3, TLS_NONE };	\|	993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007	* A standard Tcl result list. * * Side effects: * constructs and destroys SSL context (CTX) * ------------------------------------------------------------------- / static const char *protocols[] = { "ssl2", "ssl3", "tls1", "tls1.1", "tls1.2", "tls1.3", NULL }; enum protocol { TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_TLS1_3, TLS_NONE };
︙			︙
1610 1611 1612 1613 1614 1615 1616 ~~1617~~ 1618 1619 ~~1620~~ 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 ~~1634 1635~~ 1636 1637 1638 1639 1640 1641 1642 ~~1643 1644~~ 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 ~~1656~~ 1657 1658 1659 1660 1661 1662 1663	} } /* Enable Application-Layer Protocol Negotiation. Examples are: http/1.0, http/1.1, h2, h3, ftp, imap, pop3, xmpp-client, xmpp-server, mqtt, irc, etc. / if (alpn) { / Convert a TCL list into a protocol-list in wire-format / ~~unsigned char protos, p;~~ unsigned int protos_len = 0; Tcl_Size cnt, i; ~~int j;~~ Tcl_Obj list; if (Tcl_ListObjGetElements(interp, alpn, &cnt, &list) != TCL_OK) { Tls_Free((tls_free_type ) statePtr); return TCL_ERROR; } /* Determine the memory required for the protocol-list / for (i = 0; i < cnt; i++) { Tcl_GetStringFromObj(list[i], &len); if (len > 255) { Tcl_AppendResult(interp, "ALPN protocol names too long", (char )NULL); Tcl_SetErrorCode(interp, "TLS", "IMPORT", "ALPN", "FAILED", (char )NULL); ~~~~Tls_Free((tls_free_type ) statePtr);~~ re~~turn~~ TCL_ERROR;~~ } protos_len += 1 + (int) len; } /* Build the complete protocol-list / protos = ckalloc(protos_len); / protocol-lists consist of 8-bit length-prefixed, byte strings / ~~for (j = 0, p = protos; j < cnt; j++) { char str = Tcl_GetStringFromObj(list[j], &len);~~ p++ = (unsigned char) len; memcpy(p, str, (size_t) len); p += len; } / SSL_set_alpn_protos makes a copy of the protocol-list / / Note: This function reverses the return value convention / if (SSL_set_alpn_protos(statePtr->ssl, protos, protos_len)) { Tcl_AppendResult(interp, "Set ALPN protocols failed: ", GET_ERR_REASON(), (char )NULL); Tcl_SetErrorCode(interp, "TLS", "IMPORT", "ALPN", "FAILED", (char )NULL); Tls_Free((tls_free_type ) statePtr); ~~ckfree(protos);~~ return TCL_ERROR; } /* Store protocols list */ statePtr->protos = protos; statePtr->protos_len = protos_len; } else {	\| \| < \| > \| \| > > > > > > > > > > \| >	1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674	} } /* Enable Application-Layer Protocol Negotiation. Examples are: http/1.0, http/1.1, h2, h3, ftp, imap, pop3, xmpp-client, xmpp-server, mqtt, irc, etc. / if (alpn) { / Convert a TCL list into a protocol-list in wire-format / unsigned char protos = NULL, p; unsigned int protos_len = 0; Tcl_Size cnt, i; int res = TCL_OK; Tcl_Obj list; if (Tcl_ListObjGetElements(interp, alpn, &cnt, &list) != TCL_OK) { Tls_Free((tls_free_type ) statePtr); return TCL_ERROR; } /* Determine the memory required for the protocol-list / for (i = 0; i < cnt; i++) { Tcl_GetStringFromObj(list[i], &len); if (len > 255) { Tcl_AppendResult(interp, "ALPN protocol names too long", (char )NULL); Tcl_SetErrorCode(interp, "TLS", "IMPORT", "ALPN", "FAILED", (char )NULL); res = TCL_ERROR; goto done; } protos_len += 1 + (int) len; } / Build the complete protocol-list / protos = ckalloc(protos_len); / protocol-lists consist of 8-bit length-prefixed, byte strings / for (i = 0, p = protos; i < cnt; i++) { char str = Tcl_GetStringFromObj(list[i], &len); p++ = (unsigned char) len; memcpy(p, str, (size_t) len); p += len; } / SSL_set_alpn_protos makes a copy of the protocol-list / / Note: This function reverses the return value convention / if (SSL_set_alpn_protos(statePtr->ssl, protos, protos_len)) { Tcl_AppendResult(interp, "Set ALPN protocols failed: ", GET_ERR_REASON(), (char )NULL); Tcl_SetErrorCode(interp, "TLS", "IMPORT", "ALPN", "FAILED", (char )NULL); res = TCL_ERROR; } done: for (i = 0; i < cnt; i++) { Tcl_IncrRefCount(list[i]); Tcl_DecrRefCount(list[i]); } if (res != TCL_OK) { Tls_Free((tls_free_type ) statePtr); if (protos != NULL) { ckfree(protos); } return TCL_ERROR; } /* Store protocols list */ statePtr->protos = protos; statePtr->protos_len = protos_len; } else {
︙			︙
1843 1844 1845 1846 1847 1848 1849 ~~1850~~ 1851 1852 1853 1854 1855 1856 1857	* Number of certificates loaded or 0 for none. * * Side effects: * Loads CA certificates * ------------------------------------------------------------------- / static int TlsLoadClientCAFileFromMemory( Tcl_Interp interp, / Tcl interpreter / SSL_CTX ctx, /* CTX context / Tcl_Obj file) /* CA certificates filename / { BIO bio = NULL;	\|	1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868	* Number of certificates loaded or 0 for none. * * Side effects: * Loads CA certificates * ------------------------------------------------------------------- / static int TlsLoadClientCAFileFromMemory( Tcl_Interp interp, / Tcl interpreter / SSL_CTX ctx, /* CTX context / Tcl_Obj file) /* CA certificates filename / { BIO bio = NULL;
︙			︙
2339 2340 2341 2342 2343 2344 2345 2346 2347 ~~2348~~ 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376	/* Set file of CA certificates in PEM format. / if (CAfile != NULL) { Tcl_Obj cafileobj = Tcl_NewStringObj(CAfile, -1); Tcl_IncrRefCount(cafileobj); Tcl_Obj fsinfo = Tcl_FSFileSystemInfo(cafileobj); if (fsinfo) { Tcl_IncrRefCount(fsinfo); ~~Tcl_Obj fstype = NULL;~~ Tcl_ListObjIndex(interp, fsinfo, 0, &fstype); if (Tcl_StringMatch("native", Tcl_GetString(fstype))) { if (!SSL_CTX_load_verify_file(ctx, F2N(CAfile, &ds))) { abort++; } Tcl_DStringFree(&ds); /* Set list of CAs to send to client when requesting a client certificate / STACK_OF(X509_NAME) certNames = SSL_load_client_CA_file(F2N(CAfile, &ds)); if (certNames != NULL) { SSL_CTX_set_client_CA_list(ctx, certNames); } Tcl_DStringFree(&ds); } else { /* Load certificate into memory / if (!TlsLoadClientCAFileFromMemory(interp, ctx, cafileobj)) { abort++; } } Tcl_DecrRefCount(fsinfo); } else { abort++; / Path is not recognized */ } Tcl_DecrRefCount(cafileobj); }	> < > >	2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 2388 2389	/* Set file of CA certificates in PEM format. / if (CAfile != NULL) { Tcl_Obj cafileobj = Tcl_NewStringObj(CAfile, -1); Tcl_IncrRefCount(cafileobj); Tcl_Obj fsinfo = Tcl_FSFileSystemInfo(cafileobj); if (fsinfo) { Tcl_Obj fstype = NULL; Tcl_IncrRefCount(fsinfo); Tcl_ListObjIndex(interp, fsinfo, 0, &fstype); Tcl_IncrRefCount(fstype); if (Tcl_StringMatch("native", Tcl_GetString(fstype))) { if (!SSL_CTX_load_verify_file(ctx, F2N(CAfile, &ds))) { abort++; } Tcl_DStringFree(&ds); /* Set list of CAs to send to client when requesting a client certificate / STACK_OF(X509_NAME) certNames = SSL_load_client_CA_file(F2N(CAfile, &ds)); if (certNames != NULL) { SSL_CTX_set_client_CA_list(ctx, certNames); } Tcl_DStringFree(&ds); } else { /* Load certificate into memory / if (!TlsLoadClientCAFileFromMemory(interp, ctx, cafileobj)) { abort++; } } Tcl_DecrRefCount(fstype); Tcl_DecrRefCount(fsinfo); } else { abort++; / Path is not recognized */ } Tcl_DecrRefCount(cafileobj); }
︙			︙
2392 2393 2394 2395 2396 2397 2398 ~~2399~~ 2400 2401 2402 2403 2404 2405 2406	* A standard Tcl result. * * Side effects: * None. * ------------------------------------------------------------------- / static int StatusObjCmd( TCL_UNUSED(ClientData), /* Client data / Tcl_Interp interp, /* Tcl interpreter / int objc, / Arg count / Tcl_Obj const objv[]) /* Arguments as Tcl objects */ {	\|	2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419	* A standard Tcl result. * * Side effects: * None. * ------------------------------------------------------------------- / static int StatusObjCmd( TCL_UNUSED(ClientData), /* Client data / Tcl_Interp interp, /* Tcl interpreter / int objc, / Arg count / Tcl_Obj const objv[]) /* Arguments as Tcl objects */ {
︙			︙
2799 2800 2801 2802 2803 2804 2805 ~~2806~~ 2807 2808 2809 2810 2811 2812 2813	* A standard Tcl result. * * Side effects: * None. * ------------------------------------------------------------------- / static int VersionObjCmd( TCL_UNUSED(ClientData), /* Client data / Tcl_Interp interp, /* Tcl interpreter / TCL_UNUSED(int), / objc - Arg count / TCL_UNUSED(Tcl_Obj const )) / objv - Arguments as Tcl objects */ {	\|	2812 2813 2814 2815 2816 2817 2818 2819 2820 2821 2822 2823 2824 2825 2826	* A standard Tcl result. * * Side effects: * None. * ------------------------------------------------------------------- / static int VersionObjCmd( TCL_UNUSED(ClientData), /* Client data / Tcl_Interp interp, /* Tcl interpreter / TCL_UNUSED(int), / objc - Arg count / TCL_UNUSED(Tcl_Obj const )) / objv - Arguments as Tcl objects */ {
︙			︙
2830 2831 2832 2833 2834 2835 2836 ~~2837~~ 2838 2839 2840 2841 2842 2843 2844 2845 2846 2847 2848 2849 2850 2851 2852 2853 2854 2855	* A standard Tcl result. * * Side effects: * None. * ------------------------------------------------------------------- / static int MiscObjCmd( TCL_UNUSED(ClientData), /* Client data / Tcl_Interp interp, /* Tcl interpreter / int objc, / Arg count / Tcl_Obj const objv[]) /* Arguments as Tcl objects / { static const char commands [] = { "req", "strreq", NULL }; enum command { C_REQ, C_STRREQ, C_DUMMY }; int cmd, isStr; char buffer[16384]; dprintf("Called"); if (objc < 2) { Tcl_WrongNumArgs(interp, 1, objv, "subcommand ?args?"); return TCL_ERROR; }	\| >	2843 2844 2845 2846 2847 2848 2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 2862 2863 2864 2865 2866 2867 2868 2869	* A standard Tcl result. * * Side effects: * None. * ------------------------------------------------------------------- / static int MiscObjCmd( TCL_UNUSED(ClientData), /* Client data / Tcl_Interp interp, /* Tcl interpreter / int objc, / Arg count / Tcl_Obj const objv[]) /* Arguments as Tcl objects / { static const char commands [] = { "req", "strreq", NULL }; enum command { C_REQ, C_STRREQ, C_DUMMY }; int cmd, isStr; char buffer[16384]; int res = TCL_OK; dprintf("Called"); if (objc < 2) { Tcl_WrongNumArgs(interp, 1, objv, "subcommand ?args?"); return TCL_ERROR; }
︙			︙
2867 2868 2869 2870 2871 2872 2873 ~~2874~~ 2875 2876 2877 2878 2879 2880 2881	X509 cert=NULL; X509_NAME name=NULL; Tcl_Obj *listv; Tcl_Size listc, i; BIO out=NULL; ~~~~const char~~ k_C="",k_ST="",k_L=~~"",k_O=""~~,k_OU="",k_CN="",k_Email="";~~ char keyout,pemout,str; int keysize,serial=0,days=365; #if OPENSSL_VERSION_NUMBER < 0x30000000L BIGNUM bne = NULL; RSA rsa = NULL; #else	\|	2881 2882 2883 2884 2885 2886 2887 2888 2889 2890 2891 2892 2893 2894 2895	X509 cert=NULL; X509_NAME name=NULL; Tcl_Obj *listv; Tcl_Size listc, i; BIO out=NULL; Tcl_Obj k_C=NULL,k_ST=NULL,k_L=NULL,k_O=NULL,k_OU=NULL,k_CN=NULL,k_Email=NULL; char keyout,pemout,str; int keysize,serial=0,days=365; #if OPENSSL_VERSION_NUMBER < 0x30000000L BIGNUM bne = NULL; RSA rsa = NULL; #else