Overview
Comment: | Merge trunk |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | bohagan |
Files: | files | file ages | folders |
SHA3-256: |
fc4f8bad30f642a4a1f33db2006a935c |
User & Date: | jan.nijtmans on 2024-02-23 12:13:31 |
Other Links: | branch diff | manifest | tags |
Context
2024-02-23
| ||
13:21 | Merge trunk check-in: c7b67bc013 user: jan.nijtmans tags: bohagan | |
12:13 | Merge trunk check-in: fc4f8bad30 user: jan.nijtmans tags: bohagan | |
11:57 | Added set option support. Source: https://www.androwish.org/home/info/1af65d23b6962476 check-in: baec6798d6 user: jan.nijtmans tags: nijtmans | |
11:30 | Merge trunk check-in: faafc32731 user: jan.nijtmans tags: bohagan | |
Changes
Modified generic/tlsIO.c
from [9c5382b06f]
to [54acfa5baa].
︙ | ︙ | |||
37 38 39 40 41 42 43 | * * Side effects: * Sets the device into blocking or nonblocking mode. * *------------------------------------------------------------------- */ static int TlsBlockModeProc(void *instanceData, int mode) { | | | 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 | * * Side effects: * Sets the device into blocking or nonblocking mode. * *------------------------------------------------------------------- */ static int TlsBlockModeProc(void *instanceData, int mode) { State *statePtr = (State *)instanceData; if (mode == TCL_MODE_NONBLOCKING) { statePtr->flags |= TLS_TCL_ASYNC; } else { statePtr->flags &= ~(TLS_TCL_ASYNC); } return(0); |
︙ | ︙ | |||
212 213 214 215 216 217 218 | switch (rc) { case SSL_ERROR_NONE: /* The TLS/SSL I/O operation completed */ dprintf("The connection is good"); *errorCodePtr = 0; break; | < | 212 213 214 215 216 217 218 219 220 221 222 223 224 225 | switch (rc) { case SSL_ERROR_NONE: /* The TLS/SSL I/O operation completed */ dprintf("The connection is good"); *errorCodePtr = 0; break; case SSL_ERROR_ZERO_RETURN: /* The TLS/SSL peer has closed the connection for writing by sending the close_notify alert */ dprintf("SSL_ERROR_ZERO_RETURN: Connect returned an invalid value..."); *errorCodePtr = EINVAL; Tls_Error(statePtr, "Peer has closed the connection for writing by sending the close_notify alert"); return(-1); |
︙ | ︙ | |||
247 248 249 250 251 252 253 | if (*errorCodePtr == ECONNRESET) { *errorCodePtr = ECONNABORTED; } Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError)); } statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED; | | < < < < < < < < < < | 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 | if (*errorCodePtr == ECONNRESET) { *errorCodePtr = ECONNABORTED; } Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError)); } statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED; return -1; case SSL_ERROR_SSL: /* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */ dprintf("SSL_ERROR_SSL: Got permanent fatal SSL error, aborting immediately"); if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) { Tls_Error(statePtr, (char *) X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl))); } if (backingError != 0) { Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError)); } statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED; *errorCodePtr = ECONNABORTED; return(-1); default: /* The operation did not complete and should be retried later. */ dprintf("Operation did not complete, call function again later: %i", rc); *errorCodePtr = EAGAIN; dprintf("ERR(%d, %d) ", rc, *errorCodePtr); Tls_Error(statePtr, "Operation did not complete, call function again later"); return(-1); |
︙ | ︙ | |||
312 313 314 315 316 317 318 | static int TlsInputProc( void *instanceData, char *buf, int bufSize, int *errorCodePtr) { unsigned long backingError; | | | 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 | static int TlsInputProc( void *instanceData, char *buf, int bufSize, int *errorCodePtr) { unsigned long backingError; State *statePtr = (State *)instanceData; int bytesRead; int tlsConnect; int err; *errorCodePtr = 0; dprintf("BIO_read(%d)", bufSize); |
︙ | ︙ | |||
374 375 376 377 378 379 380 | } #endif switch (err) { case SSL_ERROR_NONE: dprintBuffer(buf, bytesRead); break; | < | 363 364 365 366 367 368 369 370 371 372 373 374 375 376 | } #endif switch (err) { case SSL_ERROR_NONE: dprintBuffer(buf, bytesRead); break; case SSL_ERROR_SSL: /* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */ dprintf("SSL error, indicating that the connection has been aborted"); if (backingError != 0) { Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError)); } else if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) { Tls_Error(statePtr, (char *) X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl))); |
︙ | ︙ | |||
474 475 476 477 478 479 480 | static int TlsOutputProc( void *instanceData, const char *buf, int toWrite, int *errorCodePtr) { unsigned long backingError; | | | 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 | static int TlsOutputProc( void *instanceData, const char *buf, int toWrite, int *errorCodePtr) { unsigned long backingError; State *statePtr = (State *)instanceData; int written, err; int tlsConnect; *errorCodePtr = 0; dprintf("BIO_write(%p, %d)", (void *) statePtr, toWrite); dprintBuffer(buf, toWrite); |
︙ | ︙ | |||
589 590 591 592 593 594 595 | } else { dprintf("I/O error occurred (backingError = %lu)", backingError); *errorCodePtr = Tcl_GetErrno(); written = -1; Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError)); } break; | < | 577 578 579 580 581 582 583 584 585 586 587 588 589 590 | } else { dprintf("I/O error occurred (backingError = %lu)", backingError); *errorCodePtr = Tcl_GetErrno(); written = -1; Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError)); } break; case SSL_ERROR_SSL: /* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */ dprintf("SSL error, indicating that the connection has been aborted"); if (backingError != 0) { Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError)); } else if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) { Tls_Error(statePtr, (char *) X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl))); |
︙ | ︙ | |||
636 637 638 639 640 641 642 | static int TlsSetOptionProc(void *instanceData, /* Socket state. */ Tcl_Interp *interp, /* For errors - can be NULL. */ const char *optionName, /* Name of the option to set the value for, or * NULL to get all options and their values. */ const char *optionValue) /* Value for option. */ { | | | 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 | static int TlsSetOptionProc(void *instanceData, /* Socket state. */ Tcl_Interp *interp, /* For errors - can be NULL. */ const char *optionName, /* Name of the option to set the value for, or * NULL to get all options and their values. */ const char *optionValue) /* Value for option. */ { State *statePtr = (State *)instanceData; Tcl_Channel downChan = Tls_GetParent(statePtr, TLS_TCL_FASTPATH); Tcl_DriverSetOptionProc *setOptionProc; setOptionProc = Tcl_ChannelSetOptionProc(Tcl_GetChannelType(downChan)); if (setOptionProc != NULL) { return (*setOptionProc)(Tcl_GetChannelInstanceData(downChan), interp, optionName, optionValue); |
︙ | ︙ | |||
682 683 684 685 686 687 688 | TlsGetOptionProc( void *instanceData, /* Socket state. */ Tcl_Interp *interp, /* For errors - can be NULL. */ const char *optionName, /* Name of the option to retrieve the value for, or * NULL to get all options and their values. */ Tcl_DString *optionValue) /* Where to store the computed value initialized by caller. */ { | | | 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 | TlsGetOptionProc( void *instanceData, /* Socket state. */ Tcl_Interp *interp, /* For errors - can be NULL. */ const char *optionName, /* Name of the option to retrieve the value for, or * NULL to get all options and their values. */ Tcl_DString *optionValue) /* Where to store the computed value initialized by caller. */ { State *statePtr = (State *)instanceData; Tcl_Channel downChan = Tls_GetParent(statePtr, TLS_TCL_FASTPATH); Tcl_DriverGetOptionProc *getOptionProc; getOptionProc = Tcl_ChannelGetOptionProc(Tcl_GetChannelType(downChan)); if (getOptionProc != NULL) { return (*getOptionProc)(Tcl_GetChannelInstanceData(downChan), interp, optionName, optionValue); |
︙ | ︙ | |||
726 727 728 729 730 731 732 | static void TlsWatchProc( void *instanceData, /* The socket state. */ int mask) /* Events of interest; an OR-ed combination of * TCL_READABLE, TCL_WRITABLE and TCL_EXCEPTION. */ { Tcl_Channel downChan; | | | 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 | static void TlsWatchProc( void *instanceData, /* The socket state. */ int mask) /* Events of interest; an OR-ed combination of * TCL_READABLE, TCL_WRITABLE and TCL_EXCEPTION. */ { Tcl_Channel downChan; State *statePtr = (State *)instanceData; Tcl_DriverWatchProc *watchProc; dprintf("TlsWatchProc(0x%x)", mask); /* Pretend to be dead as long as the verify callback is running. * Otherwise that callback could be invoked recursively. */ if (statePtr->flags & TLS_TCL_CALLBACK) { |
︙ | ︙ |