Index: ChangeLog ================================================================== --- ChangeLog +++ ChangeLog @@ -1,5 +1,13 @@ +2015-05-01 Andreas Kupries + + * configure.in: Bump to version 1.6.5. + * win/makefile.vc: + * configure: regen with ac-2.59 + * tls.c: Accepted SF TLS [bug/patch #57](https://sourceforge.net/p/tls/bugs/57/). + * tlsIO.c: Accepted core Tcl patch in [ticket](http://core.tcl.tk/tcl/tktview/0f94f855cafed92d0e174b7d835453a02831b4dd). + 2014-12-05 Andreas Kupries * configure.in: Bump to version 1.6.4. * win/makefile.vc: * configure: regen with ac-2.59 Index: configure ================================================================== --- configure +++ configure @@ -1,8 +1,8 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59 for tls 1.6.4. +# Generated by GNU Autoconf 2.59 for tls 1.6.5. # # Copyright (C) 2003 Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## --------------------- ## @@ -265,12 +265,12 @@ : ${ac_max_here_lines=38} # Identity of this package. PACKAGE_NAME='tls' PACKAGE_TARNAME='tls' -PACKAGE_VERSION='1.6.4' -PACKAGE_STRING='tls 1.6.4' +PACKAGE_VERSION='1.6.5' +PACKAGE_STRING='tls 1.6.5' PACKAGE_BUGREPORT='' # Factoring default headers for most tests. ac_includes_default="\ #include @@ -775,11 +775,11 @@ # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures tls 1.6.4 to adapt to many kinds of systems. +\`configure' configures tls 1.6.5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. @@ -832,11 +832,11 @@ _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of tls 1.6.4:";; + short | recursive ) echo "Configuration of tls 1.6.5:";; esac cat <<\_ACEOF Optional Features: --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) @@ -968,11 +968,11 @@ fi test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF -tls configure 1.6.4 +tls configure 1.6.5 generated by GNU Autoconf 2.59 Copyright (C) 2003 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. @@ -982,11 +982,11 @@ exec 5>config.log cat >&5 <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by tls $as_me 1.6.4, which was +It was created by tls $as_me 1.6.5, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ _ACEOF @@ -10809,11 +10809,11 @@ ## Running $as_me. ## _ASBOX } >&5 cat >&5 <<_CSEOF -This file was extended by tls $as_me 1.6.4, which was +This file was extended by tls $as_me 1.6.5, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS @@ -10864,11 +10864,11 @@ Report bugs to ." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -tls config.status 1.6.4 +tls config.status 1.6.5 configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" Copyright (C) 2003 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation Index: configure.in ================================================================== --- configure.in +++ configure.in @@ -9,18 +9,18 @@ dnl to use the RSA BSAFE libraries for any product developed for dnl commercial use. Licensing information for BSAFE SSL-C may be dnl obtained from RSA Data Scurity Inc., San Mateo, California, USA. dnl Their home page on the web is "www.rsasecurity.com". # -# RCS: @(#) $Id: configure.in,v 1.28 2014/12/08 19:09:06 andreas_kupries Exp $ +# RCS: @(#) $Id: configure.in,v 1.29 2015/05/01 18:44:34 andreas_kupries Exp $ #-------------------------------------------------------------------- # macro used to verify that the configure script can find the sources #-------------------------------------------------------------------- -AC_INIT([tls], [1.6.4]) +AC_INIT([tls], [1.6.5]) TEA_INIT([3.8]) AC_CONFIG_AUX_DIR(tclconfig) Index: tls.c ================================================================== --- tls.c +++ tls.c @@ -3,11 +3,11 @@ * some modifications: * Copyright (C) 2000 Ajuba Solutions * Copyright (C) 2002 ActiveState Corporation * Copyright (C) 2004 Starfish Systems * - * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.c,v 1.35 2014/12/08 19:09:06 andreas_kupries Exp $ + * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.c,v 1.36 2015/05/01 18:44:34 andreas_kupries Exp $ * * TLS (aka SSL) Channel - can be layered on any bi-directional * Tcl_Channel (Note: Requires Trf Core Patch) * * This was built (almost) from scratch based upon observation of @@ -1215,11 +1215,18 @@ REASON(), (char *) NULL); SSL_CTX_free(ctx); return (SSL_CTX *)0; #endif } - SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file( F2N(CAfile, &ds) )); + + /* https://sourceforge.net/p/tls/bugs/57/ */ + if ( CAfile != NULL ) { + STACK_OF(X509_NAME) *certNames = SSL_load_client_CA_file( F2N(CAfile, &ds) ); + if ( certNames != NULL ) { + SSL_CTX_set_client_CA_list(ctx, certNames ); + } + } Tcl_DStringFree(&ds); Tcl_DStringFree(&ds1); return ctx; } Index: tlsIO.c ================================================================== --- tlsIO.c +++ tlsIO.c @@ -1,10 +1,10 @@ /* * Copyright (C) 1997-2000 Matt Newman * Copyright (C) 2000 Ajuba Solutions * - * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tlsIO.c,v 1.17 2014/12/08 19:09:06 andreas_kupries Exp $ + * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tlsIO.c,v 1.18 2015/05/01 18:44:34 andreas_kupries Exp $ * * TLS (aka SSL) Channel - can be layered on any bi-directional * Tcl_Channel (Note: Requires Trf Core Patch) * * This was built from scratch based upon observation of OpenSSL 0.9.2B @@ -343,10 +343,15 @@ } if (!SSL_is_init_finished(statePtr->ssl)) { bytesRead = Tls_WaitForConnect(statePtr, errorCodePtr); if (bytesRead <= 0) { + if (*errorCodePtr == ECONNRESET) { + /* Soft EOF */ + *errorCodePtr = 0; + bytesRead = 0; + } goto input; } } if (statePtr->flags & TLS_TCL_INIT) { statePtr->flags &= ~(TLS_TCL_INIT); @@ -911,13 +916,10 @@ return -1; } else { continue; } } else if (err == 0) { - if (Tcl_Eof(statePtr->self)) { - return 0; - } dprintf(stderr,"CR! "); *errorCodePtr = ECONNRESET; return -1; } if (statePtr->flags & TLS_TCL_SERVER) { Index: win/makefile.vc ================================================================== --- win/makefile.vc +++ win/makefile.vc @@ -16,11 +16,11 @@ # Copyright (c) 2001 ActiveState Corporation. # Copyright (c) 2001-2002 David Gravereaux. # Copyright (c) 2003-2006 Pat Thoyts # #------------------------------------------------------------------------- -# RCS: @(#)$Id: makefile.vc,v 1.11 2014/12/08 19:09:06 andreas_kupries Exp $ +# RCS: @(#)$Id: makefile.vc,v 1.12 2015/05/01 18:44:34 andreas_kupries Exp $ #------------------------------------------------------------------------- # Check to see we are configured to build with MSVC (MSDEVDIR or MSVCDIR) # or with the MS Platform SDK (MSSDK). Visual Studio .NET 2003 and 2005 define # VCINSTALLDIR instead. The MSVC Toolkit release defines yet another. @@ -162,11 +162,11 @@ # Uncomment the following line if this is a Tk extension. #PROJECT_REQUIRES_TK=1 !include "rules.vc" -DOTVERSION = 1.6.4 +DOTVERSION = 1.6.5 VERSION = $(DOTVERSION:.=) STUBPREFIX = $(PROJECT)stub DLLOBJS = \ $(TMP_DIR)\tls.obj \