Timeline

132 check-ins using file tlsInt.h version b78d815874

2024-02-12
10:22
Tcl_GetStringFromObj() -> Tcl_GetString(). Update ChangeLog/README.txt check-in: 663996a17b user: jan.nijtmans tags: tls-1.7
2024-01-25
22:22
Somewhat better TEA support, not complete yet. Make this the continuation of the tls-1.7 branch. main/trunk will continue with 1.8.0 check-in: b7b0bd5a8f user: jan.nijtmans tags: tls-1.7
2023-03-05
03:04
Added support for optional TLS commands BIO_CTRL_POP and BIO_CTRL_PUSH. BIO_CTRL_PUSH is an optional value that is not handled in the tlsBIO:BioCtrl(). The larger problem is that the library does not support new optional commands because it returns -2 for unknown cmds in BioCtrl(). I would suggest changing the default return value to 0. I confirmed that this fixed the issue. Source: https://core.tcl-lang.org/tcltls/tktview/006bd0c74e check-in: 602c39a56c user: bohagan tags: trunk
02:04
Updated documentation to define defaults for -cadir and -cafile options. Source: https://core.tcl-lang.org/tcltls/tktview/56d19eb033 and https://sourceforge.net/p/tls/bugs/42/ check-in: 002efbac61 user: bohagan tags: trunk
01:35
Patch by Sergei Golovan (Debian) to replace 1024 bit certificates with 2048 bit ones because the new OpenSSL refuses to load small keys ("ee key too small"). Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/certs-tests.patch check-in: 6e0ab0e0eb user: bohagan tags: trunk
00:15
Applied patch to correct generate Diffie-Hellman (DH) parameters. Source: File: gen_dh_params.patch check-in: b7c82a6aae user: bohagan tags: trunk
2023-03-04
23:33
Patch by Sergei Golovan (Debian) to fix the compiler warnings about implicit fall-through in case. Source: File: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/fall-through.patch check-in: e2e798877b user: bohagan tags: trunk
22:22
Added set option support. Source: https://www.androwish.org/home/info/1af65d23b6962476 id: [1af65d23b6] check-in: ec43249d1a user: bohagan tags: trunk
21:11
TlsIO.test Hostname Fix. Patch by Sergei Golovan (Debian) to make the client socket connect to localhost instead of [info hostname] to prevent intermittent test failures inside mock(1). Also, account for a change in error message "unsupported protocol" instead of "wrong version number". -- Sergei Golovan <email address hidden> Thu, 18 Jul 2019 15:00:18 +0300 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/hostname-tests.patch check-in: 0afa2bde06 user: bohagan tags: trunk
20:54
Get certificate SHA-256 fingerprint. https://core.tcl-lang.org/tcltls/tktview/c2f2f1be54 and https://www.androwish.org/home/info/80b11e9594532414 and https://www.androwish.org/home/info/56087b886c6c105f check-in: 3f9e284b4e user: bohagan tags: trunk
20:19
Added key and PEM output to variables and updated keytest1 test script. Source: https://www.androwish.org/home/info/80b11e9594532414 and https://www.androwish.org/home/info/56087b886c6c105f and https://core.tcl-lang.org/tcltls/tktview/04d6bb909b ids: [80b11e9594] and [56087b886c] check-in: 899a950204 user: bohagan tags: trunk
19:33
Casting clean-ups to fix compiler warnings. Source: https://sourceforge.net/p/tls/patches/11/ and https://sourceforge.net/p/tls/patches/_discuss/thread/988300e7/b6bb/attachment/patch-warnings check-in: 227a7d7d10 user: bohagan tags: trunk
18:54
Added names of unavailable protocols to error messages so its easier to understand. Source: https://sourceforge.net/p/tls/patches/14/ File: protocols.patch check-in: 6a3f83340d user: bohagan tags: trunk
17:58
Minor updates to catch NULL channels. Source: https://www.androwish.org/home/info/982ebf9d31a60440 [982ebf9d31] check-in: 270bf9327b user: bohagan tags: trunk
16:14
Merge feature-dump-keys into main check-in: bed86d3303 user: bohagan tags: trunk
15:44
Merge add-support-alpn into main check-in: 4b4daeada4 user: bohagan tags: trunk
15:41
Added doc update Leaf check-in: 2a9db3009c user: bohagan tags: add-support-alpn
14:51
Added doc update Leaf check-in: e0f002ecb1 user: bohagan tags: feature-dump-keys
2022-05-30
16:14
Bug [8de7f5aa07]: Add support for dumping SSL keys check-in: 2c773b9a38 user: schelte tags: feature-dump-keys
16:12
Create new branch named "feature-dump-keys" check-in: f6b9f887ef user: rkeene tags: feature-dump-keys
16:11
Fixed broken merge check-in: 352cf6c71b user: rkeene tags: add-support-alpn
16:08
Bug [e1f9a21c67]: Start of ALPN support check-in: 07bafe02de user: schelte tags: add-support-alpn
16:07
Create new branch named "add-support-alpn" check-in: 283dc6f133 user: rkeene tags: add-support-alpn
2021-01-14
12:56
Ticket [604bb68b5c] : rudimentary nmake build system check-in: b5c41cdeb6 user: oehhar tags: trunk
2020-10-15
10:54
Corrected instructions. Removed already applied patch Closed-Leaf check-in: b6aa13660a user: oehhar tags: bug-604bb68b5c-nmake
10:36
Ticket [604bb68b5c]. Add first sketch of a nmake build. check-in: 2babef91c5 user: oehhar tags: bug-604bb68b5c-nmake
2020-10-12
20:39
TclTLS 1.7.22 Closed-Leaf check-in: 367f5093db user: rkeene tags: tls-1-7, tls-1-7-22
20:38
Merged in trunk check-in: 81f58fc458 user: rkeene tags: tls-1-7
20:32
add "version" element with SSL/TLS protocol version to tls::status check-in: 9c32a526ed user: resuna tags: trunk
2020-05-04
15:12
TclTLS 1.7.21 check-in: 922479df76 user: rkeene tags: tls-1-7, tls-1-7-21
15:11
Merged in trunk check-in: 0f00af3bbb user: rkeene tags: tls-1-7
15:10
Integrated mjanssen's work on loading certificates and keys as values check-in: b08bbeb9a1 user: rkeene tags: trunk
15:09
Only load private key if we loaded a non-default certificate Closed-Leaf check-in: 51a2b1ec9a user: rkeene tags: mjanssen-asn1-certs
15:02
Updated to support cert/certfile independantly of key/keyfile check-in: 952ef184e6 user: rkeene tags: mjanssen-asn1-certs
14:57
Corrected wrong use of "key" check-in: f3a497fc67 user: rkeene tags: mjanssen-asn1-certs
14:54
Add documentation for -key and -cert check-in: 60e0733e5a user: rkeene tags: mjanssen-asn1-certs
2019-11-15
17:15
Fixed bug where syms file is cleaned in the wrong stage check-in: c82e9cbcbd user: rkeene tags: trunk
16:41
TclTLS 1.7.20 check-in: e5ec321a1b user: rkeene tags: tls-1-7, tls-1-7-20
16:40
Merged in trunk check-in: 5ee220305f user: rkeene tags: tls-1-7
2019-11-12
17:49
Started work on mbedTLS backend Leaf check-in: 37d16cba38 user: rkeene tags: backend-mbedtls
17:48
MSVC Win maker (WIP, got wiped out, re-constitution in progress) Leaf check-in: f92c42c849 user: rkeene tags: readd-win-msvc
17:47
Started readding MSVC Windows build support check-in: 8478c7ec08 user: rkeene tags: readd-win-msvc
17:46
Makefile cleanup check-in: b9af6e4772 user: rkeene tags: trunk
17:36
Update configure script to check compiler flags during linking check-in: 01719ee8de user: rkeene tags: trunk
2019-09-20
18:23
Updated to indicate that OpenSSL/LibreSSL are required to build and use check-in: 0aa88d2997 user: rkeene tags: trunk
2019-06-19
18:25
TclTLS 1.7.19 check-in: 3d0bcddafd user: rkeene tags: tls-1-7, tls-1-7-19
18:13
Update autoconf scripts from repo check-in: 5bd22a4abd user: rkeene tags: trunk
17:58
Better handling of symbols in our shared object check-in: 3af2fe0ca8 user: rkeene tags: trunk
17:45
Make hardening optional, disabled by default when statically linking because it requires the linking program to fully participate check-in: 25024a31b0 user: rkeene tags: trunk
2019-06-17
18:08
Align code with option names check-in: 4945b7588e user: mjanssen tags: mjanssen-asn1-certs
14:27
Do not expose implementation details in user interface check-in: ef0be0d731 user: mjanssen tags: mjanssen-asn1-certs
12:05
Add support for ASN1 blobs for certificates and keys check-in: 49278969f2 user: mjanssen tags: mjanssen-asn1-certs
2019-04-25
16:51
TclTLS 1.7.18 check-in: fb6a7404da user: rkeene tags: tls-1-7, tls-1-7-18
16:51
Merged in changes from trunk check-in: a64e691ada user: rkeene tags: tls-1-7
2019-04-12
16:58
Better handling of shared/static naming issues check-in: 2c8d3629bc user: rkeene tags: trunk
2019-04-09
18:47
Make extension filename more centralized check-in: 8e730964e5 user: rkeene tags: trunk
18:14
Fix issues formatting wiki documentation check-in: 710e4a917a user: rkeene tags: trunk
18:13
Document the "certificate" member of the dictionary returned by "tls::status" check-in: 3323193385 user: rkeene tags: trunk
17:57
TclTLS 1.7.17 check-in: a598aa8a6b user: rkeene tags: tls-1-7, tls-1-7-17
17:56
Merged in changes from trunk check-in: 03a182febb user: rkeene tags: tls-1-7
17:55
Merged in TLS 1.3 support check-in: 737b9c0d46 user: rkeene tags: trunk
17:25
Better handling of reading certificate PEM data, resolves [2059171e7d] check-in: 8e0ed4e723 user: rkeene tags: trunk
17:04
Added remaining TLSv1.3 support Closed-Leaf check-in: 569c10f3b2 user: rkeene tags: enhancement/tls-1.3
15:58
Better handling of the case where the shared and static extensions are the same (AIX) check-in: 9c59fec751 user: rkeene tags: trunk
2018-11-08
00:23
Note that TLSv1.3 is a lot different in API, this branch is incomplete check-in: 7978a539fc user: rkeene tags: enhancement/tls-1.3
2018-11-07
23:51
Added missing TLSv1.3 support check-in: efc1e122f2 user: rkeene tags: enhancement/tls-1.3
23:27
Started adding support for TLSv1.3 check-in: e245d231ee user: rkeene tags: enhancement/tls-1.3
2018-10-30
14:20
Applied patch from Jinhu to address [94c6a431fee] check-in: afec51b85b user: rkeene tags: trunk
2018-02-07
15:38
TclTLS 1.7.16 check-in: 23e328d64b user: rkeene tags: tls-1-7, tls-1-7-16
15:38
Merged in changes from trunk check-in: aa700f94f2 user: rkeene tags: tls-1-7
15:37
Updated to reset "eofchar" and "encoding" when importing channels as well as translation and blocking (part of [f798e2ea12]) check-in: 1d757f7e2d user: rkeene tags: trunk
2017-12-21
20:27
TclTLS 1.7.15 check-in: 0f9a47f3b3 user: rkeene tags: tls-1-7, tls-1-7-15
20:26
Merged in changes from trunk check-in: 57a047ac4b user: rkeene tags: tls-1-7
20:25
Merged in changes to address [f798e2ea12]. The code to manipulate the channel options may not be needed at all, we will review it to see if there are any issues with removing it altogether check-in: a811816bd3 user: rkeene tags: trunk
05:34
Added experiment patch for [f798e2ea12] to preserve channel state when importing a channel Closed-Leaf check-in: 60f37290f3 user: rkeene tags: bug-f798e2ea12
2017-11-08
15:00
TclTLS 1.7.14 check-in: 70cbcd6815 user: rkeene tags: tls-1-7, tls-1-7-14
14:59
Still looking into this Leaf check-in: 7793b78e70 user: rkeene tags: bug-eof-loop-6dd5588df6-2
2017-10-17
03:57
Updated to use a more commonly accepted regexp when replacing the OpenSSL function name (addresses [6c9bf49455]) check-in: 12bf5e37e0 user: rkeene tags: trunk
2017-09-01
00:27
TclTLS 1.7.13 check-in: 4c0960be87 user: rkeene tags: tls-1-7, tls-1-7-13
00:16
Try harder to ensure the right SSL libraries are used check-in: 6704c33e48 user: rkeene tags: trunk
2017-08-31
18:57
Updated to support a user specifying a pkgconfig path for OpenSSL check-in: c3e5ea305b user: rkeene tags: trunk
2017-05-30
20:46
Updated to use the shell to to find the shell rather than relying on /usr/bin/env check-in: 1370fceb9d user: rkeene tags: trunk
2017-05-01
14:45
TclTLS 1.7.12 check-in: d0b9b91b33 user: rkeene tags: tls-1-7, tls-1-7-12
14:45
Merged in changes from trunk check-in: 0cd14baf5e user: rkeene tags: tls-1-7
14:42
Print a debug message when handshaking works but an error is being captured check-in: 87d7c791f5 user: rkeene tags: trunk
14:41
Fixed an issue where EAGAIN was translated into a successful handshake, addressing [1367823d51] check-in: 689d55e070 user: rkeene tags: trunk
14:32
Reformatted handshake command code check-in: 2893572aa6 user: rkeene tags: trunk
2017-04-18
18:31
Added support for a configure option to specify the built-in DH params size called "--with-builtin-dh-params-size" check-in: 5e7de567cf user: rkeene tags: trunk
18:17
Added pre-computed DH params for fallback values for 4096 and 8192 bit sizes, in addition to 2048 check-in: 6286921174 user: rkeene tags: trunk
14:39
Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 check-in: b128e0d4e4 user: rkeene tags: trunk
14:29
Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely check-in: 83b1dea4d4 user: rkeene tags: trunk
2016-12-17
15:44
TclTLS 1.7.11 check-in: 813f937d12 user: rkeene tags: tls-1-7, tls-1-7-11
15:44
Merged in changes from trunk check-in: 04c303f1f5 user: rkeene tags: tls-1-7
15:43
Integrated -autoservername feature (addresses [0d4541b86d]) check-in: 42735119d8 user: rkeene tags: trunk
2016-12-14
16:08
Updated test suite with new error message results Closed-Leaf check-in: 8863101cbe user: rkeene tags: feature-0d4541b86d-autoservername
16:03
Updated error message to be consistent with "lsearch" output under similar failures check-in: 4e441206d6 user: rkeene tags: feature-0d4541b86d-autoservername
14:45
Made trunk builds identify as TclTLS 1.8.0 check-in: f625a3272a user: rkeene tags: trunk
14:43
TclTLS 1.7.10 check-in: f0d0acd4b5 user: rkeene tags: tls-1-7, tls-1-7-10
14:42
Merged in trunk check-in: a87c836d6c user: rkeene tags: tls-1-7
14:40
Updated EOF while reading from the BIO to map to soft EOF check-in: 24ce678ecd user: rkeene tags: trunk
14:07
Consolidated rules for parsing options and now verify them in tls::init as well check-in: 98b60c41b6 user: rkeene tags: feature-0d4541b86d-autoservername
06:27
Updated example to include "-autoservername" check-in: 219e71c672 user: rkeene tags: feature-0d4541b86d-autoservername
06:18
Started work on adding an "-autoservername" option to tls::socket which will automatically add the -servername <host> option check-in: f0c5ec5595 user: rkeene tags: feature-0d4541b86d-autoservername
01:10
Minor update to the README check-in: c920627e0b user: rkeene tags: trunk
2016-12-13
22:04
Merged in trunk Leaf check-in: 1ebb5befd0 user: rkeene tags: feature-multibackend
21:50
Remove spurious sentence check-in: 4dca0b3137 user: rkeene tags: trunk
21:37
Updated documentation to indicate additional options check-in: a880307e5d user: rkeene tags: trunk
20:46
Treat tls.tcl.h as a normal file and always regenerate it, and never distribute it -- end users will need "od" to create it check-in: 97cbb17f4f user: rkeene tags: trunk
20:39
More work on a better install target and added a basic uninstall target check-in: 6339a69a26 user: rkeene tags: trunk
20:23
TclTLS 1.7.9 check-in: 7b0845cfb3 user: rkeene tags: tls-1-7, tls-1-7-9
20:23
Merged in trunk check-in: c4cb2ec7d1 user: rkeene tags: tls-1-7
20:23
Updated install target to be more compliant for other platforms check-in: 942287db68 user: rkeene tags: trunk
20:04
Reduced verbosity to normal levels for testing, can be added back with TESTFLAGS check-in: bfceaaf9bb user: rkeene tags: trunk
19:22
Updated to latest remote tcl.m4 check-in: 271aa29c27 user: rkeene tags: trunk
18:55
TclTLS 1.7.8 check-in: 22c5b96dcd user: rkeene tags: tls-1-7, tls-1-7-8
18:54
Merged in trunk check-in: f7d1440f12 user: rkeene tags: tls-1-7
18:49
Less heavy handed rewriting of error codes in Tcl BIO check-in: d8ce3045d5 user: rkeene tags: trunk
18:49
Mapped OpenSSL errors for read/write wants to EAGAIN check-in: ad1752cdaf user: rkeene tags: trunk
18:42
Fixed help string for ssl-fastpath to correctly indicate that it is disabled by default check-in: 80d0949714 user: rkeene tags: trunk
18:25
Updated to return an error if automake fails check-in: 953de83652 user: rkeene tags: trunk
17:29
Made the "test" target more useful when doing out-of-source-dir builds check-in: de649c9c44 user: rkeene tags: trunk
17:17
TclTLS 1.7.7 check-in: 027e77a11d user: rkeene tags: tls-1-7, tls-1-7-7
17:15
Merged in trunk check-in: 6aff73e57a user: rkeene tags: tls-1-7
17:14
Updated to allow a specified prefix to override the detected Tcl package path check-in: 97b136826e user: rkeene tags: trunk
16:48
Updated to latest remote shobj.m4 check-in: 4ab0af9e58 user: rkeene tags: trunk
16:44
Updated to clean up Windows additional objects created check-in: dff67f7506 user: rkeene tags: trunk
16:39
Rename configure.in to configure.ac check-in: 6bf4105947 user: rkeene tags: trunk
16:12
Disable fastpath by default check-in: 7032f97f3d user: rkeene tags: trunk
16:11
Fixed weird asymmetry in build of tls.tcl.h, which was required for out-of-tree builds check-in: 05099e9a1e user: rkeene tags: trunk
16:05
TclTLS 1.7.6 check-in: ba6e2a082f user: rkeene tags: tls-1-7, tls-1-7-6
16:05
Merged in trunk check-in: 53bd8f71ad user: rkeene tags: tls-1-7
16:00
Updated to return soft errors on during SSL negotiation retries on reads and hard errors on SSL negotiation during writes or handshake commands check-in: b9557ba691 user: rkeene tags: trunk