Overview
Comment: | Updated documentation to define defaults for -cadir and -cafile options. Source: https://core.tcl-lang.org/tcltls/tktview/56d19eb033 and https://sourceforge.net/p/tls/bugs/42/ |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
002efbac6192ef7f0fb7f37ed6927f0a |
User & Date: | bohagan on 2023-03-05 02:04:45 |
Other Links: | manifest | tags |
Context
2023-03-05
| ||
03:04 | Added support for optional TLS commands BIO_CTRL_POP and BIO_CTRL_PUSH. BIO_CTRL_PUSH is an optional value that is not handled in the tlsBIO:BioCtrl(). The larger problem is that the library does not support new optional commands because it returns -2 for unknown cmds in BioCtrl(). I would suggest changing the default return value to 0. I confirmed that this fixed the issue. Source: https://core.tcl-lang.org/tcltls/tktview/006bd0c74e check-in: 602c39a56c user: bohagan tags: trunk | |
02:04 | Updated documentation to define defaults for -cadir and -cafile options. Source: https://core.tcl-lang.org/tcltls/tktview/56d19eb033 and https://sourceforge.net/p/tls/bugs/42/ check-in: 002efbac61 user: bohagan tags: trunk | |
01:35 | Patch by Sergei Golovan (Debian) to replace 1024 bit certificates with 2048 bit ones because the new OpenSSL refuses to load small keys ("ee key too small"). Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/certs-tests.patch check-in: 6e0ab0e0eb user: bohagan tags: trunk | |
Changes
Modified tls.htm
from [fd9a0fa861]
to [a18669097e].
︙ | ︙ | |||
172 173 174 175 176 177 178 | <blockquote> <dl> <dt><strong>-alpn</strong> <em>list</em></dt> <dd>List of protocols to offer during Application-Layer Protocol Negotiation (ALPN). For example: h2, http/1.1, etc.</dd> <dt><strong>-cadir</strong> <em>dir</em></dt> | | > > > | > > | 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 | <blockquote> <dl> <dt><strong>-alpn</strong> <em>list</em></dt> <dd>List of protocols to offer during Application-Layer Protocol Negotiation (ALPN). For example: h2, http/1.1, etc.</dd> <dt><strong>-cadir</strong> <em>dir</em></dt> <dd>Provide the directory containing the CA certificates. The default directory is platform specific and can be set at compile time. This can be overridden via the <b>SSL_CERT_DIR</b> environment variable.</dd> <dt><strong>-cafile </strong><em>filename</em></dt> <dd>Provide the CA file.</dd> <dt><strong>-certfile</strong> <em>filename</em></dt> <dd>Provide the name of a file containing certificate to use. The default name is cert.pem. This can be overridden via the <b>SSL_CERT_FILE</b> environment variable.</dd> <dt><strong>-cert</strong> <em>filename</em></dt> <dd>Provide the contents of a certificate to use, as a DER encoded binary value (X.509 DER).</dd> <dt><strong>-cipher </strong><em>string</em></dt> <dd>Provide the cipher suites to use. Syntax is as per OpenSSL.</dd> <dt><strong>-command</strong> <em>callback</em></dt> <dd>If specified, this callback will be invoked at several points |
︙ | ︙ |