Overview
| Comment: | Roll back some type changes from Clientdata to void * and added comments to args |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk | main |
| Files: | files | file ages | folders |
| SHA3-256: |
c951849fa93d49d276af50cb7ededd63 |
| User & Date: | bohagan on 2024-11-30 21:06:10 |
| Other Links: | branch diff | manifest | tags |
Context
|
2024-11-30
| ||
| 22:00 | Added Keywords to documentation check-in: 5963513285 user: bohagan tags: trunk, main | |
| 21:06 | Roll back some type changes from Clientdata to void * and added comments to args check-in: c951849fa9 user: bohagan tags: trunk, main | |
|
2024-11-29
| ||
| 15:41 | Re-introduce TCL_UNUSED. Some int <-> Tcl_Size fixes. Some more code cleanup check-in: cc9314fa6e user: jan.nijtmans tags: trunk, main | |
Changes
Modified generic/tls.c
from [449c72e968]
to [7e537d9cb7].
| ︙ | ︙ | |||
81 82 83 84 85 86 87 | * * Side effects: * Evaluates callback command * *------------------------------------------------------------------- */ static int | | > > > > | 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
*
* Side effects:
* Evaluates callback command
*
*-------------------------------------------------------------------
*/
static int
EvalCallback(
Tcl_Interp *interp, /* Tcl interpreter */
State *statePtr, /* Client state for TLS socket */
Tcl_Obj *cmdPtr) /* Command to eval as a Tcl object */
{
int code, ok = 0;
dprintf("Called");
Tcl_Preserve((void *) interp);
Tcl_Preserve((void *) statePtr);
|
| ︙ | ︙ | |||
131 132 133 134 135 136 137 | * * Side effects: * Calls callback (if defined) * *------------------------------------------------------------------- */ static void | | > > > > | 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 |
*
* Side effects:
* Calls callback (if defined)
*
*-------------------------------------------------------------------
*/
static void
InfoCallback(
const SSL *ssl, /* SSL context */
int where, /* Source of info */
int ret) /* message enum */
{
State *statePtr = (State*)SSL_get_app_data((SSL *)ssl);
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr;
const char *major, *minor;
dprintf("Called");
|
| ︙ | ︙ | |||
204 205 206 207 208 209 210 | * Side effects: * Calls callback (if defined) * *------------------------------------------------------------------- */ #ifndef OPENSSL_NO_SSL_TRACE static void | | > > > > > > > > | 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 |
* Side effects:
* Calls callback (if defined)
*
*-------------------------------------------------------------------
*/
#ifndef OPENSSL_NO_SSL_TRACE
static void
MessageCallback(
int write_p, /* Message 0=received, 1=sent */
int version, /* TLS version */
int content_type, /* Protocol content type */
const void *buf, /* Protocol message */
size_t len, /* Protocol message length */
SSL *ssl, /* SSL context */
void *arg) /* Client state for TLS socket */
{
State *statePtr = (State*)arg;
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr;
char *ver, *type;
BIO *bio;
char buffer[15000];
buffer[0] = 0;
|
| ︙ | ︙ | |||
344 345 346 347 348 349 350 | * Side effects: * The err field of the currently operative State is set * to a string describing the SSL negotiation failure reason * *------------------------------------------------------------------- */ static int | | > > > | 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 |
* Side effects:
* The err field of the currently operative State is set
* to a string describing the SSL negotiation failure reason
*
*-------------------------------------------------------------------
*/
static int
VerifyCallback(
int ok, /* Verify result */
X509_STORE_CTX *ctx) /* CTX context */
{
Tcl_Obj *cmdPtr;
SSL *ssl = (SSL*)X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
X509 *cert = X509_STORE_CTX_get_current_cert(ctx);
State *statePtr = (State*)SSL_get_app_data(ssl);
Tcl_Interp *interp = statePtr->interp;
int depth = X509_STORE_CTX_get_error_depth(ctx);
int err = X509_STORE_CTX_get_error(ctx);
|
| ︙ | ︙ | |||
410 411 412 413 414 415 416 | * Side effects: * The err field of the currently operative State is set * to a string describing the SSL negotiation failure reason * *------------------------------------------------------------------- */ void | | > > > | 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 |
* Side effects:
* The err field of the currently operative State is set
* to a string describing the SSL negotiation failure reason
*
*-------------------------------------------------------------------
*/
void
Tls_Error(
State *statePtr, /* Client state for TLS socket */
const char *msg) /* Error message */
{
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr, *listPtr;
unsigned long err;
statePtr->err = msg;
dprintf("Called with message %s", msg);
|
| ︙ | ︙ | |||
463 464 465 466 467 468 469 | * Write received key data to log file. * * Side effects: * none * *------------------------------------------------------------------- */ | | > > > | 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 |
* Write received key data to log file.
*
* Side effects:
* none
*
*-------------------------------------------------------------------
*/
void KeyLogCallback(
const SSL *ssl, /* Client state for TLS socket */
const char *line) /* Key data to be logged */
{
char *str = getenv(SSLKEYLOGFILE);
FILE *fd;
dprintf("Called");
if (str) {
fd = fopen(str, "a");
|
| ︙ | ︙ | |||
497 498 499 500 501 502 503 | * * Returns: * Password size in bytes or -1 for an error. * *------------------------------------------------------------------- */ static int | | > > > > > | 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 |
*
* Returns:
* Password size in bytes or -1 for an error.
*
*-------------------------------------------------------------------
*/
static int
PasswordCallback(
char *buf, /* Pointer to buffer to store password in */
int size, /* Buffer length in bytes */
int rwflag, /* Whether password is needed for read or write */
void *udata) /* Client state for TLS socket */
{
State *statePtr = (State *) udata;
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr;
int code;
Tcl_Size len;
dprintf("Called");
|
| ︙ | ︙ | |||
586 587 588 589 590 591 592 | * Return codes: * 0 = error where session will be immediately removed from the internal cache. * 1 = success where app retains session in session cache, and must call SSL_SESSION_free() when done. * *------------------------------------------------------------------- */ static int | | > > > | 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 |
* Return codes:
* 0 = error where session will be immediately removed from the internal cache.
* 1 = success where app retains session in session cache, and must call SSL_SESSION_free() when done.
*
*-------------------------------------------------------------------
*/
static int
SessionCallback(
SSL *ssl, /* SSL context */
SSL_SESSION *session) /* Session context */
{
State *statePtr = (State*)SSL_get_app_data((SSL *)ssl);
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr;
const unsigned char *ticket;
const unsigned char *session_id;
size_t len2;
unsigned int ulen;
|
| ︙ | ︙ | |||
655 656 657 658 659 660 661 | * supplied list and the server configuration. The connection will be aborted. * SSL_TLSEXT_ERR_NOACK: ALPN protocol not selected, e.g., because no ALPN * protocols are configured for this connection. The connection continues. * *------------------------------------------------------------------- */ static int | | > > > | > > > | 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 |
* supplied list and the server configuration. The connection will be aborted.
* SSL_TLSEXT_ERR_NOACK: ALPN protocol not selected, e.g., because no ALPN
* protocols are configured for this connection. The connection continues.
*
*-------------------------------------------------------------------
*/
static int
ALPNCallback(
SSL *ssl, /* SSL context */
const unsigned char **out, /* Return buffer to store selected protocol */
unsigned char *outlen, /* Return buffer size */
const unsigned char *in, /* Peer provided protocols */
unsigned int inlen, /* Peer buffer size */
void *arg) /* Client state for TLS socket */
{
State *statePtr = (State*)arg;
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr;
int code, res;
dprintf("Called");
|
| ︙ | ︙ | |||
724 725 726 727 728 729 730 | * SSL_TLSEXT_ERR_OK: NPN protocol selected. The connection continues. * SSL_TLSEXT_ERR_NOACK: NPN protocol not selected. The connection continues. * *------------------------------------------------------------------- */ #ifdef USE_NPN static int | | > > > > > | 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 |
* SSL_TLSEXT_ERR_OK: NPN protocol selected. The connection continues.
* SSL_TLSEXT_ERR_NOACK: NPN protocol not selected. The connection continues.
*
*-------------------------------------------------------------------
*/
#ifdef USE_NPN
static int
NPNCallback(
const SSL *ssl, /* SSL context */
const unsigned char **out, /* Return buffer to store selected protocol */
unsigned int *outlen, /* Return buffer size */
void *arg) /* Client state for TLS socket */
{
State *statePtr = (State*)arg;
dprintf("Called");
if (ssl == NULL || arg == NULL) {
return SSL_TLSEXT_ERR_NOACK;
}
|
| ︙ | ︙ | |||
772 773 774 775 776 777 778 | * sent (not supported in TLSv1.3). The connection continues. * SSL_TLSEXT_ERR_NOACK: SNI hostname is not accepted and not acknowledged, * e.g. if SNI has not been configured. The connection continues. * *------------------------------------------------------------------- */ static int | | > > > > | 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 |
* sent (not supported in TLSv1.3). The connection continues.
* SSL_TLSEXT_ERR_NOACK: SNI hostname is not accepted and not acknowledged,
* e.g. if SNI has not been configured. The connection continues.
*
*-------------------------------------------------------------------
*/
static int
SNICallback(
const SSL *ssl, /* SSL context */
int *alert, /* Returned alert message */
void *arg) /* Client state for TLS socket */
{
State *statePtr = (State*)arg;
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr;
int code, res;
const char *servername = NULL;
dprintf("Called");
|
| ︙ | ︙ | |||
844 845 846 847 848 849 850 | * SSL_CLIENT_HELLO_RETRY: suspend the handshake, and the handshake function will return immediately * SSL_CLIENT_HELLO_ERROR: failure, terminate connection. Set alert to error code. * SSL_CLIENT_HELLO_SUCCESS: success * *------------------------------------------------------------------- */ static int | | > > > > | 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 |
* SSL_CLIENT_HELLO_RETRY: suspend the handshake, and the handshake function will return immediately
* SSL_CLIENT_HELLO_ERROR: failure, terminate connection. Set alert to error code.
* SSL_CLIENT_HELLO_SUCCESS: success
*
*-------------------------------------------------------------------
*/
static int
HelloCallback(
SSL *ssl, /* SSL context */
int *alert, /* Returned alert message */
void *arg) /* Client state for TLS socket */
{
State *statePtr = (State*)arg;
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr;
int code, res;
const char *servername;
const unsigned char *p;
size_t len, remaining;
|
| ︙ | ︙ | |||
948 949 950 951 952 953 954 |
};
enum protocol {
TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_TLS1_3, TLS_NONE
};
static int
CiphersObjCmd(
| | | | | | 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 |
};
enum protocol {
TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_TLS1_3, TLS_NONE
};
static int
CiphersObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
Tcl_Obj *const objv[]) /* Arguments as Tcl objects */
{
Tcl_Obj *objPtr = NULL;
SSL_CTX *ctx = NULL;
SSL *ssl = NULL;
STACK_OF(SSL_CIPHER) *sk;
char buf[BUFSIZ];
int index, verbose = 0, use_supported = 0;
|
| ︙ | ︙ | |||
1108 1109 1110 1111 1112 1113 1114 | * none * *------------------------------------------------------------------- */ static int ProtocolsObjCmd( | | | | | > | 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 |
* none
*
*-------------------------------------------------------------------
*/
static int
ProtocolsObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
Tcl_Obj *const objv[]) /* Arguments as Tcl objects */
{
Tcl_Obj *objPtr;
dprintf("Called");
if (objc != 1) {
Tcl_WrongNumArgs(interp, 1, objv, "");
return TCL_ERROR;
|
| ︙ | ︙ | |||
1166 1167 1168 1169 1170 1171 1172 | * Side effects: * May force SSL negotiation to take place. * *------------------------------------------------------------------- */ static int HandshakeObjCmd( | | | | | | | | 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 |
* Side effects:
* May force SSL negotiation to take place.
*
*-------------------------------------------------------------------
*/
static int HandshakeObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
Tcl_Obj *const objv[]) /* Arguments as Tcl objects */
{
Tcl_Channel chan; /* The channel to set a mode on. */
State *statePtr; /* Client state for TLS socket */
const char *errStr = NULL;
int ret = 1;
int err = 0;
dprintf("Called");
if (objc != 2) {
|
| ︙ | ︙ | |||
1257 1258 1259 1260 1261 1262 1263 | * May modify the behavior of an IO channel. * *------------------------------------------------------------------- */ static int ImportObjCmd( | | | | | | | 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 |
* May modify the behavior of an IO channel.
*
*-------------------------------------------------------------------
*/
static int
ImportObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
Tcl_Obj *const objv[]) /* Arguments as Tcl objects */
{
Tcl_Channel chan; /* The channel to set a mode on. */
State *statePtr; /* Client state for TLS socket */
SSL_CTX *ctx = NULL;
Tcl_Obj *script = NULL;
Tcl_Obj *password = NULL;
Tcl_Obj *vcmd = NULL;
Tcl_DString upperChannelTranslation, upperChannelBlocking, upperChannelEncoding, upperChannelEOFChar;
int idx;
Tcl_Size len;
|
| ︙ | ︙ | |||
1694 1695 1696 1697 1698 1699 1700 | * May modify the behavior of an IO channel. * *------------------------------------------------------------------- */ static int UnimportObjCmd( | | | | | | 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 |
* May modify the behavior of an IO channel.
*
*-------------------------------------------------------------------
*/
static int
UnimportObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
Tcl_Obj *const objv[]) /* Arguments as Tcl objects */
{
Tcl_Channel chan, parent; /* The stacked and underlying channels */
Tcl_DString upperChannelTranslation, upperChannelBlocking, upperChannelEncoding, upperChannelEOFChar;
int res = TCL_OK;
dprintf("Called");
|
| ︙ | ︙ | |||
1780 1781 1782 1783 1784 1785 1786 | * * Side effects: * Loads CA certificates * *------------------------------------------------------------------- */ static int | | > > > > | 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 |
*
* Side effects:
* Loads CA certificates
*
*-------------------------------------------------------------------
*/
static int
TlsLoadClientCAFileFromMemory(
Tcl_Interp *interp, /* Tcl interpreter */
SSL_CTX *ctx, /* CTX context */
Tcl_Obj *file) /* CA certificates filename */
{
BIO *bio = NULL;
X509 *cert = NULL;
X509_STORE *store = NULL;
Tcl_Obj *buf = NULL;
const void *data = NULL;
X509_NAME *name = NULL;
STACK_OF(X509_NAME) *certNames = NULL;
|
| ︙ | ︙ | |||
1893 1894 1895 1896 1897 1898 1899 | * constructs SSL context (CTX) * *------------------------------------------------------------------- */ static SSL_CTX * CTX_Init( | | | | | | | | | | | | | | | | | | 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 |
* constructs SSL context (CTX)
*
*-------------------------------------------------------------------
*/
static SSL_CTX *
CTX_Init(
State *statePtr, /* Client state for TLS socket */
int isServer, /* Is server or client */
int proto, /* TLS protocol versions mask */
char *keyfile, /* Private key filename in pEM format */
char *certfile, /* Certificate filename in PEM format */
unsigned char *key, /* Private key in PEM format */
unsigned char *cert, /* Certificate in PEM format */
Tcl_Size key_len, /* Private key length in bytes */
Tcl_Size cert_len, /* Certificate length in bytes */
char *CApath, /* CA directory path */
char *CAstore, /* CA Store URI path */
char *CAfile, /* CA filename */
char *ciphers, /* List of ciphers */
char *ciphersuites, /* List of cipher suites */
int level, /* Security level */
char *DHparams) /* DH parameters */
{
Tcl_Interp *interp = statePtr->interp;
SSL_CTX *ctx = NULL;
Tcl_DString ds;
int off = 0, abort = 0;
int load_private_key;
const SSL_METHOD *method;
|
| ︙ | ︙ | |||
2150 2151 2152 2153 2154 2155 2156 |
SSL_CTX_free(ctx);
return NULL;
}
Tcl_DStringFree(&ds);
} else if (cert != NULL) {
load_private_key = 1;
| | | 2207 2208 2209 2210 2211 2212 2213 2214 2215 2216 2217 2218 2219 2220 2221 |
SSL_CTX_free(ctx);
return NULL;
}
Tcl_DStringFree(&ds);
} else if (cert != NULL) {
load_private_key = 1;
if (SSL_CTX_use_certificate_ASN1(ctx, (int) cert_len, cert) <= 0) {
Tcl_AppendResult(interp, "unable to set certificate: ",
GET_ERR_REASON(), (char *)NULL);
SSL_CTX_free(ctx);
return NULL;
}
} else {
certfile = (char*)X509_get_default_cert_file();
|
| ︙ | ︙ | |||
2324 2325 2326 2327 2328 2329 2330 | * Side effects: * None. * *------------------------------------------------------------------- */ static int StatusObjCmd( | | | | | | 2381 2382 2383 2384 2385 2386 2387 2388 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 |
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
static int
StatusObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
Tcl_Obj *const objv[]) /* Arguments as Tcl objects */
{
State *statePtr;
X509 *peer;
Tcl_Obj *objPtr;
Tcl_Channel chan;
char *channelName, *ciphers;
int mode;
|
| ︙ | ︙ | |||
2456 2457 2458 2459 2460 2461 2462 | * Results: * A list of connection info * *------------------------------------------------------------------- */ static int ConnectionInfoObjCmd( | | | | | | | 2513 2514 2515 2516 2517 2518 2519 2520 2521 2522 2523 2524 2525 2526 2527 2528 2529 2530 2531 2532 2533 |
* Results:
* A list of connection info
*
*-------------------------------------------------------------------
*/
static int ConnectionInfoObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
Tcl_Obj *const objv[]) /* Arguments as Tcl objects */
{
Tcl_Channel chan; /* The channel to set a mode on */
State *statePtr; /* Client state for TLS socket */
Tcl_Obj *objPtr, *listPtr;
const SSL *ssl;
const SSL_CIPHER *cipher;
const SSL_SESSION *session;
const EVP_MD *md;
dprintf("Called");
|
| ︙ | ︙ | |||
2730 2731 2732 2733 2734 2735 2736 | * Side effects: * None. * *------------------------------------------------------------------- */ static int VersionObjCmd( | | | | | | 2787 2788 2789 2790 2791 2792 2793 2794 2795 2796 2797 2798 2799 2800 2801 2802 2803 2804 |
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
static int
VersionObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
TCL_UNUSED(int), /* objc - Arg count */
TCL_UNUSED(Tcl_Obj *const *)) /* objv - Arguments as Tcl objects */
{
Tcl_Obj *objPtr;
dprintf("Called");
objPtr = Tcl_NewStringObj(OPENSSL_VERSION_TEXT, -1);
|
| ︙ | ︙ | |||
2760 2761 2762 2763 2764 2765 2766 | * Side effects: * None. * *------------------------------------------------------------------- */ static int MiscObjCmd( | | | | | < | | 2817 2818 2819 2820 2821 2822 2823 2824 2825 2826 2827 2828 2829 2830 2831 2832 2833 2834 2835 2836 2837 2838 |
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
static int
MiscObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
Tcl_Obj *const objv[]) /* Arguments as Tcl objects */
{
static const char *commands [] = { "req", "strreq", NULL };
enum command { C_REQ, C_STRREQ, C_DUMMY };
int cmd, isStr;
char buffer[16384];
dprintf("Called");
if (objc < 2) {
Tcl_WrongNumArgs(interp, 1, objv, "subcommand ?args?");
return TCL_ERROR;
|
| ︙ | ︙ | |||
2791 2792 2793 2794 2795 2796 2797 |
switch ((enum command) cmd) {
case C_REQ:
case C_STRREQ: {
EVP_PKEY *pkey=NULL;
X509 *cert=NULL;
X509_NAME *name=NULL;
Tcl_Obj **listv;
| | | 2847 2848 2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 |
switch ((enum command) cmd) {
case C_REQ:
case C_STRREQ: {
EVP_PKEY *pkey=NULL;
X509 *cert=NULL;
X509_NAME *name=NULL;
Tcl_Obj **listv;
Tcl_Size listc, i;
BIO *out=NULL;
const char *k_C="",*k_ST="",*k_L="",*k_O="",*k_OU="",*k_CN="",*k_Email="";
char *keyout,*pemout,*str;
int keysize,serial=0,days=365;
|
| ︙ | ︙ | |||
2984 2985 2986 2987 2988 2989 2990 | * * Side effects: * Frees all the state * *------------------------------------------------------------------- */ void | | > > | 3040 3041 3042 3043 3044 3045 3046 3047 3048 3049 3050 3051 3052 3053 3054 3055 3056 |
*
* Side effects:
* Frees all the state
*
*-------------------------------------------------------------------
*/
void
Tls_Free(
tls_free_type *blockPtr) /* Client state for TLS socket */
{
State *statePtr = (State *)blockPtr;
dprintf("Called");
Tls_Clean(statePtr);
ckfree(blockPtr);
}
|
| ︙ | ︙ | |||
3011 3012 3013 3014 3015 3016 3017 | * none * * Side effects: * Frees all the state * *------------------------------------------------------------------- */ | | > > | 3069 3070 3071 3072 3073 3074 3075 3076 3077 3078 3079 3080 3081 3082 3083 3084 3085 |
* none
*
* Side effects:
* Frees all the state
*
*-------------------------------------------------------------------
*/
void Tls_Clean(
State *statePtr) /* Client state for TLS socket */
{
dprintf("Called");
/*
* we're assuming here that we're single-threaded
*/
if (statePtr->timer != (Tcl_TimerToken) NULL) {
Tcl_DeleteTimerHandler(statePtr->timer);
|
| ︙ | ︙ | |||
3084 3085 3086 3087 3088 3089 3090 | #ifndef STRINGIFY # define STRINGIFY(x) STRINGIFY1(x) # define STRINGIFY1(x) #x #endif int | | > > | 3144 3145 3146 3147 3148 3149 3150 3151 3152 3153 3154 3155 3156 3157 3158 3159 3160 |
#ifndef STRINGIFY
# define STRINGIFY(x) STRINGIFY1(x)
# define STRINGIFY1(x) #x
#endif
int
BuildInfoCommand(
Tcl_Interp* interp) /* Tcl interpreter */
{
Tcl_CmdInfo info;
if (Tcl_GetCommandInfo(interp, "::tcl::build-info", &info)) {
Tcl_CreateObjCommand(interp, "::tls::build-info", info.objProc, (void *)(
PACKAGE_VERSION "+" STRINGIFY(TLS_VERSION_UUID)
#if defined(__clang__) && defined(__clang_major__)
".clang-" STRINGIFY(__clang_major__)
|
| ︙ | ︙ | |||
3160 3161 3162 3163 3164 3165 3166 | * A standard TCL result * * Side effects: * Shutdown SSL library * *------------------------------------------------------* */ | | > > | 3222 3223 3224 3225 3226 3227 3228 3229 3230 3231 3232 3233 3234 3235 3236 3237 3238 |
* A standard TCL result
*
* Side effects:
* Shutdown SSL library
*
*------------------------------------------------------*
*/
void TlsLibShutdown(
ClientData clientData) /* Not used */
{
dprintf("Called");
BIO_cleanup();
}
/*
*------------------------------------------------------*
|
| ︙ | ︙ | |||
3232 3233 3234 3235 3236 3237 3238 | #if TCL_MAJOR_VERSION > 8 #define MIN_VERSION "9.0" #else #define MIN_VERSION "8.5" #endif | | > > | | | | | | | | | | | 3296 3297 3298 3299 3300 3301 3302 3303 3304 3305 3306 3307 3308 3309 3310 3311 3312 3313 3314 3315 3316 3317 3318 3319 3320 3321 3322 3323 3324 3325 3326 3327 3328 3329 3330 3331 3332 3333 3334 3335 3336 3337 3338 3339 3340 |
#if TCL_MAJOR_VERSION > 8
#define MIN_VERSION "9.0"
#else
#define MIN_VERSION "8.5"
#endif
DLLEXPORT int Tls_Init(
Tcl_Interp *interp) /* Tcl interpreter */
{
dprintf("Called");
#ifdef USE_TCL_STUBS
if (Tcl_InitStubs(interp, MIN_VERSION, 0) == NULL) {
return TCL_ERROR;
}
#else
if (Tcl_PkgRequireEx(interp, "Tcl", MIN_VERSION, 0, NULL) == NULL) {
return TCL_ERROR;
}
#endif
if (TlsLibInit() != TCL_OK) {
Tcl_AppendResult(interp, "could not initialize SSL library", (char *)NULL);
return TCL_ERROR;
}
Tcl_CreateObjCommand(interp, "::tls::ciphers", CiphersObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::connection", ConnectionInfoObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::handshake", HandshakeObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::import", ImportObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::unimport", UnimportObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::unstack", UnimportObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::status", StatusObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::version", VersionObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::misc", MiscObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
Tcl_CreateObjCommand(interp, "::tls::protocols", ProtocolsObjCmd, (ClientData) NULL, (Tcl_CmdDeleteProc *) NULL);
BuildInfoCommand(interp);
if (interp && Tcl_Eval(interp, tlsTclInitScript) != TCL_OK) {
return TCL_ERROR;
}
|
| ︙ | ︙ | |||
3286 3287 3288 3289 3290 3291 3292 | * Same as of 'Tls_Init' * * Side effects: * Same as of 'Tls_Init' * *------------------------------------------------------------------- */ | | > > | 3352 3353 3354 3355 3356 3357 3358 3359 3360 3361 3362 3363 3364 |
* Same as of 'Tls_Init'
*
* Side effects:
* Same as of 'Tls_Init'
*
*-------------------------------------------------------------------
*/
DLLEXPORT int Tls_SafeInit(
Tcl_Interp *interp) /* Tcl interpreter */
{
dprintf("Called");
return Tls_Init(interp);
}
|
Modified generic/tlsIO.c
from [37ab373d6c]
to [f1c5ac114b].
| ︙ | ︙ | |||
41 42 43 44 45 46 47 | * 0 if successful or POSIX error code if failed. * * Side effects: * Sets the device into blocking or nonblocking mode. * *----------------------------------------------------------------------------- */ | | | 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
* 0 if successful or POSIX error code if failed.
*
* Side effects:
* Sets the device into blocking or nonblocking mode.
*
*-----------------------------------------------------------------------------
*/
static int TlsBlockModeProc(ClientData instanceData, int mode) {
State *statePtr = (State *) instanceData;
if (mode == TCL_MODE_NONBLOCKING) {
statePtr->flags |= TLS_TCL_ASYNC;
} else {
statePtr->flags &= ~(TLS_TCL_ASYNC);
}
|
| ︙ | ︙ | |||
70 71 72 73 74 75 76 | * 0 if successful or POSIX error code if failed. * * Side effects: * Closes the socket of the channel. * *----------------------------------------------------------------------------- */ | | | | | 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 |
* 0 if successful or POSIX error code if failed.
*
* Side effects:
* Closes the socket of the channel.
*
*-----------------------------------------------------------------------------
*/
static int TlsCloseProc(ClientData instanceData, Tcl_Interp *interp) {
State *statePtr = (State *) instanceData;
dprintf("TlsCloseProc(%p)", (void *) statePtr);
/* Flush any pending data */
/* Send shutdown notification. Will return 0 while in process, then 1 when complete. */
/* Closes the write direction of the connection; the read direction is closed by the peer. */
/* Does not affect socket state. Don't call after fatal error. */
if (statePtr->ssl != NULL && !(statePtr->flags & TLS_TCL_HANDSHAKE_FAILED)) {
SSL_shutdown(statePtr->ssl);
}
/* Tls_Free calls Tls_Clean */
Tcl_EventuallyFree((ClientData)statePtr, Tls_Free);
return 0;
}
/*
*-----------------------------------------------------------------------------
*
* TlsClose2Proc --
*
* Similar to TlsCloseProc, but allows for separate close read and write
* side of channel.
*
*-----------------------------------------------------------------------------
*/
static int TlsClose2Proc(ClientData instanceData, /* The socket state. */
Tcl_Interp *interp, /* For errors - can be NULL. */
int flags) /* Flags to close read and/or write side of channel */
{
State *statePtr = (State *) instanceData;
dprintf("TlsClose2Proc(%p)", (void *) statePtr);
|
| ︙ | ︙ | |||
383 384 385 386 387 388 389 | * * Data is received in whole blocks known as records from the peer. A whole * record is processed (e.g. decrypted) in one go and is buffered by OpenSSL * until it is read by the application via a call to SSL_read. * *----------------------------------------------------------------------------- */ | | | 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 |
*
* Data is received in whole blocks known as records from the peer. A whole
* record is processed (e.g. decrypted) in one go and is buffered by OpenSSL
* until it is read by the application via a call to SSL_read.
*
*-----------------------------------------------------------------------------
*/
static int TlsInputProc(ClientData instanceData, char *buf, int bufSize, int *errorCodePtr) {
unsigned long backingError;
State *statePtr = (State *) instanceData;
int bytesRead, err;
*errorCodePtr = 0;
dprintf("Read(%d)", bufSize);
|
| ︙ | ︙ | |||
598 599 600 601 602 603 604 | * to a POSIX error code if an error occurred, or 0 if none. * * Side effects: * Writes output on the output device of the channel. * *----------------------------------------------------------------------------- */ | | | 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 |
* to a POSIX error code if an error occurred, or 0 if none.
*
* Side effects:
* Writes output on the output device of the channel.
*
*-----------------------------------------------------------------------------
*/
static int TlsOutputProc(ClientData instanceData, const char *buf, int toWrite, int *errorCodePtr) {
unsigned long backingError;
State *statePtr = (State *) instanceData;
int written, err;
*errorCodePtr = 0;
dprintf("Write(%p, %d)", (void *) statePtr, toWrite);
dprintBuffer(buf, toWrite);
|
| ︙ | ︙ | |||
842 843 844 845 846 847 848 | * * Side effects: * Updates channel option to new value. * *----------------------------------------------------------------------------- */ static int | | | 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 |
*
* Side effects:
* Updates channel option to new value.
*
*-----------------------------------------------------------------------------
*/
static int
TlsSetOptionProc(ClientData instanceData, /* Socket state. */
Tcl_Interp *interp, /* For errors - can be NULL. */
const char *optionName, /* Name of the option to set the value for, or
* NULL to get all options and their values. */
const char *optionValue) /* Value for option. */
{
State *statePtr = (State *) instanceData;
Tcl_Channel parent = Tls_GetParent(statePtr, TLS_TCL_FASTPATH);
|
| ︙ | ︙ | |||
885 886 887 888 889 890 891 | * * Side effects: * None. * *------------------------------------------------------------------- */ static int | | | 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 |
*
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
static int
TlsGetOptionProc(ClientData instanceData, /* Socket state. */
Tcl_Interp *interp, /* For errors - can be NULL. */
const char *optionName, /* Name of the option to retrieve the value for, or
* NULL to get all options and their values. */
Tcl_DString *optionValue) /* Where to store the computed value initialized by caller. */
{
State *statePtr = (State *) instanceData;
Tcl_Channel parent = Tls_GetParent(statePtr, TLS_TCL_FASTPATH);
|
| ︙ | ︙ | |||
930 931 932 933 934 935 936 | * None. * * Side effects: * Creates notification event. * *----------------------------------------------------------------------------- */ | | | 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 |
* None.
*
* Side effects:
* Creates notification event.
*
*-----------------------------------------------------------------------------
*/
static void TlsChannelHandlerTimer(ClientData clientData) {
State *statePtr = (State *) clientData;
int mask = statePtr->want; /* Init to SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE */
dprintf("Called");
statePtr->timer = (Tcl_TimerToken) NULL;
|
| ︙ | ︙ | |||
982 983 984 985 986 987 988 | * Side effects: * Sets up the time-based notifier so that future events on the channel * will be seen by TCL. * *----------------------------------------------------------------------------- */ static void | | | 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 |
* Side effects:
* Sets up the time-based notifier so that future events on the channel
* will be seen by TCL.
*
*-----------------------------------------------------------------------------
*/
static void
TlsWatchProc(ClientData instanceData, /* The socket state. */
int mask) /* Events of interest; an OR-ed combination of
* TCL_READABLE, TCL_WRITABLE and TCL_EXCEPTION. */
{
Tcl_Channel parent;
State *statePtr = (State *) instanceData;
Tcl_DriverWatchProc *watchProc;
int pending = 0;
|
| ︙ | ︙ | |||
1043 1044 1045 1046 1047 1048 1049 |
statePtr->timer = (Tcl_TimerToken) NULL;
}
} else {
/* Add timer, if none */
if (statePtr->timer == (Tcl_TimerToken) NULL) {
dprintf("Creating a new timer since data appears to be waiting");
| | | | | 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 |
statePtr->timer = (Tcl_TimerToken) NULL;
}
} else {
/* Add timer, if none */
if (statePtr->timer == (Tcl_TimerToken) NULL) {
dprintf("Creating a new timer since data appears to be waiting");
statePtr->timer = Tcl_CreateTimerHandler(TLS_TCL_DELAY, TlsChannelHandlerTimer, (ClientData) statePtr);
}
}
}
/*
*-----------------------------------------------------------------------------
*
* TlsGetHandleProc --
*
* This procedure is invoked by the generic IO level to retrieve an OS
* specific handle associated with the channel. Not used for transforms.
*
* Results:
* The appropriate Tcl_File handle or NULL if none.
*
* Side effects:
* None.
*
*-----------------------------------------------------------------------------
*/
static int TlsGetHandleProc(ClientData instanceData, /* Socket state. */
int direction, /* TCL_READABLE or TCL_WRITABLE */
ClientData *handlePtr) /* Handle associated with the channel */
{
State *statePtr = (State *) instanceData;
return Tcl_GetChannelHandle(Tls_GetParent(statePtr, TLS_TCL_FASTPATH), direction, handlePtr);
}
/*
|
| ︙ | ︙ | |||
1091 1092 1093 1094 1095 1096 1097 | * Type of event or 0 if failed * * Side effects: * May process the incoming event by itself. * *----------------------------------------------------------------------------- */ | | | 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 |
* Type of event or 0 if failed
*
* Side effects:
* May process the incoming event by itself.
*
*-----------------------------------------------------------------------------
*/
static int TlsNotifyProc(ClientData instanceData, /* Socket state. */
int mask) /* type of event that occurred:
* OR-ed combination of TCL_READABLE or TCL_WRITABLE */
{
State *statePtr = (State *) instanceData;
int errorCode = 0;
dprintf("Called");
|
| ︙ | ︙ |
Modified win/makefile.vc
from [b1a613a676]
to [7c67a5e877].
| ︙ | ︙ |
Modified win/rules-ext.vc
from [50db9d785c]
to [fd5740d97a].
| ︙ | ︙ |
Modified win/rules.vc
from [d3dfd51ac2]
to [f5ee6dc4dc].
| ︙ | ︙ |
Modified win/targets.vc
from [3627f33607]
to [96a25a1fa6].
| ︙ | ︙ |