Overview
Comment: | Added more connection status |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | tls-1.8 |
Files: | files | file ages | folders |
SHA3-256: |
ab1aa551c09f357c6ea1cc7b6b1d7e0b |
User & Date: | bohagan on 2024-06-19 20:40:14 |
Other Links: | branch diff | manifest | tags |
Context
2024-06-20
| ||
01:01 | Added support for setting the certificate store check-in: 1cabc3b8f2 user: bohagan tags: tls-1.8 | |
2024-06-19
| ||
20:40 | Added more connection status check-in: ab1aa551c0 user: bohagan tags: tls-1.8 | |
2024-06-16
| ||
20:23 | Added shutdown handler check-in: 2e607e483a user: bohagan tags: tls-1.8 | |
Changes
Modified generic/tls.c
from [c568200b91]
to [1e500c198d].
︙ | ︙ | |||
2090 2091 2092 2093 2094 2095 2096 | return ctx; } /* *------------------------------------------------------------------- * | | | 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 | return ctx; } /* *------------------------------------------------------------------- * * StatusObjCmd -- return certificate for connected peer info. * * Results: * A standard Tcl result. * * Side effects: * None. * |
︙ | ︙ | |||
2264 2265 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298 2299 2300 | objPtr = Tcl_NewListObj(0, NULL); /* Connection info */ statePtr = (State *)Tcl_GetChannelInstanceData(chan); ssl = statePtr->ssl; if (ssl != NULL) { /* connection state */ LAPPEND_STR(interp, objPtr, "state", SSL_state_string_long(ssl), -1); /* Get SNI requested server name */ LAPPEND_STR(interp, objPtr, "servername", SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name), -1); /* Get protocol */ LAPPEND_STR(interp, objPtr, "protocol", SSL_get_version(ssl), -1); /* Renegotiation allowed */ LAPPEND_BOOL(interp, objPtr, "renegotiation_allowed", SSL_get_secure_renegotiation_support((SSL *) ssl)); /* Get security level */ LAPPEND_INT(interp, objPtr, "security_level", SSL_get_security_level(ssl)); /* Session info */ LAPPEND_BOOL(interp, objPtr, "session_reused", SSL_session_reused(ssl)); /* Is server info */ LAPPEND_BOOL(interp, objPtr, "is_server", SSL_is_server(ssl)); /* Is DTLS */ LAPPEND_BOOL(interp, objPtr, "is_dtls", SSL_is_dtls(ssl)); } /* Cipher info */ cipher = SSL_get_current_cipher(ssl); if (cipher != NULL) { char buf[BUFSIZ] = {0}; int bits, alg_bits; | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 2264 2265 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 2310 2311 2312 2313 2314 2315 2316 2317 2318 2319 2320 2321 2322 2323 2324 2325 2326 2327 2328 2329 2330 | objPtr = Tcl_NewListObj(0, NULL); /* Connection info */ statePtr = (State *)Tcl_GetChannelInstanceData(chan); ssl = statePtr->ssl; if (ssl != NULL) { const unsigned char *proto; unsigned int ulen; /* Initialization finished */ LAPPEND_BOOL(interp, objPtr, "init_finished", SSL_is_init_finished(ssl)); /* connection state */ LAPPEND_STR(interp, objPtr, "state", SSL_state_string_long(ssl), -1); /* Get SNI requested server name */ LAPPEND_STR(interp, objPtr, "servername", SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name), -1); /* Report the selected protocol as a result of the negotiation */ SSL_get0_alpn_selected(statePtr->ssl, &proto, &ulen); LAPPEND_STR(interp, objPtr, "alpn", (char *)proto, (Tcl_Size) ulen); /* Get protocol */ LAPPEND_STR(interp, objPtr, "protocol", SSL_get_version(ssl), -1); /* Renegotiation allowed */ LAPPEND_BOOL(interp, objPtr, "renegotiation_allowed", SSL_get_secure_renegotiation_support((SSL *) ssl)); /* Get security level */ LAPPEND_INT(interp, objPtr, "security_level", SSL_get_security_level(ssl)); /* Session info */ LAPPEND_BOOL(interp, objPtr, "session_reused", SSL_session_reused(ssl)); /* Is server info */ LAPPEND_BOOL(interp, objPtr, "is_server", SSL_is_server(ssl)); /* Is DTLS */ LAPPEND_BOOL(interp, objPtr, "is_dtls", SSL_is_dtls(ssl)); #if OPENSSL_VERSION_NUMBER >= 0x30200000L /* Is QUIC */ LAPPEND_BOOL(interp, objPtr, "is_quic", SSL_is_quic(ssl)); /* Is TLS */ LAPPEND_BOOL(interp, objPtr, "is_tls", SSL_is_tls(ssl)); #endif /* DANE TLS authentication */ LAPPEND_BOOL(interp, objPtr, "dane_auth", SSL_get0_dane(ssl) != NULL); /* Waiting for async */ LAPPEND_BOOL(interp, objPtr, "waiting_for_async", SSL_waiting_for_async(ssl)); /* Time-out */ LAPPEND_LONG(interp, objPtr, "time-out", SSL_get_default_timeout(ssl)); /* Is Certificate Transparency validation enabled */ LAPPEND_BOOL(interp, objPtr, "ct_enabled", SSL_ct_is_enabled(ssl)); } /* Cipher info */ cipher = SSL_get_current_cipher(ssl); if (cipher != NULL) { char buf[BUFSIZ] = {0}; int bits, alg_bits; |
︙ | ︙ |