Index: ChangeLog
==================================================================
--- ChangeLog
+++ ChangeLog
@@ -1,5 +1,12 @@
+TclTLS 1.7.22
+==========
+
+Release Date: Mon Oct 12 15:40:16 CDT 2020
+
+https://tcltls.rkeene.org/
+
 2015-05-01  Andreas Kupries  <andreask@activestate.com>
 
 	* configure.in: Bump to version 1.6.5.
 	* win/makefile.vc:
 	* configure: regen with ac-2.59

Index: generic/tls.c
==================================================================
--- generic/tls.c
+++ generic/tls.c
@@ -158,11 +158,11 @@
 static void
 InfoCallback(const SSL *ssl, int where, int ret) {
     State *statePtr = (State*)SSL_get_app_data((SSL *)ssl);
     Tcl_Interp *interp	= statePtr->interp;
     Tcl_Obj *cmdPtr;
-    char *major; char *minor;
+    char *major, *minor;
 
     dprintf("Called");
 
     if (statePtr->callback == (Tcl_Obj*)NULL)
 	return;
@@ -3018,36 +3018,11 @@
     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS
 	| OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
 
     BIO_new_tcl(NULL, 0);
 
-#if 0
-    /*
-     * XXX:TODO: Remove this code and replace it with a check
-     * for enough entropy and do not try to create our own
-     * terrible entropy
-     */
-    /*
-     * Seed the random number generator in the SSL library,
-     * using the do/while construct because of the bug note in the
-     * OpenSSL FAQ at http://www.openssl.org/support/faq.html#USER1
-     *
-     * The crux of the problem is that Solaris 7 does not have a
-     * /dev/random or /dev/urandom device so it cannot gather enough
-     * entropy from the RAND_seed() when TLS initializes and refuses
-     * to go further. Earlier versions of OpenSSL carried on regardless.
-     */
-    srand((unsigned int) time((time_t *) NULL));
-    do {
-	for (i = 0; i < 16; i++) {
-	    rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0));
-	}
-	RAND_seed(rnd_seed, sizeof(rnd_seed));
-    } while (RAND_status() != 1);
-#endif
-
 #if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
 	Tcl_MutexUnlock(&init_mx);
 #endif
 
     return status;
 }

Index: generic/tlsInt.h
==================================================================
--- generic/tlsInt.h
+++ generic/tlsInt.h
@@ -40,15 +40,21 @@
 
 /*
  * Backwards compatibility for size type change
  */
 #if TCL_MAJOR_VERSION < 9 && TCL_MINOR_VERSION < 7
+    #include <limits.h>
+    #define TCL_SIZE_MAX INT_MAX
+
     #ifndef Tcl_Size
         typedef int Tcl_Size;
     #endif
 
     #define TCL_SIZE_MODIFIER ""
+    #define Tcl_GetSizeIntFromObj Tcl_GetIntFromObj
+    #define Tcl_NewSizeIntObj     Tcl_NewIntObj
+    #define Tcl_NewSizeIntFromObj Tcl_NewWideIntObj
 #endif
 
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>

Index: win/makefile.vc
==================================================================
--- win/makefile.vc
+++ win/makefile.vc
@@ -1,8 +1,8 @@
 #------------------------------------------------------------- -*- makefile -*-
 #
-# Makefile for TclTLS extensions.
+# Makefile for TCL TLS extension
 #
 # Basic build, test and install
 #   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl
 #   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl test
 #   nmake /f makefile.vc INSTALLDIR=c:\path\to\tcl install
@@ -30,11 +30,11 @@
 	$(TMP_DIR)\tlsIO.obj \
 	$(TMP_DIR)\tlsX509.obj
 
 # Define any additional project include flags
 # SSL_INSTALL_FOLDER = with the OpenSSL installation folder following.
-PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include"
+PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" -I"$(TMP_DIR)"
 
 # Define any additional compiler flags that might be required for the project
 PRJ_DEFINES = -D NO_SSL2 -D NO_SSL3 -D _CRT_SECURE_NO_WARNINGS
 
 #
@@ -57,26 +57,32 @@
 # Project specific targets
 
 all: default-target
 
 clean: default-clean
-	@if exist $(WIN_DIR)\tlsUuid.h del $(WIN_DIR)\tlsUuid.h
 
 realclean: default-hose
-	@if exist $(WIN_DIR)\tlsUuid.h del $(WIN_DIR)\tlsUuid.h
 
 # We must define a pkgindex target that will create a pkgIndex.tcl
 # file in the $(OUT_DIR) directory. We can just redirect to the
 # default-pkgindex target for our sample extension.
 pkgindex: default-pkgindex-tea
 
 $(ROOT)\manifest.uuid:
-   copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid
-   git rev-parse HEAD >>$(ROOT)\manifest.uuid
+    if not exist $(ROOT)\manifest.uuid (
+	copy $(WIN_DIR)\gitmanifest.in $(ROOT)\manifest.uuid
+	where git
+	if ERRORLEVEL 0 (
+	    git rev-parse HEAD >>$(ROOT)\manifest.uuid
+	) else (
+	    echo unknown >>$(ROOT)\manifest.uuid
+	)
+    )
 
-$(WIN_DIR)\tlsUuid.h:	$(ROOT)\manifest.uuid
-	copy $(WIN_DIR)\tlsUuid.h.in+$(ROOT)\manifest.uuid $(WIN_DIR)\tlsUuid.h
+$(TMP_DIR)\tlsUuid.h:	$(ROOT)\manifest.uuid
+	copy $(WIN_DIR)\tlsUuid.h.in+$(ROOT)\manifest.uuid $(TMP_DIR)\tlsUuid.h
+	echo: >>$(TMP_DIR)\tlsUuid.h
 
 
 # The default install target only installs binaries and scripts so add
 # an additional target for our documentation. Note this *adds* a target
 # since no commands are listed after it. The original targets for
@@ -88,9 +94,9 @@
     if exist "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" (
         xcopy /c /y "$(SSL_INSTALL_FOLDER)\bin\libssl-*-x64.dll" "$(PRJ_INSTALL_DIR)"
     )
 
 # Explicit dependency rules
-$(GENERICDIR)\tls.c: $(WIN_DIR)\tlsUuid.h
+$(GENERICDIR)\tls.c: $(TMP_DIR)\tlsUuid.h
 
 # Test package
 test: default-test