Index: doc/tls.html
==================================================================
--- doc/tls.html
+++ doc/tls.html
@@ -501,11 +501,11 @@
and data is more info on the message from the SSL_trace API.
- session session_id ticket lifetime
+ session channel session_id ticket lifetime
This form of callback is invoked by the OpenSSL function
SSL_CTX_sess_set_new_cb().
Where session_id is the current session identifier,
@@ -557,11 +557,11 @@
-
- alpn protocol match
+ alpn channel protocol match
-
For servers, this form of callback is invoked when the client ALPN
extension is received. If match is true, protocol
is the first -alpn specified protocol common to the both the
@@ -570,11 +570,11 @@
-
- hello servername
+ hello channel servername
-
For servers, this form of callback is invoked during client hello
message processing. It is used to select an appropriate certificate to
present, and make other configuration adjustments relevant to that
@@ -582,11 +582,11 @@
-
- sni servername
+ sni channel servername
-
For servers, this form of callback is invoked when the SNI extension
from the client is received. Where servername is the client
provided server name from the -servername option. This is
Index: generic/tls.c
==================================================================
--- generic/tls.c
+++ generic/tls.c
@@ -606,10 +606,12 @@
}
/* Create command to eval */
cmdPtr = Tcl_DuplicateObj(statePtr->callback);
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("session", -1));
+ Tcl_ListObjAppendElement(interp, cmdPtr,
+ Tcl_NewStringObj(Tcl_GetChannelName(statePtr->self), -1));
/* Session id */
session_id = SSL_SESSION_get_id(session, &ulen);
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewByteArrayObj(session_id, (int) ulen));
@@ -681,10 +683,12 @@
}
/* Create command to eval */
cmdPtr = Tcl_DuplicateObj(statePtr->vcmd);
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("alpn", -1));
+ Tcl_ListObjAppendElement(interp, cmdPtr,
+ Tcl_NewStringObj(Tcl_GetChannelName(statePtr->self), -1));
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(*out, -1));
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewBooleanObj(res == SSL_TLSEXT_ERR_OK));
/* Eval callback command */
Tcl_IncrRefCount(cmdPtr);
@@ -792,10 +796,12 @@
}
/* Create command to eval */
cmdPtr = Tcl_DuplicateObj(statePtr->vcmd);
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("sni", -1));
+ Tcl_ListObjAppendElement(interp, cmdPtr,
+ Tcl_NewStringObj(Tcl_GetChannelName(statePtr->self), -1));
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(servername , -1));
/* Eval callback command */
Tcl_IncrRefCount(cmdPtr);
if ((code = EvalCallback(interp, statePtr, cmdPtr)) > 1) {
@@ -892,10 +898,12 @@
servername = (const char *)p;
/* Create command to eval */
cmdPtr = Tcl_DuplicateObj(statePtr->vcmd);
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj("hello", -1));
+ Tcl_ListObjAppendElement(interp, cmdPtr,
+ Tcl_NewStringObj(Tcl_GetChannelName(statePtr->self), -1));
Tcl_ListObjAppendElement(interp, cmdPtr, Tcl_NewStringObj(servername, (int) len));
/* Eval callback command */
Tcl_IncrRefCount(cmdPtr);
if ((code = EvalCallback(interp, statePtr, cmdPtr)) > 1) {
Index: library/tls.tcl
==================================================================
--- library/tls.tcl
+++ library/tls.tcl
@@ -332,11 +332,11 @@
log 0 "TLS/$chan: error: $msg"
}
"info" {
# poor man's lassign
- foreach {chan major minor state msg type} $args break
+ foreach {chan major minor msg type} $args break
if {$msg != ""} {
append state ": $msg"
}
# For tracing
@@ -343,14 +343,20 @@
upvar #0 tls::$chan cb
set cb($major) $minor
log 2 "TLS/$chan: $major/$minor: $state"
}
+ "message" {
+ # poor man's lassign
+ foreach {chan direction version content_type msg} $args break
+
+ log 0 "TLS/$chan: info: $direction $msg"
+ }
"session" {
- foreach {session_id ticket lifetime} $args break
+ foreach {chan session_id ticket lifetime} $args break
- log 0 "TLS/$chan: error: $msg"
+ log 0 "TLS/$chan: session: lifetime $lifetime"
}
default {
return -code error "bad option \"$option\":\
must be one of error, info, or session"
}
@@ -365,21 +371,21 @@
#log 2 [concat $option $args]
switch -- $option {
"alpn" {
- foreach {protocol} $args break
+ foreach {chan protocol match} $args break
- log 0 "TLS/$chan: alpn: $protocol"
+ log 0 "TLS/$chan: alpn: $protocol $match"
}
"hello" {
- foreach {servername} $args break
+ foreach {chan servername} $args break
log 0 "TLS/$chan: hello: $servername"
}
"sni" {
- foreach {servername} $args break
+ foreach {chan servername} $args break
log 0 "TLS/$chan: sni: $servername"
}
"verify" {
# poor man's lassign
@@ -422,11 +428,11 @@
return 1
}
}
}
-proc tls::password {} {
+proc tls::password {rwflag size} {
log 0 "TLS/Password: did you forget to set your passwd!"
# Return the worlds best kept secret password.
return "secret"
}