Check-in [aaac45cfca]
Overview
Comment:Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: aaac45cfca04d7d48962c263ff7f0ac983cdccb3
User & Date: rkeene on 2016-12-13 06:56:11
Other Links: manifest | tags
Context
2016-12-13
07:00
Made SSLv2/SSLv3 compiled in by default (since they are now disabled by default) and made other options more consistently checked check-in: a23045b659 user: rkeene tags: trunk
06:56
Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available check-in: aaac45cfca user: rkeene tags: trunk
06:47
Removed extraenous cleanup check-in: 5798396954 user: rkeene tags: trunk
Changes
Modified tls.c from [f62df33327] to [6c127f2542].
730
731
732
733
734
735
736
737
738



739



740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
    char *CAfile	= NULL;
    char *CAdir		= NULL;
    char *DHparams	= NULL;
    char *model		= NULL;
#ifndef OPENSSL_NO_TLSEXT
    char *servername	= NULL;	/* hostname for Server Name Indication */
#endif
#if defined(NO_SSL2)
    int ssl2 = 0;



#else



    int ssl2 = 1;
#endif
#if defined(NO_SSL3)
    int ssl3 = 0;
#else
    int ssl3 = 1;
#endif
#if defined(NO_TLS1)
    int tls1 = 0;
#else
    int tls1 = 1;
#endif
#if defined(NO_TLS1_1)
    int tls1_1 = 0;
#else
    int tls1_1 = 1;
#endif
#if defined(NO_TLS1_2)
    int tls1_2 = 0;
#else
    int tls1_2 = 1;
#endif
    int proto = 0;
    int verify = 0, require = 0, request = 1;

    dprintf("Called");

    if (objc < 2) {
	Tcl_WrongNumArgs(interp, 1, objv, "channel ?options?");
	return TCL_ERROR;
    }

    chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], NULL), NULL);







<
|
>
>
>
|
>
>
>
|

|
<
<
|


|
<
<


|
<
<


|
<
<

<
<
<
<







730
731
732
733
734
735
736

737
738
739
740
741
742
743
744
745
746
747


748
749
750
751


752
753
754


755
756
757


758




759
760
761
762
763
764
765
    char *CAfile	= NULL;
    char *CAdir		= NULL;
    char *DHparams	= NULL;
    char *model		= NULL;
#ifndef OPENSSL_NO_TLSEXT
    char *servername	= NULL;	/* hostname for Server Name Indication */
#endif

    int ssl2 = 0, ssl3 = 0;
    int tls1 = 1, tls1_1 = 1, tls1_2 = 1;
    int proto = 0;
    int verify = 0, require = 0, request = 1;

    dprintf("Called");

#if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && defined(NO_SSL3) && !defined(NO_SSL2)
    ssl2 = 1;
#endif
#if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && defined(NO_SSL2) && !defined(NO_SSL3)


    ssl3 = 1;
#endif
#if defined(NO_TLS1)
    tls1 = 0;


#endif
#if defined(NO_TLS1_1)
    tls1_1 = 0;


#endif
#if defined(NO_TLS1_2)
    tls1_2 = 0;


#endif





    if (objc < 2) {
	Tcl_WrongNumArgs(interp, 1, objv, "channel ?options?");
	return TCL_ERROR;
    }

    chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], NULL), NULL);