TclTLS
Changes On Branch 8af8ef15f03b22ff
Login
HomeTimelineDownloadBrowse SourceBranchesTagsTicketsWiki
Hide Diff Patch Side-by-Side Diff

Changes In Branch tls-1.8 Through [8af8ef15f0] Excluding Merge-Ins

This is equivalent to a diff from f5d3f859aa to 8af8ef15f0

2024-05-27
13:23
Remove tclconfig directory (since it should be extracted from "tclconfig" repository). Update configure to autoconf 2.72 check-in: 49aef5cb6c user: jan.nijtmans tags: trunk
2024-05-13
04:57
Updated make files to install HTML docs, license, and README files check-in: e3da75f05f user: bohagan tags: tls-1.8
2024-05-11
01:46
Added version check for SSL_get_signature_type_nid API added in OpenSSL 1.1.1a. This is needed for Ubuntu 18.04 LTS. check-in: 8af8ef15f0 user: bohagan tags: tls-1.8
2024-04-22
04:18
Updated makefile to use TEA_ADD_CLEANFILES check-in: 6b0826ae21 user: bohagan tags: tls-1.8
2024-03-26
21:28
Minor cleanups to remove obsolete code and add missing change log entry check-in: bb89d73224 user: bohagan tags: tls-1.8
05:00
Created tls1.8 branch Closed-Leaf check-in: 94d2753492 user: bohagan tags: tls1.8
2024-03-15
23:39
Updated make file to correct bugs check-in: f5d3f859aa user: bohagan tags: trunk
22:17
Fix warnings for compile with GCC on TCL 9.0 check-in: 562bd95399 user: bohagan tags: trunk

Modified ChangeLog from [7400a29b58] to [03077231f7]. 








1
2
3
4
5
6
7

1
2
3
4
5
6
7
8
9
10
11
12
13
14

+
+
+
+
+
+
+








TclTLS 1.7.22
==========

Release Date: Mon Oct 12 15:40:16 CDT 2020

https://tcltls.rkeene.org/

2015-05-01  Andreas Kupries  <[email protected]>

	* configure.in: Bump to version 1.6.5.
	* win/makefile.vc:
	* configure: regen with ac-2.59
	* tls.c: Accepted SF TLS [bug/patch #57](https://sourceforge.net/p/tls/bugs/57/).
	* tlsIO.c: Accepted core Tcl patch in [ticket](http://core.tcl.tk/tcl/tktview/0f94f855cafed92d0e174b7d835453a02831b4dd).












Modified Makefile.in
from [61dd86b789]
to [41deb05cc9].







359
360
361
362
363
364
365
366

367
368
369
370
371
372
373

359
360
361
362
363
364
365

366
367
368
369
370
371
372
373








-
+








DIST_DIR	= $(DIST_ROOT)/$(PKG_DIR)

DIST_INSTALL_DATA	= CPPROG='cp -p' $(INSTALL) -m 644
DIST_INSTALL_DATA_RECUR	= CPPROG='cp -p -R' $(INSTALL)
DIST_INSTALL_SCRIPT	= CPPROG='cp -p' $(INSTALL) -m 755

dist-clean:
	rm -rf $(DIST_DIR) $(DIST_ROOT)/$(PKG_DIR).tar.*
	rm -rf $(DIST_DIR) $(top_builddir)/$(PKG_DIR).tar.*

dist: dist-clean
	# TEA files
	$(INSTALL_DATA_DIR) $(DIST_DIR)
	$(DIST_INSTALL_DATA) $(srcdir)/Makefile.in \
		$(srcdir)/acinclude.m4 $(srcdir)/aclocal.m4 \
		$(srcdir)/configure.ac $(DIST_DIR)/












Modified configure.ac
from [7ae4b1d7b6]
to [77aece8f51].



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

1
2
3
4
5

6
7
8
9
10
11


12
13
14
15
16
17
18






-






-
-








#!/bin/bash -norc
dnl	This file is an input file used by the GNU "autoconf" program to
dnl	generate the file "configure", which is run during Tcl installation
dnl	to configure the system for the local environment.

#
#-----------------------------------------------------------------------
# This is the configure.ac for the TclTLS extension.  The only places you
# should need to modify this file are marked by the string __CHANGE__.
#-----------------------------------------------------------------------

#-----------------------------------------------------------------------
# Set your package name and version numbers here.
#
# This initializes the environment with PACKAGE_NAME and PACKAGE_VERSION
# set as provided.  These will also be added as -D defs in your Makefile
# so you can encode the package version directly into the source files.
# This will also define a special symbol for Windows (BUILD_<PACKAGE_NAME>
# so that we create the export library with the dll.
#-----------------------------------------------------------------------








58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

93

94
95
96
97

98
99

100
101
102
103
104
105
106

55
56
57
58
59
60
61

62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

79
80
81
82
83
84
85
86
87
88

89
90
91


92
93

94
95
96
97
98
99
100
101








-

















-









+
-
+


-
-
+

-
+








# This also calls AC_PROG_CC and a few others to create the basic setup
# necessary to compile executables.
#-----------------------------------------------------------------------

TEA_SETUP_COMPILER

#-----------------------------------------------------------------------
# __CHANGE__
# Specify the C source files to compile in TEA_ADD_SOURCES,
# public headers that need to be installed in TEA_ADD_HEADERS,
# stub library C source files to compile in TEA_ADD_STUB_SOURCES,
# and runtime Tcl library files in TEA_ADD_TCL_SOURCES.
# This defines PKG(_STUB)_SOURCES, PKG(_STUB)_OBJECTS, PKG_HEADERS
# and PKG_TCL_SOURCES.
#-----------------------------------------------------------------------

TEA_ADD_SOURCES([tls.c tlsBIO.c tlsIO.c tlsX509.c])
TEA_ADD_HEADERS([generic/tls.h])
TEA_ADD_INCLUDES([])
TEA_ADD_LIBS([])
TEA_ADD_CFLAGS([])
TEA_ADD_STUB_SOURCES([])
TEA_ADD_TCL_SOURCES([library/tls.tcl])

#--------------------------------------------------------------------
#
# You can add more files to clean if your extension creates any extra
# files by extending CLEANFILES.
# Add pkgIndex.tcl if it is generated in the Makefile instead of ./configure
# and change Makefile.in to move it from CONFIG_CLEAN_FILES to BINARIES var.
#
# A few miscellaneous platform-specific items:
# TEA_ADD_* any platform specific compiler/build info here.
#--------------------------------------------------------------------

TEA_ADD_CLEANFILES([pkgIndex.tcl tls.tcl.h.*])
CONFIG_CLEAN_FILES="$CONFIG_CLEAN_FILES tls.tcl.h.* config.log config.status Makefile pkgIndex.tcl tcltls.a.linkadd tcltls.syms"

if test "${TEA_PLATFORM}" = "windows" ; then
    AC_DEFINE(BUILD_tls)
    AC_DEFINE(WINDOWS)
    CLEANFILES="pkgIndex.tcl *.lib *.dll *.exp *.ilk *.pdb vc*.pch"
    TEA_ADD_CLEANFILES([pkgIndex.tcl *.lib *.dll *.exp *.ilk *.pdb vc*.pch])
else
    CLEANFILES="pkgIndex.tcl *.so"
    TEA_ADD_CLEANFILES([pkgIndex.tcl *.so])
fi
AC_SUBST(CLEANFILES)

#--------------------------------------------------------------------
# Choose which headers you need.  Extension authors should try very
# hard to only rely on the Tcl public header files.  Internal headers
# contain private data structures and are subject to change without












Modified generic/tls.c
from [62e132dc18]
to [5901aadd4f].







156
157
158
159
160
161
162
163

164
165
166
167
168
169
170

156
157
158
159
160
161
162

163
164
165
166
167
168
169
170








-
+








 *-------------------------------------------------------------------
 */
static void
InfoCallback(const SSL *ssl, int where, int ret) {
    State *statePtr = (State*)SSL_get_app_data((SSL *)ssl);
    Tcl_Interp *interp	= statePtr->interp;
    Tcl_Obj *cmdPtr;
    char *major; char *minor;
    char *major, *minor;

    dprintf("Called");

    if (statePtr->callback == (Tcl_Obj*)NULL)
	return;

    if (where & SSL_CB_HANDSHAKE_START) {







2186
2187
2188
2189
2190
2191
2192


2193
2194
2195
2196
2197
2198
2199

2200
2201
2202
2203
2204
2205
2206

2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209








+
+







+








	res = SSL_get_peer_signature_nid(statePtr->ssl, &nid);
    } else {
	res = SSL_get_signature_nid(statePtr->ssl, &nid);
    }
    if (!res) {nid = 0;}
    LAPPEND_STR(interp, objPtr, "signatureHashAlgorithm", OBJ_nid2ln(nid), -1);

    /* Added in OpenSSL 1.1.1a */
#if OPENSSL_VERSION_NUMBER > 0x10101000L
    if (objc == 2) {
	res = SSL_get_peer_signature_type_nid(statePtr->ssl, &nid);
    } else {
	res = SSL_get_signature_type_nid(statePtr->ssl, &nid);
    }
    if (!res) {nid = 0;}
    LAPPEND_STR(interp, objPtr, "signatureType", OBJ_nid2ln(nid), -1);
#endif

    Tcl_SetObjResult(interp, objPtr);
    return TCL_OK;
}

/*
 *-------------------------------------------------------------------







3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053

3019
3020
3021
3022
3023
3024
3025

























3026
3027
3028
3029
3030
3031








-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-








    /* Initialize BOTH libcrypto and libssl. */
    OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS
	| OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);

    BIO_new_tcl(NULL, 0);

#if 0
    /*
     * XXX:TODO: Remove this code and replace it with a check
     * for enough entropy and do not try to create our own
     * terrible entropy
     */
    /*
     * Seed the random number generator in the SSL library,
     * using the do/while construct because of the bug note in the
     * OpenSSL FAQ at http://www.openssl.org/support/faq.html#USER1
     *
     * The crux of the problem is that Solaris 7 does not have a
     * /dev/random or /dev/urandom device so it cannot gather enough
     * entropy from the RAND_seed() when TLS initializes and refuses
     * to go further. Earlier versions of OpenSSL carried on regardless.
     */
    srand((unsigned int) time((time_t *) NULL));
    do {
	for (i = 0; i < 16; i++) {
	    rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0));
	}
	RAND_seed(rnd_seed, sizeof(rnd_seed));
    } while (RAND_status() != 1);
#endif

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
	Tcl_MutexUnlock(&init_mx);
#endif

    return status;
}








Modified generic/tlsInt.h
from [ec109c3ca8]
to [82f0ee7773].







38
39
40
41
42
43
44



45
46
47
48
49



50
51
52
53
54
55
56

38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62








+
+
+





+
+
+








#   endif
#endif

/*
 * Backwards compatibility for size type change
 */
#if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7
    #include <limits.h>
    #define TCL_SIZE_MAX INT_MAX

    #ifndef Tcl_Size
        typedef int Tcl_Size;
    #endif

    #define TCL_SIZE_MODIFIER ""
    #define Tcl_GetSizeIntFromObj Tcl_GetIntFromObj
    #define Tcl_NewSizeIntObj     Tcl_NewIntObj
    #define Tcl_NewSizeIntFromObj Tcl_NewWideIntObj
#endif

#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/opensslv.h>













Modified win/makefile.vc
from [40f325b18a]
to [83b0269d62].



1
2
3

4
5
6
7
8
9
10

1
2

3
4
5
6
7
8
9
10



-
+








#------------------------------------------------------------- -*- makefile -*-
#
# Makefile for TclTLS extensions.
# Makefile for TCL TLS extension
#
# Basic build, test and install
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl test
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl install
#
# For other build options (debug, static etc.),







28
29
30
31
32
33
34
35

36
37
38
39
40
41
42

28
29
30
31
32
33
34

35
36
37
38
39
40
41
42








-
+








PRJ_OBJS = $(TMP_DIR)\tls.obj \
	$(TMP_DIR)\tlsBIO.obj \
	$(TMP_DIR)\tlsIO.obj \
	$(TMP_DIR)\tlsX509.obj

# Define any additional project include flags
# SSL_INSTALL_FOLDER = with the OpenSSL installation folder following.
PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include"
PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" -I"$(TMP_DIR)"

# Define any additional compiler flags that might be required for the project
PRJ_DEFINES = -D NO_SSL2 -D NO_SSL3 -D _CRT_SECURE_NO_WARNINGS

#
# SSL Libs:
#    1. ${LIBCRYPTO}.dll







55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

73
74
75
76
77












78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

94
95
96

55
56
57
58
59
60
61

62
63

64
65
66
67
68
69
70
71





72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

99
100
101
102








-


-







+
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+















-
+




!include "targets.vc"

# Project specific targets

all: default-target

clean: default-clean
	@if exist $(WIN_DIR)\tlsUuid.h del $(WIN_DIR)\tlsUuid.h

realclean: default-hose
	@if exist $(WIN_DIR)\tlsUuid.h del $(WIN_DIR)\tlsUuid.h

# We must define a pkgindex target that will create a pkgIndex.tcl
# file in the $(OUT_DIR) directory. We can just redirect to the
# default-pkgindex target for our sample extension.
pkgindex: default-pkgindex-tea

$(ROOT)\manifest.uuid:
    if not exist $(ROOT)\manifest.uuid (
   copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid
   git rev-parse HEAD >>$(ROOT)\manifest.uuid

$(WIN_DIR)\tlsUuid.h:	$(ROOT)\manifest.uuid
	copy $(WIN_DIR)\tlsUuid.h.in+$(ROOT)\manifest.uuid $(WIN_DIR)\tlsUuid.h
	copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid
	where git
	if ERRORLEVEL 0 (
	    git rev-parse HEAD >>$(ROOT)\manifest.uuid
	) else (
	    echo unknown >>$(ROOT)\manifest.uuid
	)
    )

$(TMP_DIR)\tlsUuid.h:	$(ROOT)\manifest.uuid
	copy $(WIN_DIR)\tlsUuid.h.in+$(ROOT)\manifest.uuid $(TMP_DIR)\tlsUuid.h
	echo: >>$(TMP_DIR)\tlsUuid.h


# The default install target only installs binaries and scripts so add
# an additional target for our documentation. Note this *adds* a target
# since no commands are listed after it. The original targets for
# install (from targets.vc) will remain.
install: default-pkgindex-tea default-install default-install-docs-html
    if exist "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )
    if exist "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )

# Explicit dependency rules
$(GENERICDIR)\tls.c: $(WIN_DIR)\tlsUuid.h
$(GENERICDIR)\tls.c: $(TMP_DIR)\tlsUuid.h

# Test package
test: default-test















Powered by Fossil · RSS