In tcltls-1.7.16 the command tls::status is supposed to return key-value pairs describing the connected peer.
It does this however, there is a difference in what is returned that is platform dependent. The difference
is associated with the value related to the "certificate" key within the list.
The section of code that produces the "defective" value in the list is in the following section of tlsX509.c
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( "certificate", -1) );
Tcl_ListObjAppendElement( interp, certPtr,
Tcl_NewStringObj( certStr, -1) );
In a Linux environment the full string of the certificate is returned as expected. In a windows environment,
the certificate is truncated (I think the returned value is consistently truncated to 1040 characters).
Unfortunately, I do not have the knowledge/skills to debug this but thought it was significant enough to report.
I would expect the behavior of this library to be the same despite the platform.
This was tested/confirmed with different versions of openssl(1.0.2), Linux, and Windows.
This will be fixed in TclTLS V1.7.17 and later
|