Changes On Branch ef750b8a2ca037ee
EuroTcl/OpenACS 11 - 12 JULY 2024, VIENNA

Changes In Branch tls-1.8 Through [ef750b8a2c] Excluding Merge-Ins

This is equivalent to a diff from f5d3f859aa to ef750b8a2c

2024-05-27
13:23
Remove tclconfig directory (since it should be extracted from "tclconfig" repository). Update configure to autoconf 2.72 check-in: 49aef5cb6c user: jan.nijtmans tags: trunk
2024-04-22
04:18
Updated makefile to use TEA_ADD_CLEANFILES check-in: 6b0826ae21 user: bohagan tags: tls-1.8
2024-04-15
02:26
Fixed *Uuid.h build issue on Windows. Only create manifest.uuid file if none present and git exists. check-in: ef750b8a2c user: bohagan tags: tls-1.8
2024-03-29
20:48
Added more TCL 9 backwards compatibility definitions check-in: 945acae4ba user: bohagan tags: tls-1.8
2024-03-26
21:28
Minor cleanups to remove obsolete code and add missing change log entry check-in: bb89d73224 user: bohagan tags: tls-1.8
05:00
Created tls1.8 branch Closed-Leaf check-in: 94d2753492 user: bohagan tags: tls1.8
2024-03-15
23:39
Updated make file to correct bugs check-in: f5d3f859aa user: bohagan tags: trunk
22:17
Fix warnings for compile with GCC on TCL 9.0 check-in: 562bd95399 user: bohagan tags: trunk

Modified ChangeLog from [7400a29b58] to [03077231f7].








1
2
3
4
5
6
7







2015-05-01  Andreas Kupries  <[email protected]>

	* configure.in: Bump to version 1.6.5.
	* win/makefile.vc:
	* configure: regen with ac-2.59
	* tls.c: Accepted SF TLS [bug/patch #57](https://sourceforge.net/p/tls/bugs/57/).
	* tlsIO.c: Accepted core Tcl patch in [ticket](http://core.tcl.tk/tcl/tktview/0f94f855cafed92d0e174b7d835453a02831b4dd).
>
>
>
>
>
>
>







1
2
3
4
5
6
7
8
9
10
11
12
13
14
TclTLS 1.7.22
==========

Release Date: Mon Oct 12 15:40:16 CDT 2020

https://tcltls.rkeene.org/

2015-05-01  Andreas Kupries  <[email protected]>

	* configure.in: Bump to version 1.6.5.
	* win/makefile.vc:
	* configure: regen with ac-2.59
	* tls.c: Accepted SF TLS [bug/patch #57](https://sourceforge.net/p/tls/bugs/57/).
	* tlsIO.c: Accepted core Tcl patch in [ticket](http://core.tcl.tk/tcl/tktview/0f94f855cafed92d0e174b7d835453a02831b4dd).

Modified generic/tls.c from [62e132dc18] to [eb71938a0b].

156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
 *-------------------------------------------------------------------
 */
static void
InfoCallback(const SSL *ssl, int where, int ret) {
    State *statePtr = (State*)SSL_get_app_data((SSL *)ssl);
    Tcl_Interp *interp	= statePtr->interp;
    Tcl_Obj *cmdPtr;
    char *major; char *minor;

    dprintf("Called");

    if (statePtr->callback == (Tcl_Obj*)NULL)
	return;

    if (where & SSL_CB_HANDSHAKE_START) {







|







156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
 *-------------------------------------------------------------------
 */
static void
InfoCallback(const SSL *ssl, int where, int ret) {
    State *statePtr = (State*)SSL_get_app_data((SSL *)ssl);
    Tcl_Interp *interp	= statePtr->interp;
    Tcl_Obj *cmdPtr;
    char *major, *minor;

    dprintf("Called");

    if (statePtr->callback == (Tcl_Obj*)NULL)
	return;

    if (where & SSL_CB_HANDSHAKE_START) {
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053

    /* Initialize BOTH libcrypto and libssl. */
    OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS
	| OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);

    BIO_new_tcl(NULL, 0);

#if 0
    /*
     * XXX:TODO: Remove this code and replace it with a check
     * for enough entropy and do not try to create our own
     * terrible entropy
     */
    /*
     * Seed the random number generator in the SSL library,
     * using the do/while construct because of the bug note in the
     * OpenSSL FAQ at http://www.openssl.org/support/faq.html#USER1
     *
     * The crux of the problem is that Solaris 7 does not have a
     * /dev/random or /dev/urandom device so it cannot gather enough
     * entropy from the RAND_seed() when TLS initializes and refuses
     * to go further. Earlier versions of OpenSSL carried on regardless.
     */
    srand((unsigned int) time((time_t *) NULL));
    do {
	for (i = 0; i < 16; i++) {
	    rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0));
	}
	RAND_seed(rnd_seed, sizeof(rnd_seed));
    } while (RAND_status() != 1);
#endif

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
	Tcl_MutexUnlock(&init_mx);
#endif

    return status;
}







<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<






3016
3017
3018
3019
3020
3021
3022

























3023
3024
3025
3026
3027
3028

    /* Initialize BOTH libcrypto and libssl. */
    OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS
	| OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);

    BIO_new_tcl(NULL, 0);


























#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
	Tcl_MutexUnlock(&init_mx);
#endif

    return status;
}

Modified generic/tlsInt.h from [ec109c3ca8] to [82f0ee7773].

38
39
40
41
42
43
44



45
46
47
48
49



50
51
52
53
54
55
56
#   endif
#endif

/*
 * Backwards compatibility for size type change
 */
#if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7



    #ifndef Tcl_Size
        typedef int Tcl_Size;
    #endif

    #define TCL_SIZE_MODIFIER ""



#endif

#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/opensslv.h>








>
>
>





>
>
>







38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#   endif
#endif

/*
 * Backwards compatibility for size type change
 */
#if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7
    #include <limits.h>
    #define TCL_SIZE_MAX INT_MAX

    #ifndef Tcl_Size
        typedef int Tcl_Size;
    #endif

    #define TCL_SIZE_MODIFIER ""
    #define Tcl_GetSizeIntFromObj Tcl_GetIntFromObj
    #define Tcl_NewSizeIntObj     Tcl_NewIntObj
    #define Tcl_NewSizeIntFromObj Tcl_NewWideIntObj
#endif

#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/opensslv.h>

Modified win/makefile.vc from [40f325b18a] to [83b0269d62].

1
2
3
4
5
6
7
8
9
10
#------------------------------------------------------------- -*- makefile -*-
#
# Makefile for TclTLS extensions.
#
# Basic build, test and install
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl test
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl install
#
# For other build options (debug, static etc.),


|







1
2
3
4
5
6
7
8
9
10
#------------------------------------------------------------- -*- makefile -*-
#
# Makefile for TCL TLS extension
#
# Basic build, test and install
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl test
#   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl install
#
# For other build options (debug, static etc.),
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
PRJ_OBJS = $(TMP_DIR)\tls.obj \
	$(TMP_DIR)\tlsBIO.obj \
	$(TMP_DIR)\tlsIO.obj \
	$(TMP_DIR)\tlsX509.obj

# Define any additional project include flags
# SSL_INSTALL_FOLDER = with the OpenSSL installation folder following.
PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include"

# Define any additional compiler flags that might be required for the project
PRJ_DEFINES = -D NO_SSL2 -D NO_SSL3 -D _CRT_SECURE_NO_WARNINGS

#
# SSL Libs:
#    1. ${LIBCRYPTO}.dll







|







28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
PRJ_OBJS = $(TMP_DIR)\tls.obj \
	$(TMP_DIR)\tlsBIO.obj \
	$(TMP_DIR)\tlsIO.obj \
	$(TMP_DIR)\tlsX509.obj

# Define any additional project include flags
# SSL_INSTALL_FOLDER = with the OpenSSL installation folder following.
PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" -I"$(TMP_DIR)"

# Define any additional compiler flags that might be required for the project
PRJ_DEFINES = -D NO_SSL2 -D NO_SSL3 -D _CRT_SECURE_NO_WARNINGS

#
# SSL Libs:
#    1. ${LIBCRYPTO}.dll
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

73


74


75


76
77

78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
!include "targets.vc"

# Project specific targets

all: default-target

clean: default-clean
	@if exist $(WIN_DIR)\tlsUuid.h del $(WIN_DIR)\tlsUuid.h

realclean: default-hose
	@if exist $(WIN_DIR)\tlsUuid.h del $(WIN_DIR)\tlsUuid.h

# We must define a pkgindex target that will create a pkgIndex.tcl
# file in the $(OUT_DIR) directory. We can just redirect to the
# default-pkgindex target for our sample extension.
pkgindex: default-pkgindex-tea

$(ROOT)\manifest.uuid:

   copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid


   git rev-parse HEAD >>$(ROOT)\manifest.uuid





$(WIN_DIR)\tlsUuid.h:	$(ROOT)\manifest.uuid
	copy $(WIN_DIR)\tlsUuid.h.in+$(ROOT)\manifest.uuid $(WIN_DIR)\tlsUuid.h



# The default install target only installs binaries and scripts so add
# an additional target for our documentation. Note this *adds* a target
# since no commands are listed after it. The original targets for
# install (from targets.vc) will remain.
install: default-pkgindex-tea default-install default-install-docs-html
    if exist "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )
    if exist "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )

# Explicit dependency rules
$(GENERICDIR)\tls.c: $(WIN_DIR)\tlsUuid.h

# Test package
test: default-test







<


<







>
|
>
>
|
>
>
|
>
>
|
|
>















|



55
56
57
58
59
60
61

62
63

64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
!include "targets.vc"

# Project specific targets

all: default-target

clean: default-clean


realclean: default-hose


# We must define a pkgindex target that will create a pkgIndex.tcl
# file in the $(OUT_DIR) directory. We can just redirect to the
# default-pkgindex target for our sample extension.
pkgindex: default-pkgindex-tea

$(ROOT)\manifest.uuid:
    if not exist $(ROOT)\manifest.uuid (
	copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid
	where git
	if ERRORLEVEL 0 (
	    git rev-parse HEAD >>$(ROOT)\manifest.uuid
	) else (
	    echo unknown >>$(ROOT)\manifest.uuid
	)
    )

$(TMP_DIR)\tlsUuid.h:	$(ROOT)\manifest.uuid
	copy $(WIN_DIR)\tlsUuid.h.in+$(ROOT)\manifest.uuid $(TMP_DIR)\tlsUuid.h
	echo: >>$(TMP_DIR)\tlsUuid.h


# The default install target only installs binaries and scripts so add
# an additional target for our documentation. Note this *adds* a target
# since no commands are listed after it. The original targets for
# install (from targets.vc) will remain.
install: default-pkgindex-tea default-install default-install-docs-html
    if exist "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libcrypto-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )
    if exist "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" (
        xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" "$(PRJ_INSTALL_DIR)"
    )

# Explicit dependency rules
$(GENERICDIR)\tls.c: $(TMP_DIR)\tlsUuid.h

# Test package
test: default-test