Overview
Comment: | Merged in several outstanding patches |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
6aedc8c1b555605ff77c607a68f2562c |
User & Date: | rkeene on 2016-11-22 21:43:13 |
Other Links: | manifest | tags |
Context
2016-12-08
| ||
04:26 | Merged in work for TclTLS 1.7 to trunk check-in: 0409513536 user: rkeene tags: trunk | |
2016-11-22
| ||
22:07 | Create new branch named "tcltls-2" check-in: ae164b967d user: rkeene tags: tls-1-7 | |
21:43 | Merged in several outstanding patches check-in: 6aedc8c1b5 user: rkeene tags: trunk | |
21:36 | Applied patch Closed-Leaf check-in: 4ec3fe7449 user: rkeene tags: rkeene-eoffix | |
17:58 | Applied patch Closed-Leaf check-in: db95f55e95 user: rkeene tags: rkeene-unthreaded | |
17:58 | Applied patch Closed-Leaf check-in: a141858eec user: rkeene tags: rkeene-fixcrosscompile | |
17:58 | Applied patch Closed-Leaf check-in: 0c7fd93cac user: rkeene tags: rkeene-peercertificate | |
2015-07-07
| ||
17:16 | Updated with dhparam.2.patch for tls ticket #59. check-in: 2aadaa4c28 user: andreas_kupries tags: trunk | |
Changes
Modified Makefile.in from [9179d5accd] to [de778baab4].
︙ | ︙ | |||
225 226 227 228 229 230 231 | # library. In most cases these object files will correspond to the # source files above. #======================================================================== $(PKG_LIB_FILE): $(PKG_OBJECTS) -rm -f $(PKG_LIB_FILE) ${MAKE_LIB} | | | 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 | # library. In most cases these object files will correspond to the # source files above. #======================================================================== $(PKG_LIB_FILE): $(PKG_OBJECTS) -rm -f $(PKG_LIB_FILE) ${MAKE_LIB} -$(RANLIB) $(PKG_LIB_FILE) #======================================================================== # We need to enumerate the list of .c to .o lines here. # # In the following lines, $(srcdir) refers to the toplevel directory # containing your extension. If your sources are in a subdirectory, # you will have to modify the paths to reflect this: |
︙ | ︙ |
Modified configure from [701a0c22b6] to [c1aa70d493].
︙ | ︙ | |||
1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 | echo "${ECHO_T}$CYGPATH" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi EXEEXT=".exe" TEA_PLATFORM="windows" ;; *CYGWIN_*) CYGPATH=echo EXEEXT=".exe" # TEA_PLATFORM is determined later ;; *) CYGPATH=echo EXEEXT="" TEA_PLATFORM="unix" ;; esac # Check if exec_prefix is set. If not use fall back to prefix. # Note when adjusted, so that TEA_PREFIX can correct for this. # This is needed for recursive configures, since autoconf propagates # $prefix, but not $exec_prefix (doh!). | > > > > | 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 | echo "${ECHO_T}$CYGPATH" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi EXEEXT=".exe" if [ -z "${TEA_PLATFORM}" ]; then TEA_PLATFORM="windows" fi ;; *CYGWIN_*) CYGPATH=echo EXEEXT=".exe" # TEA_PLATFORM is determined later ;; *) CYGPATH=echo EXEEXT="" if [ -z "${TEA_PLATFORM}" ]; then TEA_PLATFORM="unix" fi ;; esac # Check if exec_prefix is set. If not use fall back to prefix. # Note when adjusted, so that TEA_PREFIX can correct for this. # This is needed for recursive configures, since autoconf propagates # $prefix, but not $exec_prefix (doh!). |
︙ | ︙ | |||
1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 | case "`uname -s`" in *CYGWIN_*) echo "$as_me:$LINENO: checking for cygwin variant" >&5 echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6 case ${TCL_EXTRA_CFLAGS} in *-mwin32*|*-mno-cygwin*) TEA_PLATFORM="windows" CFLAGS="$CFLAGS -mwin32" echo "$as_me:$LINENO: result: win32" >&5 echo "${ECHO_T}win32" >&6 ;; *) TEA_PLATFORM="unix" echo "$as_me:$LINENO: result: unix" >&5 echo "${ECHO_T}unix" >&6 ;; esac EXEEXT=".exe" ;; *) | > > > > | 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 | case "`uname -s`" in *CYGWIN_*) echo "$as_me:$LINENO: checking for cygwin variant" >&5 echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6 case ${TCL_EXTRA_CFLAGS} in *-mwin32*|*-mno-cygwin*) if [ -z "${TEA_PLATFORM}" ]; then TEA_PLATFORM="windows" fi CFLAGS="$CFLAGS -mwin32" echo "$as_me:$LINENO: result: win32" >&5 echo "${ECHO_T}win32" >&6 ;; *) if [ -z "${TEA_PLATFORM}" ]; then TEA_PLATFORM="unix" fi echo "$as_me:$LINENO: result: unix" >&5 echo "${ECHO_T}unix" >&6 ;; esac EXEEXT=".exe" ;; *) |
︙ | ︙ | |||
10312 10313 10314 10315 10316 10317 10318 | PKG_LIBS="$PKG_LIBS $i" done fi if test -n "${OPENSSL}"; then | | | 10320 10321 10322 10323 10324 10325 10326 10327 10328 10329 10330 10331 10332 10333 10334 | PKG_LIBS="$PKG_LIBS $i" done fi if test -n "${OPENSSL}"; then vars="ssl.lib crypto.lib" for i in $vars; do if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then # Convert foo.lib to -lfoo for GCC. No-op if not *.lib i=`echo "$i" | sed -e 's/^\([^-].*\)\.lib$/-l\1/i'` fi PKG_LIBS="$PKG_LIBS $i" done |
︙ | ︙ |
Modified tls.c from [5f36052c70] to [15a7d7809d].
︙ | ︙ | |||
1768 1769 1770 1771 1772 1773 1774 1775 1776 | *------------------------------------------------------* */ static int TlsLibInit () { int i; char rnd_seed[16] = "GrzSlplKqUdnnzP!"; /* 16 bytes */ #if defined(OPENSSL_THREADS) && defined(TCL_THREADS) size_t num_locks; | > < < > | 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 | *------------------------------------------------------* */ static int TlsLibInit () { int i; char rnd_seed[16] = "GrzSlplKqUdnnzP!"; /* 16 bytes */ int status=TCL_OK; #if defined(OPENSSL_THREADS) && defined(TCL_THREADS) size_t num_locks; if (!initialized) { Tcl_MutexLock(&init_mx); if (!initialized) { initialized = 1; #endif if (CRYPTO_set_mem_functions((void *(*)(size_t))Tcl_Alloc, (void *(*)(void *, size_t))Tcl_Realloc, (void(*)(void *))Tcl_Free) == 0) { /* Not using Tcl's mem functions ... not critical */ } |
︙ | ︙ | |||
1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 | rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0)); } RAND_seed(rnd_seed, sizeof(rnd_seed)); } while (RAND_status() != 1); } done: Tcl_MutexUnlock(&init_mx); } return status; } | > > | 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 | rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0)); } RAND_seed(rnd_seed, sizeof(rnd_seed)); } while (RAND_status() != 1); } done: #if defined(OPENSSL_THREADS) && defined(TCL_THREADS) Tcl_MutexUnlock(&init_mx); #endif } return status; } |
Modified tlsIO.c from [cd93e606f5] to [ed5e46f5ea].
︙ | ︙ | |||
929 930 931 932 933 934 935 936 937 938 939 940 941 942 | dprintf(stderr,"E! "); *errorCodePtr = EAGAIN; return -1; } else { continue; } } else if (err == 0) { dprintf(stderr,"CR! "); *errorCodePtr = ECONNRESET; return -1; } if (statePtr->flags & TLS_TCL_SERVER) { err = SSL_get_verify_result(statePtr->ssl); if (err != X509_V_OK) { | > > > | 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 | dprintf(stderr,"E! "); *errorCodePtr = EAGAIN; return -1; } else { continue; } } else if (err == 0) { if (Tcl_Eof(statePtr->self)) { return 0; } dprintf(stderr,"CR! "); *errorCodePtr = ECONNRESET; return -1; } if (statePtr->flags & TLS_TCL_SERVER) { err = SSL_get_verify_result(statePtr->ssl); if (err != X509_V_OK) { |
︙ | ︙ |
Modified tlsX509.c from [3f68dadacd] to [24e0063023].
︙ | ︙ | |||
96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 | int n; unsigned long flags; char subject[BUFSIZ]; char issuer[BUFSIZ]; char serial[BUFSIZ]; char notBefore[BUFSIZ]; char notAfter[BUFSIZ]; #ifndef NO_SSL_SHA int shai; char sha_hash[SHA_DIGEST_LENGTH*2]; const char *shachars="0123456789ABCDEF"; #endif if ((bio = BIO_new(BIO_s_mem())) == NULL) { subject[0] = 0; issuer[0] = 0; serial[0] = 0; } else { flags = XN_FLAG_RFC2253 | ASN1_STRFLGS_UTF8_CONVERT; flags &= ~ASN1_STRFLGS_ESC_MSB; | > > | 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 | int n; unsigned long flags; char subject[BUFSIZ]; char issuer[BUFSIZ]; char serial[BUFSIZ]; char notBefore[BUFSIZ]; char notAfter[BUFSIZ]; char certStr[BUFSIZ]; #ifndef NO_SSL_SHA int shai; char sha_hash[SHA_DIGEST_LENGTH*2]; const char *shachars="0123456789ABCDEF"; #endif certStr[0] = 0; if ((bio = BIO_new(BIO_s_mem())) == NULL) { subject[0] = 0; issuer[0] = 0; serial[0] = 0; } else { flags = XN_FLAG_RFC2253 | ASN1_STRFLGS_UTF8_CONVERT; flags &= ~ASN1_STRFLGS_ESC_MSB; |
︙ | ︙ | |||
127 128 129 130 131 132 133 134 135 136 137 138 139 140 | BIO_flush(bio); i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert)); n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1)); n = max(n, 0); serial[n] = 0; BIO_flush(bio); BIO_free(bio); } strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) )); strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) )); | > > > > > > > | 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 | BIO_flush(bio); i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert)); n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1)); n = max(n, 0); serial[n] = 0; BIO_flush(bio); if (PEM_write_bio_X509(bio, cert)) { n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1)); n = max(n, 0); certStr[n] = 0; BIO_flush(bio); } BIO_free(bio); } strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) )); strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) )); |
︙ | ︙ | |||
170 171 172 173 174 175 176 177 178 179 | Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( notAfter, -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( "serial", -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( serial, -1) ); return certPtr; } | > > > > > | 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 | Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( notAfter, -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( "serial", -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( serial, -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( "certificate", -1) ); Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj( certStr, -1) ); return certPtr; } |