Overview
Comment: | * tls.c: Applied Jeff's patch from http://www.mail-archive.com/[email protected]/msg12356.html |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
a652b4f6a7af54b5aea8a98918228929 |
User & Date: | andreas_kupries on 2012-06-01 22:59:03 |
Other Links: | manifest | tags |
Context
2012-06-01
| ||
23:03 | * configure.in: Bump to version 1.6.2. * win/makefile.vc: * configure: regen with ac-2.59 check-in: e8bcabbd0a user: andreas_kupries tags: trunk | |
22:59 | * tls.c: Applied Jeff's patch from http://www.mail-archive.com/[email protected]/msg12356.html check-in: a652b4f6a7 user: andreas_kupries tags: trunk | |
2010-08-12
| ||
01:31 | note tls-1-6-1 tag date check-in: 4cb2697d98 user: hobbs2 tags: trunk, tls-1-6-1 | |
Changes
Modified ChangeLog
from [5c4a4ef1ae]
to [3b28b72f7b].
1 2 3 4 5 6 7 | 2010-08-11 Jeff Hobbs <[email protected]> *** TLS 1.6.1 TAGGED *** * configure: regen with ac-2.59 * win/makefile.vc, configure.in: bump version to 1.6.1 * tclconfig/tcl.m4: updated to TEA 3.8 | > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 | 2012-06-01 Andreas Kupries <[email protected]> * tls.c: Applied Jeff's patch from http://www.mail-archive.com/[email protected]/msg12356.html 2010-08-11 Jeff Hobbs <[email protected]> *** TLS 1.6.1 TAGGED *** * configure: regen with ac-2.59 * win/makefile.vc, configure.in: bump version to 1.6.1 * tclconfig/tcl.m4: updated to TEA 3.8 |
︙ | ︙ |
Modified tls.c
from [510496cc5c]
to [36929764b9].
1 2 3 4 5 6 7 | /* * Copyright (C) 1997-1999 Matt Newman <[email protected]> * some modifications: * Copyright (C) 2000 Ajuba Solutions * Copyright (C) 2002 ActiveState Corporation * Copyright (C) 2004 Starfish Systems * | | | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | /* * Copyright (C) 1997-1999 Matt Newman <[email protected]> * some modifications: * Copyright (C) 2000 Ajuba Solutions * Copyright (C) 2002 ActiveState Corporation * Copyright (C) 2004 Starfish Systems * * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.c,v 1.32 2012/06/01 22:59:03 andreas_kupries Exp $ * * TLS (aka SSL) Channel - can be layered on any bi-directional * Tcl_Channel (Note: Requires Trf Core Patch) * * This was built (almost) from scratch based upon observation of * OpenSSL 0.9.2B * |
︙ | ︙ | |||
126 127 128 129 130 131 132 133 134 135 136 137 138 139 | #ifndef STACK_OF #define STACK_OF(x) STACK #define sk_SSL_CIPHER_num(sk) sk_num((sk)) #define sk_SSL_CIPHER_value( sk, index) (SSL_CIPHER*)sk_value((sk), (index)) #endif /* *------------------------------------------------------------------- * * InfoCallback -- * * monitors SSL connection process | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 | #ifndef STACK_OF #define STACK_OF(x) STACK #define sk_SSL_CIPHER_num(sk) sk_num((sk)) #define sk_SSL_CIPHER_value( sk, index) (SSL_CIPHER*)sk_value((sk), (index)) #endif /* * Thread-Safe TLS Code */ #ifdef TCL_THREADS #define OPENSSL_THREAD_DEFINES #include <openssl/opensslconf.h> #ifdef OPENSSL_THREADS #include <openssl/crypto.h> /* * Threaded operation requires locking callbacks * Based from /crypto/cryptlib.c of OpenSSL and NSOpenSSL. */ static Tcl_Mutex locks[CRYPTO_NUM_LOCKS]; static void CryptoThreadLockCallback (int mode, int n, const char *file, int line); static unsigned long CryptoThreadIdCallback (void); static void CryptoThreadLockCallback(int mode, int n, const char *file, int line) { if (mode & CRYPTO_LOCK) { Tcl_MutexLock(&locks[n]); } else { Tcl_MutexUnlock(&locks[n]); } } static unsigned long CryptoThreadIdCallback(void) { return (unsigned long) Tcl_GetCurrentThread(); } #endif /* OPENSSL_THREADS */ #endif /* TCL_THREADS */ /* *------------------------------------------------------------------- * * InfoCallback -- * * monitors SSL connection process |
︙ | ︙ | |||
1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 | int Tls_Init(Tcl_Interp *interp) /* Interpreter in which the package is * to be made available. */ { int major, minor, patchlevel, release, i; char rnd_seed[16] = "GrzSlplKqUdnnzP!"; /* 16 bytes */ /* * The original 8.2.0 stacked channel implementation (and the patch * that preceded it) had problems with scalability and robustness. * These were address in 8.3.2 / 8.4a2, so we now require that as a * minimum for TLS 1.4+. We only support 8.2+ now (8.3.2+ preferred). */ | > > > | 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 | int Tls_Init(Tcl_Interp *interp) /* Interpreter in which the package is * to be made available. */ { int major, minor, patchlevel, release, i; char rnd_seed[16] = "GrzSlplKqUdnnzP!"; /* 16 bytes */ #if defined(OPENSSL_THREADS) && defined(TCL_THREADS) size_t num_locks; #endif /* * The original 8.2.0 stacked channel implementation (and the patch * that preceded it) had problems with scalability and robustness. * These were address in 8.3.2 / 8.4a2, so we now require that as a * minimum for TLS 1.4+. We only support 8.2+ now (8.3.2+ preferred). */ |
︙ | ︙ | |||
1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 | (release == TCL_FINAL_RELEASE) && (patchlevel >= 2))))) { /* 8.3.2+ */ channelTypeVersion = TLS_CHANNEL_VERSION_2; } else { /* 8.2.0 - 8.3.1 */ channelTypeVersion = TLS_CHANNEL_VERSION_1; } if (SSL_library_init() != 1) { Tcl_AppendResult(interp, "could not initialize SSL library", NULL); return TCL_ERROR; } SSL_load_error_strings(); ERR_load_crypto_strings(); | > > > > > > > > > > > > > > > > > > | 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 | (release == TCL_FINAL_RELEASE) && (patchlevel >= 2))))) { /* 8.3.2+ */ channelTypeVersion = TLS_CHANNEL_VERSION_2; } else { /* 8.2.0 - 8.3.1 */ channelTypeVersion = TLS_CHANNEL_VERSION_1; } if (CRYPTO_set_mem_functions((void *(*)(size_t))Tcl_Alloc, (void *(*)(void *, size_t))Tcl_Realloc, (void(*)(void *))Tcl_Free) == 0) { /* Not using Tcl's mem functions ... not critical */ } #if defined(OPENSSL_THREADS) && defined(TCL_THREADS) /* should we consider allocating mutexes? */ num_locks = CRYPTO_num_locks(); if (num_locks > CRYPTO_NUM_LOCKS) { Tcl_AppendResult(interp, "crypto num locks size error", NULL); return TCL_ERROR; } CRYPTO_set_locking_callback(CryptoThreadLockCallback); CRYPTO_set_id_callback(CryptoThreadIdCallback); #endif if (SSL_library_init() != 1) { Tcl_AppendResult(interp, "could not initialize SSL library", NULL); return TCL_ERROR; } SSL_load_error_strings(); ERR_load_crypto_strings(); |
︙ | ︙ |