Check-in [aaac45cfca]
EuroTcl/OpenACS 11 - 12 JULY 2024, VIENNA
Overview
Comment:Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: aaac45cfca04d7d48962c263ff7f0ac983cdccb3
User & Date: rkeene on 2016-12-13 06:56:11
Other Links: manifest | tags
Context
2016-12-13
07:00
Made SSLv2/SSLv3 compiled in by default (since they are now disabled by default) and made other options more consistently checked check-in: a23045b659 user: rkeene tags: trunk
06:56
Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available check-in: aaac45cfca user: rkeene tags: trunk
06:47
Removed extraenous cleanup check-in: 5798396954 user: rkeene tags: trunk
Changes

Modified tls.c from [f62df33327] to [6c127f2542].

730
731
732
733
734
735
736
737
738
739
740









741
742

743
744
745

746
747
748

749
750
751
752
753

754
755
756
757
758

759
760
761
762
763
764
765
766
767
768
769
770
771
772
730
731
732
733
734
735
736




737
738
739
740
741
742
743
744
745
746

747



748
749
750

751


752
753

754


755
756

757


758




759
760
761
762
763
764
765







-
-
-
-
+
+
+
+
+
+
+
+
+

-
+
-
-
-
+


-
+
-
-


-
+
-
-


-
+
-
-

-
-
-
-







    char *CAfile	= NULL;
    char *CAdir		= NULL;
    char *DHparams	= NULL;
    char *model		= NULL;
#ifndef OPENSSL_NO_TLSEXT
    char *servername	= NULL;	/* hostname for Server Name Indication */
#endif
#if defined(NO_SSL2)
    int ssl2 = 0;
#else
    int ssl2 = 1;
    int ssl2 = 0, ssl3 = 0;
    int tls1 = 1, tls1_1 = 1, tls1_2 = 1;
    int proto = 0;
    int verify = 0, require = 0, request = 1;

    dprintf("Called");

#if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && defined(NO_SSL3) && !defined(NO_SSL2)
    ssl2 = 1;
#endif
#if defined(NO_SSL3)
#if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && defined(NO_SSL2) && !defined(NO_SSL3)
    int ssl3 = 0;
#else
    int ssl3 = 1;
    ssl3 = 1;
#endif
#if defined(NO_TLS1)
    int tls1 = 0;
    tls1 = 0;
#else
    int tls1 = 1;
#endif
#if defined(NO_TLS1_1)
    int tls1_1 = 0;
    tls1_1 = 0;
#else
    int tls1_1 = 1;
#endif
#if defined(NO_TLS1_2)
    int tls1_2 = 0;
    tls1_2 = 0;
#else
    int tls1_2 = 1;
#endif
    int proto = 0;
    int verify = 0, require = 0, request = 1;

    dprintf("Called");

    if (objc < 2) {
	Tcl_WrongNumArgs(interp, 1, objv, "channel ?options?");
	return TCL_ERROR;
    }

    chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], NULL), NULL);