View Ticket
Ticket Hash: 2059171e7d45ad24bc4e649c71d4aa5fce4a709e
Title: tls::status return value differs depending on platform in use.
Status: Closed Type: Code Defect
Severity: Important Priority: Immediate
Subsystem: Resolution: Fixed
Last Modified: 2019-04-09 18:01:15
Version Found In: 1.7.16
User Comments:
anonymous added on 2019-03-10 21:25:58: (text/x-fossil-plain)
In tcltls-1.7.16 the command tls::status is supposed to return key-value pairs describing the connected peer.  
It does this however, there is a difference in what is returned that is platform dependent. The difference 
is associated with the value related to the "certificate" key within the list.

The section of code that produces the "defective" value in the list is in the following section of tlsX509.c

    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( "certificate", -1) );
    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( certStr, -1) );

In a Linux environment the full string of the certificate is returned as expected.  In a windows environment,
the certificate is truncated (I think the returned value is consistently truncated to 1040 characters).

Unfortunately, I do not have the knowledge/skills to debug this but thought it was significant enough to report.
I would expect the behavior of this library to be the same despite the platform.

This was tested/confirmed with different versions of openssl(1.0.2), Linux, and Windows.

rkeene added on 2019-04-09 17:44:46: (text/x-fossil-plain)
This will be fixed in TclTLS V1.7.17 and later