Overview
Comment: | Merged in master changes |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | crypto |
Files: | files | file ages | folders |
SHA3-256: |
d2d04c75a0763f30daefbb6644fbcdab |
User & Date: | bohagan on 2023-12-29 03:09:09 |
Other Links: | branch diff | manifest | tags |
Context
2023-12-29
| ||
21:09 | Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f check-in: f586ebd433 user: bohagan tags: crypto | |
03:09 | Merged in master changes check-in: d2d04c75a0 user: bohagan tags: crypto | |
03:09 | Merged in dh branch check-in: 594dfd3195 user: bohagan tags: trunk | |
2023-12-28
| ||
05:05 | More documentation updates check-in: d371821677 user: bohagan tags: crypto | |
Changes
Modified Makefile.in from [3d826d82ee] to [5c4bcb5d55].
︙ | |||
59 60 61 62 63 64 65 | 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 | - + | PKG_LIB_FILE = @PKG_LIB_FILE@ PKG_LIB_FILE8 = @PKG_LIB_FILE8@ PKG_LIB_FILE9 = @PKG_LIB_FILE9@ PKG_STUB_LIB_FILE = @PKG_STUB_LIB_FILE@ lib_BINARIES = $(PKG_LIB_FILE) |
︙ | |||
156 157 158 159 160 161 162 | 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 | - + | # that your library may use. TCL_DEFS can actually be a problem if # you do not compile with a similar machine setup as the Tcl core was # compiled with. #DEFS = $(TCL_DEFS) @DEFS@ $(PKG_CFLAGS) DEFS = @DEFS@ $(PKG_CFLAGS) # Move pkgIndex.tcl to 'BINARIES' var if it is generated in the Makefile |
︙ | |||
318 319 320 321 322 323 324 | 318 319 320 321 322 323 324 325 326 327 328 329 330 331 | - - - - - | # this extension tls.tcl.h: @srcdir@/library/tls.tcl Makefile od -A n -v -t xC < '@srcdir@/library/tls.tcl' > tls.tcl.h.new.1 sed 's@[^0-9A-Fa-f]@@g;s@..@0x&, @g' < tls.tcl.h.new.1 > tls.tcl.h.new.2 rm -f tls.tcl.h.new.1 mv tls.tcl.h.new.2 @srcdir@/generic/tls.tcl.h |
︙ |
Modified acinclude.m4 from [a920d53daa] to [7f4a09fb4a].
︙ | |||
43 44 45 46 47 48 49 | 43 44 45 46 47 48 49 50 51 52 53 54 55 56 | - - - - - - - - - - - - - - - - - - - - - - - | if test "${enableval}" = "no"; then AC_DEFINE([NO_TLS1_3], [1], [Disable TLS1.3 protocol]) AC_MSG_CHECKING([for disable TLS1.3 protocol]) AC_MSG_RESULT('yes') fi ]) |
︙ |
Modified configure from [8236a3ee1d] to [db3c76f46d].
︙ | |||
643 644 645 646 647 648 649 | 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 | - - - + + + - + | #ifdef HAVE_UNISTD_H # include <unistd.h> #endif" ac_header_c_list= ac_subst_vars='LTLIBOBJS TCLSH_PROG |
︙ | |||
716 717 718 719 720 721 722 | 716 717 718 719 720 721 722 723 724 725 726 727 728 729 | - | PKG_CFLAGS PKG_LIBS PKG_INCLUDES PKG_HEADERS PKG_TCL_SOURCES PKG_STUB_OBJECTS PKG_STUB_SOURCES |
︙ | |||
778 779 780 781 782 783 784 | 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 | - - - - - + + + | enable_64bit_vis enable_rpath enable_symbols enable_tls1 enable_tls1_1 enable_tls1_2 enable_tls1_3 |
︙ | |||
1430 1431 1432 1433 1434 1435 1436 | 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 | - - - - | --enable-64bit-vis enable 64bit Sparc VIS support (default: off) --disable-rpath disable rpath support (default: on) --enable-symbols build with debugging symbols (default: off) --disable-tls1 disable TLS1 protocol --disable-tls1_1 disable TLS1.1 protocol --disable-tls1_2 disable TLS1.2 protocol --disable-tls1_3 disable TLS1.3 protocol |
︙ | |||
1468 1469 1470 1471 1472 1473 1474 | 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 | - - + + | CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a nonstandard directory <lib dir> LIBS libraries to pass to the linker, e.g. -l<library> CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if you have headers in a nonstandard directory <include dir> CPP C preprocessor |
︙ | |||
2610 2611 2612 2613 2614 2615 2616 | 2603 2604 2605 2606 2607 2608 2609 2610 2611 2612 2613 2614 2615 2616 | - - | # This package name must be replaced statically for AC_SUBST to work |
︙ | |||
5506 5507 5508 5509 5510 5511 5512 | 5497 5498 5499 5500 5501 5502 5503 5504 5505 5506 5507 5508 5509 5510 5511 | - + | # Add pkgIndex.tcl if it is generated in the Makefile instead of ./configure # and change Makefile.in to move it from CONFIG_CLEAN_FILES to BINARIES var. # # A few miscellaneous platform-specific items: # TEA_ADD_* any platform specific compiler/build info here. #-------------------------------------------------------------------- |
︙ | |||
8869 8870 8871 8872 8873 8874 8875 | 8860 8861 8862 8863 8864 8865 8866 8867 8868 8869 8870 8871 8872 8873 8874 8875 8876 8877 8878 8879 8880 8881 8882 8883 8884 8885 8886 8887 8888 8889 8890 8891 8892 8893 8894 8895 8896 8897 8898 8899 8900 8901 8902 8903 8904 8905 8906 8907 8908 8909 8910 8911 8912 8913 8914 8915 8916 8917 8918 8919 8920 | + + + - + + - - + + + + + - + + + + | PACKAGE_LIB_PREFIX=lib${PACKAGE_LIB_PREFIX} fi eval eval "PKG_LIB_FILE8=${PACKAGE_LIB_PREFIX8}${PACKAGE_NAME}${UNSHARED_LIB_SUFFIX}" eval eval "PKG_LIB_FILE9=${PACKAGE_LIB_PREFIX9}${PACKAGE_NAME}${UNSHARED_LIB_SUFFIX}" eval eval "PKG_LIB_FILE=${PACKAGE_LIB_PREFIX}${PACKAGE_NAME}${UNSHARED_LIB_SUFFIX}" fi # Some packages build their own stubs libraries if test "${TCL_MAJOR_VERSION}" -gt 8 -a x"${with_tcl8}" == x; then eval eval "PKG_STUB_LIB_FILE=${PACKAGE_LIB_PREFIX8}${PACKAGE_NAME}stub.a" else |
︙ | |||
9006 9007 9008 9009 9010 9011 9012 | 9007 9008 9009 9010 9011 9012 9013 9014 9015 9016 9017 9018 9019 9020 9021 | - + | printf "%s\n" "$ac_ct_PKG_CONFIG" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi if test "x$ac_ct_PKG_CONFIG" = x; then |
︙ | |||
9089 9090 9091 9092 9093 9094 9095 | 9090 9091 9092 9093 9094 9095 9096 9097 9098 9099 9100 9101 9102 9103 | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: 'yes'" >&5 printf "%s\n" "'yes'" >&6; } fi fi |
︙ | |||
9203 9204 9205 9206 9207 9208 9209 | 9164 9165 9166 9167 9168 9169 9170 9171 9172 9173 9174 9175 9176 9177 | - - - - - - | fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for static linking of openSSL libraries" >&5 printf %s "checking for static linking of openSSL libraries... " >&6; } { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $TCLEXT_TLS_STATIC_SSL" >&5 printf "%s\n" "$TCLEXT_TLS_STATIC_SSL" >&6; } |
︙ | |||
9235 9236 9237 9238 9239 9240 9241 | 9190 9191 9192 9193 9194 9195 9196 9197 9198 9199 9200 9201 9202 9203 9204 9205 9206 9207 9208 9209 9210 9211 9212 9213 9214 9215 9216 9217 9218 9219 9220 9221 9222 9223 9224 9225 9226 9227 9228 9229 9230 9231 9232 9233 9234 9235 9236 9237 9238 9239 9240 9241 9242 9243 9244 9245 9246 9247 9248 9249 9250 9251 9252 9253 9254 9255 9256 9257 9258 9259 9260 9261 9262 9263 9264 9265 9266 9267 9268 9269 9270 9271 9272 9273 9274 9275 9276 | - + - + + + + - + - + - - + + + + + + + | then : withval=$with_openssl_includedir; opensslincludedir="$withval" else $as_nop if test -n "$openssldir"; then |
︙ | |||
9321 9322 9323 9324 9325 9326 9327 | 9284 9285 9286 9287 9288 9289 9290 9291 9292 9293 9294 9295 9296 9297 9298 9299 9300 9301 9302 9303 9304 9305 9306 9307 9308 9309 9310 9311 9312 9313 9314 9315 9316 9317 9318 9319 9320 9321 9322 9323 9324 9325 | + + + + + + + + - - - - - + + + + + - - - + + + - - - - - - - - - - - - - - + + + + + + + + + + + | fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for OpenSSL pkgconfig" >&5 printf %s "checking for OpenSSL pkgconfig... " >&6; } { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $opensslpkgconfigdir" >&5 printf "%s\n" "$opensslpkgconfigdir" >&6; } # Use Package Config tool to get config pkgConfigExtraArgs='' if test "${SHARED_BUILD}" == 0 -o "$TCLEXT_TLS_STATIC_SSL" = 'yes'; then pkgConfigExtraArgs='--static' fi if test -n "${PKG_CONFIG}"; then |
︙ |
Modified configure.ac from [19dfb8e8aa] to [1108be8f97].
︙ | |||
86 87 88 89 90 91 92 | 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 | - + | # Add pkgIndex.tcl if it is generated in the Makefile instead of ./configure # and change Makefile.in to move it from CONFIG_CLEAN_FILES to BINARIES var. # # A few miscellaneous platform-specific items: # TEA_ADD_* any platform specific compiler/build info here. #-------------------------------------------------------------------- |
︙ |
Deleted generic/gen_dh_params version [90177a1658].
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
|
Modified generic/tls.c from [c0cfa2b008] to [b9807f7867].
︙ | |||
63 64 65 66 67 68 69 | 63 64 65 66 67 68 69 70 71 72 73 74 75 76 | - - - - - - - - | #define TLS_PROTO_TLS1_1 0x08 #define TLS_PROTO_TLS1_2 0x10 #define TLS_PROTO_TLS1_3 0x20 #define ENABLED(flag, mask) (((flag) & (mask)) == (mask)) #define SSLKEYLOGFILE "SSLKEYLOGFILE" |
︙ | |||
445 446 447 448 449 450 451 | 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 | - + | cmdPtr = Tcl_DuplicateObj(statePtr->callback); Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("error", -1)); Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(Tcl_GetChannelName(statePtr->self), -1)); if (msg != NULL) { Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(msg, -1)); |
︙ | |||
552 553 554 555 556 557 558 | 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 | - + - - + + - + | } Tcl_DecrRefCount(cmdPtr); Tcl_Release((ClientData) statePtr); /* If successful, pass back password string and truncate if too long */ if (code == TCL_OK) { |
︙ | |||
614 615 616 617 618 619 620 | 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 | - + - + | cmdPtr = Tcl_DuplicateObj(statePtr->callback); Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("session", -1)); Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(Tcl_GetChannelName(statePtr->self), -1)); /* Session id */ session_id = SSL_SESSION_get_id(session, &ulen); |
︙ | |||
903 904 905 906 907 908 909 | 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 | - + | servername = (const char *)p; /* Create command to eval */ cmdPtr = Tcl_DuplicateObj(statePtr->vcmd); Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("hello", -1)); Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(Tcl_GetChannelName(statePtr->self), -1)); |
︙ | |||
956 957 958 959 960 961 962 | 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 | - + | if (objc != 2) { Tcl_WrongNumArgs(interp, 1, objv, "channel"); return(TCL_ERROR); } ERR_clear_error(); |
︙ | |||
1048 1049 1050 1051 1052 1053 1054 | 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 | - + + - + - + - + | Tcl_Channel chan; /* The channel to set a mode on. */ State *statePtr; /* client state for ssl socket */ SSL_CTX *ctx = NULL; Tcl_Obj *cmdObj = NULL; Tcl_Obj *passwdObj = NULL; Tcl_Obj *vcmd = NULL; Tcl_DString upperChannelTranslation, upperChannelBlocking, upperChannelEncoding, upperChannelEOFChar; |
︙ | |||
1094 1095 1096 1097 1098 1099 1100 | 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 | - + | if (objc < 2) { Tcl_WrongNumArgs(interp, 1, objv, "channel ?options?"); return TCL_ERROR; } ERR_clear_error(); |
︙ | |||
1281 1282 1283 1284 1285 1286 1287 | 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 | - - + + | "\": not a TLS channel", NULL); Tcl_SetErrorCode(interp, "TLS", "IMPORT", "CHANNEL", "INVALID", (char *) NULL); Tls_Free((char *) statePtr); return TCL_ERROR; } ctx = ((State *)Tcl_GetChannelInstanceData(chan))->ctx; } else { |
︙ | |||
1372 1373 1374 1375 1376 1377 1378 | 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 | + - + - + - - - - + + + + | /* Enable Application-Layer Protocol Negotiation. Examples are: http/1.0, http/1.1, h2, h3, ftp, imap, pop3, xmpp-client, xmpp-server, mqtt, irc, etc. */ if (alpnObj != NULL) { /* Convert a TCL list into a protocol-list in wire-format */ unsigned char *protos, *p; unsigned int protos_len = 0; Tcl_Size cnt, i; |
︙ | |||
1577 1578 1579 1580 1581 1582 1583 | 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 | - + - + - + - + - + - + - + | int off = 0; int load_private_key; const SSL_METHOD *method; dprintf("Called"); if (!proto) { |
︙ | |||
1767 1768 1769 1770 1771 1772 1773 1774 | 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 | + + + + - - + + + + + - - + | BIO_free(bio); Tcl_DStringFree(&ds); if (!dh) { Tcl_AppendResult(interp, "Could not read DH parameters from file", (char *) NULL); SSL_CTX_free(ctx); return NULL; } SSL_CTX_set_tmp_dh(ctx, dh); DH_free(dh); } else { /* Use well known DH parameters that have built-in support in OpenSSL */ |
︙ | |||
1923 1924 1925 1926 1927 1928 1929 | 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 | - + | if (objc < 2 || objc > 3 || (objc == 3 && !strcmp(Tcl_GetString(objv[1]), "-local"))) { Tcl_WrongNumArgs(interp, 1, objv, "?-local? channel"); return TCL_ERROR; } /* Get channel Id */ |
︙ | |||
1994 1995 1996 1997 1998 1999 2000 | 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 | - + | } /* Verify mode depth */ LAPPEND_INT(interp, objPtr, "verifyDepth", SSL_get_verify_depth(statePtr->ssl)); /* Report the selected protocol as a result of the negotiation */ SSL_get0_alpn_selected(statePtr->ssl, &proto, &len); |
︙ | |||
2044 2045 2046 2047 2048 2049 2050 | 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 | - + | const EVP_MD *md; if (objc != 2) { Tcl_WrongNumArgs(interp, 1, objv, "channel"); return(TCL_ERROR); } |
︙ | |||
2152 2153 2154 2155 2156 2157 2158 | 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 | - + - + - + - + - + - + - + | size_t len2; unsigned int ulen; const unsigned char *session_id, *proto; char buffer[SSL_MAX_MASTER_KEY_LENGTH]; /* Report the selected protocol as a result of the ALPN negotiation */ SSL_SESSION_get0_alpn_selected(session, &proto, &len2); |
︙ | |||
2272 2273 2274 2275 2276 2277 2278 | 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 | + - + | * *------------------------------------------------------------------- */ static int MiscObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { static const char *commands [] = { "req", "strreq", NULL }; enum command { C_REQ, C_STRREQ, C_DUMMY }; Tcl_Size cmd; |
︙ | |||
2295 2296 2297 2298 2299 2300 2301 | 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 2310 2311 | - + + | switch ((enum command) cmd) { case C_REQ: case C_STRREQ: { EVP_PKEY *pkey=NULL; X509 *cert=NULL; X509_NAME *name=NULL; Tcl_Obj **listv; |
︙ | |||
2326 2327 2328 2329 2330 2331 2332 | 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 | - + - | pemout=Tcl_GetString(objv[4]); if (isStr) { Tcl_SetVar(interp,keyout,"",0); Tcl_SetVar(interp,pemout,"",0); } if (objc>=6) { |
︙ | |||
2602 2603 2604 2605 2606 2607 2608 | 2603 2604 2605 2606 2607 2608 2609 2610 2611 2612 2613 2614 2615 2616 2617 | - + | } #endif if (Tcl_PkgRequire(interp, "Tcl", MIN_VERSION, 0) == NULL) { return TCL_ERROR; } if (TlsLibInit(0) != TCL_OK) { |
︙ |
Modified generic/tlsBIO.c from [3977ec0a04] to [904acc3cbd].
1 2 3 4 5 6 7 8 9 10 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | - + - + + - + | /* * Copyright (C) 1997-2000 Matt Newman <[email protected]> * * Provides BIO layer to interface openssl to Tcl. */ #include "tlsInt.h" static int BioWrite(BIO *bio, const char *buf, int bufLen) { Tcl_Channel chan; |
︙ | |||
50 51 52 53 54 55 56 | 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | - + - + + - + | if (ret != -1 || (ret == -1 && tclErrno == EAGAIN)) { if (BIO_should_read(bio)) { dprintf("Setting should retry read flag"); BIO_set_retry_read(bio); } } |
︙ | |||
106 107 108 109 110 111 112 | 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 | - + + - + | if (BIO_should_write(bio)) { dprintf("Setting should retry write flag"); BIO_set_retry_write(bio); } } |
︙ |
Modified generic/tlsInt.h from [44437ee129] to [e4eb0fa8cc].
︙ | |||
37 38 39 40 41 42 43 | 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 | - + + + + + | # define CONST86 # endif #endif /* * Backwards compatibility for size type change */ #if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7 |
︙ |
Modified generic/tlsX509.c from [ead2e837f3] to [3afe1768d5].
︙ | |||
82 83 84 85 86 87 88 | 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 | - + | int len = 0; char buffer[1024]; if (astring != NULL) { len = String_to_Hex(ASN1_STRING_get0_data(astring), ASN1_STRING_length(astring), buffer, 1024); } |
︙ | |||
204 205 206 207 208 209 210 | 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 | - + | } if (names = X509_get_ext_d2i(cert, nid, NULL, NULL)) { for (int i=0; i < sk_GENERAL_NAME_num(names); i++) { const GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i); len = BIO_to_Buffer(name && GENERAL_NAME_print(bio, name), bio, buffer, 1024); |
︙ | |||
281 282 283 284 285 286 287 | 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 | - + - + | if (distpoint->type == 0) { /* full-name GENERALIZEDNAME */ for (int j = 0; j < sk_GENERAL_NAME_num(distpoint->name.fullname); j++) { GENERAL_NAME *gen = sk_GENERAL_NAME_value(distpoint->name.fullname, j); int type; ASN1_STRING *uri = GENERAL_NAME_get0_value(gen, &type); if (type == GEN_URI) { |
︙ | |||
335 336 337 338 339 340 341 | 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 | - + | if (ads = X509_get_ext_d2i(cert, NID_info_access, NULL, NULL)) { for (int i = 0; i < sk_ACCESS_DESCRIPTION_num(ads); i++) { ad = sk_ACCESS_DESCRIPTION_value(ads, i); if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location) { if (ad->location->type == GEN_URI) { len = ASN1_STRING_to_UTF8(&buf, ad->location->d.uniformResourceIdentifier); |
︙ | |||
395 396 397 398 399 400 401 | 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 | - + - + - + - + - + - + - + - + - + - + - + | int sig_nid; X509_get0_signature(&sig, &sig_alg, cert); /* sig_nid = X509_get_signature_nid(cert) */ sig_nid = OBJ_obj2nid(sig_alg->algorithm); LAPPEND_STR(interp, certPtr, "signatureAlgorithm", OBJ_nid2ln(sig_nid), -1); len = (sig_nid != NID_undef) ? String_to_Hex(sig->data, sig->length, buffer, BUFSIZ) : 0; |
︙ | |||
491 492 493 494 495 496 497 | 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 | - + - + | and/or issuer names over time. RFC 5280 section 4.1.2.8 */ { const ASN1_BIT_STRING *iuid, *suid; X509_get0_uids(cert, &iuid, &suid); Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("issuerUniqueId", -1)); if (iuid != NULL) { |
︙ | |||
585 586 587 588 589 590 591 | 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 | - + - + - + | /* Subject Information Access - RFC 5280 section 4.2.2.2, NID_sinfo_access */ /* Certificate Alias. If uses a PKCS#12 structure, alias will reflect the friendlyName attribute (RFC 2985). */ { len = 0; char *string = X509_alias_get0(cert, &len); |
Modified win/README.txt from [5b3b0a3a95] to [9a1eb98644].
︙ | |||
56 57 58 59 60 61 62 | 56 57 58 59 60 61 62 63 64 65 66 67 68 69 | - - | set TCLINSTALL=\path\to\tcl\dir 2a) Unzip distribution to %BUILDDIR% 2b) Start BASH shell (MinGW62 Git shell) cd %BUILDDIR% |
︙ |