Ticket Change Details
Overview

Artifact ID: c6366ab0bccb27ccae5a5602eb40baa6ce02d3fac21490698f2ecd90c7806af0
Ticket: 2059171e7d45ad24bc4e649c71d4aa5fce4a709e
tls::status return value differs depending on platform in use.
User & Date: anonymous 2019-03-10 21:25:58
Changes

  1. Change foundin to "1.7.16"
  2. Change icomment to:

    In tcltls-1.7.16 the command tls::status is supposed to return key-value pairs describing the connected peer. It does this however, there is a difference in what is returned that is platform dependent. The difference is associated with the value related to the "certificate" key within the list.

    The section of code that produces the "defective" value in the list is in the following section of tlsX509.c

    Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( "certificate", -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( certStr, -1) );

    In a Linux environment the full string of the certificate is returned as expected. In a windows environment, the certificate is truncated (I think the returned value is consistently truncated to 1040 characters).

    Unfortunately, I do not have the knowledge/skills to debug this but thought it was significant enough to report. I would expect the behavior of this library to be the same despite the platform.

    This was tested/confirmed with different versions of openssl(1.0.2), Linux, and Windows.

  3. Change login to "anonymous"
  4. Change mimetype to "text/x-fossil-plain"
  5. Change private_contact to "0417dc32d04a6114b5b24db4b8fef85dbf18dde5"
  6. Change severity to "Severe"
  7. Change status to "Open"
  8. Change title to:

    tls::status return value differs depending on platform in use.

  9. Change type to "Code Defect"