151 check-ins using file tests/ciphers.csv version f4aff3652a
2024-03-12
| ||
14:30 | Merge trunk check-in: c005e3d09b user: jan.nijtmans tags: bohagan | |
2024-03-10
| ||
03:09 | Updated make test scripts tool to better embed TCL procedures and handle quoted data check-in: 5b864605ad user: bohagan tags: trunk | |
02:15 | Back port doc and all test updates from crypto branch check-in: ceb434bb23 user: bohagan tags: trunk | |
01:42 | Windows makefile update to add realclean target and correct pkgIndex target check-in: 613f00604a user: bohagan tags: trunk | |
2024-03-05
| ||
14:37 | Formatting (taken over from bohagan) check-in: 2568fd9c5d user: jan.nijtmans tags: bohagan | |
13:57 | Merge trunk check-in: b2b78ae91b user: jan.nijtmans tags: bohagan | |
02:08 | Corrected logic error in acinclude.m4 check for include files check-in: 273a40deb4 user: bohagan tags: trunk | |
2024-03-02
| ||
02:55 | Updated acinclude.m4 file to use pkg-config tool for OpenSSL installation defaults prior to using fall-back values. Linking to static OpenSSL libraries may need more work. check-in: b3ad65760e user: bohagan tags: trunk | |
00:02 | Added check for ssl.h file when checking for valid --opensslincludedir path. Added status message with find ssl.h result. check-in: 65406cadf6 user: bohagan tags: trunk | |
2024-02-28
| ||
04:42 | In password callback, added check for password > max size. Also added null terminator. check-in: 3866a025e0 user: bohagan tags: trunk | |
04:25 | Updated acinclude.m4 file to add include path check for Mac installs. Corrected check for not null to instead check for not zero length variables. Fixed variable delimiter syntax error. check-in: 881da2c51a user: bohagan tags: trunk | |
02:55 | More README file updates to remove old options and add more path info check-in: a72acac266 user: bohagan tags: trunk | |
02:40 | More badssl test case updates for OpenSSL 3 message changes check-in: 1266832b43 user: bohagan tags: trunk | |
2024-02-27
| ||
21:24 | Fix 4 testcases check-in: a0338bae64 user: jan.nijtmans tags: bohagan | |
16:29 | Take over change in tls.c too (from same commit) check-in: eecbce78ef user: jan.nijtmans tags: bohagan | |
16:21 | Take over tests/common.tcl from [https://chiselapp.com/user/bohagan/repository/TCLTLS/info/28b250e1fbd071d9|28b250e1fbd071d9] check-in: 55905b84e3 user: jan.nijtmans tags: bohagan | |
14:41 | Merge trunk check-in: 4fdf191b58 user: jan.nijtmans tags: bohagan | |
05:05 | Removed unneeded initialize dstrings. check-in: 6ffc298e51 user: bohagan tags: trunk | |
2024-02-24
| ||
22:32 | Merge trunk check-in: 47f7634a14 user: jan.nijtmans tags: bohagan | |
22:22 | Clean-up gcc compiler warnings check-in: d966a301eb user: bohagan tags: trunk | |
03:26 | Added back initialize dynamic strings since Tcl_TranslateFileName doesn't initialize them check-in: ccb3824e44 user: bohagan tags: trunk | |
03:02 | Clean up return statements check-in: a9e4d32d68 user: bohagan tags: trunk | |
02:45 | Clean up warnings on *nix builds check-in: 9d22adae76 user: bohagan tags: trunk | |
02:02 | Added missing cast nulls to char pointer check-in: ea98e5c0da user: bohagan tags: trunk | |
01:53 | Added install OpenSSL dynamic libraries on Windows check-in: 584d807503 user: bohagan tags: trunk | |
00:02 | Merge-mark check-in: 367b275044 user: jan.nijtmans tags: bohagan | |
2024-02-23
| ||
23:57 | Optimized get string from object check-in: 5130ce9e72 user: bohagan tags: trunk | |
23:50 | Updated pkgIndex file for MacOS dynamic libraries check-in: 3e70bc2b3f user: bohagan tags: trunk | |
23:45 | Documentation corrections and updates check-in: 4935443e89 user: bohagan tags: trunk | |
21:29 | Merge-mark check-in: f26940283f user: jan.nijtmans tags: bohagan | |
15:28 | Merge-mark check-in: 7ef59c838a user: jan.nijtmans tags: bohagan | |
15:08 | Merge trunk check-in: ea8c67f798 user: jan.nijtmans tags: bohagan | |
13:21 | Merge trunk check-in: c7b67bc013 user: jan.nijtmans tags: bohagan | |
12:13 | Merge trunk check-in: fc4f8bad30 user: jan.nijtmans tags: bohagan | |
11:30 | Merge trunk check-in: faafc32731 user: jan.nijtmans tags: bohagan | |
10:26 | Merge trunk check-in: e6d7dec8c0 user: jan.nijtmans tags: bohagan | |
09:39 | Merge trunk check-in: a288c8e1e1 user: jan.nijtmans tags: bohagan | |
2024-02-22
| ||
20:48 | Merge trunk check-in: e514e3a5e3 user: jan.nijtmans tags: bohagan | |
17:51 | Merge trunk check-in: 0d2b96f6d8 user: jan.nijtmans tags: bohagan | |
17:44 | Merge trunk. tlsBIO.c is now fully equal to trunk. check-in: dae8857d72 user: jan.nijtmans tags: bohagan | |
15:27 | Merge trunk check-in: c61ea12657 user: jan.nijtmans tags: bohagan | |
08:03 | Merge trunk check-in: d0c262769f user: jan.nijtmans tags: bohagan | |
2024-02-20
| ||
22:09 | Merge trunk check-in: 6853760139 user: jan.nijtmans tags: bohagan | |
16:22 | Merge trunk check-in: 61fb454f56 user: jan.nijtmans tags: bohagan | |
16:11 | Merge trunk check-in: daa14243cf user: jan.nijtmans tags: bohagan | |
16:03 | Import trunk from [https://chiselapp.com/user/bohagan/repository/TCLTLS] as separate branch check-in: 4a15938209 user: jan.nijtmans tags: bohagan | |
2024-02-11
| ||
02:16 | Corrected memory leaks in use of dynamic strings check-in: 6287936460 user: bohagan tags: trunk | |
2024-02-10
| ||
22:55 | Added examples to doc check-in: c8af0f28b0 user: bohagan tags: trunk | |
22:03 | Updated callback info in doc file check-in: a1c3e96ef5 user: bohagan tags: trunk | |
21:04 | Updated debug documentation check-in: e8ed4fea49 user: bohagan tags: trunk | |
20:37 | Refactored set default CA certificates path and file to allow env vars to override defaults. check-in: cdb6cd6aa6 user: bohagan tags: trunk | |
03:37 | Updated test cases for OpenSSL 3.0 check-in: 6fd974ebf0 user: bohagan tags: trunk | |
2024-02-09
| ||
20:06 | Updated badssl.com test cases for error message format and CA file on Unix. check-in: 347e9a4852 user: bohagan tags: trunk | |
19:24 | Added more error messages and quoted certificate fail message. check-in: e3e0021e31 user: bohagan tags: trunk | |
2024-02-05
| ||
00:55 | Code updates for gcc warnings check-in: 7e672606f5 user: bohagan tags: trunk | |
2024-02-04
| ||
02:58 | Added code to handle unexpected EOF on OpenSSL 3 check-in: 5a33efb87b user: bohagan tags: trunk | |
2024-02-03
| ||
03:15 | Added more IO logging and error callback messages. Removed duplicate messages. check-in: a3728bd654 user: bohagan tags: trunk | |
2024-02-02
| ||
03:33 | Added more logging messages and updated get error message macro name check-in: fad32ff05f user: bohagan tags: trunk | |
2023-12-29
| ||
21:12 | Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f check-in: 41e1203724 user: bohagan tags: trunk | |
03:09 | Merged in dh branch check-in: 594dfd3195 user: bohagan tags: trunk | |
03:09 | Updated to auto set DH parameters. Updated to use well known Diffie-Hellman (DH) parameters that have built-in support in OpenSSL. This means the DH parameters will be selected to be consistent with the size of the key associated with the server's certificate. If there is no certificate (e.g. for PSK ciphersuites), then it it will be consistent with the size of the negotiated symmetric cipher key. Closed-Leaf check-in: d3d16ea77f user: bohagan tags: dh | |
00:46 | Use env var for OpenSSL executable path. Source: https://core.tcl-lang.org/tcltls/tktview/034c8d2587 check-in: e63b467c48 user: bohagan tags: dh | |
2023-12-28
| ||
23:15 | Refactored DH generation to not need a separate file for DH data. Added missing header files to generated file. check-in: d3319fd18b user: bohagan tags: dh | |
21:27 | DH Changes for OpenSSL 3.0 Source: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275160 and https://cgit.freebsd.org/ports/tree/devel/tcltls/files/dh_params.h?id=2ed62c75d1230bbe8268a1a3c54de2972d50dcf8 check-in: 54c35183c2 user: bohagan tags: dh | |
20:01 | Created DH branch check-in: 22f9df2429 user: bohagan tags: dh | |
2023-12-21
| ||
19:56 | Optimized Init stub load and package require. Use general pkhIndex.tcl file. check-in: c498845865 user: bohagan tags: trunk | |
2023-12-11
| ||
10:37 | Updated to latest tclconfig changes check-in: 98e3157245 user: bohagan tags: trunk | |
2023-11-27
| ||
02:15 | Backport changes from crypto branch including change -securitylevel option to -security_level. Optimized binary to hex conversion. check-in: d351d79642 user: bohagan tags: trunk | |
2023-11-22
| ||
22:18 | Fix to IO test missing set blocking value. See https://core.tcl-lang.org/tcltls/tktview/bb7085cfdc check-in: 104e43c85e user: bohagan tags: trunk | |
2023-10-28
| ||
17:20 | Optimized TLS channel type definition check-in: 914ac6b2a4 user: bohagan tags: trunk | |
2023-10-14
| ||
21:35 | Optimized byte array to hex conversions check-in: 049f9cb970 user: bohagan tags: crypto | |
2023-10-11
| ||
23:13 | Renamed hash command to digest and hashes command to digests. check-in: 38f5e78596 user: bohagan tags: crypto | |
22:34 | Modified ciphers command to make protocol arg optional to list all supported ciphers. check-in: a44d361c13 user: bohagan tags: crypto | |
2023-10-10
| ||
04:10 | Added hashes command to list OpenSSL supported hash digests. check-in: 78cf378796 user: bohagan tags: crypto | |
02:43 | Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. check-in: cafd2dc6ba user: bohagan tags: crypto | |
00:06 | Created cryptography branch check-in: 0cd384c2ff user: bohagan tags: crypto | |
2023-10-09
| ||
19:08 | Updated to latest TEA and Tcl Config check-in: ec0cc9fbdf user: bohagan tags: trunk | |
2023-09-24
| ||
20:12 | Moved definition of Append to List macros to tlsInt.h. Updated tls.c to use Append to List macros. check-in: 28d6418fa7 user: bohagan tags: trunk | |
2023-09-23
| ||
22:37 | Updates for TCL 9.0 and Tcl_Size change check-in: c740ba0cb8 user: bohagan tags: trunk | |
2023-09-10
| ||
22:43 | Added test cases to check for badssl.com certificate error conditions check-in: 6729942f38 user: bohagan tags: trunk | |
2023-09-05
| ||
19:18 | Added pad to Tcl channel type structure for future changes Imported from: https://www.androwish.org/home/info/483455e044ff91ad check-in: 973237f3a8 user: bohagan tags: trunk | |
2023-09-02
| ||
22:07 | Added verify result to handshake fail error message. check-in: 2e3a232d85 user: bohagan tags: trunk | |
21:13 | Set automatic curve selection for ECDH temporary keys used during key exchange. Used to make a server always choose the most appropriate curve for a client. Disable compression even if supported. check-in: 1dbae1afec user: bohagan tags: trunk | |
20:03 | Changed to only allow SSL2 and SSL3 to be manually enabled. See RFC 8996, Deprecating TLS 1.0 and TLS 1.1. Also see NIST SP 800-52r2 which requires TLS 1.2 and TLS 1.3, should not use TLS 1.1, and shall not use TLS 1.0, SSL 3.0, or SSL 2.0. check-in: 9d1bdab9a6 user: bohagan tags: trunk | |
2023-09-01
| ||
21:57 | Merged status and X509 updates branch into master check-in: 3432ab03a3 user: bohagan tags: trunk | |
21:35 | Added more X509 status Closed-Leaf check-in: af0ed7ddd0 user: bohagan tags: status_x509 | |
2023-08-28
| ||
01:56 | Added load CA file comments check-in: d4b5b9bd2a user: bohagan tags: status_x509 | |
2023-08-20
| ||
19:45 | Moved X509 functions to separate procedures. check-in: 2186b86385 user: bohagan tags: status_x509 | |
2023-08-19
| ||
22:14 | Added CA Issuers URL to X509 status check-in: 3b068ff2f6 user: bohagan tags: status_x509 | |
20:30 | Updated ConnectionInfoObjCmd to localize variables check-in: 070af72ccb user: bohagan tags: status_x509 | |
18:04 | Optimized CiphersObjCmd to use method variable. check-in: 543e7ab6d3 user: bohagan tags: status_x509 | |
2023-08-14
| ||
03:16 | Refactored X509 status to improve readability by using macros for common operations. check-in: 3a8336467a user: bohagan tags: status_x509 | |
2023-08-13
| ||
01:00 | Added get CA list to connection status check-in: c95df396da user: bohagan tags: status_x509 | |
2023-08-12
| ||
04:07 | Added session context, basic constraints, and publickeyhash status check-in: 4a0a74f238 user: bohagan tags: status_x509 | |
03:34 | Refactored X509 code to consolidate like functions, eliminate many buffers, etc Added function BIO_to_Buffer to consolidate copy BIO data to buffer. Moved get all data and certificate to end of function. check-in: a1bcda35b1 user: bohagan tags: status_x509 | |
2023-08-10
| ||
03:16 | Reordered get parameters in Tls_NewX509Obj to follow RFC 5280 section order. Added get self issued, Key usage, Extended Key usage, and purpose values. Added more comments, optimized code, etc. check-in: 10bcd4c88f user: bohagan tags: status_x509 | |
2023-08-07
| ||
03:27 | Added Issuer Alt Name to X509 status, refactored get SAN and CRL check-in: 35be4894ce user: bohagan tags: status_x509 | |
2023-08-02
| ||
01:17 | Added Certificate Revocation List (CRL) to X509 status. Moved get X509 extension items to end of function. check-in: f22fb82c96 user: bohagan tags: status_x509 | |
2023-08-01
| ||
22:42 | Added Certificate purposes to X509 status output. Corrected certificate alias get text bug. Refactored code to reduce number of variables and use common buffers for SHA fingerprints. check-in: e94d9cae93 user: bohagan tags: status_x509 | |
2023-07-31
| ||
02:17 | Added verify depth and mode status to connection status, renamed signatureType and signatureType check-in: 87010ba1d9 user: bohagan tags: status_x509 | |
2023-07-30
| ||
22:25 | Replaced custom X509 ASN1_UTCTIME_tostr function with OpenSSL function ASN1_TIME_print. Added catch errors returned from get certificate functions. check-in: b50520df51 user: bohagan tags: status_x509 | |
03:39 | Merged master into branch check-in: 739742d3d4 user: bohagan tags: status_x509 | |
03:21 | Merged errors_and_callbacks branch into master check-in: dbe759a0f2 user: bohagan tags: trunk | |
02:53 | Updated default callbacks in tls.tcl file Closed-Leaf check-in: cdb51c799e user: bohagan tags: errors_and_callbacks | |
02:09 | Add match result to ALPN callback parameters. This indicates if a common protocol was found or not. check-in: 75f1cfb376 user: bohagan tags: errors_and_callbacks | |
00:20 | Updated password callback to add rwflag size arguments to callback. Callback now works like other callbacks with the function followed by args. Refactored get result processing. Added more info to doc file. check-in: c072b00aeb user: bohagan tags: errors_and_callbacks | |
2023-07-29
| ||
21:33 | Added message status to callback command results. It is only available when OpenSSL is complied with the enable-ssl-trace option. check-in: 5ddead759f user: bohagan tags: errors_and_callbacks | |
2023-07-28
| ||
19:42 | Set ErrorCode for returned errors check-in: d7ece0aec4 user: bohagan tags: errors_and_callbacks | |
18:41 | Set/get invalid channel option now calls Tcl_BadChannelOption. check-in: 106dba31ae user: bohagan tags: errors_and_callbacks | |
17:01 | Disabled skip channel IO during verify callback processing. Call Tcl_Error for connect/handshake errors. check-in: 6866efe8ea user: bohagan tags: errors_and_callbacks | |
16:07 | Refactored Tls_Error handler to not set errorCode. Use error message, return result, or if none, fall-back to OpenSSL error queue. Added clear OpenSSL errors to start of each command function to remove old error messages. check-in: e85a439068 user: bohagan tags: errors_and_callbacks | |
2023-07-24
| ||
23:12 | Comment and documentation updates. Added more checks for supported protocol versions. check-in: a4c50c7c74 user: bohagan tags: errors_and_callbacks | |
2023-07-21
| ||
23:29 | Removed connect or handshake errors trigger background error. Removed Tls_Error call to background error handler when a callback command isn't defined. This would occur during connect/handshake errors. Fixes bug: https://core.tcl-lang.org/tcltls/tktview/2c7b748796 check-in: 6a11f12158 user: bohagan tags: errors_and_callbacks | |
23:01 | Added new option -validatecommand to handle callbacks that require a return value. Consolidated evaluate callback commands into one function EvalCallback. Return alert codes for callbacks. Added more comments to callback functions. check-in: 91ff651d51 user: bohagan tags: errors_and_callbacks | |
2023-07-16
| ||
18:41 | Added Next Protocol Negotiation (NPN) for TLS 1.0 to TLS 1.2. check-in: f7b84d671a user: bohagan tags: errors_and_callbacks | |
17:26 | Added alert type to info callback parameters and refactored code. check-in: 0aa8ad9487 user: bohagan tags: errors_and_callbacks | |
16:02 | Register ALPN callbacks only if protocols defined. Catch more errors in callbacks, return after set return values. check-in: 3b2e00d8a5 user: bohagan tags: errors_and_callbacks | |
15:21 | Created error handler and callback updates branch check-in: 0d1d711916 user: bohagan tags: errors_and_callbacks | |
15:05 | Merge status and X509 updates branch check-in: 1924dcd361 user: bohagan tags: trunk | |
03:33 | X509 status optimizations to reduce number of buffers and reordered parameters to match certificate order. check-in: 335b04b2fe user: bohagan tags: status_x509 | |
00:24 | Added X509 authorityKeyIdentifier and OCSP URL parameters Fixed subjectKeyIdentifier Moved extension parameters to end of Tls_NewX509Obj check-in: a7be3ce74d user: bohagan tags: status_x509 | |
2023-07-15
| ||
23:00 | Added unique ids and signature value to status check-in: 8e446cb0bb user: bohagan tags: status_x509 | |
21:37 | Better grouped status and connection parameters in doc. check-in: c7828a9fcc user: bohagan tags: status_x509 | |
20:47 | Refactored convert X509 status binary values to hex strings. Renamed X509 parameter signatureAlgorithm to signature and digest to signingDigest. check-in: 8dd96d8c7b user: bohagan tags: status_x509 | |
2023-07-10
| ||
01:13 | Added all certificate info dump to X509 status. Renamed X509 status signature_algorithm to signatureAlgorithm, public_key_algorithm to publicKeyAlgorithm, and serial to serialNumber. Added publicKey and alias to X509 status. check-in: 58ee9890df user: bohagan tags: status_x509 | |
2023-07-09
| ||
22:46 | Changed to pass verify ok results string to callback. Renamed certificate status signature_hash to signatureHashAlgorithm. check-in: a5858c387a user: bohagan tags: status_x509 | |
2023-06-21
| ||
23:37 | Added Subject Alternate Name (SAN) to X509 status. Source: https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: a5843e5983 user: bohagan tags: status_x509 | |
2023-06-20
| ||
03:42 | Added Subject Key Identifier (SKI) to X509 status check-in: 3a3000bc1e user: bohagan tags: status_x509 | |
2023-06-18
| ||
21:47 | Added post handshake cert request option check-in: fec0e414e9 user: bohagan tags: status_x509 | |
2023-06-17
| ||
23:09 | Added signature hash and type to connection status Changed validation result to verification. check-in: e02e24c84a user: bohagan tags: status_x509 | |
2023-06-16
| ||
18:04 | Change to use NULL for empty pointers check-in: ee0728f6d6 user: bohagan tags: status_x509 | |
2023-06-11
| ||
23:26 | Use client or server methods instead of generic methods for protocol version selection check-in: f9da715266 user: bohagan tags: status_x509 | |
20:12 | Optimized get X509 certificate extensions check-in: eccad70fa9 user: bohagan tags: status_x509 | |
02:27 | Added more X509 certificate status info, show algorithm names, list used extensions, etc. check-in: 7265279af2 user: bohagan tags: status_x509 | |
2023-06-10
| ||
21:25 | Added master key, is server, and ticket lifetime to connection status. Reordered connection status results for better grouping. check-in: 4e75be42e6 user: bohagan tags: status_x509 | |
20:33 | Set protocol version method based on client or server option. check-in: 50c71137cb user: bohagan tags: status_x509 | |
19:45 | Added ALPN callback update to catch and return errors in select next protocol. check-in: 1a03a74d6e user: bohagan tags: status_x509 | |
2023-06-05
| ||
02:47 | More callback error checking. Added session ticket callback handling. Split set client and server session caching callbacks. check-in: e1f08bc122 user: bohagan tags: status_x509 | |
02:09 | Use SSL connection states instead of custom states. check-in: 3d083cdfaf user: bohagan tags: status_x509 | |
2023-06-04
| ||
03:20 | Set host name for certificate checks. Pass peer specified host name to Hello callback. Set host name for certificate checks. This is separate from SNI. Added peername to status command results. Source: https://core.tcl-lang.org/tcltls/tktview/b023257dcf and https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: 65f84287e7 user: bohagan tags: status_x509 | |
2023-06-03
| ||
22:33 | Added ALPN callback protocol selection. In ALPNCallback, server select from client provided protocol list uses -alpn protocols list to find first common protocol. check-in: f50ee33fd6 user: bohagan tags: status_x509 | |
20:55 | Added version and signature to X509 status check-in: 7d59536ee7 user: bohagan tags: status_x509 | |
2023-06-02
| ||
22:23 | Added compression state to connection status check-in: e5975c8072 user: bohagan tags: status_x509 | |
2023-05-29
| ||
23:15 | Added server callbacks for ALPN, SNI, and Hello messages check-in: a04a3aef6b user: bohagan tags: status_x509 | |
2023-05-27
| ||
21:14 | Optimized use of pointers and comment format updates. check-in: 500c6b97d6 user: bohagan tags: status_x509 | |
19:20 | Added session id and ticket to connection status. Added callback to handle session id and ticket updates after the handshake. check-in: 489f45bd81 user: bohagan tags: status_x509 | |
03:06 | Removed support for obsolete OpenSSL versions prior to v1.1.1. check-in: 0de7b4fc0a user: bohagan tags: status_x509 | |
2023-05-26
| ||
22:43 | Added set security level option to set all relevant parameters including cipher suite, encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms in one operation. check-in: 32ce5d6220 user: bohagan tags: status_x509 | |
2023-05-24
| ||
23:26 | Fixed test cases to run under Windows and added TLS 1.3 support check-in: 69314245a1 user: bohagan tags: status_x509 | |
02:40 | Added new option -ciphersuites to set ciphers suites for TLS 1.3. Addresses defect: https://core.tcl-lang.org/tcltls/tktview/d0518a5645 check-in: cd11c125e8 user: bohagan tags: status_x509 | |
01:18 | Updated ciphers command to use current APIs and added an option to return only ciphers as would be sent in ClientHello. Updated test suite to use OpenSSL executable to get ciphers comparison data. Added more test cases. Addresses defects: https://core.tcl-lang.org/tcltls/tktview/688788a45c and https://sourceforge.net/p/tls/bugs/36/ check-in: 05b2dd47be user: bohagan tags: status_x509 | |