Check-in [509dd7a9b6]
Bounty program for improvements to Tcl and certain Tcl packages.
Overview
Comment:Added password callback support and version command. Fixed memory leak.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 509dd7a9b6a16556114c4f770836ba50789ef14c
User & Date: razzell on 2003-05-15 21:02:10
Other Links: manifest | tags
Context
2003-05-16
17:33
Add missing config directory. check-in: 300cfce31a user: razzell tags: trunk
2003-05-15
21:02
Added password callback support and version command. Fixed memory leak. check-in: 509dd7a9b6 user: razzell tags: trunk
20:44
*** empty log message *** check-in: 3631274d64 user: razzell tags: trunk
Changes

Modified ChangeLog from [cccb98d8c7] to [6a52a80fcb].

1

2
3
4
5
6
7
8
1
2
3
4
5
6
7
8
-
+







2003-05-15  Dan Razzell	<[email protected]>
2003-05-15  Dan Razzell	<[email protected]> 

	* tls.tcl:
	* tlsInt.h:
	* tls.c: add support for binding a password callback to the socket.
	Now each socket can have its own command and password callbacks instead
	of being forced to have all password management pass through a common
	procedure.  The common password procedure is retained for compatibility

Modified README.txt from [5ce6323187] to [70db8f4bf4].

1
2
3
4

5
6
7
8
9
10
11
1
2
3

4
5
6
7
8
9
10
11


-
+







Copyright (C) 1997-2000 Matt Newman <[email protected]>
TLS 1.4.1 Copyright (C) 2000 Ajuba Solutions

$Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/README.txt,v 1.4 2003/05/15 20:44:46 razzell Exp $
$Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/README.txt,v 1.5 2003/05/15 21:02:10 razzell Exp $

TLS (aka SSL) Channel - can be layered on any bi-directional Tcl_Channel.

Both client and server-side sockets are possible, and this code should work
on any platform as it uses a generic mechanism for layering on SSL and Tcl.

The TLS 1.4 release requires Tcl 8.2.0+, with 8.3.2+ preferred.  The
41
42
43
44
45
46
47
48

41
42
43
44
45
46
47

48






-
+
me that people need to be able to switch-to-encrypted mode part way
through a conversation.

Also I would like to acknowledge the kind support of Novadigm Inc, my
current employer, which made this possible.


Matt Newman
Matt Newman 

Modified tls.c from [32f77b5e42] to [85e46e8624].

1
2
3
4
5
6

7
8

9
10
11
12
13
14
15
1
2
3
4
5

6
7

8
9
10
11
12
13
14
15




-
+

-
+







/*
 * Copyright (C) 1997-1999 Matt Newman <[email protected]>
 * some modifications:
 *	Copyright (C) 2000 Ajuba Solutions
 *	Copyright (C) 2002 ActiveState Corporation
 *	Copyright (C) 2003 Starfish Systems
 *	Copyright (C) 2003 Starfish Systems 
 *
 * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.c,v 1.15 2003/05/15 20:44:46 razzell Exp $
 * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.c,v 1.16 2003/05/15 21:02:10 razzell Exp $
 *
 * TLS (aka SSL) Channel - can be layered on any bi-directional
 * Tcl_Channel (Note: Requires Trf Core Patch)
 *
 * This was built (almost) from scratch based upon observation of
 * OpenSSL 0.9.2B
 *

Modified tls.htm from [a3ee30595b] to [98ee02664f].

1

2
3
4
5
6
7
8
1
2
3
4
5
6
7
8
-
+







<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN">
<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN"> 

<html>

<head>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1">
<meta name="Author"

Modified tls.tcl from [3de2fbdab5] to [029ba515f3].

1
2

3
4

5
6
7
8
9
10
11
1

2
3

4
5
6
7
8
9
10
11
-
+

-
+







#
# Copyright (C) 1997-2000 Matt Newman <[email protected]>
# Copyright (C) 1997-2000 Matt Newman <[email protected]> 
#
# $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.tcl,v 1.4 2003/05/15 20:44:46 razzell Exp $
# $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.tcl,v 1.5 2003/05/15 21:02:10 razzell Exp $
#
namespace eval tls {
    variable logcmd tclLog
    variable debug 0
 
    # Default flags passed to tls::import
    variable defaults {}

Modified tlsInt.h from [3f35632d0e] to [fbfc578a79].

1
2
3
4

5
6
7
8
9
10
11
1
2
3

4
5
6
7
8
9
10
11


-
+







/*
 * Copyright (C) 1997-2000 Matt Newman <[email protected]>
 *
 * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tlsInt.h,v 1.9 2003/05/15 20:44:46 razzell Exp $
 * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tlsInt.h,v 1.10 2003/05/15 21:02:10 razzell Exp $
 *
 * TLS (aka SSL) Channel - can be layered on any bi-directional
 * Tcl_Channel (Note: Requires Trf Core Patch)
 *
 * This was built from scratch based upon observation of OpenSSL 0.9.2B
 *
 * Addition credit is due for Andreas Kupries ([email protected]), for
91
92
93
94
95
96
97
98

99
100
101
102
103
104
105
91
92
93
94
95
96
97

98
99
100
101
102
103
104
105






-
+







    int flags;		/* currently only CHANNEL_ASYNC */
    int watchMask;	/* current WatchProc mask */
    int mode;		/* current mode of parent channel */

    Tcl_Interp *interp;	/* interpreter in which this resides */
    Tcl_Obj *callback;	/* script called for tracing, verifying and errors */
    Tcl_Obj *password;	/* script called for certificate password */
    Tcl_Obj *password;	/* script called for certificate password */ 

    int vflags;		/* verify flags */
    SSL *ssl;		/* Struct for SSL processing */
    SSL_CTX *ctx;	/* SSL Context */
    BIO *bio;		/* Struct for SSL processing */
    BIO *p_bio;		/* Parent BIO (that is layered on Tcl_Channel) */