Timeline
EuroTcl/OpenACS 11 - 12 JULY 2024, VIENNA

151 check-ins using file tests/ciphers.csv version f4aff3652a

2024-03-12
14:30
Merge trunk check-in: c005e3d09b user: jan.nijtmans tags: bohagan
2024-03-10
03:09
Updated make test scripts tool to better embed TCL procedures and handle quoted data check-in: 5b864605ad user: bohagan tags: trunk
02:15
Back port doc and all test updates from crypto branch check-in: ceb434bb23 user: bohagan tags: trunk
01:42
Windows makefile update to add realclean target and correct pkgIndex target check-in: 613f00604a user: bohagan tags: trunk
2024-03-05
14:37
Formatting (taken over from bohagan) check-in: 2568fd9c5d user: jan.nijtmans tags: bohagan
13:57
Merge trunk check-in: b2b78ae91b user: jan.nijtmans tags: bohagan
02:08
Corrected logic error in acinclude.m4 check for include files check-in: 273a40deb4 user: bohagan tags: trunk
2024-03-02
02:55
Updated acinclude.m4 file to use pkg-config tool for OpenSSL installation defaults prior to using fall-back values. Linking to static OpenSSL libraries may need more work. check-in: b3ad65760e user: bohagan tags: trunk
00:02
Added check for ssl.h file when checking for valid --opensslincludedir path. Added status message with find ssl.h result. check-in: 65406cadf6 user: bohagan tags: trunk
2024-02-28
04:42
In password callback, added check for password > max size. Also added null terminator. check-in: 3866a025e0 user: bohagan tags: trunk
04:25
Updated acinclude.m4 file to add include path check for Mac installs. Corrected check for not null to instead check for not zero length variables. Fixed variable delimiter syntax error. check-in: 881da2c51a user: bohagan tags: trunk
02:55
More README file updates to remove old options and add more path info check-in: a72acac266 user: bohagan tags: trunk
02:40
More badssl test case updates for OpenSSL 3 message changes check-in: 1266832b43 user: bohagan tags: trunk
2024-02-27
21:24
Fix 4 testcases check-in: a0338bae64 user: jan.nijtmans tags: bohagan
16:29
Take over change in tls.c too (from same commit) check-in: eecbce78ef user: jan.nijtmans tags: bohagan
16:21
Take over tests/common.tcl from [https://chiselapp.com/user/bohagan/repository/TCLTLS/info/28b250e1fbd071d9|28b250e1fbd071d9] check-in: 55905b84e3 user: jan.nijtmans tags: bohagan
14:41
Merge trunk check-in: 4fdf191b58 user: jan.nijtmans tags: bohagan
05:05
Removed unneeded initialize dstrings. check-in: 6ffc298e51 user: bohagan tags: trunk
2024-02-24
22:32
Merge trunk check-in: 47f7634a14 user: jan.nijtmans tags: bohagan
22:22
Clean-up gcc compiler warnings check-in: d966a301eb user: bohagan tags: trunk
03:26
Added back initialize dynamic strings since Tcl_TranslateFileName doesn't initialize them check-in: ccb3824e44 user: bohagan tags: trunk
03:02
Clean up return statements check-in: a9e4d32d68 user: bohagan tags: trunk
02:45
Clean up warnings on *nix builds check-in: 9d22adae76 user: bohagan tags: trunk
02:02
Added missing cast nulls to char pointer check-in: ea98e5c0da user: bohagan tags: trunk
01:53
Added install OpenSSL dynamic libraries on Windows check-in: 584d807503 user: bohagan tags: trunk
00:02
Merge-mark check-in: 367b275044 user: jan.nijtmans tags: bohagan
2024-02-23
23:57
Optimized get string from object check-in: 5130ce9e72 user: bohagan tags: trunk
23:50
Updated pkgIndex file for MacOS dynamic libraries check-in: 3e70bc2b3f user: bohagan tags: trunk
23:45
Documentation corrections and updates check-in: 4935443e89 user: bohagan tags: trunk
21:29
Merge-mark check-in: f26940283f user: jan.nijtmans tags: bohagan
15:28
Merge-mark check-in: 7ef59c838a user: jan.nijtmans tags: bohagan
15:08
Merge trunk check-in: ea8c67f798 user: jan.nijtmans tags: bohagan
13:21
Merge trunk check-in: c7b67bc013 user: jan.nijtmans tags: bohagan
12:13
Merge trunk check-in: fc4f8bad30 user: jan.nijtmans tags: bohagan
11:30
Merge trunk check-in: faafc32731 user: jan.nijtmans tags: bohagan
10:26
Merge trunk check-in: e6d7dec8c0 user: jan.nijtmans tags: bohagan
09:39
Merge trunk check-in: a288c8e1e1 user: jan.nijtmans tags: bohagan
2024-02-22
20:48
Merge trunk check-in: e514e3a5e3 user: jan.nijtmans tags: bohagan
17:51
Merge trunk check-in: 0d2b96f6d8 user: jan.nijtmans tags: bohagan
17:44
Merge trunk. tlsBIO.c is now fully equal to trunk. check-in: dae8857d72 user: jan.nijtmans tags: bohagan
15:27
Merge trunk check-in: c61ea12657 user: jan.nijtmans tags: bohagan
08:03
Merge trunk check-in: d0c262769f user: jan.nijtmans tags: bohagan
2024-02-20
22:09
Merge trunk check-in: 6853760139 user: jan.nijtmans tags: bohagan
16:22
Merge trunk check-in: 61fb454f56 user: jan.nijtmans tags: bohagan
16:11
Merge trunk check-in: daa14243cf user: jan.nijtmans tags: bohagan
16:03
Import trunk from [https://chiselapp.com/user/bohagan/repository/TCLTLS] as separate branch check-in: 4a15938209 user: jan.nijtmans tags: bohagan
2024-02-11
02:16
Corrected memory leaks in use of dynamic strings check-in: 6287936460 user: bohagan tags: trunk
2024-02-10
22:55
Added examples to doc check-in: c8af0f28b0 user: bohagan tags: trunk
22:03
Updated callback info in doc file check-in: a1c3e96ef5 user: bohagan tags: trunk
21:04
Updated debug documentation check-in: e8ed4fea49 user: bohagan tags: trunk
20:37
Refactored set default CA certificates path and file to allow env vars to override defaults. check-in: cdb6cd6aa6 user: bohagan tags: trunk
03:37
Updated test cases for OpenSSL 3.0 check-in: 6fd974ebf0 user: bohagan tags: trunk
2024-02-09
20:06
Updated badssl.com test cases for error message format and CA file on Unix. check-in: 347e9a4852 user: bohagan tags: trunk
19:24
Added more error messages and quoted certificate fail message. check-in: e3e0021e31 user: bohagan tags: trunk
2024-02-05
00:55
Code updates for gcc warnings check-in: 7e672606f5 user: bohagan tags: trunk
2024-02-04
02:58
Added code to handle unexpected EOF on OpenSSL 3 check-in: 5a33efb87b user: bohagan tags: trunk
2024-02-03
03:15
Added more IO logging and error callback messages. Removed duplicate messages. check-in: a3728bd654 user: bohagan tags: trunk
2024-02-02
03:33
Added more logging messages and updated get error message macro name check-in: fad32ff05f user: bohagan tags: trunk
2023-12-29
21:12
Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f check-in: 41e1203724 user: bohagan tags: trunk
03:09
Merged in dh branch check-in: 594dfd3195 user: bohagan tags: trunk
03:09
Updated to auto set DH parameters. Updated to use well known Diffie-Hellman (DH) parameters that have built-in support in OpenSSL. This means the DH parameters will be selected to be consistent with the size of the key associated with the server's certificate. If there is no certificate (e.g. for PSK ciphersuites), then it it will be consistent with the size of the negotiated symmetric cipher key. Leaf check-in: d3d16ea77f user: bohagan tags: dh
00:46
Use env var for OpenSSL executable path. Source: https://core.tcl-lang.org/tcltls/tktview/034c8d2587 check-in: e63b467c48 user: bohagan tags: dh
2023-12-28
23:15
Refactored DH generation to not need a separate file for DH data. Added missing header files to generated file. check-in: d3319fd18b user: bohagan tags: dh
21:27
DH Changes for OpenSSL 3.0 Source: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275160 and https://cgit.freebsd.org/ports/tree/devel/tcltls/files/dh_params.h?id=2ed62c75d1230bbe8268a1a3c54de2972d50dcf8 check-in: 54c35183c2 user: bohagan tags: dh
20:01
Created DH branch check-in: 22f9df2429 user: bohagan tags: dh
2023-12-21
19:56
Optimized Init stub load and package require. Use general pkhIndex.tcl file. check-in: c498845865 user: bohagan tags: trunk
2023-12-11
10:37
Updated to latest tclconfig changes check-in: 98e3157245 user: bohagan tags: trunk
2023-11-27
02:15
Backport changes from crypto branch including change -securitylevel option to -security_level. Optimized binary to hex conversion. check-in: d351d79642 user: bohagan tags: trunk
2023-11-22
22:18
Fix to IO test missing set blocking value. See https://core.tcl-lang.org/tcltls/tktview/bb7085cfdc check-in: 104e43c85e user: bohagan tags: trunk
2023-10-28
17:20
Optimized TLS channel type definition check-in: 914ac6b2a4 user: bohagan tags: trunk
2023-10-14
21:35
Optimized byte array to hex conversions check-in: 049f9cb970 user: bohagan tags: crypto
2023-10-11
23:13
Renamed hash command to digest and hashes command to digests. check-in: 38f5e78596 user: bohagan tags: crypto
22:34
Modified ciphers command to make protocol arg optional to list all supported ciphers. check-in: a44d361c13 user: bohagan tags: crypto
2023-10-10
04:10
Added hashes command to list OpenSSL supported hash digests. check-in: 78cf378796 user: bohagan tags: crypto
02:43
Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. check-in: cafd2dc6ba user: bohagan tags: crypto
00:06
Created cryptography branch check-in: 0cd384c2ff user: bohagan tags: crypto
2023-10-09
19:08
Updated to latest TEA and Tcl Config check-in: ec0cc9fbdf user: bohagan tags: trunk
2023-09-24
20:12
Moved definition of Append to List macros to tlsInt.h. Updated tls.c to use Append to List macros. check-in: 28d6418fa7 user: bohagan tags: trunk
2023-09-23
22:37
Updates for TCL 9.0 and Tcl_Size change check-in: c740ba0cb8 user: bohagan tags: trunk
2023-09-10
22:43
Added test cases to check for badssl.com certificate error conditions check-in: 6729942f38 user: bohagan tags: trunk
2023-09-05
19:18
Added pad to Tcl channel type structure for future changes Imported from: https://www.androwish.org/home/info/483455e044ff91ad check-in: 973237f3a8 user: bohagan tags: trunk
2023-09-02
22:07
Added verify result to handshake fail error message. check-in: 2e3a232d85 user: bohagan tags: trunk
21:13
Set automatic curve selection for ECDH temporary keys used during key exchange. Used to make a server always choose the most appropriate curve for a client. Disable compression even if supported. check-in: 1dbae1afec user: bohagan tags: trunk
20:03
Changed to only allow SSL2 and SSL3 to be manually enabled. See RFC 8996, Deprecating TLS 1.0 and TLS 1.1. Also see NIST SP 800-52r2 which requires TLS 1.2 and TLS 1.3, should not use TLS 1.1, and shall not use TLS 1.0, SSL 3.0, or SSL 2.0. check-in: 9d1bdab9a6 user: bohagan tags: trunk
2023-09-01
21:57
Merged status and X509 updates branch into master check-in: 3432ab03a3 user: bohagan tags: trunk
21:35
Added more X509 status Leaf check-in: af0ed7ddd0 user: bohagan tags: status_x509
2023-08-28
01:56
Added load CA file comments check-in: d4b5b9bd2a user: bohagan tags: status_x509
2023-08-20
19:45
Moved X509 functions to separate procedures. check-in: 2186b86385 user: bohagan tags: status_x509
2023-08-19
22:14
Added CA Issuers URL to X509 status check-in: 3b068ff2f6 user: bohagan tags: status_x509
20:30
Updated ConnectionInfoObjCmd to localize variables check-in: 070af72ccb user: bohagan tags: status_x509
18:04
Optimized CiphersObjCmd to use method variable. check-in: 543e7ab6d3 user: bohagan tags: status_x509
2023-08-14
03:16
Refactored X509 status to improve readability by using macros for common operations. check-in: 3a8336467a user: bohagan tags: status_x509
2023-08-13
01:00
Added get CA list to connection status check-in: c95df396da user: bohagan tags: status_x509
2023-08-12
04:07
Added session context, basic constraints, and publickeyhash status check-in: 4a0a74f238 user: bohagan tags: status_x509
03:34
Refactored X509 code to consolidate like functions, eliminate many buffers, etc Added function BIO_to_Buffer to consolidate copy BIO data to buffer. Moved get all data and certificate to end of function. check-in: a1bcda35b1 user: bohagan tags: status_x509
2023-08-10
03:16
Reordered get parameters in Tls_NewX509Obj to follow RFC 5280 section order. Added get self issued, Key usage, Extended Key usage, and purpose values. Added more comments, optimized code, etc. check-in: 10bcd4c88f user: bohagan tags: status_x509
2023-08-07
03:27
Added Issuer Alt Name to X509 status, refactored get SAN and CRL check-in: 35be4894ce user: bohagan tags: status_x509
2023-08-02
01:17
Added Certificate Revocation List (CRL) to X509 status. Moved get X509 extension items to end of function. check-in: f22fb82c96 user: bohagan tags: status_x509
2023-08-01
22:42
Added Certificate purposes to X509 status output. Corrected certificate alias get text bug. Refactored code to reduce number of variables and use common buffers for SHA fingerprints. check-in: e94d9cae93 user: bohagan tags: status_x509
2023-07-31
02:17
Added verify depth and mode status to connection status, renamed signatureType and signatureType check-in: 87010ba1d9 user: bohagan tags: status_x509
2023-07-30
22:25
Replaced custom X509 ASN1_UTCTIME_tostr function with OpenSSL function ASN1_TIME_print. Added catch errors returned from get certificate functions. check-in: b50520df51 user: bohagan tags: status_x509
03:39
Merged master into branch check-in: 739742d3d4 user: bohagan tags: status_x509
03:21
Merged errors_and_callbacks branch into master check-in: dbe759a0f2 user: bohagan tags: trunk
02:53
Updated default callbacks in tls.tcl file Leaf check-in: cdb51c799e user: bohagan tags: errors_and_callbacks
02:09
Add match result to ALPN callback parameters. This indicates if a common protocol was found or not. check-in: 75f1cfb376 user: bohagan tags: errors_and_callbacks
00:20
Updated password callback to add rwflag size arguments to callback. Callback now works like other callbacks with the function followed by args. Refactored get result processing. Added more info to doc file. check-in: c072b00aeb user: bohagan tags: errors_and_callbacks
2023-07-29
21:33
Added message status to callback command results. It is only available when OpenSSL is complied with the enable-ssl-trace option. check-in: 5ddead759f user: bohagan tags: errors_and_callbacks
2023-07-28
19:42
Set ErrorCode for returned errors check-in: d7ece0aec4 user: bohagan tags: errors_and_callbacks
18:41
Set/get invalid channel option now calls Tcl_BadChannelOption. check-in: 106dba31ae user: bohagan tags: errors_and_callbacks
17:01
Disabled skip channel IO during verify callback processing. Call Tcl_Error for connect/handshake errors. check-in: 6866efe8ea user: bohagan tags: errors_and_callbacks
16:07
Refactored Tls_Error handler to not set errorCode. Use error message, return result, or if none, fall-back to OpenSSL error queue. Added clear OpenSSL errors to start of each command function to remove old error messages. check-in: e85a439068 user: bohagan tags: errors_and_callbacks
2023-07-24
23:12
Comment and documentation updates. Added more checks for supported protocol versions. check-in: a4c50c7c74 user: bohagan tags: errors_and_callbacks
2023-07-21
23:29
Removed connect or handshake errors trigger background error. Removed Tls_Error call to background error handler when a callback command isn't defined. This would occur during connect/handshake errors. Fixes bug: https://core.tcl-lang.org/tcltls/tktview/2c7b748796 check-in: 6a11f12158 user: bohagan tags: errors_and_callbacks
23:01
Added new option -validatecommand to handle callbacks that require a return value. Consolidated evaluate callback commands into one function EvalCallback. Return alert codes for callbacks. Added more comments to callback functions. check-in: 91ff651d51 user: bohagan tags: errors_and_callbacks
2023-07-16
18:41
Added Next Protocol Negotiation (NPN) for TLS 1.0 to TLS 1.2. check-in: f7b84d671a user: bohagan tags: errors_and_callbacks
17:26
Added alert type to info callback parameters and refactored code. check-in: 0aa8ad9487 user: bohagan tags: errors_and_callbacks
16:02
Register ALPN callbacks only if protocols defined. Catch more errors in callbacks, return after set return values. check-in: 3b2e00d8a5 user: bohagan tags: errors_and_callbacks
15:21
Created error handler and callback updates branch check-in: 0d1d711916 user: bohagan tags: errors_and_callbacks
15:05
Merge status and X509 updates branch check-in: 1924dcd361 user: bohagan tags: trunk
03:33
X509 status optimizations to reduce number of buffers and reordered parameters to match certificate order. check-in: 335b04b2fe user: bohagan tags: status_x509
00:24
Added X509 authorityKeyIdentifier and OCSP URL parameters Fixed subjectKeyIdentifier Moved extension parameters to end of Tls_NewX509Obj check-in: a7be3ce74d user: bohagan tags: status_x509
2023-07-15
23:00
Added unique ids and signature value to status check-in: 8e446cb0bb user: bohagan tags: status_x509
21:37
Better grouped status and connection parameters in doc. check-in: c7828a9fcc user: bohagan tags: status_x509
20:47
Refactored convert X509 status binary values to hex strings. Renamed X509 parameter signatureAlgorithm to signature and digest to signingDigest. check-in: 8dd96d8c7b user: bohagan tags: status_x509
2023-07-10
01:13
Added all certificate info dump to X509 status. Renamed X509 status signature_algorithm to signatureAlgorithm, public_key_algorithm to publicKeyAlgorithm, and serial to serialNumber. Added publicKey and alias to X509 status. check-in: 58ee9890df user: bohagan tags: status_x509
2023-07-09
22:46
Changed to pass verify ok results string to callback. Renamed certificate status signature_hash to signatureHashAlgorithm. check-in: a5858c387a user: bohagan tags: status_x509
2023-06-21
23:37
Added Subject Alternate Name (SAN) to X509 status. Source: https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: a5843e5983 user: bohagan tags: status_x509
2023-06-20
03:42
Added Subject Key Identifier (SKI) to X509 status check-in: 3a3000bc1e user: bohagan tags: status_x509
2023-06-18
21:47
Added post handshake cert request option check-in: fec0e414e9 user: bohagan tags: status_x509
2023-06-17
23:09
Added signature hash and type to connection status Changed validation result to verification. check-in: e02e24c84a user: bohagan tags: status_x509
2023-06-16
18:04
Change to use NULL for empty pointers check-in: ee0728f6d6 user: bohagan tags: status_x509
2023-06-11
23:26
Use client or server methods instead of generic methods for protocol version selection check-in: f9da715266 user: bohagan tags: status_x509
20:12
Optimized get X509 certificate extensions check-in: eccad70fa9 user: bohagan tags: status_x509
02:27
Added more X509 certificate status info, show algorithm names, list used extensions, etc. check-in: 7265279af2 user: bohagan tags: status_x509
2023-06-10
21:25
Added master key, is server, and ticket lifetime to connection status. Reordered connection status results for better grouping. check-in: 4e75be42e6 user: bohagan tags: status_x509
20:33
Set protocol version method based on client or server option. check-in: 50c71137cb user: bohagan tags: status_x509
19:45
Added ALPN callback update to catch and return errors in select next protocol. check-in: 1a03a74d6e user: bohagan tags: status_x509
2023-06-05
02:47
More callback error checking. Added session ticket callback handling. Split set client and server session caching callbacks. check-in: e1f08bc122 user: bohagan tags: status_x509
02:09
Use SSL connection states instead of custom states. check-in: 3d083cdfaf user: bohagan tags: status_x509
2023-06-04
03:20
Set host name for certificate checks. Pass peer specified host name to Hello callback. Set host name for certificate checks. This is separate from SNI. Added peername to status command results. Source: https://core.tcl-lang.org/tcltls/tktview/b023257dcf and https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: 65f84287e7 user: bohagan tags: status_x509
2023-06-03
22:33
Added ALPN callback protocol selection. In ALPNCallback, server select from client provided protocol list uses -alpn protocols list to find first common protocol. check-in: f50ee33fd6 user: bohagan tags: status_x509
20:55
Added version and signature to X509 status check-in: 7d59536ee7 user: bohagan tags: status_x509
2023-06-02
22:23
Added compression state to connection status check-in: e5975c8072 user: bohagan tags: status_x509
2023-05-29
23:15
Added server callbacks for ALPN, SNI, and Hello messages check-in: a04a3aef6b user: bohagan tags: status_x509
2023-05-27
21:14
Optimized use of pointers and comment format updates. check-in: 500c6b97d6 user: bohagan tags: status_x509
19:20
Added session id and ticket to connection status. Added callback to handle session id and ticket updates after the handshake. check-in: 489f45bd81 user: bohagan tags: status_x509
03:06
Removed support for obsolete OpenSSL versions prior to v1.1.1. check-in: 0de7b4fc0a user: bohagan tags: status_x509
2023-05-26
22:43
Added set security level option to set all relevant parameters including cipher suite, encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms in one operation. check-in: 32ce5d6220 user: bohagan tags: status_x509
2023-05-24
23:26
Fixed test cases to run under Windows and added TLS 1.3 support check-in: 69314245a1 user: bohagan tags: status_x509
02:40
Added new option -ciphersuites to set ciphers suites for TLS 1.3. Addresses defect: https://core.tcl-lang.org/tcltls/tktview/d0518a5645 check-in: cd11c125e8 user: bohagan tags: status_x509
01:18
Updated ciphers command to use current APIs and added an option to return only ciphers as would be sent in ClientHello. Updated test suite to use OpenSSL executable to get ciphers comparison data. Added more test cases. Addresses defects: https://core.tcl-lang.org/tcltls/tktview/688788a45c and https://sourceforge.net/p/tls/bugs/36/ check-in: 05b2dd47be user: bohagan tags: status_x509