Overview
Comment: | Added missing TLSv1.3 support |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | enhancement/tls-1.3 |
Files: | files | file ages | folders |
SHA3-256: |
efc1e122f2cb837c9fa5d5840e17b504 |
User & Date: | rkeene on 2018-11-07 23:51:48 |
Other Links: | branch diff | manifest | tags |
Context
2018-11-08
| ||
00:23 | Note that TLSv1.3 is a lot different in API, this branch is incomplete check-in: 7978a539fc user: rkeene tags: enhancement/tls-1.3 | |
2018-11-07
| ||
23:51 | Added missing TLSv1.3 support check-in: efc1e122f2 user: rkeene tags: enhancement/tls-1.3 | |
23:27 | Started adding support for TLSv1.3 check-in: e245d231ee user: rkeene tags: enhancement/tls-1.3 | |
Changes
Modified tls.c from [f0ecc97895] to [b408a25024].
740 740 char *CAdir = NULL; 741 741 char *DHparams = NULL; 742 742 char *model = NULL; 743 743 #ifndef OPENSSL_NO_TLSEXT 744 744 char *servername = NULL; /* hostname for Server Name Indication */ 745 745 #endif 746 746 int ssl2 = 0, ssl3 = 0; 747 - int tls1 = 1, tls1_1 = 1, tls1_2 = 1; 747 + int tls1 = 1, tls1_1 = 1, tls1_2 = 1, tls1_3 = 1; 748 748 int proto = 0; 749 749 int verify = 0, require = 0, request = 1; 750 750 751 751 dprintf("Called"); 752 752 753 753 #if defined(NO_TLS1) && defined(NO_TLS1_1) && defined(NO_TLS1_2) && defined(NO_SSL3) && !defined(NO_SSL2) 754 754 ssl2 = 1; ................................................................................ 760 760 tls1 = 0; 761 761 #endif 762 762 #if defined(NO_TLS1_1) 763 763 tls1_1 = 0; 764 764 #endif 765 765 #if defined(NO_TLS1_2) 766 766 tls1_2 = 0; 767 +#endif 768 +#if defined(NO_TLS1_3) 769 + tls1_3 = 0; 767 770 #endif 768 771 769 772 if (objc < 2) { 770 773 Tcl_WrongNumArgs(interp, 1, objv, "channel ?options?"); 771 774 return TCL_ERROR; 772 775 } 773 776 ................................................................................ 804 807 #endif 805 808 806 809 OPTBOOL( "-ssl2", ssl2); 807 810 OPTBOOL( "-ssl3", ssl3); 808 811 OPTBOOL( "-tls1", tls1); 809 812 OPTBOOL( "-tls1.1", tls1_1); 810 813 OPTBOOL( "-tls1.2", tls1_2); 814 + OPTBOOL( "-tls1.3", tls1_3); 811 815 812 - OPTBAD( "option", "-cadir, -cafile, -certfile, -cipher, -command, -dhparams, -keyfile, -model, -password, -require, -request, -server, -servername, -ssl2, -ssl3, -tls1, -tls1.1 or -tls1.2"); 816 + OPTBAD( "option", "-cadir, -cafile, -certfile, -cipher, -command, -dhparams, -keyfile, -model, -password, -require, -request, -server, -servername, -ssl2, -ssl3, -tls1, -tls1.1, -tls1.2, or tls1.3"); 813 817 814 818 return TCL_ERROR; 815 819 } 816 820 if (request) verify |= SSL_VERIFY_CLIENT_ONCE | SSL_VERIFY_PEER; 817 821 if (request && require) verify |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT; 818 822 if (verify == 0) verify = SSL_VERIFY_NONE; 819 823