Overview
| Comment: | Added missing TLSv1.3 support |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | enhancement/tls-1.3 |
| Files: | files | file ages | folders |
| SHA3-256: |
efc1e122f2cb837c9fa5d5840e17b504 |
| User & Date: | rkeene on 2018-11-07 23:51:48 |
| Other Links: | branch diff | manifest | tags |
Context
|
2018-11-08
| ||
| 00:23 | Note that TLSv1.3 is a lot different in API, this branch is incomplete check-in: 7978a539fc user: rkeene tags: enhancement/tls-1.3 | |
|
2018-11-07
| ||
| 23:51 | Added missing TLSv1.3 support check-in: efc1e122f2 user: rkeene tags: enhancement/tls-1.3 | |
| 23:27 | Started adding support for TLSv1.3 check-in: e245d231ee user: rkeene tags: enhancement/tls-1.3 | |
Changes
Modified tls.c from [f0ecc97895] to [b408a25024].
| ︙ | ︙ | |||
740 741 742 743 744 745 746 |
char *CAdir = NULL;
char *DHparams = NULL;
char *model = NULL;
#ifndef OPENSSL_NO_TLSEXT
char *servername = NULL; /* hostname for Server Name Indication */
#endif
int ssl2 = 0, ssl3 = 0;
| | > > > | 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 |
char *CAdir = NULL;
char *DHparams = NULL;
char *model = NULL;
#ifndef OPENSSL_NO_TLSEXT
char *servername = NULL; /* hostname for Server Name Indication */
#endif
int ssl2 = 0, ssl3 = 0;
int tls1 = 1, tls1_1 = 1, tls1_2 = 1, tls1_3 = 1;
int proto = 0;
int verify = 0, require = 0, request = 1;
dprintf("Called");
#if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && defined(NO_SSL3) && !defined(NO_SSL2)
ssl2 = 1;
#endif
#if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && defined(NO_SSL2) && !defined(NO_SSL3)
ssl3 = 1;
#endif
#if defined(NO_TLS1)
tls1 = 0;
#endif
#if defined(NO_TLS1_1)
tls1_1 = 0;
#endif
#if defined(NO_TLS1_2)
tls1_2 = 0;
#endif
#if defined(NO_TLS1_3)
tls1_3 = 0;
#endif
if (objc < 2) {
Tcl_WrongNumArgs(interp, 1, objv, "channel ?options?");
return TCL_ERROR;
}
|
| ︙ | ︙ | |||
804 805 806 807 808 809 810 811 | #endif OPTBOOL( "-ssl2", ssl2); OPTBOOL( "-ssl3", ssl3); OPTBOOL( "-tls1", tls1); OPTBOOL( "-tls1.1", tls1_1); OPTBOOL( "-tls1.2", tls1_2); | > | | 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 |
#endif
OPTBOOL( "-ssl2", ssl2);
OPTBOOL( "-ssl3", ssl3);
OPTBOOL( "-tls1", tls1);
OPTBOOL( "-tls1.1", tls1_1);
OPTBOOL( "-tls1.2", tls1_2);
OPTBOOL( "-tls1.3", tls1_3);
OPTBAD( "option", "-cadir, -cafile, -certfile, -cipher, -command, -dhparams, -keyfile, -model, -password, -require, -request, -server, -servername, -ssl2, -ssl3, -tls1, -tls1.1, -tls1.2, or tls1.3");
return TCL_ERROR;
}
if (request) verify |= SSL_VERIFY_CLIENT_ONCE | SSL_VERIFY_PEER;
if (request && require) verify |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
if (verify == 0) verify = SSL_VERIFY_NONE;
|
| ︙ | ︙ |