Check-in [195f14da6c]
Overview
Comment:Few more tweaks
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | nijtmans
Files: files | file ages | folders
SHA3-256: 195f14da6ce241620f914d14c7d52121e8ce2e6fcddd0f7d980113e7d072cd03
User & Date: jan.nijtmans on 2024-02-21 23:10:01
Other Links: branch diff | manifest | tags
Context
2024-02-22
07:35
Patch by Sergei Golovan (Debian) to replace 1024 bit certificates with 2048 bit ones because the new OpenSSL refuses to load small keys ("ee key too small"). Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/certs-tests.patch check-in: fecca6f35e user: jan.nijtmans tags: nijtmans
2024-02-21
23:10
Few more tweaks check-in: 195f14da6c user: jan.nijtmans tags: nijtmans
22:57
Stop support for OpenSSL < v1.1.1 check-in: f2101dcc16 user: jan.nijtmans tags: nijtmans
Changes

Modified generic/tls.c from [7287ba0204] to [d561fadbc4].

421
422
423
424
425
426
427
428





429
430
431
432
433
434
435
436
437
438
439
440

441
442
443
444
445
446
447
421
422
423
424
425
426
427

428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443

444
445
446
447
448
449
450
451







-
+
+
+
+
+











-
+







    TCL_UNUSED(int) /* size */,
    TCL_UNUSED(int) /* verify */)
{
    return -1;
}
#else
static int
PasswordCallback(char *buf, int size, TCL_UNUSED(int) /* verify */, void *udata)
PasswordCallback(
    char *buf,
    int size,
    TCL_UNUSED(int), /* verify */
    void *udata)
{
    State *statePtr	= (State *) udata;
    Tcl_Interp *interp	= statePtr->interp;
    Tcl_Obj *cmdPtr;
    int result;

    dprintf("Called");

    if (statePtr->password == NULL) {
	if (Tcl_EvalEx(interp, "tls::password", -1, TCL_EVAL_GLOBAL)
		== TCL_OK) {
	    char *ret = (char *) Tcl_GetStringResult(interp);
	    const char *ret = Tcl_GetStringResult(interp);
	    strncpy(buf, ret, (size_t) size);
	    return (int)strlen(ret);
	} else {
	    return -1;
	}
    }

457
458
459
460
461
462
463
464

465
466
467
468
469
470
471
461
462
463
464
465
466
467

468
469
470
471
472
473
474
475







-
+







    }
    Tcl_DecrRefCount(cmdPtr);

    Tcl_Release((ClientData) statePtr);
    Tcl_Release((ClientData) statePtr->interp);

    if (result == TCL_OK) {
	char *ret = (char *) Tcl_GetStringResult(interp);
	const char *ret = Tcl_GetStringResult(interp);
	strncpy(buf, ret, (size_t) size);
	return (int)strlen(ret);
    } else {
	return -1;
    }
}
#endif
745
746
747
748
749
750
751
752

753
754
755
756
757
758
759
749
750
751
752
753
754
755

756
757
758
759
760
761
762
763







-
+







    int ssl2 = 0, ssl3 = 0;
    int tls1 = 1, tls1_1 = 1, tls1_2 = 1, tls1_3 = 1;
    int proto = 0;
    int verify = 0, require = 0, request = 1;

    dprintf("Called");

#if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && !defined(NO_SSL3)
#if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && defined(NO_TLS1_3) && !defined(NO_SSL3)
    ssl3 = 1;
#endif
#if defined(NO_TLS1)
    tls1 = 0;
#endif
#if defined(NO_TLS1_1)
    tls1_1 = 0;