TclTLS: Timeline

50 descendants and 50 ancestors of e1f08bc122aed3fa

2023-08-20
19:45		Moved X509 functions to separate procedures. check-in: 2186b86385 user: bohagan tags: status_x509
2023-08-19
22:14		Added CA Issuers URL to X509 status check-in: 3b068ff2f6 user: bohagan tags: status_x509
20:30		Updated ConnectionInfoObjCmd to localize variables check-in: 070af72ccb user: bohagan tags: status_x509
18:04		Optimized CiphersObjCmd to use method variable. check-in: 543e7ab6d3 user: bohagan tags: status_x509
2023-08-14
03:16		Refactored X509 status to improve readability by using macros for common operations. check-in: 3a8336467a user: bohagan tags: status_x509
2023-08-13
01:00		Added get CA list to connection status check-in: c95df396da user: bohagan tags: status_x509
2023-08-12
04:07		Added session context, basic constraints, and publickeyhash status check-in: 4a0a74f238 user: bohagan tags: status_x509
03:34		Refactored X509 code to consolidate like functions, eliminate many buffers, etc Added function BIO_to_Buffer to consolidate copy BIO data to buffer. Moved get all data and certificate to end of function. check-in: a1bcda35b1 user: bohagan tags: status_x509
2023-08-10
03:16		Reordered get parameters in Tls_NewX509Obj to follow RFC 5280 section order. Added get self issued, Key usage, Extended Key usage, and purpose values. Added more comments, optimized code, etc. check-in: 10bcd4c88f user: bohagan tags: status_x509
2023-08-07
03:27		Added Issuer Alt Name to X509 status, refactored get SAN and CRL check-in: 35be4894ce user: bohagan tags: status_x509
2023-08-02
01:17		Added Certificate Revocation List (CRL) to X509 status. Moved get X509 extension items to end of function. check-in: f22fb82c96 user: bohagan tags: status_x509
2023-08-01
22:42		Added Certificate purposes to X509 status output. Corrected certificate alias get text bug. Refactored code to reduce number of variables and use common buffers for SHA fingerprints. check-in: e94d9cae93 user: bohagan tags: status_x509
2023-07-31
02:17		Added verify depth and mode status to connection status, renamed signatureType and signatureType check-in: 87010ba1d9 user: bohagan tags: status_x509
2023-07-30
22:25		Replaced custom X509 ASN1_UTCTIME_tostr function with OpenSSL function ASN1_TIME_print. Added catch errors returned from get certificate functions. check-in: b50520df51 user: bohagan tags: status_x509
03:39		Merged master into branch check-in: 739742d3d4 user: bohagan tags: status_x509
03:21		Merged errors_and_callbacks branch into master check-in: dbe759a0f2 user: bohagan tags: trunk
02:53		Updated default callbacks in tls.tcl file Closed-Leaf check-in: cdb51c799e user: bohagan tags: errors_and_callbacks
02:09		Add match result to ALPN callback parameters. This indicates if a common protocol was found or not. check-in: 75f1cfb376 user: bohagan tags: errors_and_callbacks
00:20		Updated password callback to add rwflag size arguments to callback. Callback now works like other callbacks with the function followed by args. Refactored get result processing. Added more info to doc file. check-in: c072b00aeb user: bohagan tags: errors_and_callbacks
2023-07-29
21:33		Added message status to callback command results. It is only available when OpenSSL is complied with the enable-ssl-trace option. check-in: 5ddead759f user: bohagan tags: errors_and_callbacks
2023-07-28
19:42		Set ErrorCode for returned errors check-in: d7ece0aec4 user: bohagan tags: errors_and_callbacks
18:41		Set/get invalid channel option now calls Tcl_BadChannelOption. check-in: 106dba31ae user: bohagan tags: errors_and_callbacks
17:01		Disabled skip channel IO during verify callback processing. Call Tcl_Error for connect/handshake errors. check-in: 6866efe8ea user: bohagan tags: errors_and_callbacks
16:07		Refactored Tls_Error handler to not set errorCode. Use error message, return result, or if none, fall-back to OpenSSL error queue. Added clear OpenSSL errors to start of each command function to remove old error messages. check-in: e85a439068 user: bohagan tags: errors_and_callbacks
2023-07-24
23:12		Comment and documentation updates. Added more checks for supported protocol versions. check-in: a4c50c7c74 user: bohagan tags: errors_and_callbacks
2023-07-21
23:29		Removed connect or handshake errors trigger background error. Removed Tls_Error call to background error handler when a callback command isn't defined. This would occur during connect/handshake errors. Fixes bug: https://core.tcl-lang.org/tcltls/tktview/2c7b748796 check-in: 6a11f12158 user: bohagan tags: errors_and_callbacks
23:01		Added new option -validatecommand to handle callbacks that require a return value. Consolidated evaluate callback commands into one function EvalCallback. Return alert codes for callbacks. Added more comments to callback functions. check-in: 91ff651d51 user: bohagan tags: errors_and_callbacks
2023-07-16
18:41		Added Next Protocol Negotiation (NPN) for TLS 1.0 to TLS 1.2. check-in: f7b84d671a user: bohagan tags: errors_and_callbacks
17:26		Added alert type to info callback parameters and refactored code. check-in: 0aa8ad9487 user: bohagan tags: errors_and_callbacks
16:02		Register ALPN callbacks only if protocols defined. Catch more errors in callbacks, return after set return values. check-in: 3b2e00d8a5 user: bohagan tags: errors_and_callbacks
15:21		Created error handler and callback updates branch check-in: 0d1d711916 user: bohagan tags: errors_and_callbacks
15:05		Merge status and X509 updates branch check-in: 1924dcd361 user: bohagan tags: trunk
03:33		X509 status optimizations to reduce number of buffers and reordered parameters to match certificate order. check-in: 335b04b2fe user: bohagan tags: status_x509
00:24		Added X509 authorityKeyIdentifier and OCSP URL parameters Fixed subjectKeyIdentifier Moved extension parameters to end of Tls_NewX509Obj check-in: a7be3ce74d user: bohagan tags: status_x509
2023-07-15
23:00		Added unique ids and signature value to status check-in: 8e446cb0bb user: bohagan tags: status_x509
21:37		Better grouped status and connection parameters in doc. check-in: c7828a9fcc user: bohagan tags: status_x509
20:47		Refactored convert X509 status binary values to hex strings. Renamed X509 parameter signatureAlgorithm to signature and digest to signingDigest. check-in: 8dd96d8c7b user: bohagan tags: status_x509
2023-07-10
01:13		Added all certificate info dump to X509 status. Renamed X509 status signature_algorithm to signatureAlgorithm, public_key_algorithm to publicKeyAlgorithm, and serial to serialNumber. Added publicKey and alias to X509 status. check-in: 58ee9890df user: bohagan tags: status_x509
2023-07-09
22:46		Changed to pass verify ok results string to callback. Renamed certificate status signature_hash to signatureHashAlgorithm. check-in: a5858c387a user: bohagan tags: status_x509
2023-06-21
23:37		Added Subject Alternate Name (SAN) to X509 status. Source: https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: a5843e5983 user: bohagan tags: status_x509
2023-06-20
03:42		Added Subject Key Identifier (SKI) to X509 status check-in: 3a3000bc1e user: bohagan tags: status_x509
2023-06-18
21:47		Added post handshake cert request option check-in: fec0e414e9 user: bohagan tags: status_x509
2023-06-17
23:09		Added signature hash and type to connection status Changed validation result to verification. check-in: e02e24c84a user: bohagan tags: status_x509
2023-06-16
18:04		Change to use NULL for empty pointers check-in: ee0728f6d6 user: bohagan tags: status_x509
2023-06-11
23:26		Use client or server methods instead of generic methods for protocol version selection check-in: f9da715266 user: bohagan tags: status_x509
20:12		Optimized get X509 certificate extensions check-in: eccad70fa9 user: bohagan tags: status_x509
02:27		Added more X509 certificate status info, show algorithm names, list used extensions, etc. check-in: 7265279af2 user: bohagan tags: status_x509
2023-06-10
21:25		Added master key, is server, and ticket lifetime to connection status. Reordered connection status results for better grouping. check-in: 4e75be42e6 user: bohagan tags: status_x509
20:33		Set protocol version method based on client or server option. check-in: 50c71137cb user: bohagan tags: status_x509
19:45		Added ALPN callback update to catch and return errors in select next protocol. check-in: 1a03a74d6e user: bohagan tags: status_x509
2023-06-05
02:47		More callback error checking. Added session ticket callback handling. Split set client and server session caching callbacks. check-in: e1f08bc122 user: bohagan tags: status_x509
02:09		Use SSL connection states instead of custom states. check-in: 3d083cdfaf user: bohagan tags: status_x509
2023-06-04
03:20		Set host name for certificate checks. Pass peer specified host name to Hello callback. Set host name for certificate checks. This is separate from SNI. Added peername to status command results. Source: https://core.tcl-lang.org/tcltls/tktview/b023257dcf and https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: 65f84287e7 user: bohagan tags: status_x509
2023-06-03
22:33		Added ALPN callback protocol selection. In ALPNCallback, server select from client provided protocol list uses -alpn protocols list to find first common protocol. check-in: f50ee33fd6 user: bohagan tags: status_x509
20:55		Added version and signature to X509 status check-in: 7d59536ee7 user: bohagan tags: status_x509
2023-06-02
22:23		Added compression state to connection status check-in: e5975c8072 user: bohagan tags: status_x509
2023-05-29
23:15		Added server callbacks for ALPN, SNI, and Hello messages check-in: a04a3aef6b user: bohagan tags: status_x509
2023-05-27
21:14		Optimized use of pointers and comment format updates. check-in: 500c6b97d6 user: bohagan tags: status_x509
19:20		Added session id and ticket to connection status. Added callback to handle session id and ticket updates after the handshake. check-in: 489f45bd81 user: bohagan tags: status_x509
03:06		Removed support for obsolete OpenSSL versions prior to v1.1.1. check-in: 0de7b4fc0a user: bohagan tags: status_x509
2023-05-26
22:43		Added set security level option to set all relevant parameters including cipher suite, encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms in one operation. check-in: 32ce5d6220 user: bohagan tags: status_x509
2023-05-24
23:26		Fixed test cases to run under Windows and added TLS 1.3 support check-in: 69314245a1 user: bohagan tags: status_x509
02:40		Added new option -ciphersuites to set ciphers suites for TLS 1.3. Addresses defect: https://core.tcl-lang.org/tcltls/tktview/d0518a5645 check-in: cd11c125e8 user: bohagan tags: status_x509
01:18		Updated ciphers command to use current APIs and added an option to return only ciphers as would be sent in ClientHello. Updated test suite to use OpenSSL executable to get ciphers comparison data. Added more test cases. Addresses defects: https://core.tcl-lang.org/tcltls/tktview/688788a45c and https://sourceforge.net/p/tls/bugs/36/ check-in: 05b2dd47be user: bohagan tags: status_x509
2023-05-22
19:25		Updated all.tcl test script to produce an exit code. This is needed for use by test automation suites. check-in: af2c6346c9 user: bohagan tags: status_x509
2023-05-20
04:46		Added get supported protocol versions command check-in: 168ce6abb1 user: bohagan tags: status_x509
00:56		Added new connection info command which returns connection configuration and status. check-in: 04e10976f7 user: bohagan tags: status_x509
2023-05-19
23:17		Created status_x509 updates branch check-in: 8db793f55f user: bohagan tags: status_x509
2023-05-13
20:25		Merged TEA branch into master check-in: 6c02d4d029 user: bohagan tags: trunk
19:35		Updated README.txt file Closed-Leaf check-in: d34cd241be user: bohagan tags: TEA
2023-05-10
23:26		Fixed bug in rules.vc which prevents extracting extension version from configure.ac file. Work-around had been to manually set DOTVERSION in makefile.vc. check-in: 02a9eed243 user: bohagan tags: TEA
23:01		Acinclude file optimizations, co-located items, add defaults, etc. check-in: 98728c7e06 user: bohagan tags: TEA
03:23		Refactored set openSSL paths to add separate options for include and library directories check-in: c6a99441d9 user: bohagan tags: TEA
2023-05-08
02:17		More configure status and optimized use of AC_ARG_ENABLE to also set missing case vars. check-in: f284d71533 user: bohagan tags: TEA
01:01		Moved custom functions from configure.ac to acinclude.m4 file check-in: 4729159cce user: bohagan tags: TEA
2023-05-07
23:21		Added support for the pkgconfig tool to find package installation locations and added configure output messages check-in: aaea8b2ab0 user: bohagan tags: TEA
22:12		Fixed find OpenSSL dependencies check-in: 075e855e95 user: bohagan tags: TEA
19:53		Fixed make clean and build headers as part of all check-in: 7f6e71d240 user: bohagan tags: TEA
19:09		Fixed detect shared library in pkgIndex.tcl file check-in: 515e670c81 user: bohagan tags: TEA
17:48		Added options to disable TLS protocols check-in: 124d881bb0 user: bohagan tags: TEA
16:51		Fixed make dist check-in: a8bd1bb16d user: bohagan tags: TEA
15:21		Made needed updates for Unix build to work. Added back configure script Moved custom macros to acinclude.m4 file. aclocal.m4 is now platform default macros. check-in: 3df2605920 user: bohagan tags: TEA
2023-05-06
21:26		Updated windows make files to add more notes, fix version, etc. check-in: 31fbcccfd1 user: bohagan tags: TEA
19:35		Replaced custom build scripts with TEA scripts. Removed custom build scripts and replaced with latest TEA config files. Updated pkgIndex.tcl.in to support static builds. Incorporated relevant previous build macros into scripts. check-in: a329ea2ff4 user: bohagan tags: TEA
2023-04-30
17:06		Updated windows makefile to add missing targets check-in: 06521814cd user: bohagan tags: TEA
16:07		Moved files to subdirectories per TEA directory structure. check-in: 3dcd70f98e user: bohagan tags: TEA
02:08		Format clean-ups. check-in: e02b79f82f user: bohagan tags: TEA
2023-04-23
22:31		Updated Window Make Files to add OPENSSL lib directory to includes. Added missing files nmakehlp.c, rules.vc, rules-ext.vc, etc. Source: https://core.tcl-lang.org/tcltls/tktview/316976aff3 check-in: 7c266d8a5b user: bohagan tags: TEA
21:01		Created TEA updates branch check-in: b8dafda9a9 user: bohagan tags: TEA
04:49		Starkit fix to add current library names to tls.tcl starkit load function. Source: https://sourceforge.net/p/tls/bugs/55/ and https://sourceforge.net/p/tls/bugs/44/ check-in: c9cb1a525d user: bohagan tags: trunk
03:34		Use server cipher preference order. Source: https://sourceforge.net/p/tls/bugs/60/ and https://www.androwish.org/home/info/5718c3eb47cced4d and https://core.tcl-lang.org/tcltls/tktview/305ee10b86 check-in: ba1403b62c user: bohagan tags: trunk
02:36		Applied patch to add OpenSSL3 KTLS trivial processing. Description: Patch adds trivial processing for BIO_CTRL_GET_KTLS_SEND and BIO_CTRL_GET_KTLS_RECV control commands to make tcltls working with OpenSSL 3.0. See also: - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006587 - https://bugzilla.redhat.com/show_bug.cgi?id=2088363 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/openssl3.patch check-in: 6f19aa6623 user: bohagan tags: trunk
02:08		Changes for OpenSSL v1.1.1 to make compatible with no deprecated option. check-in: 2ed802a7af user: bohagan tags: trunk
2023-04-10
01:27		Initial changes for TCL 9.0. Fixed package requires to work with TCL 9.0. Removed obsolete macro _ANSI_ARGS_, use ANSI arg definitions, etc. Macros: CONST84 to const, WIN32 to _WIN32, CONST to const, VOID to void, etc. Replaced Tcl_SaveResult with Tcl_SaveInterpState, Tcl_RestoreResult with Tcl_RestoreInterpState, and Tcl_DiscardResult with Tcl_DiscardInterpState. Use Tcl_BackgroundError for pre TCL 8.6 and Tcl_BackgroundException for TCL 8.6+. check-in: 275ecbcc5d user: bohagan tags: trunk
2023-03-05
03:04		Added support for optional TLS commands BIO_CTRL_POP and BIO_CTRL_PUSH. BIO_CTRL_PUSH is an optional value that is not handled in the tlsBIO:BioCtrl(). The larger problem is that the library does not support new optional commands because it returns -2 for unknown cmds in BioCtrl(). I would suggest changing the default return value to 0. I confirmed that this fixed the issue. Source: https://core.tcl-lang.org/tcltls/tktview/006bd0c74e check-in: 602c39a56c user: bohagan tags: trunk
02:04		Updated documentation to define defaults for -cadir and -cafile options. Source: https://core.tcl-lang.org/tcltls/tktview/56d19eb033 and https://sourceforge.net/p/tls/bugs/42/ check-in: 002efbac61 user: bohagan tags: trunk
01:35		Patch by Sergei Golovan (Debian) to replace 1024 bit certificates with 2048 bit ones because the new OpenSSL refuses to load small keys ("ee key too small"). Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/certs-tests.patch check-in: 6e0ab0e0eb user: bohagan tags: trunk
00:15		Applied patch to correct generate Diffie-Hellman (DH) parameters. Source: File: gen_dh_params.patch check-in: b7c82a6aae user: bohagan tags: trunk
2023-03-04
23:33		Patch by Sergei Golovan (Debian) to fix the compiler warnings about implicit fall-through in case. Source: File: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/fall-through.patch check-in: e2e798877b user: bohagan tags: trunk
22:22		Added set option support. Source: https://www.androwish.org/home/info/1af65d23b6962476 id: [1af65d23b6] check-in: ec43249d1a user: bohagan tags: trunk
21:11		TlsIO.test Hostname Fix. Patch by Sergei Golovan (Debian) to make the client socket connect to localhost instead of [info hostname] to prevent intermittent test failures inside mock(1). Also, account for a change in error message "unsupported protocol" instead of "wrong version number". -- Sergei Golovan <email address hidden> Thu, 18 Jul 2019 15:00:18 +0300 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/hostname-tests.patch check-in: 0afa2bde06 user: bohagan tags: trunk