Index: ChangeLog ================================================================== --- ChangeLog +++ ChangeLog @@ -1,5 +1,12 @@ +TclTLS 1.7.22 +========== + +Release Date: Mon Oct 12 15:40:16 CDT 2020 + +https://tcltls.rkeene.org/ + 2015-05-01 Andreas Kupries * configure.in: Bump to version 1.6.5. * win/makefile.vc: * configure: regen with ac-2.59 Index: README.txt ================================================================== --- README.txt +++ README.txt @@ -1,5 +1,12 @@ +TclTLS 1.7.22 +========== + +Release Date: Mon Oct 12 15:40:16 CDT 2020 + +https://tcltls.rkeene.org/ + Original TLS Copyright (C) 1997-2000 Matt Newman TLS 1.4.1 Copyright (C) 2000 Ajuba Solutions TLS 1.6 Copyright (C) 2008 ActiveState Software Inc. TLS 1.7 Copyright (C) 2016 Matt Newman, Ajuba Solutions, ActiveState Software Inc, Roy Keene Index: pkgIndex.tcl.in ================================================================== --- pkgIndex.tcl.in +++ pkgIndex.tcl.in @@ -1,6 +1,6 @@ -if {[package vsatisfies [package present Tcl] 8.5]} { +if {[package vsatisfies [package present Tcl] 8.5-]} { package ifneeded tls @PACKAGE_VERSION@ [list apply {{dir} { if {{@TCLEXT_BUILD@} eq "static"} { load {} Tls } else { load [file join $dir @EXTENSION_TARGET@] Tls Index: tclOpts.h ================================================================== --- tclOpts.h +++ tclOpts.h @@ -24,11 +24,11 @@ var = objv[idx]; \ OPT_POSTLOG() #define OPTSTR(option, var) \ OPT_PROLOG(option) \ - var = Tcl_GetStringFromObj(objv[idx], NULL);\ + var = Tcl_GetStringFromObj(objv[idx], (Tcl_Size *)NULL);\ OPT_POSTLOG() #define OPTINT(option, var) \ OPT_PROLOG(option) \ if (Tcl_GetIntFromObj(interp, objv[idx], \ Index: tests/all.tcl ================================================================== --- tests/all.tcl +++ tests/all.tcl @@ -14,10 +14,11 @@ if {[lsearch [namespace children] ::tcltest] == -1} { package require tcltest namespace import ::tcltest::* } + set ::tcltest::testSingleFile false set ::tcltest::testsDirectory [file dir [info script]] # We should ensure that the testsDirectory is absolute. Index: tls.c ================================================================== --- tls.c +++ tls.c @@ -23,10 +23,14 @@ #include "tlsInt.h" #include "tclOpts.h" #include +#if TCL_MAJOR_VERSION < 9 + typedef int Tcl_Size; +#endif + /* * External functions */ /* @@ -271,11 +275,11 @@ static int VerifyCallback(int ok, X509_STORE_CTX *ctx) { Tcl_Obj *cmdPtr, *result; char *errStr, *string; - int length; + Tcl_Size length; SSL *ssl = (SSL*)X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); X509 *cert = X509_STORE_CTX_get_current_cert(ctx); State *statePtr = (State*)SSL_get_app_data(ssl); int depth = X509_STORE_CTX_get_error_depth(ctx); int err = X509_STORE_CTX_get_error(ctx); @@ -367,11 +371,11 @@ dprintf("Called"); if (msg && *msg) { Tcl_SetErrorCode(statePtr->interp, "SSL", msg, (char *)NULL); } else { - msg = Tcl_GetStringFromObj(Tcl_GetObjResult(statePtr->interp), NULL); + msg = Tcl_GetStringFromObj(Tcl_GetObjResult(statePtr->interp), (Tcl_Size *)NULL); } statePtr->err = msg; if (statePtr->callback == (Tcl_Obj*)NULL) { char buf[BUFSIZ]; @@ -649,11 +653,11 @@ if (objc != 2) { Tcl_WrongNumArgs(interp, 1, objv, "channel"); return(TCL_ERROR); } - chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], NULL), NULL); + chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], (Tcl_Size *)NULL), NULL); if (chan == (Tcl_Channel) NULL) { return(TCL_ERROR); } /* @@ -780,11 +784,11 @@ if (objc < 2) { Tcl_WrongNumArgs(interp, 1, objv, "channel ?options?"); return TCL_ERROR; } - chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], NULL), NULL); + chan = Tcl_GetChannel(interp, Tcl_GetStringFromObj(objv[1], (Tcl_Size *) NULL), NULL); if (chan == (Tcl_Channel) NULL) { return TCL_ERROR; } /* @@ -791,11 +795,11 @@ * Make sure to operate on the topmost channel */ chan = Tcl_GetTopChannel(chan); for (idx = 2; idx < objc; idx++) { - char *opt = Tcl_GetStringFromObj(objv[idx], NULL); + char *opt = Tcl_GetStringFromObj(objv[idx], (Tcl_Size *)NULL); if (opt[0] != '-') break; OPTSTR( "-cadir", CAdir); @@ -1414,16 +1418,16 @@ dprintf("Called"); switch (objc) { case 2: - channelName = Tcl_GetStringFromObj(objv[1], NULL); + channelName = Tcl_GetStringFromObj(objv[1], (Tcl_Size *) NULL); break; case 3: if (!strcmp (Tcl_GetString (objv[1]), "-local")) { - channelName = Tcl_GetStringFromObj(objv[2], NULL); + channelName = Tcl_GetStringFromObj(objv[2], (Tcl_Size *)NULL); break; } /* else fall... */ default: Tcl_WrongNumArgs(interp, 1, objv, "?-local? channel"); @@ -1774,11 +1778,11 @@ * create the ssl command, initialise ssl context * *------------------------------------------------------------------- */ -DLLEXPORT int Tls_Init(Tcl_Interp *interp) { +int DLLEXPORT Tls_Init(Tcl_Interp *interp) { const char tlsTclInitScript[] = { #include "tls.tcl.h" 0x00 }; @@ -1789,11 +1793,11 @@ */ if ( #ifdef USE_TCL_STUBS Tcl_InitStubs(interp, "8.4", 0) #else - Tcl_PkgRequire(interp, "Tcl", "8.4", 0) + Tcl_PkgRequire(interp, "Tcl", "8.4-", 0) #endif == NULL) { return TCL_ERROR; } @@ -1834,11 +1838,11 @@ * A standard Tcl error code. * *------------------------------------------------------* */ -DLLEXPORT int Tls_SafeInit(Tcl_Interp *interp) { +int DLLEXPORT Tls_SafeInit(Tcl_Interp *interp) { dprintf("Called"); return(Tls_Init(interp)); } /* Index: tls.h ================================================================== --- tls.h +++ tls.h @@ -21,9 +21,9 @@ #include /* * Initialization routines -- our entire public C API. */ -DLLEXPORT int Tls_Init(Tcl_Interp *interp); -DLLEXPORT int Tls_SafeInit(Tcl_Interp *interp); +int DLLEXPORT Tls_Init(Tcl_Interp *interp); +int DLLEXPORT Tls_SafeInit(Tcl_Interp *interp); #endif /* _TLS_H */ Index: tlsIO.c ================================================================== --- tlsIO.c +++ tlsIO.c @@ -16,16 +16,21 @@ * SSLtcl (Peter Antman) * */ #include "tlsInt.h" + /* * Forward declarations */ static int TlsBlockModeProc (ClientData instanceData, int mode); +#if TCL_MAJOR_VERSION < 9 static int TlsCloseProc (ClientData instanceData, Tcl_Interp *interp); +#else +static int TlsClose2Proc (ClientData instanceData, Tcl_Interp *interp, int flags); +#endif static int TlsInputProc (ClientData instanceData, char *buf, int bufSize, int *errorCodePtr); static int TlsOutputProc (ClientData instanceData, const char *buf, int toWrite, int *errorCodePtr); static int TlsGetOptionProc (ClientData instanceData, Tcl_Interp *interp, const char *optionName, Tcl_DString *dsPtr); static void TlsWatchProc (ClientData instanceData, int mask); static int TlsGetHandleProc (ClientData instanceData, int direction, ClientData *handlePtr); @@ -78,19 +83,23 @@ * against an older variant. */ size = sizeof(Tcl_ChannelType); /* Base size */ tlsChannelType = (Tcl_ChannelType *) ckalloc(size); - memset(tlsChannelType, 0, size); + memset((void *) tlsChannelType, 0, size); /* * Common elements of the structure (no changes in location or name) * close2Proc, seekProc, setOptionProc stay NULL. */ tlsChannelType->typeName = "tls"; +#if TCL_MAJOR_VERSION < 9 tlsChannelType->closeProc = TlsCloseProc; +#else + tlsChannelType->close2Proc = TlsClose2Proc; +#endif tlsChannelType->inputProc = TlsInputProc; tlsChannelType->outputProc = TlsOutputProc; tlsChannelType->getOptionProc = TlsGetOptionProc; tlsChannelType->watchProc = TlsWatchProc; tlsChannelType->getHandleProc = TlsGetHandleProc; @@ -159,10 +168,27 @@ * Closes the socket of the channel. * *------------------------------------------------------------------- */ static int TlsCloseProc(ClientData instanceData, Tcl_Interp *interp) { + State *statePtr = (State *) instanceData; + + dprintf("TlsCloseProc(%p)", (void *) statePtr); + + Tls_Clean(statePtr); + Tcl_EventuallyFree((ClientData)statePtr, Tls_Free); + + dprintf("Returning TCL_OK"); + + return(TCL_OK); + + /* Interp is unused. */ + interp = interp; +} + +static int TlsClose2Proc(ClientData instanceData, Tcl_Interp *interp, int flags) { + if ((flags & (TCL_CLOSE_READ|TCL_CLOSE_WRITE)) == 0) { State *statePtr = (State *) instanceData; dprintf("TlsCloseProc(%p)", (void *) statePtr); Tls_Clean(statePtr); @@ -169,13 +195,14 @@ Tcl_EventuallyFree((ClientData)statePtr, Tls_Free); dprintf("Returning TCL_OK"); return(TCL_OK); + } - /* Interp is unused. */ - interp = interp; + /* Interp is unused. */ + interp = interp; } /* *------------------------------------------------------* * @@ -641,11 +668,11 @@ *------------------------------------------------------------------- */ static int TlsGetOptionProc(ClientData instanceData, /* Socket state. */ Tcl_Interp *interp, /* For errors - can be NULL. */ - const char *optionName, /* Name of the option to + const char *optionName, /* Name of the option to * retrieve the value for, or * NULL to get all options and * their values. */ Tcl_DString *dsPtr) /* Where to store the computed value * initialized by caller. */ @@ -822,17 +849,16 @@ return 0; } dprintf("Calling Tls_WaitForConnect"); errorCode = 0; + if (Tls_WaitForConnect(statePtr, &errorCode, 1) < 0) { if (errorCode == EAGAIN) { dprintf("Async flag could be set (didn't check) and errorCode == EAGAIN: Returning 0"); - return 0; } - dprintf("Tls_WaitForConnect returned an error"); } dprintf("Returning %i", mask); Index: win/README.txt ================================================================== --- win/README.txt +++ win/README.txt @@ -1,64 +1,49 @@ - Windows DLL Build instructions using nmake build system - 2020-10-15 Harald.Oehlmann@elmicron.de - -Properties: -- 32 bit DLL -- VisualStudio 2015 -Note: Visual C++ 6 does not build OpenSSL (long long syntax error) -- Cygwin32 (temporary helper, please help to replace by tclsh) -- OpenSSL statically linked to TCLTLS DLL. -Note: Dynamic linking also works but results in a DLL dependeny on OPENSSL DLL's - -1) Build OpenSSL static libraries: - -OpenSSL source distribtution unpacked in: -c:\test\tcltls\Openssl_1_1_1h - -- Install Perl from http://strawberryperl.com/download/5.32.0.1/strawberry-perl-5.32.0.1-32bit.msi - to C:\perl - (ActivePerl failed due to missing 32 bit console module) -- Install NASM Assembler: - -https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win32/nasm-2.15.05-installer-x86.exe - to C:\Program Files (x86)\NASM - --> Visual Studio x86 native prompt. - -set Path=%PATH%;C:\Program Files (x86)\NASM;C:\Perl\perl\bin - -perl Configure VC-WIN32 --prefix=c:\test\tcltls\openssl --openssldir=c:\test\tcltls\openssldir no-shared no-filenames threads - -nmake -nmake test -namke install - -2) Build TCLTLS - -Unzip distribution in: -c:\test\tcltls\tcltls-1.8.0 - --> start cygwin bash prompt - -cd /cygdrive/c/test/tcltls/tcltls-1.8.0 -./gen_dh_params > dh_params.h - -od -A n -v -t xC < 'tls.tcl' > tls.tcl.h.new.1 -sed 's@[^0-9A-Fa-f]@@g;s@..@0x&, @g' < tls.tcl.h.new.1 > tls.tcl.h -rm -f tls.tcl.h.new.1 - --> Visual Studio x86 native prompt. - -cd C:\test\tcltls\tcltls-1.8.0\win - -nmake -f makefile.vc TCLDIR=c:\test\tcl8610 SSL_INSTALL_FOLDER=C:\test\tcltls\openssl - -nmake -f makefile.vc install TCLDIR=c:\test\tcl8610 INSTALLDIR=c:\test\tcltls SSL_INSTALL_FOLDER=C:\test\tcltls\openssl - -3) Test - -Start tclsh or wish - -lappend auto_path {C:\test\tcltls\tls1.8.0} -package require tls - -A small "1.8.0" showing up is hopefully the end of this long way... + Windows DLL Build instructions using nmake build system + 2020-10-15 Harald.Oehlmann@elmicron.de + 2023-08-22 Kevin Walzer (kw@codebykevin.com) + +Properties: +- 64 bit DLL +- VisualStudio 2019 +- WSL +- OpenSSL dynamically linked to TCLTLS DLL. We used a freely redistributable build of OpenSSL from https://www.firedaemon.com/firedaemon-openssl. Unzip and install OpenSSL in an accessible place (we used the lib subdirectory of our Tcl installation). + +1. Visual Studio x86 native prompt. Update environmental variables for building Tcltls. Customize the below entries for your setup. + +set PATH=%PATH%;C:\tcl-trunk\lib\openssl-3\x64\bin +set INCLUDE=%INCLUDE%;C:\tcl-trunk\tcl\lib\openssl-3\x64\include\openssl +set LIB=%LIB%;C:\tcl-trunk\tcl\lib\openssl-3\x64\bin + + +2) Build TCLTLS + +-> Unzip distribution on your system. +-> Start WSL. +-> cd /mnt/c/path/to/tcltls + +./gen_dh_params > dh_params.h + +od -A n -v -t xC < 'tls.tcl' > tls.tcl.h.new.1 +sed 's@[^0-9A-Fa-f]@@g;s@..@0x&, @g' < tls.tcl.h.new.1 > tls.tcl.h +rm -f tls.tcl.h.new.1 + +-> Visual Studio x86 native prompt. + +cd C:path\to\tcltls\win + +Run the following commands (modify the flags to your specific installations). + +nmake -f makefile.vc TCLDIR=c:\users\wordt\tcl INSTALLDIR=c:\tcl-trunk\tcl\lib SSL_INSTALL_FOLDER=C:\tcl-trunk\tcl\lib\openssl-3\x64 + +nmake -f makefile.vc TCLDIR=c:\users\wordt\tcl INSTALLDIR=c:\tcl-trunk\tcl\lib SSL_INSTALL_FOLDER=C:\tcl-trunk\tcl\lib\openssl-3\x64 install + +The resulting installation will include both the tcltls package and also have libcrypto.dll and libssl.dll copied into the same directory. + +3) Test + +Start tclsh + +package require tls +package require http +http::register https 443 [list ::tls::socket -autoservername true] +set tok [http::data [http::geturl https://www.tcl-lang.org]] Index: win/makefile.vc ================================================================== --- win/makefile.vc +++ win/makefile.vc @@ -1,24 +1,32 @@ # call nmake with additional parameter SSL_INSTALL_FOLDER= with the # OpenSSL instalation folder following. PROJECT=tls DOTVERSION = 1.8.0 + +PRJLIBNAME = $(PROJECT)$(VERSION)$(SUFX).$(EXT) +PRJLIB = $(OUT_DIR)\$(PRJLIBNAME) + +!include "rules-ext.vc" PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" PRJ_DEFINES = -D NO_SSL2 -D NO_SSL3 -D _CRT_SECURE_NO_WARNINGS PRJ_LIBS = \ "$(SSL_INSTALL_FOLDER)\lib\libssl.lib" \ "$(SSL_INSTALL_FOLDER)\lib\libcrypto.lib" \ - WS2_32.LIB GDI32.LIB ADVAPI32.LIB CRYPT32.LIB USER32.LIB + WS2_32.LIB GDI32.LIB ADVAPI32.LIB CRYPT32.LIB USER32.LIB + PRJ_OBJS = $(TMP_DIR)\tls.obj \ $(TMP_DIR)\tlsBIO.obj \ $(TMP_DIR)\tlsIO.obj \ $(TMP_DIR)\tlsX509.obj - -!include "rules-ext.vc" + !include "targets.vc" pkgindex: default-pkgindex +install: + copy "$(SSL_INSTALL_FOLDER)\bin\libcrypto-3-x64.dll" "$(INSTALLDIR)\$(PROJECT)$(DOTVERSION)\libcrypto-3-x64.dll" + copy "$(SSL_INSTALL_FOLDER)\bin\libssl-3-x64.dll" "$(INSTALLDIR)\$(PROJECT)$(DOTVERSION)\libssl-3-x64.dll"