Timeline

843 check-ins using file tests/certs/README.txt version 9915ad53fa

2024-07-01
01:08
Changed to send SSL_shutdown as part of BIO close channel handler rather than Tls_Clean. check-in: 1505883e4a user: bohagan tags: tls-1.8
2024-06-29
19:21
Backed out changes to provide error status when setting -cadir, -cafile, and -castore options. Breaks IO test cases. check-in: 89536252d5 user: bohagan tags: tls-1.8
02:46
Added comments and function preamble comments to BIO and IO files. check-in: 9e79f40ed5 user: bohagan tags: tls-1.8
00:53
Added certificate validation process info to the documentation check-in: afe4ade027 user: bohagan tags: tls-1.8
2024-06-28
19:33
Updated Tls_NewX509Obj to use Tcl_Objs for returned hex values. Use a dynamically allocated temp buffer. check-in: 121a81e392 user: bohagan tags: tls-1.8
18:50
Refactored Tls_NewX509Obj to use Tcl_Size, common var names, added function descriptions, etc. check-in: 1bf152a55d user: bohagan tags: tls-1.8
2024-06-25
22:22
Changed Tls_NewX509Obj to not use stack space for all and certificate buffers. This reduces the possibility of a stack overflow. check-in: 17ee565eed user: bohagan tags: tls-1.8
2024-06-23
03:11
Documentation updates to add info on certificate validation needs and more debug info. check-in: e4794cbb74 user: bohagan tags: tls-1.8
01:46
Updates to provide error status when setting -cadir, -cafile, and -castore options. check-in: 568f5bc7ec user: bohagan tags: tls-1.8
01:39
Undo change in OpenSSL 1.1.1 which enabled SSL_MODE_AUTO_RETRY. This will avoid hangs in blocking mode after an non-app record is received, but an app record is not yet available. Also enabled SSL_MODE_ENABLE_PARTIAL_WRITE, which allows writes with fewer than all records written to be successful. check-in: 991ab74cdd user: bohagan tags: tls-1.8
00:51
Added more notes to doc file. check-in: 369965b608 user: bohagan tags: tls-1.8
2024-06-20
01:01
Added support for setting the certificate store check-in: 1cabc3b8f2 user: bohagan tags: tls-1.8
2024-06-19
20:40
Added more connection status check-in: ab1aa551c0 user: bohagan tags: tls-1.8
2024-06-16
20:23
Added shutdown handler check-in: 2e607e483a user: bohagan tags: tls-1.8
2024-06-15
21:49
Removed obsolete locking code and added support for checking system OpenSSL config file for crypto policies. check-in: 449470132e user: bohagan tags: tls-1.8
2024-06-08
20:49
Cache read/write wants from BIO_read/BIO_write and include in watch mask check-in: 268b7a0965 user: bohagan tags: tls-1.8
01:51
Added more info to comments check-in: fdb58ae458 user: bohagan tags: tls-1.8
2024-06-07
23:02
Test case fixes check-in: 0e844836ab user: bohagan tags: tls-1.8
02:38
Added more input and output function error logging check-in: cb680e9fde user: bohagan tags: tls-1.8
2024-06-06
13:54
Optimized checks for when to call Tls_WaitForConnect check-in: 9c66e07d09 user: bohagan tags: tls-1.8
13:30
Reordered SSL_get_error error cases to match enum and functions to remove prototypes check-in: f61d06b2cb user: bohagan tags: tls-1.8
13:20
Removed debugging item not meant for commit. check-in: 9fbb04d340 user: bohagan tags: tls-1.8
05:20
Added back option to enable debug mode that was lost in conversion to new TEA build system check-in: 7e60e66f64 user: bohagan tags: tls-1.8
01:21
Merged in generate tls.tcl.h and debug mode option changes Leaf check-in: d00f5eca5d user: bohagan tags: crypto
00:47
Added back option to enable debug mode that was lost in conversion to new TEA build system check-in: 73be06fc48 user: bohagan tags: tls-1.8
2024-06-05
03:02
Replaced old method of including tls.tcl file in compiled library with a cross-platform compatible method check-in: 1f8b36d9a4 user: bohagan tags: tls-1.8
2024-05-29
20:34
Eliminate tls_free_type, that can be done smarter without the typecasts everywhere check-in: 216954cfae user: jan.nijtmans tags: trunk
01:30
Merged in changes from master check-in: 9d265b298a user: bohagan tags: crypto
01:30
Added makefile option to enable SSL3. Disabled by default. Only use for legacy purposes. check-in: e7615b0d88 user: bohagan tags: tls-1.8
01:07
Optimized types and casting check-in: 5deb755d1d user: bohagan tags: tls-1.8
2024-05-28
23:59
Removed end of line padding check-in: 3d710c254e user: bohagan tags: tls-1.8
15:27
Smarter way to handle typecasting in Tls_Free() Leaf check-in: 402b6db186 user: jan.nijtmans tags: nijtmans
15:08
Fix Tls_Error() signature Leaf check-in: bc6ff74449 user: jan.nijtmans tags: bohagan
15:00
Fix Tls_Error() signature check-in: 53b28536f9 user: jan.nijtmans tags: nijtmans
14:45
merge check-in: f6811a4dc1 user: jan.nijtmans tags: bohagan
14:44
Fix tlsUuid.h usage and openssl dll installation in makefile.vc check-in: 138a0b52c8 user: jan.nijtmans tags: nijtmans
14:12
tlsUuid.h should be built in $(TMP_DIR), not $(WIN_DIR). Eliminate some MSVC warnings check-in: 6bd083aecb user: jan.nijtmans tags: trunk
05:50
Restore "license.terms" installation from tclconfig directory check-in: 761a9b9f7b user: jan.nijtmans tags: trunk
2024-05-27
22:45
Make error message a const string check-in: c5a4009f73 user: bohagan tags: tls-1.8
22:29
CONST86 isn't used anywhere check-in: 1ae43e3550 user: jan.nijtmans tags: trunk
22:17
"make install-doc" doesn't work. Install "licence.terms" from src, not src/tclconfig check-in: edb2242112 user: jan.nijtmans tags: trunk
22:05
Merge check-in: 81350d4895 user: jan.nijtmans tags: bohagan
21:50
re-generate configure check-in: ebf674a714 user: jan.nijtmans tags: nijtmans
15:23
It appears that TclTLS 1.7.22 was already released check-in: 319a548fcc user: jan.nijtmans tags: trunk
15:11
Fix Tls_Error() function signature check-in: 86bf966f5b user: jan.nijtmans tags: trunk
15:01
Make TCL_UNUSED() work here. Some indenting changes. check-in: c3b40dfa2a user: jan.nijtmans tags: trunk
14:21
Remove end-of-line spacing check-in: 2f817125a5 user: jan.nijtmans tags: trunk
13:42
Update TEA files. Convert *.vc files to cr/lf check-in: 050fe3b49c user: jan.nijtmans tags: trunk
13:23
Remove tclconfig directory (since it should be extracted from "tclconfig" repository). Update configure to autoconf 2.72 check-in: 49aef5cb6c user: jan.nijtmans tags: trunk
2024-05-26
18:15
Updates for MSYS2 check-in: 0046a7f25d user: bohagan tags: crypto
2024-05-20
02:10
Corrected tlsRand.c file header check-in: cf6fddaa41 user: bohagan tags: crypto
2024-05-19
21:56
Removed obsolete unstack commands from digest and encrypt modules. check-in: 8ae6d68bc3 user: bohagan tags: crypto
20:54
Ensure minimum buffer size for encryption channel. check-in: 986ea5b483 user: bohagan tags: crypto
20:15
Fixed bug in update and finalize handlers for encrypt using accumulator command. check-in: 9bcee7c0e7 user: bohagan tags: crypto
19:51
Added more debug output to encrypt and digest files check-in: 6cccc0c9b2 user: bohagan tags: crypto
18:50
Merge in changes from master check-in: 911e1b65a9 user: bohagan tags: crypto
17:16
Updated unimport channel so it restores channel config after unstack. Will now work on any stacked channel. check-in: b3f0973a4c user: bohagan tags: tls-1.8
15:59
Fixed memory leak in unimport channel check-in: 262ec2d5d9 user: bohagan tags: tls-1.8
04:20
More acinclude.m4 improvements for MSYS2 support check-in: d3a4e223b9 user: bohagan tags: tls-1.8
02:10
Fixed --enable-static-ssl configure option check-in: 1edeeb9bb0 user: bohagan tags: tls-1.8
2024-05-18
04:31
More changes to correct make clean and dist cases. Update to GNU Autoconf 2.72. check-in: 5d04e4826c user: bohagan tags: tls-1.8
2024-05-17
19:40
Added missing header file items and reordered for commonality check-in: d12e712e61 user: bohagan tags: tls-1.8
18:52
Consolidated make dist items check-in: 8ec503ec3c user: bohagan tags: tls-1.8
2024-05-15
05:19
Added install doc files on Windows. Windows makefile.vc improvements. check-in: 6b301093cd user: bohagan tags: tls-1.8
02:26
Updated pkgIndex file to only load script after package require check-in: eccfed0ed3 user: bohagan tags: tls-1.8
2024-05-14
04:08
Updated ignore files lists check-in: b8045a5c6a user: bohagan tags: tls-1.8
01:12
More documentation updates to fix errors, add more info, etc. check-in: 0b9d096922 user: bohagan tags: tls-1.8
2024-05-13
05:07
Added missed ciphers command back to documentation check-in: f5502982d6 user: bohagan tags: tls-1.8
04:57
Updated make files to install HTML docs, license, and README files check-in: e3da75f05f user: bohagan tags: tls-1.8
2024-05-11
01:46
Added version check for SSL_get_signature_type_nid API added in OpenSSL 1.1.1a. This is needed for Ubuntu 18.04 LTS. check-in: 8af8ef15f0 user: bohagan tags: tls-1.8
2024-04-22
04:18
Updated makefile to use TEA_ADD_CLEANFILES check-in: 6b0826ae21 user: bohagan tags: tls-1.8
2024-04-15
02:26
Fixed *Uuid.h build issue on Windows. Only create manifest.uuid file if none present and git exists. check-in: ef750b8a2c user: bohagan tags: tls-1.8
2024-04-10
04:13
Updated test cases check-in: 4936d5ae8d user: bohagan tags: crypto
02:30
Added more cipher status flags to returned info for cipher command check-in: c5f7dd0630 user: bohagan tags: crypto
2024-04-09
03:21
Added remaining Camellia cipher test vectors check-in: 51d59fd360 user: bohagan tags: crypto
01:07
Added SM4 cipher test vectors check-in: c12c859d2f user: bohagan tags: crypto
2024-04-08
21:30
Added ARIA cipher test vectors check-in: 2a6486178c user: bohagan tags: crypto
17:11
Added Camellia cipher test vectors check-in: 7b9599e795 user: bohagan tags: crypto
04:21
Added more DES test vectors check-in: ed45bb9820 user: bohagan tags: crypto
03:30
Make test case files from test vectors script updates to optimize logic check-in: 45c6b53f90 user: bohagan tags: crypto
02:51
Added IDEA cipher test vectors check-in: 37325867e6 user: bohagan tags: crypto
2024-04-07
22:20
Added Seed cipher test vectors check-in: 18bed2dd62 user: bohagan tags: crypto
20:52
Added RC4 stream cipher test vectors check-in: 6e07821c1e user: bohagan tags: crypto
2024-03-31
20:57
Added description and provider to cipher, digest, mac, and pkey info commands. This only work for OpenSSL 3.0+. check-in: 968f8bf25b user: bohagan tags: crypto
03:12
Added DES test vectors check-in: 66cee0f83a user: bohagan tags: crypto
2024-03-30
22:37
Added Triple DES test vectors check-in: ac8a00b954 user: bohagan tags: crypto
19:52
Added option to enable and disable PKCS#7 padding check-in: 32f48d257b user: bohagan tags: crypto
2024-03-29
22:59
Added AES symmetrical block cipher test vectors check-in: 564db0e896 user: bohagan tags: crypto
20:48
Added more TCL 9 backwards compatibility definitions check-in: 945acae4ba user: bohagan tags: tls-1.8
2024-03-26
21:28
Minor cleanups to remove obsolete code and add missing change log entry check-in: bb89d73224 user: bohagan tags: tls-1.8
05:00
Created tls1.8 branch Closed-Leaf check-in: 94d2753492 user: bohagan tags: tls1.8
2024-03-15
23:39
Updated make file to correct bugs check-in: 89a6207a57 user: bohagan tags: crypto
23:39
Updated make file to correct bugs check-in: f5d3f859aa user: bohagan tags: trunk
22:17
Fix warnings for compile with GCC on TCL 9.0 check-in: 562bd95399 user: bohagan tags: trunk
22:17
Fix warnings for compile with GCC on TCL 9.0 check-in: eae5afbb83 user: bohagan tags: crypto
2024-03-14
01:23
Fixed issue which prevented running all test cases check-in: 5e61643e80 user: bohagan tags: crypto
01:09
Updated documentation to add XOF use of -length arg check-in: 5d50e20efb user: bohagan tags: crypto
00:30
Updated SHAKE128 and SHAKE256 test cases check-in: c0f29458a6 user: bohagan tags: crypto
2024-03-13
23:07
Finished SHAKE128 and SHAKE256 XOF hash functions by adding optional -length arg to set output length. check-in: 59eac2fc22 user: bohagan tags: crypto
2024-03-12
14:30
Merge trunk check-in: c005e3d09b user: jan.nijtmans tags: bohagan
14:21
More simple code formatting ... no change in functionality check-in: f69776b946 user: jan.nijtmans tags: nijtmans
2024-03-11
02:15
Merge in build-info command and TEA updates check-in: 3d9a852fc6 user: bohagan tags: crypto
02:05
Updated TEA files to latest version check-in: 327d65db23 user: bohagan tags: trunk
2024-03-10
23:26
Added TCL 9.0 build-info command including support for UUID files. Altered scripts from sample extension to put tlsUuid.h in WIN_DIR not TMP_DIR. check-in: c5526c14fd user: bohagan tags: trunk
05:56
Added global namespace qualifier to command names. Catch error for eval embedded tls.tcl script. check-in: c0bbfde5a4 user: bohagan tags: crypto
05:48
Added global namespace qualifier to command names. Catch error for eval embedded tls.tcl script. check-in: 17e4fbdf88 user: bohagan tags: trunk
05:06
Reformatted test case helper procedures check-in: 89706c884d user: bohagan tags: crypto
04:44
Updated test comparisons to handle OpenSSL 3 format data check-in: ae4bd8026c user: bohagan tags: crypto
04:27
Updated make test scripts tool to better embed TCL procedures and handle quoted data check-in: e650e24320 user: bohagan tags: crypto
03:32
Reformatted test cases check-in: f9d486f0f0 user: bohagan tags: trunk
03:09
Updated make test scripts tool to better embed TCL procedures and handle quoted data check-in: 5b864605ad user: bohagan tags: trunk
02:15
Back port doc and all test updates from crypto branch check-in: ceb434bb23 user: bohagan tags: trunk
01:42
Windows makefile update to add realclean target and correct pkgIndex target check-in: 613f00604a user: bohagan tags: trunk
01:27
Windows makefile update to add realclean target and correct pkgIndex target check-in: ae7ba9d447 user: bohagan tags: crypto
2024-03-05
14:37
Formatting (taken over from bohagan) check-in: 2568fd9c5d user: jan.nijtmans tags: bohagan
13:57
Merge trunk check-in: b2b78ae91b user: jan.nijtmans tags: bohagan
13:57
Update to latest acinclude.m4 check-in: cbbb604ed3 user: jan.nijtmans tags: nijtmans
02:10
Merged in more acinclude.m4 changes check-in: 9b922b5bb3 user: bohagan tags: crypto
02:08
Corrected logic error in acinclude.m4 check for include files check-in: 273a40deb4 user: bohagan tags: trunk
2024-03-02
03:14
Merged in acinclude.m4 changes Regenerated configure file check-in: cf160c6f63 user: bohagan tags: crypto
02:55
Updated acinclude.m4 file to use pkg-config tool for OpenSSL installation defaults prior to using fall-back values. Linking to static OpenSSL libraries may need more work. check-in: b3ad65760e user: bohagan tags: trunk
00:02
Added check for ssl.h file when checking for valid --opensslincludedir path. Added status message with find ssl.h result. check-in: 65406cadf6 user: bohagan tags: trunk
2024-02-28
05:48
Made TYPE_CMAC case into code block to allow variable definition check-in: 0d89817e1a user: bohagan tags: crypto
05:26
Merged changes from master check-in: bfb516156c user: bohagan tags: crypto
04:42
In password callback, added check for password > max size. Also added null terminator. check-in: 3866a025e0 user: bohagan tags: trunk
04:25
Updated acinclude.m4 file to add include path check for Mac installs. Corrected check for not null to instead check for not zero length variables. Fixed variable delimiter syntax error. check-in: 881da2c51a user: bohagan tags: trunk
02:55
More README file updates to remove old options and add more path info check-in: a72acac266 user: bohagan tags: trunk
02:40
More badssl test case updates for OpenSSL 3 message changes check-in: 1266832b43 user: bohagan tags: trunk
2024-02-27
21:24
Fix 4 testcases check-in: a0338bae64 user: jan.nijtmans tags: bohagan
16:29
Take over change in tls.c too (from same commit) check-in: eecbce78ef user: jan.nijtmans tags: bohagan
16:21
Take over tests/common.tcl from [https://chiselapp.com/user/bohagan/repository/TCLTLS/info/28b250e1fbd071d9|28b250e1fbd071d9] check-in: 55905b84e3 user: jan.nijtmans tags: bohagan
14:41
Merge trunk check-in: 4fdf191b58 user: jan.nijtmans tags: bohagan
14:40
Add missing acinclude.m4 and aclocal.m4 check-in: 0c8191a479 user: jan.nijtmans tags: nijtmans
05:05
Removed unneeded initialize dstrings. check-in: 6ffc298e51 user: bohagan tags: trunk
2024-02-24
22:32
Merge trunk check-in: 47f7634a14 user: jan.nijtmans tags: bohagan
22:22
Clean-up gcc compiler warnings check-in: d966a301eb user: bohagan tags: trunk
22:07
Eliminate some deprecated function usages. Disable ssl3 by default too (just as ssl2) check-in: 3090c676df user: jan.nijtmans tags: nijtmans
21:19
Corrected error messages for provider test cases check-in: 4011675f4b user: bohagan tags: crypto
21:07
Improve error-handling, e.g. using Tcl_SetErrorCode() check-in: e8f554a732 user: jan.nijtmans tags: nijtmans
21:03
Removed unneeded test vector files check-in: 216b8859b8 user: bohagan tags: crypto
16:59
No need for LAPPEND_LONG, use LAPPEND_INT check-in: 4f6f9b9874 user: jan.nijtmans tags: nijtmans
04:18
Applied optimized get string and cast nulls to char pointers to branch files check-in: aefb94a730 user: bohagan tags: crypto
03:57
Merged in changes from master check-in: 603eb0c0ba user: bohagan tags: crypto
03:26
Added back initialize dynamic strings since Tcl_TranslateFileName doesn't initialize them check-in: ccb3824e44 user: bohagan tags: trunk
03:02
Clean up return statements check-in: a9e4d32d68 user: bohagan tags: trunk
02:45
Clean up warnings on *nix builds check-in: 9d22adae76 user: bohagan tags: trunk
02:02
Added missing cast nulls to char pointer check-in: ea98e5c0da user: bohagan tags: trunk
01:53
Added install OpenSSL dynamic libraries on Windows check-in: 584d807503 user: bohagan tags: trunk
00:02
Merge-mark check-in: 367b275044 user: jan.nijtmans tags: bohagan
2024-02-23
23:57
Optimized get string from object check-in: 5130ce9e72 user: bohagan tags: trunk
23:50
Updated pkgIndex file for MacOS dynamic libraries check-in: 3e70bc2b3f user: bohagan tags: trunk
23:45
Documentation corrections and updates check-in: 4935443e89 user: bohagan tags: trunk
22:57
Use LAPPEND_STR() and friends check-in: 6e95e7672d user: jan.nijtmans tags: nijtmans
21:29
Merge-mark check-in: f26940283f user: jan.nijtmans tags: bohagan
21:27
REASON() -> GET_ERR_REASON(). Add some more utilities to tlsInt.h (not used yet) check-in: 42f5f29486 user: jan.nijtmans tags: nijtmans
15:28
Merge-mark check-in: 7ef59c838a user: jan.nijtmans tags: bohagan
15:25
Fix [bb7085cfdc]: Test tlsIO-8.1 breaks on FreeBSD check-in: 5128841292 user: jan.nijtmans tags: nijtmans
15:08
Merge trunk check-in: ea8c67f798 user: jan.nijtmans tags: bohagan
14:48
Merge "dh" branch from: [https://chiselapp.com/user/bohagan/repository/TCLTLS/timeline?r=dh]. The "gen_dh_params" script is no longer necessary check-in: 6aeb4fa6ee user: jan.nijtmans tags: nijtmans
13:21
Merge trunk check-in: c7b67bc013 user: jan.nijtmans tags: bohagan
13:08
Add "tls::build-info" command check-in: 355a10cf0e user: jan.nijtmans tags: nijtmans
12:13
Merge trunk check-in: fc4f8bad30 user: jan.nijtmans tags: bohagan
11:57
Added set option support. Source: https://www.androwish.org/home/info/1af65d23b6962476 check-in: baec6798d6 user: jan.nijtmans tags: nijtmans
11:30
Merge trunk check-in: faafc32731 user: jan.nijtmans tags: bohagan
11:00
Move tls.htm -> doc/tls.html. Start conversion to HTML5 check-in: f4edd2b33b user: jan.nijtmans tags: nijtmans
10:26
Merge trunk check-in: e6d7dec8c0 user: jan.nijtmans tags: bohagan
10:19
Fix ciphers.test testcases for OpenSSL 3.0. Remove files no longer needed check-in: b8d4646795 user: jan.nijtmans tags: nijtmans
09:39
Merge trunk check-in: a288c8e1e1 user: jan.nijtmans tags: bohagan
09:13
Code formatting. TlsCloseProc is no longer needed in Tcl 9. check-in: 2382e3457d user: jan.nijtmans tags: nijtmans
2024-02-22
20:48
Merge trunk check-in: e514e3a5e3 user: jan.nijtmans tags: bohagan
20:02
No need to define Tcl_Size in tlsInt.h: already handled by TEA check-in: a66c2b01b1 user: jan.nijtmans tags: nijtmans
17:51
Merge trunk check-in: 0d2b96f6d8 user: jan.nijtmans tags: bohagan
17:51
Forward declaration no longer necessary check-in: 93c001e9c4 user: jan.nijtmans tags: nijtmans
17:44
Merge trunk. tlsBIO.c is now fully equal to trunk. check-in: dae8857d72 user: jan.nijtmans tags: bohagan
17:40
Fix [006bd0c74e]: PATCH: BIO_CTRL_PUSH not handled. Also add some changes from androwish: [https://www.androwish.org/home/info/982ebf9d31a60440] check-in: 1b8c76f783 user: jan.nijtmans tags: nijtmans
15:27
Merge trunk check-in: c61ea12657 user: jan.nijtmans tags: bohagan
13:49
A lot of formatting, no change in functionality. check-in: 46ffe75283 user: jan.nijtmans tags: nijtmans
08:03
Merge trunk check-in: d0c262769f user: jan.nijtmans tags: bohagan
07:56
Applied patch to add OpenSSL3 KTLS trivial processing. Description: Patch adds trivial processing for BIO_CTRL_GET_KTLS_SEND and BIO_CTRL_GET_KTLS_RECV control commands to make tcltls working with OpenSSL 3.0. See also: - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006587 - https://bugzilla.redhat.com/show_bug.cgi?id=2088363 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/openssl3.patch check-in: 0f781794ab user: jan.nijtmans tags: nijtmans
07:52
TlsIO.test Hostname Fix. Patch by Sergei Golovan (Debian) to make the client socket connect to localhost instead of [info hostname] to prevent intermittent test failures inside mock(1). Also, account for a change in error message "unsupported protocol" instead of "wrong version number". -- Sergei Golovan <email address hidden> Thu, 18 Jul 2019 15:00:18 +0300 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/hostname-tests.patch check-in: 913359443b user: jan.nijtmans tags: nijtmans
07:35
Patch by Sergei Golovan (Debian) to replace 1024 bit certificates with 2048 bit ones because the new OpenSSL refuses to load small keys ("ee key too small"). Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/certs-tests.patch check-in: fecca6f35e user: jan.nijtmans tags: nijtmans
2024-02-21
23:10
Few more tweaks check-in: 195f14da6c user: jan.nijtmans tags: nijtmans
22:57
Stop support for OpenSSL < v1.1.1 check-in: f2101dcc16 user: jan.nijtmans tags: nijtmans
2024-02-20
22:09
Merge trunk check-in: 6853760139 user: jan.nijtmans tags: bohagan
20:57
"make install" now works on MacOS too (uses .dylib in stead of .so, no "doc" yet) check-in: 6778f7f147 user: jan.nijtmans tags: nijtmans
16:22
Merge trunk check-in: 61fb454f56 user: jan.nijtmans tags: bohagan
16:18
Don't depend on Tcl 8.3 ..... check-in: c4ff285b07 user: jan.nijtmans tags: nijtmans
16:11
Merge trunk check-in: daa14243cf user: jan.nijtmans tags: bohagan
16:09
Add missing win/nmakehlp.c. Typo in tclOpts.h check-in: e2c4b7ced2 user: jan.nijtmans tags: nijtmans
16:03
Import trunk from [https://chiselapp.com/user/bohagan/repository/TCLTLS] as separate branch check-in: 4a15938209 user: jan.nijtmans tags: bohagan
15:53
Win README: I think, it is the x64 native prompt, as 64 bit is targeted. check-in: db3bebd670 user: oehhar tags: nijtmans
15:35
We don't support SSL3 on Windows (apparently), so do the same for UNIX check-in: 79c94fdb6b user: jan.nijtmans tags: nijtmans
15:27
Take over more TEA changes from: [https://chiselapp.com/user/bohagan/repository/TCLTLS/index] check-in: 28faaabb20 user: jan.nijtmans tags: nijtmans
14:58
Move all *.c and *.h files to the /generic/ directory. Update win/makefile.vc from [https://chiselapp.com/user/bohagan/repository/TCLTLS/index] check-in: b921cb3e6e user: jan.nijtmans tags: nijtmans
13:30
Use (char *)NULL as sentinel in Tcl_AppendResult() check-in: ab6b683a51 user: jan.nijtmans tags: nijtmans
13:12
Merge makefile.vc improvements from Kevin, and his README.txt check-in: 66551cd602 user: jan.nijtmans tags: nijtmans
13:10
Merge 1.8 Closed-Leaf check-in: 08c2b4ad63 user: jan.nijtmans tags: codebykevin, nijtmans
13:00
Make all C-/H-files Tcl 9-ready, with all kinds of code-cleanup. Build environment not handled yet. check-in: ceb72b0012 user: jan.nijtmans tags: nijtmans
2024-02-19
21:55
Less compiler warnings check-in: 0cfe6dfb3c user: jan.nijtmans tags: nijtmans
20:16
Merge tls-1.7 check-in: 8e0be2f6e9 user: jan.nijtmans tags: nijtmans
19:23
No need to allocate a Tcl_ChannelType Leaf check-in: 7af51313f8 user: jan.nijtmans tags: tls-1.7
2024-02-16
14:03
One more check-in: 93eb73fd80 user: jan.nijtmans tags: tls-1.7
13:54
Merge 1.7 check-in: b8b1970122 user: jan.nijtmans tags: nijtmans
13:53
Remove all end-of-line spacing check-in: 9345b54eaa user: jan.nijtmans tags: tls-1.7
2024-02-12
10:39
Merge 1.8 check-in: 3824e80ab5 user: jan.nijtmans tags: codebykevin, nijtmans
10:32
Merge 1.7. Forget about Tcl < 8.6 for this branch check-in: 01caf8a372 user: jan.nijtmans tags: nijtmans
10:22
Tcl_GetStringFromObj() -> Tcl_GetString(). Update ChangeLog/README.txt check-in: 663996a17b user: jan.nijtmans tags: tls-1.7
2024-02-11
21:24
Updated test cases for OpenSSL 3.0. Added load legacy provider for obsolete algorithms. check-in: 8440f589be user: bohagan tags: crypto
20:51
Merged changes from master. check-in: 45be9618dc user: bohagan tags: crypto
02:16
Corrected memory leaks in use of dynamic strings check-in: 6287936460 user: bohagan tags: trunk
2024-02-10
22:55
Added examples to doc check-in: c8af0f28b0 user: bohagan tags: trunk
22:03
Updated callback info in doc file check-in: a1c3e96ef5 user: bohagan tags: trunk
21:04
Updated debug documentation check-in: e8ed4fea49 user: bohagan tags: trunk
20:37
Refactored set default CA certificates path and file to allow env vars to override defaults. check-in: cdb6cd6aa6 user: bohagan tags: trunk
03:37
Updated test cases for OpenSSL 3.0 check-in: 6fd974ebf0 user: bohagan tags: trunk
2024-02-09
20:06
Updated badssl.com test cases for error message format and CA file on Unix. check-in: 347e9a4852 user: bohagan tags: trunk
19:24
Added more error messages and quoted certificate fail message. check-in: e3e0021e31 user: bohagan tags: trunk
2024-02-06
02:42
Added provider test cases check-in: 5a41ff9aa1 user: bohagan tags: crypto
2024-02-05
01:37
Added provider command to load non-default providers in OpenSSL 3.0 check-in: b6001442d1 user: bohagan tags: crypto
00:55
Code updates for gcc warnings check-in: 7e672606f5 user: bohagan tags: trunk
2024-02-04
23:25
Code updates for gcc warnings check-in: e58f2c78c8 user: bohagan tags: crypto
03:31
Merged changes from master branch check-in: fa17431520 user: bohagan tags: crypto
02:58
Added code to handle unexpected EOF on OpenSSL 3 check-in: 5a33efb87b user: bohagan tags: trunk
2024-02-03
03:15
Added more IO logging and error callback messages. Removed duplicate messages. check-in: a3728bd654 user: bohagan tags: trunk
2024-02-02
03:33
Added more logging messages and updated get error message macro name check-in: fad32ff05f user: bohagan tags: trunk
2024-01-29
02:41
Updated to latest set of TCL 9.0 API changes. Made Tcl_Size updates. check-in: ce307ddd1f user: bohagan tags: crypto
2024-01-25
22:56
Extracted from https://www.codebykevin.com/fossil.cgi/tcltls check-in: 737ebb9576 user: jan.nijtmans tags: codebykevin, nijtmans
22:41
Add some newer TEA files, not enough to build yet check-in: 6a87953d33 user: jan.nijtmans tags: nijtmans
22:22
Somewhat better TEA support, not complete yet. Make this the continuation of the tls-1.7 branch. main/trunk will continue with 1.8.0 check-in: b7b0bd5a8f user: jan.nijtmans tags: tls-1.7
2024-01-24
14:35
First changes needed for Tcl 9.0 check-in: 3057d6e2e0 user: jan.nijtmans tags: nijtmans
2023-12-29
21:12
Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f check-in: 41e1203724 user: bohagan tags: trunk
21:09
Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f check-in: f586ebd433 user: bohagan tags: crypto
03:09
Merged in master changes check-in: d2d04c75a0 user: bohagan tags: crypto
03:09
Merged in dh branch check-in: 594dfd3195 user: bohagan tags: trunk
03:09
Updated to auto set DH parameters. Updated to use well known Diffie-Hellman (DH) parameters that have built-in support in OpenSSL. This means the DH parameters will be selected to be consistent with the size of the key associated with the server's certificate. If there is no certificate (e.g. for PSK ciphersuites), then it it will be consistent with the size of the negotiated symmetric cipher key. Leaf check-in: d3d16ea77f user: bohagan tags: dh
00:46
Use env var for OpenSSL executable path. Source: https://core.tcl-lang.org/tcltls/tktview/034c8d2587 check-in: e63b467c48 user: bohagan tags: dh
2023-12-28
23:15
Refactored DH generation to not need a separate file for DH data. Added missing header files to generated file. check-in: d3319fd18b user: bohagan tags: dh
21:27
DH Changes for OpenSSL 3.0 Source: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275160 and https://cgit.freebsd.org/ports/tree/devel/tcltls/files/dh_params.h?id=2ed62c75d1230bbe8268a1a3c54de2972d50dcf8 check-in: 54c35183c2 user: bohagan tags: dh
20:01
Created DH branch check-in: 22f9df2429 user: bohagan tags: dh
05:05
More documentation updates check-in: d371821677 user: bohagan tags: crypto
03:57
Added random bytes test cases check-in: 7a89ccc39d user: bohagan tags: crypto
03:02
Added random bytes command documentation check-in: 2eb1cc571b user: bohagan tags: crypto
03:00
Added random bytes command to generate random bytes using a cryptographically secure pseudo random generator (CSPRNG). check-in: baa34f4208 user: bohagan tags: crypto
2023-12-25
03:58
Updated documentation to add KDF commands, list KDFs command, and list cipher/digest info attributes. check-in: 17448b5ea7 user: bohagan tags: crypto
02:04
Added KDF test cases check-in: 4cc32676a2 user: bohagan tags: crypto
2023-12-24
22:57
Moved common get cipher, digest, etc. functions to tlsUtil.c file. Renamed tlsKey.c to tlsKDF.c to better reflect contents. Standardized error messages. check-in: 94f8408d0d user: bohagan tags: crypto
06:36
Added MAC test vectors. Added all.tcl files to each test subdirectory so all tests run. Updated Hash and KDF test vectors to add missing cleanupTests. Corrected bug with using dash in constraints. Added constraints for ciphers, digests, and kdfs. check-in: feef0d0cef user: bohagan tags: crypto
02:22
Added KDF test vectors check-in: 8b230035d8 user: bohagan tags: crypto
01:26
Added scrypt KDF check-in: 36febb04b1 user: bohagan tags: crypto
00:00
Added HKDF KDF check-in: 89db32e691 user: bohagan tags: crypto
2023-12-23
21:23
Added kdfs command to list supported KDFs check-in: baa6119ddf user: bohagan tags: crypto
2023-12-21
20:15
Merged in master changes check-in: 265ace08fe user: bohagan tags: crypto
19:56
Optimized Init stub load and package require. Use general pkhIndex.tcl file. check-in: c498845865 user: bohagan tags: trunk
2023-12-19
05:53
Added test vectors files for hash functions. Added test files and make script to generate TCL test cases from test vector files. These files come from NIST, IETC, etc. documents, examples, etc. check-in: 25db067636 user: bohagan tags: crypto
2023-12-16
04:56
Changed options processing from using string compares in macros to using Tcl_GetIndexFromObj and switch. check-in: c7540ccbf1 user: bohagan tags: crypto
2023-12-11
10:37
Updated to latest tclconfig changes check-in: 98e3157245 user: bohagan tags: trunk
05:24
Added KDF module to derive keys and ivs from passwords and salts. Added -hash option as alias for -digest. check-in: d4c2159faf user: bohagan tags: crypto
2023-12-10
05:55
Refactored tlsInfo.c file to clear errors, use Obj in var names, and pass name as object instead of string. Split cipher command from its info function. check-in: d7ab5a4ae1 user: bohagan tags: crypto
2023-12-08
03:03
Digest optimizations to delay conversion to OpenSSL types to initialization procedure. Add MAC info and incomplete Pkey info functions. check-in: d93493f320 user: bohagan tags: crypto
2023-12-04
03:56
Split list operations into separate functions to make it easier for OpenSSL 3.0 changes. Added pkey list function. Added mac info and pkey info placeholder functions. More checks for NULL pointers. Moved legacy load ciphers and digest to init routine. check-in: 9e6e94200c user: bohagan tags: crypto
00:30
Improved key and iv storage to use zero padded buffer to ensure no buffer overrun in OpenSSL API if string pointer is used. Added cipher default option for encrypt and decrypt. Pass data as last arg without -data option. check-in: 191f8b29bc user: bohagan tags: crypto
2023-12-03
05:44
Updated documentation for encrypt and decrypt commands check-in: 193afd38ea user: bohagan tags: crypto
04:52
Added test suite for encrypt and decrypt commands check-in: 2922a56dc5 user: bohagan tags: crypto
02:24
Added function to encrypt and decrypt using I/O channel check-in: c3fb3a49db user: bohagan tags: crypto
2023-12-02
21:51
Added function to encrypt and decrypt using object command check-in: ae795d4c23 user: bohagan tags: crypto
20:24
Added function to encrypt and decrypt a file check-in: db4e2fff2d user: bohagan tags: crypto
17:58
Modularized encrypt and decrypt functions check-in: 85d30feee0 user: bohagan tags: crypto
04:25
Added function to encrypt and decrypt data check-in: b395f93924 user: bohagan tags: crypto
2023-11-27
02:39
Code Cleanup to use switch statements check-in: 24e26c8844 user: bohagan tags: crypto
02:15
Backport changes from crypto branch including change -securitylevel option to -security_level. Optimized binary to hex conversion. check-in: d351d79642 user: bohagan tags: trunk
2023-11-26
02:15
Split doc file into TLS and cryptography files. Moved digest functions to cryptography.html doc file. Added schema file from TCL man pages. Updated TLS doc file. check-in: b5b7a4964e user: bohagan tags: crypto
2023-11-25
05:23
Split get digest, cipher, key, and mac ids into separate functions. Simplified DigestMain to pass Tcl objects to get functions. Pass mac id to functions. check-in: 0aae4d5b6f user: bohagan tags: crypto
2023-11-23
04:17
Added more test cases to check for errors, test mac command, etc. check-in: 4ba41f1db2 user: bohagan tags: crypto
03:26
Added early version of mac command. Added back ability to provide data as last arg without -data option. check-in: 917a43a776 user: bohagan tags: crypto
02:52
Added more message digest test cases from RFC 6234 and info command error test cases check-in: c6b0a3cd11 user: bohagan tags: crypto
2023-11-22
22:18
Fix to IO test missing set blocking value. See https://core.tcl-lang.org/tcltls/tktview/bb7085cfdc check-in: 104e43c85e user: bohagan tags: trunk
2023-11-21
23:23
Set default option name for first argument to md and mac commands if not specified by user. Return error message when no channel, command, data, or file arg is specified. check-in: c7a5a6f8fa user: bohagan tags: crypto
23:00
Added write to channel for digest transform test cases check-in: 3a6a1f7d03 user: bohagan tags: crypto
22:03
Renamed digest command to md. Updated function names to use Digest prefix. check-in: 4134be17b3 user: bohagan tags: crypto
03:44
Add digest and MAC use of EVP_DigestFinalXOF for XOF hash functions. Renamed security level option from -securitylevel to -security_level. Added more description info to digest and hash documentation. Added examples for tls::digest command to documentation. check-in: c5c9b26ac8 user: bohagan tags: crypto
2023-11-20
19:07
Added CMAC test cases check-in: adfb4a0349 user: bohagan tags: crypto
2023-11-19
23:20
Added test cases for get cipher and digest info commands check-in: 5a64d9be3f user: bohagan tags: crypto
02:55
Added get cipher info command to return properties of a cipher check-in: 35832d0765 user: bohagan tags: crypto
2023-11-18
18:55
Added get digest info command to return properties of a digest check-in: e47bd35656 user: bohagan tags: crypto
06:58
Updated documentation for digest, cmac, and hmac command changes. check-in: 220a9947b7 user: bohagan tags: crypto
06:26
Updated test cases for new command syntax and added more tests cases check-in: eb618c73d8 user: bohagan tags: crypto
05:59
Optimized DigestInputProc to use common digest functions. Fixed write to channel digest transform. Updated comments check-in: 3120c0a647 user: bohagan tags: crypto
2023-11-17
21:46
Optimized calc digest for data blob to use same functions as other cases. check-in: d5db8e7da5 user: bohagan tags: crypto
18:31
Changed digest command to make digest into a variable argument check-in: 6f3bac05a8 user: bohagan tags: crypto
2023-11-14
03:53
Split ciphers test file into digest and info test files. Added common.tcl file for common test constraints. Updated HMAC and CMAC test cases Added RFC 4231 HMAC example test cases. check-in: b186ba1b7d user: bohagan tags: crypto
00:53
Updated error messages and optimized when to add error message to result. check-in: 2b4e85a3eb user: bohagan tags: crypto
2023-11-13
03:14
Changed hex output to use lowercase letters check-in: aef7825f91 user: bohagan tags: crypto
02:26
Corrected test cases check-in: 1d173cfaca user: bohagan tags: crypto
2023-11-12
05:23
Added cmac and hmac commands to documentation check-in: fc183cdaa1 user: bohagan tags: crypto
2023-11-10
22:23
Added cmac and hmac convenience commands check-in: 992cc75b71 user: bohagan tags: crypto
20:09
Added Cipher MAC (CMAC) support check-in: 49f76ba54c user: bohagan tags: crypto
2023-11-08
03:09
Updated test cases check-in: 9b69dccaca user: bohagan tags: crypto
2023-11-07
23:40
Optimized info commands and added more error checking. Use modern set protocol versions API for ciphers list. check-in: e88816cf57 user: bohagan tags: crypto
2023-11-06
23:46
Added more comments and removed obsolete code check-in: 5a0296430f user: bohagan tags: crypto
04:52
Added an option to the digest command to allow the user to create a new command, use it to add data to a hash, and to get the final message digest. Refactored code to move common digest init, update, and finalize operations into common functions. check-in: 0c59081d81 user: bohagan tags: crypto
2023-11-05
21:46
Track EOF for channels so get message digest is only performed once. Added more info to function documentation and comments check-in: 019f6eb9aa user: bohagan tags: crypto
2023-11-04
03:14
Added sha512 convenience command check-in: 72569af7c5 user: bohagan tags: crypto
02:08
Added key support to digest channel check-in: b536b956a8 user: bohagan tags: crypto
2023-11-03
22:25
Added command to list available Message Authentication Codes (MAC) check-in: 4bc6ba68a7 user: bohagan tags: crypto
22:03
Moved info commands to tlsInfo.c file. Moved REASON macro definition to tlsInt.h file so all files can use. check-in: 61a7c2c15a user: bohagan tags: crypto
2023-10-30
19:18
Added info to documentation on how to salt a password for a digest check-in: 04c90026c3 user: bohagan tags: crypto
01:37
Added digest HMAC key test cases check-in: 862db54236 user: bohagan tags: crypto
01:19
Added digest unstack channel command check-in: 25849c5ac1 user: bohagan tags: crypto
2023-10-29
22:50
Updated documentation for HMAC key option check-in: 92ad9d0c97 user: bohagan tags: crypto
21:06
Added Hashed MAC (HMAC) support. Added -key option to specify key to create Hashed Message Authentication Code (HMAC). Implemented data and file support, but not channel yet. check-in: 41ad133172 user: bohagan tags: crypto
01:39
Added digest channel test cases check-in: 5a5c14c5db user: bohagan tags: crypto
00:58
Updated documentation to add digest channel option check-in: a080689ac6 user: bohagan tags: crypto
00:33
Added option to create a stacked channel to use as source for message digest data. Returns calculated digest after last read prior to EOF. check-in: 750f0c1ad5 user: bohagan tags: crypto
2023-10-28
17:30
Merged in changes from master check-in: 1de7e0ec74 user: bohagan tags: crypto
17:20
Optimized TLS channel type definition check-in: 914ac6b2a4 user: bohagan tags: trunk
16:50
Updated test suite to add digest file, hex, and binary functionality check-in: f9cf6ac5f1 user: bohagan tags: crypto
03:34
Updated documentation to add digest file, hex, and binary options check-in: c8671aa698 user: bohagan tags: crypto
03:10
Added digest file, hex, and binary options. Added option to calculate message digest for a file. Added options to set output format to bin or hex. check-in: fa2710a06c user: bohagan tags: crypto
2023-10-27
23:01
Moved digest command to new tlsDigest.c file check-in: b120c6d336 user: bohagan tags: crypto
2023-10-20
22:59
Updated test suite to use OpenSSL list for ciphers list check-in: 40a8eb4d6f user: bohagan tags: crypto
2023-10-15
21:31
Added parse flag option macro check-in: d986eba4cc user: bohagan tags: crypto
2023-10-14
23:16
Updated digests command to filter out RSA digests since only used for signature algorithms. check-in: 0a899f2c18 user: bohagan tags: crypto
23:02
Updated test suite to add digest command check-in: 5f6b36170e user: bohagan tags: crypto
21:35
Optimized byte array to hex conversions check-in: 049f9cb970 user: bohagan tags: crypto
2023-10-11
23:13
Renamed hash command to digest and hashes command to digests. check-in: 38f5e78596 user: bohagan tags: crypto
22:34
Modified ciphers command to make protocol arg optional to list all supported ciphers. check-in: a44d361c13 user: bohagan tags: crypto
2023-10-10
04:10
Added hashes command to list OpenSSL supported hash digests. check-in: 78cf378796 user: bohagan tags: crypto
02:43
Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. check-in: cafd2dc6ba user: bohagan tags: crypto
00:06
Created cryptography branch check-in: 0cd384c2ff user: bohagan tags: crypto
2023-10-09
19:08
Updated to latest TEA and Tcl Config check-in: ec0cc9fbdf user: bohagan tags: trunk
2023-09-24
20:12
Moved definition of Append to List macros to tlsInt.h. Updated tls.c to use Append to List macros. check-in: 28d6418fa7 user: bohagan tags: trunk
2023-09-23
22:37
Updates for TCL 9.0 and Tcl_Size change check-in: c740ba0cb8 user: bohagan tags: trunk
2023-09-10
22:43
Added test cases to check for badssl.com certificate error conditions check-in: 6729942f38 user: bohagan tags: trunk
2023-09-05
19:18
Added pad to Tcl channel type structure for future changes Imported from: https://www.androwish.org/home/info/483455e044ff91ad check-in: 973237f3a8 user: bohagan tags: trunk
2023-09-02
22:07
Added verify result to handshake fail error message. check-in: 2e3a232d85 user: bohagan tags: trunk
21:13
Set automatic curve selection for ECDH temporary keys used during key exchange. Used to make a server always choose the most appropriate curve for a client. Disable compression even if supported. check-in: 1dbae1afec user: bohagan tags: trunk
20:03
Changed to only allow SSL2 and SSL3 to be manually enabled. See RFC 8996, Deprecating TLS 1.0 and TLS 1.1. Also see NIST SP 800-52r2 which requires TLS 1.2 and TLS 1.3, should not use TLS 1.1, and shall not use TLS 1.0, SSL 3.0, or SSL 2.0. check-in: 9d1bdab9a6 user: bohagan tags: trunk
2023-09-01
21:57
Merged status and X509 updates branch into master check-in: 3432ab03a3 user: bohagan tags: trunk
21:35
Added more X509 status Leaf check-in: af0ed7ddd0 user: bohagan tags: status_x509
2023-08-28
01:56
Added load CA file comments check-in: d4b5b9bd2a user: bohagan tags: status_x509
2023-08-20
19:45
Moved X509 functions to separate procedures. check-in: 2186b86385 user: bohagan tags: status_x509
2023-08-19
22:14
Added CA Issuers URL to X509 status check-in: 3b068ff2f6 user: bohagan tags: status_x509
20:30
Updated ConnectionInfoObjCmd to localize variables check-in: 070af72ccb user: bohagan tags: status_x509
18:04
Optimized CiphersObjCmd to use method variable. check-in: 543e7ab6d3 user: bohagan tags: status_x509
2023-08-14
03:16
Refactored X509 status to improve readability by using macros for common operations. check-in: 3a8336467a user: bohagan tags: status_x509
2023-08-13
01:00
Added get CA list to connection status check-in: c95df396da user: bohagan tags: status_x509
2023-08-12
04:07
Added session context, basic constraints, and publickeyhash status check-in: 4a0a74f238 user: bohagan tags: status_x509
03:34
Refactored X509 code to consolidate like functions, eliminate many buffers, etc Added function BIO_to_Buffer to consolidate copy BIO data to buffer. Moved get all data and certificate to end of function. check-in: a1bcda35b1 user: bohagan tags: status_x509
2023-08-10
03:16
Reordered get parameters in Tls_NewX509Obj to follow RFC 5280 section order. Added get self issued, Key usage, Extended Key usage, and purpose values. Added more comments, optimized code, etc. check-in: 10bcd4c88f user: bohagan tags: status_x509
2023-08-07
03:27
Added Issuer Alt Name to X509 status, refactored get SAN and CRL check-in: 35be4894ce user: bohagan tags: status_x509
2023-08-02
01:17
Added Certificate Revocation List (CRL) to X509 status. Moved get X509 extension items to end of function. check-in: f22fb82c96 user: bohagan tags: status_x509
2023-08-01
22:42
Added Certificate purposes to X509 status output. Corrected certificate alias get text bug. Refactored code to reduce number of variables and use common buffers for SHA fingerprints. check-in: e94d9cae93 user: bohagan tags: status_x509
2023-07-31
02:17
Added verify depth and mode status to connection status, renamed signatureType and signatureType check-in: 87010ba1d9 user: bohagan tags: status_x509
2023-07-30
22:25
Replaced custom X509 ASN1_UTCTIME_tostr function with OpenSSL function ASN1_TIME_print. Added catch errors returned from get certificate functions. check-in: b50520df51 user: bohagan tags: status_x509
03:39
Merged master into branch check-in: 739742d3d4 user: bohagan tags: status_x509
03:21
Merged errors_and_callbacks branch into master check-in: dbe759a0f2 user: bohagan tags: trunk
02:53
Updated default callbacks in tls.tcl file Leaf check-in: cdb51c799e user: bohagan tags: errors_and_callbacks
02:09
Add match result to ALPN callback parameters. This indicates if a common protocol was found or not. check-in: 75f1cfb376 user: bohagan tags: errors_and_callbacks
00:20
Updated password callback to add rwflag size arguments to callback. Callback now works like other callbacks with the function followed by args. Refactored get result processing. Added more info to doc file. check-in: c072b00aeb user: bohagan tags: errors_and_callbacks
2023-07-29
21:33
Added message status to callback command results. It is only available when OpenSSL is complied with the enable-ssl-trace option. check-in: 5ddead759f user: bohagan tags: errors_and_callbacks
2023-07-28
19:42
Set ErrorCode for returned errors check-in: d7ece0aec4 user: bohagan tags: errors_and_callbacks
18:41
Set/get invalid channel option now calls Tcl_BadChannelOption. check-in: 106dba31ae user: bohagan tags: errors_and_callbacks
17:01
Disabled skip channel IO during verify callback processing. Call Tcl_Error for connect/handshake errors. check-in: 6866efe8ea user: bohagan tags: errors_and_callbacks
16:07
Refactored Tls_Error handler to not set errorCode. Use error message, return result, or if none, fall-back to OpenSSL error queue. Added clear OpenSSL errors to start of each command function to remove old error messages. check-in: e85a439068 user: bohagan tags: errors_and_callbacks
2023-07-24
23:12
Comment and documentation updates. Added more checks for supported protocol versions. check-in: a4c50c7c74 user: bohagan tags: errors_and_callbacks
2023-07-21
23:29
Removed connect or handshake errors trigger background error. Removed Tls_Error call to background error handler when a callback command isn't defined. This would occur during connect/handshake errors. Fixes bug: https://core.tcl-lang.org/tcltls/tktview/2c7b748796 check-in: 6a11f12158 user: bohagan tags: errors_and_callbacks
23:01
Added new option -validatecommand to handle callbacks that require a return value. Consolidated evaluate callback commands into one function EvalCallback. Return alert codes for callbacks. Added more comments to callback functions. check-in: 91ff651d51 user: bohagan tags: errors_and_callbacks
2023-07-16
18:41
Added Next Protocol Negotiation (NPN) for TLS 1.0 to TLS 1.2. check-in: f7b84d671a user: bohagan tags: errors_and_callbacks
17:26
Added alert type to info callback parameters and refactored code. check-in: 0aa8ad9487 user: bohagan tags: errors_and_callbacks
16:02
Register ALPN callbacks only if protocols defined. Catch more errors in callbacks, return after set return values. check-in: 3b2e00d8a5 user: bohagan tags: errors_and_callbacks
15:21
Created error handler and callback updates branch check-in: 0d1d711916 user: bohagan tags: errors_and_callbacks
15:05
Merge status and X509 updates branch check-in: 1924dcd361 user: bohagan tags: trunk
03:33
X509 status optimizations to reduce number of buffers and reordered parameters to match certificate order. check-in: 335b04b2fe user: bohagan tags: status_x509
00:24
Added X509 authorityKeyIdentifier and OCSP URL parameters Fixed subjectKeyIdentifier Moved extension parameters to end of Tls_NewX509Obj check-in: a7be3ce74d user: bohagan tags: status_x509
2023-07-15
23:00
Added unique ids and signature value to status check-in: 8e446cb0bb user: bohagan tags: status_x509
21:37
Better grouped status and connection parameters in doc. check-in: c7828a9fcc user: bohagan tags: status_x509
20:47
Refactored convert X509 status binary values to hex strings. Renamed X509 parameter signatureAlgorithm to signature and digest to signingDigest. check-in: 8dd96d8c7b user: bohagan tags: status_x509
2023-07-10
01:13
Added all certificate info dump to X509 status. Renamed X509 status signature_algorithm to signatureAlgorithm, public_key_algorithm to publicKeyAlgorithm, and serial to serialNumber. Added publicKey and alias to X509 status. check-in: 58ee9890df user: bohagan tags: status_x509
2023-07-09
22:46
Changed to pass verify ok results string to callback. Renamed certificate status signature_hash to signatureHashAlgorithm. check-in: a5858c387a user: bohagan tags: status_x509
2023-06-21
23:37
Added Subject Alternate Name (SAN) to X509 status. Source: https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: a5843e5983 user: bohagan tags: status_x509
2023-06-20
03:42
Added Subject Key Identifier (SKI) to X509 status check-in: 3a3000bc1e user: bohagan tags: status_x509
2023-06-18
21:47
Added post handshake cert request option check-in: fec0e414e9 user: bohagan tags: status_x509
2023-06-17
23:09
Added signature hash and type to connection status Changed validation result to verification. check-in: e02e24c84a user: bohagan tags: status_x509
2023-06-16
18:04
Change to use NULL for empty pointers check-in: ee0728f6d6 user: bohagan tags: status_x509
2023-06-11
23:26
Use client or server methods instead of generic methods for protocol version selection check-in: f9da715266 user: bohagan tags: status_x509
20:12
Optimized get X509 certificate extensions check-in: eccad70fa9 user: bohagan tags: status_x509
02:27
Added more X509 certificate status info, show algorithm names, list used extensions, etc. check-in: 7265279af2 user: bohagan tags: status_x509
2023-06-10
21:25
Added master key, is server, and ticket lifetime to connection status. Reordered connection status results for better grouping. check-in: 4e75be42e6 user: bohagan tags: status_x509
20:33
Set protocol version method based on client or server option. check-in: 50c71137cb user: bohagan tags: status_x509
19:45
Added ALPN callback update to catch and return errors in select next protocol. check-in: 1a03a74d6e user: bohagan tags: status_x509
2023-06-05
02:47
More callback error checking. Added session ticket callback handling. Split set client and server session caching callbacks. check-in: e1f08bc122 user: bohagan tags: status_x509
02:09
Use SSL connection states instead of custom states. check-in: 3d083cdfaf user: bohagan tags: status_x509
2023-06-04
03:20
Set host name for certificate checks. Pass peer specified host name to Hello callback. Set host name for certificate checks. This is separate from SNI. Added peername to status command results. Source: https://core.tcl-lang.org/tcltls/tktview/b023257dcf and https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: 65f84287e7 user: bohagan tags: status_x509
2023-06-03
22:33
Added ALPN callback protocol selection. In ALPNCallback, server select from client provided protocol list uses -alpn protocols list to find first common protocol. check-in: f50ee33fd6 user: bohagan tags: status_x509
20:55
Added version and signature to X509 status check-in: 7d59536ee7 user: bohagan tags: status_x509
2023-06-02
22:23
Added compression state to connection status check-in: e5975c8072 user: bohagan tags: status_x509
2023-05-29
23:15
Added server callbacks for ALPN, SNI, and Hello messages check-in: a04a3aef6b user: bohagan tags: status_x509
2023-05-27
21:14
Optimized use of pointers and comment format updates. check-in: 500c6b97d6 user: bohagan tags: status_x509
19:20
Added session id and ticket to connection status. Added callback to handle session id and ticket updates after the handshake. check-in: 489f45bd81 user: bohagan tags: status_x509
03:06
Removed support for obsolete OpenSSL versions prior to v1.1.1. check-in: 0de7b4fc0a user: bohagan tags: status_x509
2023-05-26
22:43
Added set security level option to set all relevant parameters including cipher suite, encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms in one operation. check-in: 32ce5d6220 user: bohagan tags: status_x509
2023-05-24
23:26
Fixed test cases to run under Windows and added TLS 1.3 support check-in: 69314245a1 user: bohagan tags: status_x509
02:40
Added new option -ciphersuites to set ciphers suites for TLS 1.3. Addresses defect: https://core.tcl-lang.org/tcltls/tktview/d0518a5645 check-in: cd11c125e8 user: bohagan tags: status_x509
01:18
Updated ciphers command to use current APIs and added an option to return only ciphers as would be sent in ClientHello. Updated test suite to use OpenSSL executable to get ciphers comparison data. Added more test cases. Addresses defects: https://core.tcl-lang.org/tcltls/tktview/688788a45c and https://sourceforge.net/p/tls/bugs/36/ check-in: 05b2dd47be user: bohagan tags: status_x509
2023-05-22
19:25
Updated all.tcl test script to produce an exit code. This is needed for use by test automation suites. check-in: af2c6346c9 user: bohagan tags: status_x509
2023-05-20
04:46
Added get supported protocol versions command check-in: 168ce6abb1 user: bohagan tags: status_x509
00:56
Added new connection info command which returns connection configuration and status. check-in: 04e10976f7 user: bohagan tags: status_x509
2023-05-19
23:17
Created status_x509 updates branch check-in: 8db793f55f user: bohagan tags: status_x509
2023-05-13
20:25
Merged TEA branch into master check-in: 6c02d4d029 user: bohagan tags: trunk
19:35
Updated README.txt file Leaf check-in: d34cd241be user: bohagan tags: TEA
2023-05-10
23:26
Fixed bug in rules.vc which prevents extracting extension version from configure.ac file. Work-around had been to manually set DOTVERSION in makefile.vc. check-in: 02a9eed243 user: bohagan tags: TEA
23:01
Acinclude file optimizations, co-located items, add defaults, etc. check-in: 98728c7e06 user: bohagan tags: TEA
03:23
Refactored set openSSL paths to add separate options for include and library directories check-in: c6a99441d9 user: bohagan tags: TEA
2023-05-08
02:17
More configure status and optimized use of AC_ARG_ENABLE to also set missing case vars. check-in: f284d71533 user: bohagan tags: TEA
01:01
Moved custom functions from configure.ac to acinclude.m4 file check-in: 4729159cce user: bohagan tags: TEA
2023-05-07
23:21
Added support for the pkgconfig tool to find package installation locations and added configure output messages check-in: aaea8b2ab0 user: bohagan tags: TEA
22:12
Fixed find OpenSSL dependencies check-in: 075e855e95 user: bohagan tags: TEA
19:53
Fixed make clean and build headers as part of all check-in: 7f6e71d240 user: bohagan tags: TEA
19:09
Fixed detect shared library in pkgIndex.tcl file check-in: 515e670c81 user: bohagan tags: TEA
17:48
Added options to disable TLS protocols check-in: 124d881bb0 user: bohagan tags: TEA
16:51
Fixed make dist check-in: a8bd1bb16d user: bohagan tags: TEA
15:21
Made needed updates for Unix build to work. Added back configure script Moved custom macros to acinclude.m4 file. aclocal.m4 is now platform default macros. check-in: 3df2605920 user: bohagan tags: TEA
2023-05-06
21:26
Updated windows make files to add more notes, fix version, etc. check-in: 31fbcccfd1 user: bohagan tags: TEA
19:35
Replaced custom build scripts with TEA scripts. Removed custom build scripts and replaced with latest TEA config files. Updated pkgIndex.tcl.in to support static builds. Incorporated relevant previous build macros into scripts. check-in: a329ea2ff4 user: bohagan tags: TEA
2023-04-30
17:06
Updated windows makefile to add missing targets check-in: 06521814cd user: bohagan tags: TEA
16:07
Moved files to subdirectories per TEA directory structure. check-in: 3dcd70f98e user: bohagan tags: TEA
02:08
Format clean-ups. check-in: e02b79f82f user: bohagan tags: TEA
2023-04-23
22:31
Updated Window Make Files to add OPENSSL lib directory to includes. Added missing files nmakehlp.c, rules.vc, rules-ext.vc, etc. Source: https://core.tcl-lang.org/tcltls/tktview/316976aff3 check-in: 7c266d8a5b user: bohagan tags: TEA
21:01
Created TEA updates branch check-in: b8dafda9a9 user: bohagan tags: TEA
04:49
Starkit fix to add current library names to tls.tcl starkit load function. Source: https://sourceforge.net/p/tls/bugs/55/ and https://sourceforge.net/p/tls/bugs/44/ check-in: c9cb1a525d user: bohagan tags: trunk
03:34
Use server cipher preference order. Source: https://sourceforge.net/p/tls/bugs/60/ and https://www.androwish.org/home/info/5718c3eb47cced4d and https://core.tcl-lang.org/tcltls/tktview/305ee10b86 check-in: ba1403b62c user: bohagan tags: trunk
02:36
Applied patch to add OpenSSL3 KTLS trivial processing. Description: Patch adds trivial processing for BIO_CTRL_GET_KTLS_SEND and BIO_CTRL_GET_KTLS_RECV control commands to make tcltls working with OpenSSL 3.0. See also: - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006587 - https://bugzilla.redhat.com/show_bug.cgi?id=2088363 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/openssl3.patch check-in: 6f19aa6623 user: bohagan tags: trunk
02:08
Changes for OpenSSL v1.1.1 to make compatible with no deprecated option. check-in: 2ed802a7af user: bohagan tags: trunk
2023-04-10
01:27
Initial changes for TCL 9.0. Fixed package requires to work with TCL 9.0. Removed obsolete macro _ANSI_ARGS_, use ANSI arg definitions, etc. Macros: CONST84 to const, WIN32 to _WIN32, CONST to const, VOID to void, etc. Replaced Tcl_SaveResult with Tcl_SaveInterpState, Tcl_RestoreResult with Tcl_RestoreInterpState, and Tcl_DiscardResult with Tcl_DiscardInterpState. Use Tcl_BackgroundError for pre TCL 8.6 and Tcl_BackgroundException for TCL 8.6+. check-in: 275ecbcc5d user: bohagan tags: trunk
2023-03-05
03:04
Added support for optional TLS commands BIO_CTRL_POP and BIO_CTRL_PUSH. BIO_CTRL_PUSH is an optional value that is not handled in the tlsBIO:BioCtrl(). The larger problem is that the library does not support new optional commands because it returns -2 for unknown cmds in BioCtrl(). I would suggest changing the default return value to 0. I confirmed that this fixed the issue. Source: https://core.tcl-lang.org/tcltls/tktview/006bd0c74e check-in: 602c39a56c user: bohagan tags: trunk
02:04
Updated documentation to define defaults for -cadir and -cafile options. Source: https://core.tcl-lang.org/tcltls/tktview/56d19eb033 and https://sourceforge.net/p/tls/bugs/42/ check-in: 002efbac61 user: bohagan tags: trunk
01:35
Patch by Sergei Golovan (Debian) to replace 1024 bit certificates with 2048 bit ones because the new OpenSSL refuses to load small keys ("ee key too small"). Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/certs-tests.patch check-in: 6e0ab0e0eb user: bohagan tags: trunk
00:15
Applied patch to correct generate Diffie-Hellman (DH) parameters. Source: File: gen_dh_params.patch check-in: b7c82a6aae user: bohagan tags: trunk
2023-03-04
23:33
Patch by Sergei Golovan (Debian) to fix the compiler warnings about implicit fall-through in case. Source: File: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/fall-through.patch check-in: e2e798877b user: bohagan tags: trunk
22:22
Added set option support. Source: https://www.androwish.org/home/info/1af65d23b6962476 id: [1af65d23b6] check-in: ec43249d1a user: bohagan tags: trunk
21:11
TlsIO.test Hostname Fix. Patch by Sergei Golovan (Debian) to make the client socket connect to localhost instead of [info hostname] to prevent intermittent test failures inside mock(1). Also, account for a change in error message "unsupported protocol" instead of "wrong version number". -- Sergei Golovan <email address hidden> Thu, 18 Jul 2019 15:00:18 +0300 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/hostname-tests.patch check-in: 0afa2bde06 user: bohagan tags: trunk
20:54
Get certificate SHA-256 fingerprint. https://core.tcl-lang.org/tcltls/tktview/c2f2f1be54 and https://www.androwish.org/home/info/80b11e9594532414 and https://www.androwish.org/home/info/56087b886c6c105f check-in: 3f9e284b4e user: bohagan tags: trunk
20:19
Added key and PEM output to variables and updated keytest1 test script. Source: https://www.androwish.org/home/info/80b11e9594532414 and https://www.androwish.org/home/info/56087b886c6c105f and https://core.tcl-lang.org/tcltls/tktview/04d6bb909b ids: [80b11e9594] and [56087b886c] check-in: 899a950204 user: bohagan tags: trunk
19:33
Casting clean-ups to fix compiler warnings. Source: https://sourceforge.net/p/tls/patches/11/ and https://sourceforge.net/p/tls/patches/_discuss/thread/988300e7/b6bb/attachment/patch-warnings check-in: 227a7d7d10 user: bohagan tags: trunk
18:54
Added names of unavailable protocols to error messages so its easier to understand. Source: https://sourceforge.net/p/tls/patches/14/ File: protocols.patch check-in: 6a3f83340d user: bohagan tags: trunk
17:58
Minor updates to catch NULL channels. Source: https://www.androwish.org/home/info/982ebf9d31a60440 [982ebf9d31] check-in: 270bf9327b user: bohagan tags: trunk
16:14
Merge feature-dump-keys into main check-in: bed86d3303 user: bohagan tags: trunk
15:44
Merge add-support-alpn into main check-in: 4b4daeada4 user: bohagan tags: trunk
15:41
Added doc update Leaf check-in: 2a9db3009c user: bohagan tags: add-support-alpn
14:51
Added doc update Leaf check-in: e0f002ecb1 user: bohagan tags: feature-dump-keys
2022-05-30
16:14
Bug [8de7f5aa07]: Add support for dumping SSL keys check-in: 2c773b9a38 user: schelte tags: feature-dump-keys
16:12
Create new branch named "feature-dump-keys" check-in: f6b9f887ef user: rkeene tags: feature-dump-keys
16:11
Fixed broken merge check-in: 352cf6c71b user: rkeene tags: add-support-alpn
16:08
Bug [e1f9a21c67]: Start of ALPN support check-in: 07bafe02de user: schelte tags: add-support-alpn
16:07
Create new branch named "add-support-alpn" check-in: 283dc6f133 user: rkeene tags: add-support-alpn
2021-01-14
12:56
Ticket [604bb68b5c] : rudimentary nmake build system check-in: b5c41cdeb6 user: oehhar tags: trunk
2020-10-15
10:54
Corrected instructions. Removed already applied patch Closed-Leaf check-in: b6aa13660a user: oehhar tags: bug-604bb68b5c-nmake
10:36
Ticket [604bb68b5c]. Add first sketch of a nmake build. check-in: 2babef91c5 user: oehhar tags: bug-604bb68b5c-nmake
2020-10-12
20:39
TclTLS 1.7.22 Closed-Leaf check-in: 367f5093db user: rkeene tags: tls-1-7, tls-1-7-22
20:38
Merged in trunk check-in: 81f58fc458 user: rkeene tags: tls-1-7
20:32
add "version" element with SSL/TLS protocol version to tls::status check-in: 9c32a526ed user: resuna tags: trunk
2020-05-04
15:12
TclTLS 1.7.21 check-in: 922479df76 user: rkeene tags: tls-1-7, tls-1-7-21
15:11
Merged in trunk check-in: 0f00af3bbb user: rkeene tags: tls-1-7
15:10
Integrated mjanssen's work on loading certificates and keys as values check-in: b08bbeb9a1 user: rkeene tags: trunk
15:09
Only load private key if we loaded a non-default certificate Closed-Leaf check-in: 51a2b1ec9a user: rkeene tags: mjanssen-asn1-certs
15:02
Updated to support cert/certfile independantly of key/keyfile check-in: 952ef184e6 user: rkeene tags: mjanssen-asn1-certs
14:57
Corrected wrong use of "key" check-in: f3a497fc67 user: rkeene tags: mjanssen-asn1-certs
14:54
Add documentation for -key and -cert check-in: 60e0733e5a user: rkeene tags: mjanssen-asn1-certs
2019-11-15
17:15
Fixed bug where syms file is cleaned in the wrong stage check-in: c82e9cbcbd user: rkeene tags: trunk
16:41
TclTLS 1.7.20 check-in: e5ec321a1b user: rkeene tags: tls-1-7, tls-1-7-20
16:40
Merged in trunk check-in: 5ee220305f user: rkeene tags: tls-1-7
2019-11-12
17:49
Started work on mbedTLS backend Leaf check-in: 37d16cba38 user: rkeene tags: backend-mbedtls
17:48
MSVC Win maker (WIP, got wiped out, re-constitution in progress) Leaf check-in: f92c42c849 user: rkeene tags: readd-win-msvc
17:47
Started readding MSVC Windows build support check-in: 8478c7ec08 user: rkeene tags: readd-win-msvc
17:46
Makefile cleanup check-in: b9af6e4772 user: rkeene tags: trunk
17:36
Update configure script to check compiler flags during linking check-in: 01719ee8de user: rkeene tags: trunk
2019-09-20
18:23
Updated to indicate that OpenSSL/LibreSSL are required to build and use check-in: 0aa88d2997 user: rkeene tags: trunk
2019-06-19
18:25
TclTLS 1.7.19 check-in: 3d0bcddafd user: rkeene tags: tls-1-7, tls-1-7-19
18:13
Update autoconf scripts from repo check-in: 5bd22a4abd user: rkeene tags: trunk
17:58
Better handling of symbols in our shared object check-in: 3af2fe0ca8 user: rkeene tags: trunk
17:45
Make hardening optional, disabled by default when statically linking because it requires the linking program to fully participate check-in: 25024a31b0 user: rkeene tags: trunk
2019-06-17
18:08
Align code with option names check-in: 4945b7588e user: mjanssen tags: mjanssen-asn1-certs
14:27
Do not expose implementation details in user interface check-in: ef0be0d731 user: mjanssen tags: mjanssen-asn1-certs
12:05
Add support for ASN1 blobs for certificates and keys check-in: 49278969f2 user: mjanssen tags: mjanssen-asn1-certs
2019-05-29
18:52
Try to find headers in a specific path and do not allow "mp_int"/"mp_digit" to conflict with other things Leaf check-in: bd8b53ced2 user: rkeene tags: x-header-work
2019-04-25
16:51
TclTLS 1.7.18 check-in: fb6a7404da user: rkeene tags: tls-1-7, tls-1-7-18
16:51
Merged in changes from trunk check-in: a64e691ada user: rkeene tags: tls-1-7
2019-04-12
16:58
Better handling of shared/static naming issues check-in: 2c8d3629bc user: rkeene tags: trunk
2019-04-09
18:47
Make extension filename more centralized check-in: 8e730964e5 user: rkeene tags: trunk
18:14
Fix issues formatting wiki documentation check-in: 710e4a917a user: rkeene tags: trunk
18:13
Document the "certificate" member of the dictionary returned by "tls::status" check-in: 3323193385 user: rkeene tags: trunk
17:57
TclTLS 1.7.17 check-in: a598aa8a6b user: rkeene tags: tls-1-7, tls-1-7-17
17:56
Merged in changes from trunk check-in: 03a182febb user: rkeene tags: tls-1-7
17:55
Merged in TLS 1.3 support check-in: 737b9c0d46 user: rkeene tags: trunk
17:25
Better handling of reading certificate PEM data, resolves [2059171e7d] check-in: 8e0ed4e723 user: rkeene tags: trunk
17:04
Added remaining TLSv1.3 support Closed-Leaf check-in: 569c10f3b2 user: rkeene tags: enhancement/tls-1.3
15:58
Better handling of the case where the shared and static extensions are the same (AIX) check-in: 9c59fec751 user: rkeene tags: trunk
2018-11-08
00:23
Note that TLSv1.3 is a lot different in API, this branch is incomplete check-in: 7978a539fc user: rkeene tags: enhancement/tls-1.3
2018-11-07
23:51
Added missing TLSv1.3 support check-in: efc1e122f2 user: rkeene tags: enhancement/tls-1.3
23:27
Started adding support for TLSv1.3 check-in: e245d231ee user: rkeene tags: enhancement/tls-1.3
2018-10-30
14:20
Applied patch from Jinhu to address [94c6a431fee] check-in: afec51b85b user: rkeene tags: trunk
2018-02-07
15:38
TclTLS 1.7.16 check-in: 23e328d64b user: rkeene tags: tls-1-7, tls-1-7-16
15:38
Merged in changes from trunk check-in: aa700f94f2 user: rkeene tags: tls-1-7
15:37
Updated to reset "eofchar" and "encoding" when importing channels as well as translation and blocking (part of [f798e2ea12]) check-in: 1d757f7e2d user: rkeene tags: trunk
2017-12-21
20:27
TclTLS 1.7.15 check-in: 0f9a47f3b3 user: rkeene tags: tls-1-7, tls-1-7-15
20:26
Merged in changes from trunk check-in: 57a047ac4b user: rkeene tags: tls-1-7
20:25
Merged in changes to address [f798e2ea12]. The code to manipulate the channel options may not be needed at all, we will review it to see if there are any issues with removing it altogether check-in: a811816bd3 user: rkeene tags: trunk
05:34
Added experiment patch for [f798e2ea12] to preserve channel state when importing a channel Closed-Leaf check-in: 60f37290f3 user: rkeene tags: bug-f798e2ea12
2017-11-08
15:00
TclTLS 1.7.14 check-in: 70cbcd6815 user: rkeene tags: tls-1-7, tls-1-7-14
14:59
Still looking into this Leaf check-in: 7793b78e70 user: rkeene tags: bug-eof-loop-6dd5588df6-2
2017-10-17
03:57
Updated to use a more commonly accepted regexp when replacing the OpenSSL function name (addresses [6c9bf49455]) check-in: 12bf5e37e0 user: rkeene tags: trunk
2017-09-21
16:07
More soft-EOF mappings Leaf check-in: d63ee30cb2 user: rkeene tags: bug-eof-loop-6dd5588df6
14:15
Added support for detecting writes after we have told the channel that we are in EOF and start returning errors in that case check-in: 7e5e4e2114 user: rkeene tags: bug-eof-loop-6dd5588df6
2017-09-01
00:27
TclTLS 1.7.13 check-in: 4c0960be87 user: rkeene tags: tls-1-7, tls-1-7-13
00:16
Try harder to ensure the right SSL libraries are used check-in: 6704c33e48 user: rkeene tags: trunk
2017-08-31
18:57
Updated to support a user specifying a pkgconfig path for OpenSSL check-in: c3e5ea305b user: rkeene tags: trunk
2017-05-30
20:46
Updated to use the shell to to find the shell rather than relying on /usr/bin/env check-in: 1370fceb9d user: rkeene tags: trunk
2017-05-01
14:45
TclTLS 1.7.12 check-in: d0b9b91b33 user: rkeene tags: tls-1-7, tls-1-7-12
14:45
Merged in changes from trunk check-in: 0cd14baf5e user: rkeene tags: tls-1-7
14:42
Print a debug message when handshaking works but an error is being captured check-in: 87d7c791f5 user: rkeene tags: trunk
14:41
Fixed an issue where EAGAIN was translated into a successful handshake, addressing [1367823d51] check-in: 689d55e070 user: rkeene tags: trunk
14:32
Reformatted handshake command code check-in: 2893572aa6 user: rkeene tags: trunk
2017-04-18
18:31
Added support for a configure option to specify the built-in DH params size called "--with-builtin-dh-params-size" check-in: 5e7de567cf user: rkeene tags: trunk
18:17
Added pre-computed DH params for fallback values for 4096 and 8192 bit sizes, in addition to 2048 check-in: 6286921174 user: rkeene tags: trunk
14:39
Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 check-in: b128e0d4e4 user: rkeene tags: trunk
14:29
Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely check-in: 83b1dea4d4 user: rkeene tags: trunk
2016-12-17
15:44
TclTLS 1.7.11 check-in: 813f937d12 user: rkeene tags: tls-1-7, tls-1-7-11
15:44
Merged in changes from trunk check-in: 04c303f1f5 user: rkeene tags: tls-1-7
15:43
Integrated -autoservername feature (addresses [0d4541b86d]) check-in: 42735119d8 user: rkeene tags: trunk
2016-12-14
16:08
Updated test suite with new error message results Closed-Leaf check-in: 8863101cbe user: rkeene tags: feature-0d4541b86d-autoservername
16:03
Updated error message to be consistent with "lsearch" output under similar failures check-in: 4e441206d6 user: rkeene tags: feature-0d4541b86d-autoservername
14:45
Made trunk builds identify as TclTLS 1.8.0 check-in: f625a3272a user: rkeene tags: trunk
14:43
TclTLS 1.7.10 check-in: f0d0acd4b5 user: rkeene tags: tls-1-7, tls-1-7-10
14:42
Merged in trunk check-in: a87c836d6c user: rkeene tags: tls-1-7
14:40
Updated EOF while reading from the BIO to map to soft EOF check-in: 24ce678ecd user: rkeene tags: trunk
14:07
Consolidated rules for parsing options and now verify them in tls::init as well check-in: 98b60c41b6 user: rkeene tags: feature-0d4541b86d-autoservername
06:27
Updated example to include "-autoservername" check-in: 219e71c672 user: rkeene tags: feature-0d4541b86d-autoservername
06:18
Started work on adding an "-autoservername" option to tls::socket which will automatically add the -servername <host> option check-in: f0c5ec5595 user: rkeene tags: feature-0d4541b86d-autoservername
01:10
Minor update to the README check-in: c920627e0b user: rkeene tags: trunk
2016-12-13
22:04
Merged in trunk Leaf check-in: 1ebb5befd0 user: rkeene tags: feature-multibackend
21:50
Remove spurious sentence check-in: 4dca0b3137 user: rkeene tags: trunk
21:37
Updated documentation to indicate additional options check-in: a880307e5d user: rkeene tags: trunk
20:46
Treat tls.tcl.h as a normal file and always regenerate it, and never distribute it -- end users will need "od" to create it check-in: 97cbb17f4f user: rkeene tags: trunk
20:39
More work on a better install target and added a basic uninstall target check-in: 6339a69a26 user: rkeene tags: trunk
20:23
TclTLS 1.7.9 check-in: 7b0845cfb3 user: rkeene tags: tls-1-7, tls-1-7-9
20:23
Merged in trunk check-in: c4cb2ec7d1 user: rkeene tags: tls-1-7
20:23
Updated install target to be more compliant for other platforms check-in: 942287db68 user: rkeene tags: trunk
20:04
Reduced verbosity to normal levels for testing, can be added back with TESTFLAGS check-in: bfceaaf9bb user: rkeene tags: trunk
19:22
Updated to latest remote tcl.m4 check-in: 271aa29c27 user: rkeene tags: trunk
18:55
TclTLS 1.7.8 check-in: 22c5b96dcd user: rkeene tags: tls-1-7, tls-1-7-8
18:54
Merged in trunk check-in: f7d1440f12 user: rkeene tags: tls-1-7
18:49
Less heavy handed rewriting of error codes in Tcl BIO check-in: d8ce3045d5 user: rkeene tags: trunk
18:49
Mapped OpenSSL errors for read/write wants to EAGAIN check-in: ad1752cdaf user: rkeene tags: trunk
18:42
Fixed help string for ssl-fastpath to correctly indicate that it is disabled by default check-in: 80d0949714 user: rkeene tags: trunk
18:25
Updated to return an error if automake fails check-in: 953de83652 user: rkeene tags: trunk
17:29
Made the "test" target more useful when doing out-of-source-dir builds check-in: de649c9c44 user: rkeene tags: trunk
17:17
TclTLS 1.7.7 check-in: 027e77a11d user: rkeene tags: tls-1-7, tls-1-7-7
17:15
Merged in trunk check-in: 6aff73e57a user: rkeene tags: tls-1-7
17:14
Updated to allow a specified prefix to override the detected Tcl package path check-in: 97b136826e user: rkeene tags: trunk
16:48
Updated to latest remote shobj.m4 check-in: 4ab0af9e58 user: rkeene tags: trunk
16:44
Updated to clean up Windows additional objects created check-in: dff67f7506 user: rkeene tags: trunk
16:39
Rename configure.in to configure.ac check-in: 6bf4105947 user: rkeene tags: trunk
16:12
Disable fastpath by default check-in: 7032f97f3d user: rkeene tags: trunk
16:11
Fixed weird asymmetry in build of tls.tcl.h, which was required for out-of-tree builds check-in: 05099e9a1e user: rkeene tags: trunk
16:05
TclTLS 1.7.6 check-in: ba6e2a082f user: rkeene tags: tls-1-7, tls-1-7-6
16:05
Merged in trunk check-in: 53bd8f71ad user: rkeene tags: tls-1-7
16:00
Updated to return soft errors on during SSL negotiation retries on reads and hard errors on SSL negotiation during writes or handshake commands check-in: b9557ba691 user: rkeene tags: trunk
15:43
Made repeated failures to handshake return fatal errors and made handshake code use the same logic as the rest of the OpenSSL read error checking check-in: 1b7959d27a user: rkeene tags: trunk
15:29
Reverted [f79122ae17] check-in: 50d8da007b user: rkeene tags: trunk
08:48
Updated to fatally fail if the handshake fatally fails check-in: f79122ae17 user: rkeene tags: trunk
08:30
Added new remote file check-in: a81aa8026e user: rkeene tags: trunk
08:19
Added a "test" target check-in: 1eecfa3244 user: rkeene tags: trunk
08:16
Handle more cases of I/O errors check-in: 7170c34dbc user: rkeene tags: trunk
08:15
Removed UBSan from default debugging build, in case it is also non-functional check-in: 7e34e34190 user: rkeene tags: trunk
07:55
Removed an uninitialized read during debugging output and made OutputProc TLS initializations resemble InputProc's version check-in: 7e57900ba3 user: rkeene tags: trunk
07:42
Updated I/O handling to properly deal with errors and passing that error code up the stack check-in: fe1f0ecd35 user: rkeene tags: trunk
07:19
Enhanced support for syscall error checking from BIOs check-in: 538876ebf5 user: rkeene tags: trunk
07:06
Updated to include a pre-made tls.tcl.h in the distribution check-in: 18f663c190 user: rkeene tags: trunk
07:00
Remove the address sanitizer from the debugging build since it may cause problems when used as a library -- a special build should be available for it check-in: 717a5d1c42 user: rkeene tags: trunk
07:00
Made SSLv2/SSLv3 compiled in by default (since they are now disabled by default) and made other options more consistently checked check-in: a23045b659 user: rkeene tags: trunk
06:56
Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available check-in: aaac45cfca user: rkeene tags: trunk
06:47
Removed extraenous cleanup check-in: 5798396954 user: rkeene tags: trunk
06:39
Commented out debugging printf for returning from the locking function as well check-in: 8e27f5595c user: rkeene tags: trunk
06:39
Added additional ignores check-in: 5315cfb88d user: rkeene tags: trunk
06:27
Updated to use POSIX tool "od" to create tls.tcl.h and since we can now rebuild this file more freely, do so to "fully" support out-of-source-dir builds check-in: 34ff31cd97 user: rkeene tags: trunk
05:52
Fixed typo in configure help check-in: 2ceafae87f user: rkeene tags: trunk
05:17
TclTLS 1.7.5 check-in: 1303418e93 user: rkeene tags: tls-1-7, tls-1-7-5
05:16
Merged in trunk check-in: c151a09350 user: rkeene tags: tls-1-7
05:16
Updated to indicate that this will take a while on stderr -- otherwise it just gets redirected to the file check-in: a7c535ae28 user: rkeene tags: trunk
05:12
TclTLS 1.7.4 check-in: bf1b98ee65 user: rkeene tags: tls-1-7, tls-1-7-4
05:12
Merged in trunk check-in: b0a2b0d909 user: rkeene tags: tls-1-7
05:12
Merged in work for the I/O layer being updated check-in: 2f45dac5f7 user: rkeene tags: trunk
05:11
Updated to properly sanitize memory needed for the dynamically allocated locks Closed-Leaf check-in: f73f94ae35 user: rkeene tags: wip-fix-io-layer
04:50
Updated to not declare variables for checking for fastpath unless fastpath is being compiled in check-in: 0a5d288053 user: rkeene tags: wip-fix-io-layer
04:48
Updated BIO handling to be more clear check-in: 2dbea6a68d user: rkeene tags: wip-fix-io-layer
04:48
Updated to support retrying TLS negotiations if we get an EAGAIN error check-in: f2deea0396 user: rkeene tags: wip-fix-io-layer
03:46
Made all unused variables self-assignments check-in: 7b169db8a3 user: rkeene tags: wip-fix-io-layer
03:40
Fixed uninitialized use of variable check-in: 942e844672 user: rkeene tags: wip-fix-io-layer
03:35
Cleaned up more things check-in: 4579316443 user: rkeene tags: wip-fix-io-layer
03:27
Silence warnings about ignoring this return value by explicitly ignoring it check-in: 41f972bfbf user: rkeene tags: wip-fix-io-layer
03:21
Merged in trunk check-in: e5c9bfe50f user: rkeene tags: wip-fix-io-layer
03:20
Updated to deal with locking slightly better, maybe check-in: 387697ce68 user: rkeene tags: trunk
2016-12-12
22:40
Merged in trunk check-in: 83a3aff031 user: rkeene tags: wip-fix-io-layer
22:39
Enabled more warnings check-in: b255cfbc6b user: rkeene tags: trunk
22:29
Merged in trunk check-in: 77c3091474 user: rkeene tags: wip-fix-io-layer
22:28
Added hardening and debugging flags check-in: 8d5b3e826a user: rkeene tags: trunk
22:10
Updated to dynamically allocate mutexes and support being de-initialized check-in: abf861e4d5 user: rkeene tags: trunk
18:50
Added a note about generating primes taking a while check-in: c3a7dbada8 user: rkeene tags: trunk
01:56
Disabled checking the client certificate and aborting if not found check-in: 916215af0a user: rkeene tags: wip-fix-io-layer
01:51
Made I/O test more useful when debugging is on and updated to deal with newer versions of OpenSSL check-in: 270ffbbc3e user: rkeene tags: wip-fix-io-layer
01:15
Updated wording in debugging message to be more accurate check-in: 6462992c95 user: rkeene tags: wip-fix-io-layer
01:14
More work on improving I/O routines check-in: 7df7a8696e user: rkeene tags: wip-fix-io-layer
01:13
Updated debugging printf() calls to write to a temporary buffer so that multiple calls are not mixed up when writing check-in: 4c6adaabfc user: rkeene tags: wip-fix-io-layer
2016-12-11
23:57
Added a flag for fastpath so that errors can be found while using it check-in: 8b2b046ff5 user: rkeene tags: wip-fix-io-layer
21:22
Rewrote state engine for OpenSSL connection establishment to be more easily reasoned about check-in: 77e904c4e2 user: rkeene tags: wip-fix-io-layer
20:05
Fixed pass-through to fetch file descriptor using a pointer check-in: b5ba86f2be user: rkeene tags: wip-fix-io-layer
19:20
Updated to support optionally enabling/disabling a faster path for talking to the underlying channel check-in: d25ae3c232 user: rkeene tags: wip-fix-io-layer
19:12
Corrected extraneous format specifier check-in: ff4801f473 user: rkeene tags: wip-fix-io-layer
19:10
Added a lot of work towards fixing the I/O layer check-in: ee7ea6a917 user: rkeene tags: wip-fix-io-layer
2016-12-10
05:17
Merged in changes from trunk check-in: d60f868f2c user: rkeene tags: feature-multibackend
05:12
More clean-up and modernization check-in: 5fc38beddb user: rkeene tags: trunk
05:02
Remove obsolete references check-in: fc00b36be8 user: rkeene tags: trunk
05:02
More modernization of the code check-in: 2771dc7670 user: rkeene tags: trunk
04:52
Updated to define the target of the build check-in: e9c8a6c1b6 user: rkeene tags: feature-multibackend
04:42
Renamed TLS BIO driver to indicate its OpenSSL-specific-ness check-in: bd4aba3487 user: rkeene tags: feature-multibackend
04:30
Create new branch named "feature-multibackend" check-in: 1ea42ade67 user: rkeene tags: feature-multibackend
04:29
Minor whitespace cleanup check-in: 88815cbc52 user: rkeene tags: trunk
02:55
Removed backwards compatibility hacks and much reformatting check-in: f087e1fe61 user: rkeene tags: trunk
01:43
Reformatted BIO code check-in: c34f472c39 user: rkeene tags: trunk
00:52
Updated the style for prototypes check-in: 2db3a07c5e user: rkeene tags: trunk
00:48
Added additional debugging check-in: 9686856dd3 user: rkeene tags: trunk
2016-12-09
14:55
Updated to latest remote tcl.m4 check-in: 0561feec30 user: rkeene tags: trunk
2016-12-08
08:50
Added a consolidated check for pre-OpenSSL 1.1 API usage check-in: 66023e665f user: rkeene tags: trunk
08:36
Moved BIO_ wrappers into the BIO source and added more debugging output check-in: 333d833f31 user: rkeene tags: trunk
08:35
Updated protocol negotiation test to use newer versions of TLS since SSLv3 is becoming less supported check-in: 2de09464e0 user: rkeene tags: trunk
07:37
Integrated OpenSSL 1.1 patches check-in: a23ed6f309 user: rkeene tags: trunk
07:35
Remove a version number fixups Closed-Leaf check-in: ec53c2b85e user: rkeene tags: openssl-1.1
07:32
Do not try to set memory functions -- prototype is broken in newer version and older versions have bugs related to it check-in: bbe273b3dc user: rkeene tags: openssl-1.1
07:25
Whitspace formatting changes check-in: 2ed4afb942 user: rkeene tags: openssl-1.1
07:08
Updated fallback DH params for OpenSSL, supporting OpenSSL 1.1 and older versions check-in: bc2460fc22 user: rkeene tags: openssl-1.1
07:07
Fixed backwards compatibility macro for BIOs check-in: 517bea2716 user: rkeene tags: openssl-1.1
07:06
Removed unused interfaces check-in: 613eb92e79 user: rkeene tags: openssl-1.1
06:53
Initial working version of OpenSSL 1.1.0 API support adapted from patch from Sergei Golovan and Jeremy Sowden check-in: af83631fbb user: rkeene tags: openssl-1.1
06:33
Create new branch named "openssl-1.1" check-in: 6a78084630 user: rkeene tags: openssl-1.1
04:26
Merged in work for TclTLS 1.7 to trunk check-in: 0409513536 user: rkeene tags: trunk
04:24
Updated to remove comment from rendered HTML in documentation check-in: ea2c60a999 user: rkeene tags: tls-1-7
04:23
Added script to update documentation check-in: b297166a47 user: rkeene tags: tls-1-7
04:04
Added Roy Keene to list of authors with new version noted check-in: 2724e0d4a6 user: rkeene tags: tls-1-7
04:01
Update TclTLS HTML to include the version number of the release check-in: 6473e7ef29 user: rkeene tags: tls-1-7
04:01
Updated header with a link to the homepage check-in: 41aaeb0607 user: rkeene tags: tls-1-7
2016-12-07
23:00
Better support for searching for how to link statically to LibSSL check-in: 8083f26fa7 user: rkeene tags: tls-1-7
21:34
TclTLS 1.7.3 check-in: ce64f41aec user: rkeene tags: tls-1-7, tls-1-7-3
21:32
Updated gen_dh_params to be really POSIX sh compliant check-in: 43e088c82f user: rkeene tags: tls-1-7
21:27
Updated to latest version of tcl.m4 check-in: 9e86ba53f9 user: rkeene tags: tls-1-7
20:57
Updated gen_dh_params to run with the POSIX shell check-in: 32ccafd13f user: rkeene tags: tls-1-7
20:45
Removed dependency on Makefile for tls.tcl -- so distributions don't try to rebuild it check-in: a23793abf0 user: rkeene tags: tls-1-7
19:34
TclTLS 1.7.2 check-in: 91466b9a3c user: rkeene tags: tls-1-7, tls-1-7-2
19:33
Corrected logic bug with setting RPATH in the opposite case check-in: 4c474ca32b user: rkeene tags: tls-1-7
19:31
Updated to default to not setting the RPATH if we are linking statically to the SSL library check-in: 9f920bf04f user: rkeene tags: tls-1-7
19:22
Updated to detect static linking options dynamically check-in: a0dcb20ebc user: rkeene tags: tls-1-7
19:21
Updated to latest remote shobj.m4 check-in: d33155cd64 user: rkeene tags: tls-1-7
18:48
Updated to latest remote shobj.m4 check-in: d93dbb42a4 user: rkeene tags: tls-1-7
18:46
Updated to use detected archive extension check-in: 653f7cec68 user: rkeene tags: tls-1-7
18:45
Simplified setting of RPATH check-in: 8390ad0b38 user: rkeene tags: tls-1-7
18:45
Updated to latest remote shobj.m4 check-in: ebc8167da3 user: rkeene tags: tls-1-7
18:19
Updated autoconf macro to deal with RPATH better check-in: e7e20d5486 user: rkeene tags: tls-1-7
18:12
Updated to set RPATH by default for non-static builds check-in: 0d87394f84 user: rkeene tags: tls-1-7
18:11
Added support for statically linking to the SSL library check-in: bba90634b2 user: rkeene tags: tls-1-7
17:20
Added VPATH to deal with out of tree builds with GNU make check-in: e6dd81d3db user: rkeene tags: tls-1-7
17:18
Updated to create a ".linkadd" file when creating a static archive for static linking that describes what we need to link to check-in: 7a4440b028 user: rkeene tags: tls-1-7
16:53
Added a dependency on the Makefile for most targets check-in: 22c5d6a6be user: rkeene tags: tls-1-7
16:48
Removed extraneous "extern", causing linking failures on Windows check-in: ee4e44d78d user: rkeene tags: tls-1-7
16:41
Set a default channel type version check-in: fe5bc0bc67 user: rkeene tags: tls-1-7
16:25
Fixed check for SSL_set_tlsext_host_name check-in: 8df81b363a user: rkeene tags: tls-1-7
16:22
Remove weird "force_off" configuration check-in: 7245859364 user: rkeene tags: tls-1-7
16:20
Updated from latest remote tcl.m4 check-in: 7231dd89c8 user: rkeene tags: tls-1-7
16:20
Fixed check for SSL_set_tlsext_host_name and added support for forcing options that were manually specified check-in: 4aedc3e201 user: rkeene tags: tls-1-7
15:34
More specific check for non-BIO failures check-in: e10ce6579d user: rkeene tags: tls-1-7
15:25
Added a check for a BIO error check-in: 79ea996cac user: rkeene tags: tls-1-7
15:12
Added more debugging check-in: ed1ce834df user: rkeene tags: tls-1-7
15:10
More work towards getting the state engine for waiting for a connection to come back together check-in: 5aea4802ca user: rkeene tags: tls-1-7
15:02
Updated wording of debug messages to be correct check-in: 7c044da68e user: rkeene tags: tls-1-7
15:00
Added more debugging check-in: 82acecb1a4 user: rkeene tags: tls-1-7
14:56
Updated to store the Tcl EOF flag, in case it gets reset in between calls -- causing debugging builds to operate differently than normal builds check-in: 28b99767e9 user: rkeene tags: tls-1-7
14:51
More debugging check-in: 9bb0350edb user: rkeene tags: tls-1-7
14:43
More debugging around TLS retries check-in: e84900f887 user: rkeene tags: tls-1-7
14:38
Added additional debugging around asyncronous sockets check-in: 033849bf66 user: rkeene tags: tls-1-7
2016-12-06
20:56
Added a fallback for Tcl 8.4 with minimal support for loading the package check-in: 9c0b46c781 user: rkeene tags: tls-1-7
16:53
Updated to ensure that the SNI functinality was available from the SSL library check-in: 7f86ac3e48 user: rkeene tags: tls-1-7
16:38
Enabled a more tolerant (if confusing) mechanism for requiring Tcl 8.5 check-in: 0ee20f0650 user: rkeene tags: tls-1-7
16:27
Updated to indicate that we require Tcl 8.5 check-in: 301d32328a user: rkeene tags: tls-1-7
16:18
Indicated in help that an argument is required for --with-ssl check-in: 8fcef79719 user: rkeene tags: tls-1-7
16:15
Updated to support the --with-ssl-dir configure option check-in: e37183415a user: rkeene tags: tls-1-7
15:36
Added support for specifying a path to OpenSSL/LibreSSL check-in: 1af85e464a user: rkeene tags: tls-1-7
15:23
Updated to allow the user to override autodetection of libraries for OpenSSL/etc check-in: 2d15b1f24e user: rkeene tags: tls-1-7
15:08
Updated to verify all commands are available before starting autogen check-in: 301214a2d6 user: rkeene tags: tls-1-7
05:24
Updated to make updating the remote m4 files optional and not the default check-in: 4257f23d7c user: rkeene tags: tls-1-7
04:56
Fixed search for "xxd" to not check for a prefixed version check-in: 4aa7638d1a user: rkeene tags: tls-1-7
04:42
Ensure that defines are not duplicated check-in: f0726c57a4 user: rkeene tags: tls-1-7
2016-12-05
17:04
Disable protocols if they are not compiled in check-in: 8e510a3598 user: rkeene tags: tls-1-7
16:58
Enforce socket in blocking mode during test where "gets" is expected to wait for a reply check-in: dc7bbc6de6 user: rkeene tags: tls-1-7
16:57
Updated to support configure options to disable/enable specific protocols check-in: c75c1f1d50 user: rkeene tags: tls-1-7
16:44
Moved OpenSSL and LibreSSL checks to an external file check-in: 07852b1ee9 user: rkeene tags: tls-1-7
16:44
Added a separate M4 file for doing OpenSSL checks check-in: c4983df965 user: rkeene tags: tls-1-7
2016-12-02
21:29
Updated to fail if we are unable to get OpenSSL configuration check-in: d5323765c7 user: rkeene tags: tls-1-7
21:25
Updated to check for "xxd" check-in: 1f75d05931 user: rkeene tags: tls-1-7
21:25
Fixed typo check-in: abe0565ce2 user: rkeene tags: tls-1-7
21:23
More popular variant of transformation check-in: 9890a43141 user: rkeene tags: tls-1-7
19:50
Made version number semver check-in: f5cb9df1f2 user: rkeene tags: tls-1-7
19:39
Cleanup BIO creation to be more correct check-in: f0312b63df user: rkeene tags: tls-1-7
19:00
Minor casting to address compiler warnings check-in: e3b94c4a74 user: rkeene tags: tls-1-7
18:58
Double check that we got a usable value at all from the verification callback check-in: 664badad67 user: rkeene tags: tls-1-7
18:55
Fixed signed-ness issue with init script check-in: fa844b3fcc user: rkeene tags: tls-1-7
18:54
Do not remove aclocal directory, it is now versioned check-in: a51ce7aac9 user: rkeene tags: tls-1-7
18:52
Updated to include a copy of the autoconf macros we use in our version control, autogen will update them check-in: f755cb09a6 user: rkeene tags: tls-1-7
16:41
Ensure initialization happens only once even with unthreaded Tcl check-in: 10e3f2e20c user: rkeene tags: tls-1-7
16:28
For unsupported options do even less check-in: 3842146243 user: rkeene tags: tls-1-7
16:25
Added an --enable-debug and made debug-printf macro more fancy check-in: 8a3f4fc732 user: rkeene tags: tls-1-7
16:13
Cleaned up compiler warnings with debugging statements casting pointers to ints check-in: ac2c67d21d user: rkeene tags: tls-1-7
16:09
Minor cleanup of global variables and void function check-in: ee18d6c91e user: rkeene tags: tls-1-7
2016-12-01
21:51
Updated to support a deterministic mode check-in: bf7f82b5e8 user: rkeene tags: tls-1-7
21:36
Updated to generate DH parameters more dynamically check-in: 3d5e70d1d5 user: rkeene tags: tls-1-7
20:51
Removed unused source file check-in: 2f2650a648 user: rkeene tags: tls-1-7
20:49
Run ranlib on static archives check-in: 93cbbb7ee9 user: rkeene tags: tls-1-7
20:45
Added additional ignore for temporary working directory check-in: f0d43d5e59 user: rkeene tags: tls-1-7
2016-11-30
13:49
Removed unneeded setting of auto_path (set from all.tcl) check-in: 8695903dbb user: rkeene tags: tls-1-7
2016-11-29
23:49
Ignore static target check-in: db17641211 user: rkeene tags: tls-1-7
23:47
Ignore generated file check-in: a5ce94c94d user: rkeene tags: tls-1-7
23:46
Updated key tests check-in: baa98c9b5d user: rkeene tags: tls-1-7
23:42
Improved tlsIO testing check-in: 61578a1d91 user: rkeene tags: tls-1-7
2016-11-24
05:18
Updated to add the parent directory to the testing interpreters search path check-in: 5d996983fc user: rkeene tags: tls-1-7
05:18
Updated to use a meaningful package name and version check-in: 8f8805845f user: rkeene tags: tls-1-7
05:11
Updated with basic building support for OpenSSL check-in: 014ac5852d user: rkeene tags: tls-1-7
05:03
Start of work for checking for TLS libraries check-in: 3e598ec287 user: rkeene tags: tls-1-7
04:50
Updated pkgIndex file to deal with static builds check-in: 98477d9f88 user: rkeene tags: tls-1-7
04:47
Added rules to the "install" target check-in: d6cf1c2b2c user: rkeene tags: tls-1-7
04:45
Fixed rule for building C-ified Tcl script check-in: ff3a5954e8 user: rkeene tags: tls-1-7
04:44
Added comments to Makefile check-in: 4a2c0df32c user: rkeene tags: tls-1-7
04:38
Updated to support a static and shared build check-in: e58c3fc866 user: rkeene tags: tls-1-7
04:20
Updated to load a local copy of "tls.tcl" if it is found, for backward compatibilty reasons check-in: 691ec7b72a user: rkeene tags: tls-1-7
04:09
Updated to build the "tls.tcl" file into the library check-in: 195000fcab user: rkeene tags: tls-1-7
03:52
More work towards cleaner releases: Remove duplicated files check-in: 7df9b24c2c user: rkeene tags: tls-1-7
03:48
Added missing script from release engineering directory check-in: 0acbbdb95c user: rkeene tags: tls-1-7
03:44
Defer cleanup until after initial build is done in release engineering check-in: c38f1891b9 user: rkeene tags: tls-1-7
03:41
Add check to ensure released code builds expected target check-in: d0a7e0b5db user: rkeene tags: tls-1-7
03:39
Cleaned up whitespace in the documentation header check-in: 5ffa94f61c user: rkeene tags: tls-1-7
03:37
Updated with more useful release engineering system check-in: e0d4b44bca user: rkeene tags: tls-1-7
03:33
Added more files to "mrproper" cleanup check-in: 85866ec129 user: rkeene tags: tls-1-7
03:31
Added initial release engineering files check-in: 6ccf322b0b user: rkeene tags: tls-1-7
2016-11-23
05:42
Clean up the built shared object check-in: 15b4dd2d2f user: rkeene tags: tls-1-7
05:41
Updated ignores check-in: f9f2665472 user: rkeene tags: tls-1-7
05:15
Fixed out-of-tree build issue check-in: 989f6d6ef8 user: rkeene tags: tls-1-7
05:14
Fixed issue with building without Tcl threads check-in: 3135e8cc5c user: rkeene tags: tls-1-7
04:53
More work towards a building build system check-in: 47bf6c1c1f user: rkeene tags: tls-1-7
2016-11-22
22:29
Start of moving to more sane Tcl build system check-in: 299058381b user: rkeene tags: tls-1-7
22:11
Removed artifacts from conversion from CVS check-in: c75816429f user: rkeene tags: tls-1-7
22:08
Removed Windows-specific build files check-in: 03b67e6003 user: rkeene tags: tls-1-7
22:08
Removed file that should not be versioned check-in: 7e3ca293a5 user: rkeene tags: tls-1-7
22:07
Create new branch named "tcltls-2" check-in: ae164b967d user: rkeene tags: tls-1-7
21:43
Merged in several outstanding patches check-in: 6aedc8c1b5 user: rkeene tags: trunk
21:36
Applied patch Closed-Leaf check-in: 4ec3fe7449 user: rkeene tags: rkeene-eoffix
17:58
Applied patch Closed-Leaf check-in: db95f55e95 user: rkeene tags: rkeene-unthreaded
17:58
Create new branch named "rkeene-unthreaded" check-in: d5802f3587 user: rkeene tags: rkeene-unthreaded
17:58
Applied patch Closed-Leaf check-in: a141858eec user: rkeene tags: rkeene-fixcrosscompile
17:58
Create new branch named "rkeene-fixcrosscompile" check-in: 4c0d71df82 user: rkeene tags: rkeene-fixcrosscompile
17:58
Applied patch Closed-Leaf check-in: 0c7fd93cac user: rkeene tags: rkeene-peercertificate
17:58
Create new branch named "rkeene-peercertificate" check-in: 583f2d9de9 user: rkeene tags: rkeene-peercertificate
17:58
Create new branch named "rkeene-fixmemleak-bugid3041925" Closed-Leaf check-in: a0f200572d user: rkeene tags: rkeene-fixmemleak-bugid3041925
17:57
Create new branch named "rkeene-eoffix" check-in: ff2f52648e user: rkeene tags: rkeene-eoffix
2015-07-07
17:16
Updated with dhparam.2.patch for tls ticket #59. check-in: 2aadaa4c28 user: andreas_kupries tags: trunk
2015-06-08
20:53
Regenerated configure for 1.6.6. check-in: f7a76c9416 user: andreas_kupries tags: trunk
2015-06-06
09:07
Fix for bug #58. Crash/hang on protocol version negotiation failure. See bug report for analysis. Now we keep track of handshake failures through the HANDSHAKE_FAILURE flag and do not call back into SSL_accept/SSL_connect if handshake had already failed. check-in: 9182f29754 user: apnadkarni tags: trunk
08:56
Fix TLS version number. Remove outdated references to Tcl 8.2/8.3. check-in: 36912df18d user: apnadkarni tags: trunk
07:03
Changed ssleay32s.lib and libeay32s.lib to ssleay32.lib and libeay32.lib respectively to match configure.in and what current openssl builds produce. check-in: 5c5e4986a8 user: apnadkarni tags: trunk
2015-05-01
18:44
* configure.in: Bump to version 1.6.5. * win/makefile.vc: * configure: regen with ac-2.59 * tls.c: Accepted SF TLS [bug/patch #57](https://sourceforge.net/p/tls/bugs/57/). * tlsIO.c: Accepted core Tcl patch in [ticket](http://core.tcl.tk/tcl/tktview/0f94f855cafed92d0e174b7d835453a02831b4dd). check-in: b3dc06600e user: andreas_kupries tags: trunk, tls-1-6-5
2015-02-26
17:38
Updated ChangeLog with info about another patch which got committed in December. check-in: 9cdfbcc18f user: andreas_kupries tags: trunk
2014-12-08
19:09
Applied patches #12 and #13 for Server Name Indication (SNI) support, and TLS 1.1, 1.2 support. check-in: 54d14de805 user: andreas_kupries tags: trunk
2014-04-16
18:33
Ticket 47, applied patch with last suggested change by Jeff (moving setting of "initialization"-flag). check-in: d248bc5f5e user: andreas_kupries tags: trunk
2012-07-09
23:28
* configure.in: Bump to version 1.6.3. * win/makefile.vc: * configure: regen with ac-2.59 * tls.c (MiscObjCmd): Fixed non-static string array used in call of Tcl_GetIndexFromObj(). Memory smash waiting to happen. Thanks to Brian Griffin for alerting us all to the problem. check-in: c1eb553b32 user: andreas_kupries tags: trunk
2012-06-01
23:03
* configure.in: Bump to version 1.6.2. * win/makefile.vc: * configure: regen with ac-2.59 check-in: e8bcabbd0a user: andreas_kupries tags: trunk
22:59
* tls.c: Applied Jeff's patch from http://www.mail-archive.com/[email protected]/msg12356.html check-in: a652b4f6a7 user: andreas_kupries tags: trunk
2010-08-12
01:31
note tls-1-6-1 tag date check-in: 4cb2697d98 user: hobbs2 tags: trunk, tls-1-6-1
01:30
* configure: regen with ac-2.59 * win/makefile.vc, configure.in: bump version to 1.6.1 * tclconfig/tcl.m4: updated to TEA 3.8 check-in: 05b7445366 user: hobbs2 tags: trunk
01:28
minor comment fix check-in: 06085abc5c user: hobbs2 tags: trunk
2010-08-11
19:52
brace TESTFLAGS in make test check-in: cceaa397bc user: hobbs2 tags: trunk
19:50
* tls.c (StatusObjCmd): memleak: free peer if loaded. [Bug 3041925] check-in: 366542d9a0 user: hobbs2 tags: trunk
2010-07-27
17:15
* tls.tcl (tls::socket): some socket implementations have a -type support (e.g. for inet6). check-in: 119a8780e7 user: hobbs2 tags: trunk
2009-04-23
23:12
* tls.tcl (tls::initlib): add support for Windows starpack operation that unbundles any constituent libraries. [AS Bug 82888] check-in: 573dc5879d user: hobbs2 tags: trunk
2008-06-18
11:29
Fixed ciphers test for 0.9.8 and updated win build to support testing. check-in: 4b6990b1fa user: patthoyts tags: trunk
2008-03-19
23:39
remove incorrect timing of tls 1.6 version change check-in: f613776715 user: hobbs2 tags: trunk, tls-1-6-0
22:59
not tls 1.6 tag date check-in: 10599ca96e user: hobbs2 tags: trunk
22:57
(dist): update to include win/ and file.srl check-in: 8ab8bc9333 user: hobbs2 tags: trunk
22:49
made more relevant for 1.6 release check-in: b9edfb2437 user: hobbs2 tags: trunk
22:38
* win/makefile.vc: bump version to 1.6 * configure.in: use -L and -R where necessary. [Bug 1742859] check-in: 7530d26995 user: hobbs2 tags: trunk
22:09
* aclocal.m4: improve --with-ssl-dir check. check-in: 0adce51010 user: hobbs2 tags: trunk
22:06
* tests/tlsIO.test (tlsIO-14.*): Add tls::unimport for symmetry * tls.htm, tls.c (UnimportObjCmd): to tls::import. [Bug 1203273] check-in: 61890c4886 user: hobbs2 tags: trunk
21:31
Use better Eval APIs, cleaner Tcl_Obj-handling. check-in: 5804017ad3 user: hobbs2 tags: trunk
19:59
* tls.c (Tls_Clean, ImportObjCmd): Fix cleanup mem leak [Bug 1414045] check-in: 8dd7366fcc user: hobbs2 tags: trunk
02:34
Updated the nmake build files with MSVC9 support and fixed to run the test-suite properly. Corrected namespace handling in tls::initlib on Windows. Applied #1890223 to fix handshake on non-blocking sockets check-in: 5fb2d63afa user: patthoyts tags: trunk
2008-03-18
00:40
* tls.tcl (tls::initlib): load tls.tcl first and call * Makefile.in (pkgIndex.tcl): tls::initlib to load library to handle cwd changes. [Bug 1888113] check-in: c55de2b08b user: hobbs2 tags: trunk
2007-09-06
21:01
Silence 64 bit integer conversion warnings Update build system to support AMD64 target with MSVC8 check-in: 0fdb07692d user: patthoyts tags: trunk
2007-06-22
21:20
* tlsIO.c (TlsInputProc, TlsOutputProc, TlsWatchProc): * tls.c (VerifyCallback): add an state flag in the verify callback that prevents possibly recursion (on 'update'). [Bug 1652380] check-in: c692cb9684 user: hobbs2 tags: trunk
21:19
* tests/ciphers.test: reworked to make test output cleaner to understand missing ciphers (if any) check-in: 9caff0eced user: hobbs2 tags: trunk
21:19
* Makefile.in, tclconfig/tcl.m4: update to TEA 3.6 * configure, configure.in: using autoconf-2.59 check-in: 4331d13185 user: hobbs2 tags: trunk
2007-02-28
23:33
* win/makefile.vc: Rebase the DLL sensibly. Additional libs for static link of openssl. * tls.tcl: bug #1579837 - TIP 278 bug (possibly) - fixed. check-in: 6613ecd570 user: patthoyts tags: trunk
2006-06-22
14:03
Updated to TEA 3.5 in response to bug 1460491 check-in: 0fa0ca923c user: patthoyts tags: trunk
2005-02-09
01:19
note autoconf-2.59 use check-in: d3d9ecf47d user: hobbs2 tags: trunk
00:58
* Makefile.in, tclconfig/tcl.m4: update to TEA 3.2 * configure, configure.in: check-in: eb8d3c2bf0 user: hobbs2 tags: trunk
2005-01-14
16:07
Make flags agree with the TEA build check-in: a1757bae4a user: patthoyts tags: trunk
2004-12-23
23:51
Fix the tests to deal safely with use of tls.tcl check-in: 209b05cd6f user: patthoyts tags: trunk
22:21
Removed spurious copying of tls.tcl into the build directory. check-in: 7f9a0592f7 user: patthoyts tags: trunk
01:26
Incremented minor version to 1.5.1 check-in: fa0664ed31 user: patthoyts tags: trunk
2004-12-17
16:01
* win/makefile.vc: Added the MSVC build system (from the Tcl * win/rules.vc: sampleextension). * win/nmakehlp.c: * win/tls.rc Added Windows resource file. * tls.tcl: From patch #948155, added support for alternate socket commands. * tls.c: Quieten some MSVC warnings. Prefer ckalloc over Tcl_Alloc. (David Graveraux). check-in: fe79338a36 user: patthoyts tags: trunk
2004-06-29
11:07
* tls.c: Fixup to build against tcl 8.3.3. Handle * tlsIO.c: 8.4 constification. check-in: 9633ce0e5c user: patthoyts tags: trunk
10:58
* tlsInt.h: Added headers required with MSVC on Win32. * tlsX509.c: undef min and max if defined (win32). check-in: 792b3e0524 user: patthoyts tags: trunk
10:38
* Makefile.in: Fixed to build on win32 using msys with * aclocal.m4: MSVC. Also fixed the test target. * configure.in: * configure: Regenerated. * tclconfig/tcl.m4: Updated to most recent version. check-in: ae154f5bb8 user: patthoyts tags: trunk
2004-03-24
05:22
Fix build warnings. check-in: 67bf2dd40d user: razzell tags: trunk
2004-03-20
01:18
regen with latest TEA check-in: 5a6275abdd user: hobbs tags: trunk
01:16
recommit of changed TEA config files check-in: 6b603c9441 user: hobbs tags: trunk
2004-03-19
21:05
* tls.c (Tls_Init): replaced older TEA config with newer * config/* (removed): * pkgIndex.tcl.in, strncasecmp.c (removed): * Makefile.in, aclocal.m4, configure, configure.in: * tclconfig/README.txt, tclconfig/install-sh, tclconfig/tcl.m4: check-in: bf83205ca8 user: hobbs tags: trunk
2004-03-17
17:53
Improvements to certificate conversion. Distinguished Names subject and issuer now UTF-8 per RFC 3280, RFC 2253. Serial numbers now hexadecimal per RFC 3280. check-in: 46cae05dcb user: razzell tags: trunk
2004-02-17
21:27
TLS 1.5.0 RELEASED check-in: ba5a968fc6 user: razzell tags: trunk, tls-1-5-0
2004-02-13
02:09
Unify result handling in callback options. check-in: 20fd9291ba user: razzell tags: trunk
2004-02-11
22:41
Complete private key name changes introduced in tlsIO.c Revision 1.18. check-in: c6821b0cf1 user: razzell tags: trunk
22:36
Correct argument check error introduced in Revision 1.4. check-in: ec0e84eb75 user: razzell tags: trunk
2004-02-04
04:02
Fix build warnings. check-in: bc575f4a87 user: razzell tags: trunk
2003-12-15
18:46
Updated version to 1.5. check-in: 64bce88b33 user: razzell tags: trunk
2003-10-08
00:44
Uupdated list of tested ciphers to correspond with OpenSSL. check-in: 70adf652c5 user: razzell tags: trunk
2003-10-07
22:57
Added CONST with intent similar to Revision 1.14. check-in: bb720c804e user: razzell tags: trunk
2003-07-07
20:24
* tls.c (Tls_Init): added tls::misc command provided by * tlsX509.c: Wojciech Kocjan (wojciech kocjan.org) * tests/keytest1.tcl: to expose more low-level SSL commands * tests/keytest2.tcl: check-in: b423807e0e user: hobbs tags: trunk
2003-05-16
17:33
Add missing config directory. check-in: 300cfce31a user: razzell tags: trunk
2003-05-15
21:02
Added password callback support and version command. Fixed memory leak. check-in: 509dd7a9b6 user: razzell tags: trunk
20:44
*** empty log message *** check-in: 3631274d64 user: razzell tags: trunk
2002-02-04
22:46
* tls.htm: * tls.c: added support for local certificate status check, as well as returning the # of bits in the session key. [Patch #505698] (rose) * tls.c: * tlsIO.c: * tlsBIO.c: added CONSTs to satisfy Tcl 8.4 sources. This may give warnings when compiled against 8.3, but they can be ignored. check-in: c34385bbcd user: hobbs tags: trunk
22:46
* configure: regen'ed. * configure.in: updated to 1.5.0 for next release. Changed default openssl location to /usr/local/ssl (this is where openssl 0.9.6c installs by default). Changed to use public Tcl headers (private not needed). check-in: 83ee7c76db user: hobbs tags: trunk
22:45
* Makefile.in: removed strncasecmp from default object set. This is only needed on the Mac, and Tcl stubs provides it. check-in: 904004a153 user: hobbs tags: trunk
22:45
point to updated client/server key files check-in: e7e4ce7d5b user: hobbs tags: trunk
22:45
updated to load tls from build dir check-in: 0efce5e54e user: hobbs tags: trunk
2001-06-21
23:34
see changes check-in: ea64ff013f user: hobbs tags: trunk, tls-1-4-1
23:34
moved to patchlevel 1.4.1 check-in: 55d3a9dbda user: hobbs tags: trunk
23:33
added to CVS check-in: 664dc1d6de user: hobbs tags: trunk
23:33
corrected dist target check-in: 4238e52895 user: hobbs tags: trunk
20:46
* tests/certs/file.srl: * tests/certs/ca.pem: * tests/certs/client.key: * tests/certs/client.pem: * tests/certs/client.req: * tests/certs/privkey.pem: * tests/certs/server.key: * tests/certs/server.pem: * tests/certs/server.req: * tests/certs/cacert.pem: replaced by new ca.pem * tests/certs/skey.pem: replaced by new server.key * tests/certs/ckey.pem: replaced by new client.key * tests/certs/README.txt: new set of test certificates with some README info on their generation. check-in: ec119988c0 user: hobbs tags: trunk