Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
History of file generic/tls.c at check-in c072b00aebbdca0d
|
2026-02-12
| ||
| 02:33 | Reverted change to auto select protocol versions to increase backwards compatibility. Too many apps specify the protocols as command line options, but leave off TCL 1.2 and 1.3. Will reinstate this change after OpenSSL removes the depreciated API. file: [d2fc684c88] check-in: [77bdd68ef1] user: bohagan branch: main, size: 103998 | |
|
2026-01-07
| ||
| 18:15 | Simplified setting supported SSL and TLS protocols. We now only use TLS 1.2 and 1.3 unless overridden by the user. file: [26bab7f6c3] check-in: [17cb74a5cf] user: bohagan branch: tls-2.0, size: 103998 | |
|
2025-10-17
| ||
| 07:18 | close fork file: [2eeba3b25b] check-in: [4dfbd811b4] user: jan.nijtmans branch: tls-2.0, size: 104199 | |
| 07:16 | Minor spacing file: [2ad27673ed] check-in: [e831e54d8b] user: jan.nijtmans branch: tls-2.0, size: 106212 | |
|
2025-10-16
| ||
| 21:21 | Updated set ssl/tls protocol version logic for cipher and import commands to use new APIs. file: [74f1473d60] check-in: [e383f27192] user: bohagan branch: tls-2.0, size: 104122 | |
| 18:20 | Updated set DH parameters for servers for OpenSSL 3.0+ APIs. file: [972427a930] check-in: [014250ffb8] user: bohagan branch: tls-2.0, size: 107179 | |
| 09:33 | Fix various compiler warnings (like -Wconversion and -Wc++-compat) file: [9cfdf36f22] check-in: [9a7e09fcca] user: jan.nijtmans branch: tls-2.0, size: 106213 | |
|
2025-10-11
| ||
| 19:10 | Updates for OpenSSL 1.1.1, 3.3. and 3.4 API compatibility file: [53c8f130c3] check-in: [651e6cb534] user: bohagan branch: tls-2.0, size: 106130 | |
|
2025-10-08
| ||
| 01:26 | Added tls::starttls command as an alias for tls::import and tls::shutdown as an alias for tls::unimport. file: [b8f3a2f6ce] check-in: [e09d36ffb5] user: bohagan branch: tls-2.0, size: 105880 | |
|
2025-09-21
| ||
| 23:53 | Added more comments and debug statements. file: [90af2e2202] check-in: [12eb6bb5da] user: bohagan branch: tls-2.0, size: 105650 | |
|
2025-09-18
| ||
| 04:18 | Added Tcl_Preserve for statePtr while timer is running. Moved Tls_Free to eliminate forward declaration. file: [db60f3adba] check-in: [4bf70b79a5] user: bohagan branch: tls-2.0, size: 105645 | |
|
2025-09-06
| ||
| 01:47 | Removed obsolete condition checks for bioShouldRetry. Added version check for SSL_CTX_set_ecdh_auto. file: [dca967c3b5] check-in: [fd6219d6f4] user: bohagan branch: tls-2.0, size: 105608 | |
|
2025-07-11
| ||
| 18:48 | Added pre-check for valid data to Client Hello message processing. Fix for https://github.com/bohagan1/TclTLS/issues/5 file: [5112065411] check-in: [10a9ba20e1] user: bohagan branch: tls-2.0, size: 105560 | |
|
2025-02-23
| ||
| 21:01 | Added session id to hello callback command file: [9553940434] check-in: [2d54d65766] user: bohagan branch: tls-2.0, size: 105394 | |
| 20:09 | Fix to allow for null server name in hello callback. Bug fix for https://github.com/bohagan1/TclTLS/issues/5. file: [df19473c23] check-in: [ac3bfc3713] user: bohagan branch: tls-2.0, size: 105164 | |
| 19:24 | Added check for name type in SNI callback file: [f24c9fad98] check-in: [7fcd555512] user: bohagan branch: tls-2.0, size: 105241 | |
|
2025-02-22
| ||
| 23:57 | Changed -request and -require defaults to be true only for client connections. file: [8764c7429e] check-in: [2afc33512d] user: bohagan branch: tls-2.0, size: 105038 | |
|
2025-02-08
| ||
| 21:05 | Corrections to previous commit file: [3599afe66c] check-in: [b565c0a12a] user: bohagan branch: tls-2.0, size: 104785 | |
|
2025-02-01
| ||
| 23:36 | Made changes to dereference objects returned by Tcl_ListObjIndex and Tcl_ListObjGetElements for TCL 9 abstract lists file: [df5d7390df] check-in: [74ebe7ccce] user: bohagan branch: tls-2.0, size: 104778 | |
|
2025-01-02
| ||
| 23:40 | Changed the default for -tls1 and -tls1.1 options to false. file: [a490a47cab] check-in: [861ff6374c] user: bohagan branch: tls-2.0, size: 102832 | |
| 23:36 | Changed the default for the -require option to true. file: [51d12a8e04] check-in: [7a43d021a4] user: bohagan branch: tls-2.0, size: 102832 | |
|
2024-12-31
| ||
| 04:12 | More comment updates and changes for fast path option file: [9f3b154f0e] check-in: [c61a46b561] user: bohagan branch: main, size: 102801 | |
|
2024-12-29
| ||
| 04:36 | Added IO buffer checks to TlsChannelHandlerTimer mask function. Reordered TlsNotifyProc to check conditions prior to timer deletion. Pass buffer length in MessageCallback. file: [1c80245128] check-in: [6252a3a1f5] user: bohagan branch: main, size: 102756 | |
| 04:18 | Renamed BIO read/write functions to input/output to avoid confusion with API names. Added PKI and Certificates section to docs. Added/updated comments, formatting updates, etc. file: [6556ea2daa] check-in: [3848af25d2] user: bohagan branch: main, size: 102738 | |
|
2024-12-24
| ||
| 04:30 | On Windows, set default value for -castore option to Windows cert store file: [6533cb2d9b] check-in: [cfd2090203] user: bohagan branch: main, size: 102497 | |
|
2024-12-09
| ||
| 00:17 | Fixed issue where some non-error conditions triggered a call to Tls_Error file: [c32e7b3028] check-in: [08e1cd7d4f] user: bohagan branch: main, size: 102258 | |
|
2024-12-08
| ||
| 22:20 | Fixed PasswordCallback when using default tls::password callback to pass all parameters file: [5526768630] check-in: [af42842c6e] user: bohagan branch: main, size: 102392 | |
|
2024-11-30
| ||
| 21:06 | Roll back some type changes from Clientdata to void * and added comments to args file: [7e537d9cb7] check-in: [c951849fa9] user: bohagan branch: main, size: 102661 | |
|
2024-11-29
| ||
| 15:41 | Re-introduce TCL_UNUSED. Some int <-> Tcl_Size fixes. Some more code cleanup file: [449c72e968] check-in: [cc9314fa6e] user: jan.nijtmans branch: main, size: 99667 | |
|
2024-10-26
| ||
| 17:34 | Added support for loading CA certificates from virtual file systems. Source: https://core.tcl-lang.org/tcltls/tktview/030c713ca2 file: [25505d8d36] check-in: [b70fbfd8cf] user: bohagan branch: tls-1.8, size: 99869 | |
| 16:38 | Removed obsolete RCS version strings. Added file header info. file: [99b0260693] check-in: [fbdf0eae0a] user: bohagan branch: tls-1.8, size: 96531 | |
| 16:08 | Removed extra padding, convert spaces to tabs, etc. file: [87532f6227] check-in: [1ef3d3faef] user: bohagan branch: tls-1.8, size: 96456 | |
|
2024-10-25
| ||
| 05:13 | More TCL9 updates file: [08752c37a7] check-in: [ea36bcf6c4] user: bohagan branch: tls-1.8, size: 96457 | |
|
2024-10-05
| ||
| 17:46 | Changes to fix warnings file: [25bb520bd7] check-in: [c747afd200] user: bohagan branch: tls-1.8, size: 96444 | |
|
2024-07-07
| ||
| 15:23 | Changed to use Tcl_PkgRequireEx, only call if not using stubs. file: [c902e2c2b4] check-in: [57cd9143b5] user: bohagan branch: tls-1.8, size: 96400 | |
|
2024-07-06
| ||
| 04:17 | Made updates to enhance event processing, I/O operations, etc. to address reports of stalled connections, etc. file: [99e542a0c2] check-in: [e3d4330c95] user: bohagan branch: tls-1.8, size: 96386 | |
|
2024-07-01
| ||
| 01:08 | Changed to send SSL_shutdown as part of BIO close channel handler rather than Tls_Clean. file: [2cf7b99093] check-in: [1505883e4a] user: bohagan branch: tls-1.8, size: 96220 | |
|
2024-06-29
| ||
| 19:21 | Backed out changes to provide error status when setting -cadir, -cafile, and -castore options. Breaks IO test cases. file: [6e62c9c865] check-in: [89536252d5] user: bohagan branch: tls-1.8, size: 96561 | |
| 02:46 | Added comments and function preamble comments to BIO and IO files. file: [636b102381] check-in: [9e79f40ed5] user: bohagan branch: tls-1.8, size: 97011 | |
|
2024-06-28
| ||
| 19:33 | Updated Tls_NewX509Obj to use Tcl_Objs for returned hex values. Use a dynamically allocated temp buffer. file: [d5754546f3] check-in: [121a81e392] user: bohagan branch: tls-1.8, size: 96932 | |
|
2024-06-25
| ||
| 22:22 | Changed Tls_NewX509Obj to not use stack space for all and certificate buffers. This reduces the possibility of a stack overflow. file: [d36478ef49] check-in: [17ee565eed] user: bohagan branch: tls-1.8, size: 96636 | |
|
2024-06-23
| ||
| 01:46 | Updates to provide error status when setting -cadir, -cafile, and -castore options. file: [bba2dae983] check-in: [568f5bc7ec] user: bohagan branch: tls-1.8, size: 96630 | |
| 01:39 | Undo change in OpenSSL 1.1.1 which enabled SSL_MODE_AUTO_RETRY. This will avoid hangs in blocking mode after an non-app record is received, but an app record is not yet available. Also enabled SSL_MODE_ENABLE_PARTIAL_WRITE, which allows writes with fewer than all records written to be successful. file: [b62ec44bb1] check-in: [991ab74cdd] user: bohagan branch: tls-1.8, size: 96153 | |
|
2024-06-20
| ||
| 01:01 | Added support for setting the certificate store file: [9112e257e3] check-in: [1cabc3b8f2] user: bohagan branch: tls-1.8, size: 95865 | |
|
2024-06-19
| ||
| 20:40 | Added more connection status file: [1e500c198d] check-in: [ab1aa551c0] user: bohagan branch: tls-1.8, size: 94832 | |
|
2024-06-16
| ||
| 20:23 | Added shutdown handler file: [c568200b91] check-in: [2e607e483a] user: bohagan branch: tls-1.8, size: 93854 | |
|
2024-06-15
| ||
| 21:49 | Removed obsolete locking code and added support for checking system OpenSSL config file for crypto policies. file: [5d61adfac5] check-in: [449470132e] user: bohagan branch: tls-1.8, size: 93485 | |
|
2024-06-06
| ||
| 05:20 | Added back option to enable debug mode that was lost in conversion to new TEA build system file: [ec7ae85081] check-in: [7e60e66f64] user: bohagan branch: tls-1.8, size: 94786 | |
| 01:21 | Merged in generate tls.tcl.h and debug mode option changes file: [c4b8d40b20] check-in: [d00f5eca5d] user: bohagan branch: crypto, size: 89316 | |
|
2024-06-05
| ||
| 03:02 | Replaced old method of including tls.tcl file in compiled library with a cross-platform compatible method file: [b933816499] check-in: [1f8b36d9a4] user: bohagan branch: tls-1.8, size: 94642 | |
|
2024-05-29
| ||
| 20:34 | Eliminate tls_free_type, that can be done smarter without the typecasts everywhere file: [0bbe388ea9] check-in: [216954cfae] user: jan.nijtmans branch: main, size: 93314 | |
| 01:30 | Merged in changes from master file: [5693b2c98c] check-in: [9d265b298a] user: bohagan branch: crypto, size: 89308 | |
| 01:07 | Optimized types and casting file: [f31356b00f] check-in: [5deb755d1d] user: bohagan branch: tls-1.8, size: 94634 | |
|
2024-05-28
| ||
| 15:27 | Smarter way to handle typecasting in Tls_Free() file: [4f26995be5] check-in: [402b6db186] user: jan.nijtmans branch: nijtmans, size: 53159 | |
| 15:08 | Fix Tls_Error() signature file: [6655a24c69] check-in: [bc6ff74449] user: jan.nijtmans branch: bohagan, size: 89910 | |
| 15:00 | Fix Tls_Error() signature file: [2dddb83a48] check-in: [53b28536f9] user: jan.nijtmans branch: nijtmans, size: 53191 | |
| 14:12 | tlsUuid.h should be built in $(TMP_DIR), not $(WIN_DIR). Eliminate some MSVC warnings file: [ebb46352fe] check-in: [6bd083aecb] user: jan.nijtmans branch: main, size: 93438 | |
|
2024-05-27
| ||
| 22:45 | Make error message a const string file: [4a79a9db30] check-in: [c5a4009f73] user: bohagan branch: tls-1.8, size: 94607 | |
| 15:11 | Fix Tls_Error() function signature file: [1921191aca] check-in: [86bf966f5b] user: jan.nijtmans branch: main, size: 93428 | |
| 15:01 | Make TCL_UNUSED() work here. Some indenting changes. file: [4bb905fa6a] check-in: [c3b40dfa2a] user: jan.nijtmans branch: main, size: 93422 | |
|
2024-05-19
| ||
| 18:50 | Merge in changes from master file: [15ea667e37] check-in: [911e1b65a9] user: bohagan branch: crypto, size: 89274 | |
| 17:16 | Updated unimport channel so it restores channel config after unstack. Will now work on any stacked channel. file: [cd25c54305] check-in: [b3f0973a4c] user: bohagan branch: tls-1.8, size: 94601 | |
| 15:59 | Fixed memory leak in unimport channel file: [94f84a44e7] check-in: [262ec2d5d9] user: bohagan branch: tls-1.8, size: 92898 | |
|
2024-05-11
| ||
| 01:46 | Added version check for SSL_get_signature_type_nid API added in OpenSSL 1.1.1a. This is needed for Ubuntu 18.04 LTS. file: [5901aadd4f] check-in: [8af8ef15f0] user: bohagan branch: tls-1.8, size: 92877 | |
|
2024-03-26
| ||
| 21:28 | Minor cleanups to remove obsolete code and add missing change log entry file: [eb71938a0b] check-in: [bb89d73224] user: bohagan branch: tls-1.8, size: 92795 | |
|
2024-03-15
| ||
| 22:17 | Fix warnings for compile with GCC on TCL 9.0 file: [62e132dc18] check-in: [562bd95399] user: bohagan branch: trunk, size: 93693 | |
| 22:17 | Fix warnings for compile with GCC on TCL 9.0 file: [bcc60fdf89] check-in: [eae5afbb83] user: bohagan branch: crypto, size: 88529 | |
|
2024-03-12
| ||
| 14:30 | Merge trunk file: [3dad396c4f] check-in: [c005e3d09b] user: jan.nijtmans branch: bohagan, size: 89904 | |
| 14:21 | More simple code formatting ... no change in functionality file: [02ab8298f1] check-in: [f69776b946] user: jan.nijtmans branch: nijtmans, size: 53185 | |
|
2024-03-11
| ||
| 02:15 | Merge in build-info command and TEA updates file: [cad12de55d] check-in: [3d9a852fc6] user: bohagan branch: crypto, size: 88421 | |
|
2024-03-10
| ||
| 23:26 | Added TCL 9.0 build-info command including support for UUID files. Altered scripts from sample extension to put tlsUuid.h in WIN_DIR not TMP_DIR. file: [a34923e145] check-in: [c5526c14fd] user: bohagan branch: trunk, size: 93585 | |
| 05:56 | Added global namespace qualifier to command names. Catch error for eval embedded tls.tcl script. file: [1e32f24336] check-in: [c0bbfde5a4] user: bohagan branch: crypto, size: 86656 | |
| 05:48 | Added global namespace qualifier to command names. Catch error for eval embedded tls.tcl script. file: [3d6d35a575] check-in: [17e4fbdf88] user: bohagan branch: trunk, size: 91819 | |
|
2024-03-05
| ||
| 14:37 | Formatting (taken over from bohagan) file: [e096bf5253] check-in: [2568fd9c5d] user: jan.nijtmans branch: bohagan, size: 89602 | |
|
2024-02-28
| ||
| 05:26 | Merged changes from master file: [6611dfd0b6] check-in: [bfb516156c] user: bohagan branch: crypto, size: 86614 | |
| 04:42 | In password callback, added check for password > max size. Also added null terminator. file: [074ad76419] check-in: [3866a025e0] user: bohagan branch: trunk, size: 91771 | |
|
2024-02-27
| ||
| 16:29 | Take over change in tls.c too (from same commit) file: [be27cdc273] check-in: [eecbce78ef] user: jan.nijtmans branch: bohagan, size: 89628 | |
| 05:05 | Removed unneeded initialize dstrings. file: [0e25730e3b] check-in: [6ffc298e51] user: bohagan branch: trunk, size: 91605 | |
|
2024-02-24
| ||
| 22:32 | Merge trunk file: [41a05faa4a] check-in: [47f7634a14] user: jan.nijtmans branch: bohagan, size: 89615 | |
| 22:22 | Clean-up gcc compiler warnings file: [5e701cf08b] check-in: [d966a301eb] user: bohagan branch: trunk, size: 91791 | |
| 22:07 | Eliminate some deprecated function usages. Disable ssl3 by default too (just as ssl2) file: [688305c24b] check-in: [3090c676df] user: jan.nijtmans branch: nijtmans, size: 52628 | |
| 21:07 | Improve error-handling, e.g. using Tcl_SetErrorCode() file: [22deb29539] check-in: [e8f554a732] user: jan.nijtmans branch: nijtmans, size: 52508 | |
| 03:57 | Merged in changes from master file: [2435fc4bff] check-in: [603eb0c0ba] user: bohagan branch: crypto, size: 86634 | |
| 03:26 | Added back initialize dynamic strings since Tcl_TranslateFileName doesn't initialize them file: [69b432401c] check-in: [ccb3824e44] user: bohagan branch: trunk, size: 91754 | |
| 03:02 | Clean up return statements file: [2c8caab3b7] check-in: [a9e4d32d68] user: bohagan branch: trunk, size: 91533 | |
| 02:02 | Added missing cast nulls to char pointer file: [d1d4cc8897] check-in: [ea98e5c0da] user: bohagan branch: trunk, size: 91550 | |
|
2024-02-23
| ||
| 23:57 | Optimized get string from object file: [9c4ead6c33] check-in: [5130ce9e72] user: bohagan branch: trunk, size: 91433 | |
| 22:57 | Use LAPPEND_STR() and friends file: [6f7de4fd54] check-in: [6e95e7672d] user: jan.nijtmans branch: nijtmans, size: 52210 | |
| 21:27 | REASON() -> GET_ERR_REASON(). Add some more utilities to tlsInt.h (not used yet) file: [cf8594fd4b] check-in: [42f5f29486] user: jan.nijtmans branch: nijtmans, size: 52674 | |
| 15:08 | Merge trunk file: [c4917ab97f] check-in: [ea8c67f798] user: jan.nijtmans branch: bohagan, size: 90482 | |
| 14:48 | Merge "dh" branch from: [https://chiselapp.com/user/bohagan/repository/TCLTLS/timeline?r=dh]. The "gen_dh_params" script is no longer necessary file: [f15837cdac] check-in: [6aeb4fa6ee] user: jan.nijtmans branch: nijtmans, size: 52652 | |
| 13:21 | Merge trunk file: [d656aab335] check-in: [c7b67bc013] user: jan.nijtmans branch: bohagan, size: 90511 | |
| 13:08 | Add "tls::build-info" command file: [a40898e09d] check-in: [355a10cf0e] user: jan.nijtmans branch: nijtmans, size: 52470 | |
|
2024-02-22
| ||
| 15:27 | Merge trunk file: [b894390529] check-in: [c61ea12657] user: jan.nijtmans branch: bohagan, size: 89101 | |
| 13:49 | A lot of formatting, no change in functionality. file: [0d8631d8e5] check-in: [46ffe75283] user: jan.nijtmans branch: nijtmans, size: 51083 | |
|
2024-02-21
| ||
| 23:10 | Few more tweaks file: [d561fadbc4] check-in: [195f14da6c] user: jan.nijtmans branch: nijtmans, size: 51382 | |
| 22:57 | Stop support for OpenSSL < v1.1.1 file: [7287ba0204] check-in: [f2101dcc16] user: jan.nijtmans branch: nijtmans, size: 51349 | |
|
2024-02-20
| ||
| 22:09 | Merge trunk file: [c996e233ea] check-in: [6853760139] user: jan.nijtmans branch: bohagan, size: 91461 | |
| 20:57 | "make install" now works on MacOS too (uses .dylib in stead of .so, no "doc" yet) file: [ac73771fae] check-in: [6778f7f147] user: jan.nijtmans branch: nijtmans, size: 51577 | |
| 14:58 | Renamed tls.c → generic/tls.c. Move all *.c and *.h files to the /generic/ directory. Update win/makefile.vc from [https://chiselapp.com/user/bohagan/repository/TCLTLS/index] file: [90806f56c7] check-in: [b921cb3e6e] user: jan.nijtmans branch: nijtmans, size: 51578 | |
| 14:58 | Renamed to generic/tls.c. Move all *.c and *.h files to the /generic/ directory. Update win/makefile.vc from [https://chiselapp.com/user/bohagan/repository/TCLTLS/index] check-in: [b921cb3e6e] user: jan.nijtmans branch: nijtmans, size: 0 | |
| 13:30 | Use (char *)NULL as sentinel in Tcl_AppendResult() file: [90806f56c7] check-in: [ab6b683a51] user: jan.nijtmans branch: nijtmans, size: 51578 | |
| 13:00 | Make all C-/H-files Tcl 9-ready, with all kinds of code-cleanup. Build environment not handled yet. file: [03228c38ef] check-in: [ceb72b0012] user: jan.nijtmans branch: nijtmans, size: 51434 | |
|
2024-02-19
| ||
| 21:55 | Less compiler warnings file: [b29b9e852d] check-in: [0cfe6dfb3c] user: jan.nijtmans branch: nijtmans, size: 52394 | |
| 20:16 | Merge tls-1.7 file: [5ad13a5c03] check-in: [8e0be2f6e9] user: jan.nijtmans branch: nijtmans, size: 52448 | |
| 19:23 | No need to allocate a Tcl_ChannelType file: [afc2bb3178] check-in: [7af51313f8] user: jan.nijtmans branch: tls-1.7, size: 52482 | |
|
2024-02-16
| ||
| 13:54 | Merge 1.7 file: [484811ec37] check-in: [b8b1970122] user: jan.nijtmans branch: nijtmans, size: 52461 | |
| 13:53 | Remove all end-of-line spacing file: [833e387a32] check-in: [9345b54eaa] user: jan.nijtmans branch: tls-1.7, size: 52463 | |
|
2024-02-12
| ||
| 10:39 | Merge 1.8 file: [66160cd5f2] check-in: [3824e80ab5] user: jan.nijtmans branch: codebykevin, size: 52557 | |
| 10:32 | Merge 1.7. Forget about Tcl < 8.6 for this branch file: [959c6dc2b0] check-in: [01caf8a372] user: jan.nijtmans branch: nijtmans, size: 52492 | |
| 10:22 | Tcl_GetStringFromObj() -> Tcl_GetString(). Update ChangeLog/README.txt file: [490c867d5b] check-in: [663996a17b] user: jan.nijtmans branch: tls-1.7, size: 52494 | |
|
2024-02-11
| ||
| 20:51 | Merged changes from master. file: [e039ae1932] check-in: [45be9618dc] user: bohagan branch: crypto, size: 86494 | |
| 02:16 | Corrected memory leaks in use of dynamic strings file: [489d26f33a] check-in: [6287936460] user: bohagan branch: trunk, size: 91587 | |
|
2024-02-10
| ||
| 22:03 | Updated callback info in doc file file: [26178e45e1] check-in: [a1c3e96ef5] user: bohagan branch: trunk, size: 91448 | |
| 20:37 | Refactored set default CA certificates path and file to allow env vars to override defaults. file: [0fd30b2572] check-in: [cdb6cd6aa6] user: bohagan branch: trunk, size: 91020 | |
|
2024-02-09
| ||
| 19:24 | Added more error messages and quoted certificate fail message. file: [675528fb5b] check-in: [e3e0021e31] user: bohagan branch: trunk, size: 90904 | |
|
2024-02-06
| ||
| 02:42 | Added provider test cases file: [08e7f9d341] check-in: [5a41ff9aa1] user: bohagan branch: crypto, size: 85654 | |
|
2024-02-05
| ||
| 00:55 | Code updates for gcc warnings file: [76576d8a94] check-in: [7e672606f5] user: bohagan branch: trunk, size: 90713 | |
|
2024-02-04
| ||
| 23:25 | Code updates for gcc warnings file: [0f9a22b39e] check-in: [e58f2c78c8] user: bohagan branch: crypto, size: 85654 | |
| 03:31 | Merged changes from master branch file: [9e57ea75de] check-in: [fa17431520] user: bohagan branch: crypto, size: 85498 | |
|
2024-02-03
| ||
| 03:15 | Added more IO logging and error callback messages. Removed duplicate messages. file: [893e5c4546] check-in: [a3728bd654] user: bohagan branch: trunk, size: 90539 | |
|
2024-02-02
| ||
| 03:33 | Added more logging messages and updated get error message macro name file: [ea83c6521f] check-in: [fad32ff05f] user: bohagan branch: trunk, size: 90571 | |
|
2024-01-25
| ||
| 22:56 | Extracted from https://www.codebykevin.com/fossil.cgi/tcltls file: [8a6e3d7442] check-in: [737ebb9576] user: jan.nijtmans branch: codebykevin, size: 52708 | |
|
2024-01-24
| ||
| 14:35 | First changes needed for Tcl 9.0 file: [ff2cf80f27] check-in: [3057d6e2e0] user: jan.nijtmans branch: nijtmans, size: 52568 | |
|
2023-12-29
| ||
| 21:12 | Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f file: [afd3785b3b] check-in: [41e1203724] user: bohagan branch: trunk, size: 90378 | |
| 21:09 | Cast unused parameters to void to prevent unused parameter warnings Source: https://core.tcl-lang.org/tcltls/tktview/086954612f file: [4d8cd20913] check-in: [f586ebd433] user: bohagan branch: crypto, size: 85296 | |
| 03:09 | Merged in master changes file: [b9807f7867] check-in: [d2d04c75a0] user: bohagan branch: crypto, size: 85272 | |
| 03:09 | Merged in dh branch file: [a4e2c18a75] check-in: [594dfd3195] user: bohagan branch: trunk, size: 90369 | |
| 03:09 | Updated to auto set DH parameters. Updated to use well known Diffie-Hellman (DH) parameters that have built-in support in OpenSSL. This means the DH parameters will be selected to be consistent with the size of the key associated with the server's certificate. If there is no certificate (e.g. for PSK ciphersuites), then it it will be consistent with the size of the negotiated symmetric cipher key. file: [54886bd843] check-in: [d3d16ea77f] user: bohagan branch: dh, size: 90364 | |
|
2023-12-28
| ||
| 20:01 | Created DH branch file: [7c1b9c1884] check-in: [22f9df2429] user: bohagan branch: dh, size: 90219 | |
| 03:00 | Added random bytes command to generate random bytes using a cryptographically secure pseudo random generator (CSPRNG). file: [c0cfa2b008] check-in: [baa34f4208] user: bohagan branch: crypto, size: 84798 | |
|
2023-12-21
| ||
| 20:15 | Merged in master changes file: [578f1e1218] check-in: [265ace08fe] user: bohagan branch: crypto, size: 84768 | |
| 19:56 | Optimized Init stub load and package require. Use general pkhIndex.tcl file. file: [42a5997f51] check-in: [c498845865] user: bohagan branch: trunk, size: 90221 | |
|
2023-12-16
| ||
| 04:56 | Changed options processing from using string compares in macros to using Tcl_GetIndexFromObj and switch. file: [5f4251e5e6] check-in: [c7540ccbf1] user: bohagan branch: crypto, size: 84893 | |
|
2023-12-11
| ||
| 05:24 | Added KDF module to derive keys and ivs from passwords and salts. Added -hash option as alias for -digest. file: [4273abe6e0] check-in: [d4c2159faf] user: bohagan branch: crypto, size: 82968 | |
|
2023-12-04
| ||
| 03:56 | Split list operations into separate functions to make it easier for OpenSSL 3.0 changes. Added pkey list function. Added mac info and pkey info placeholder functions. More checks for NULL pointers. Moved legacy load ciphers and digest to init routine. file: [63ca861d17] check-in: [9e6e94200c] user: bohagan branch: crypto, size: 82939 | |
|
2023-12-02
| ||
| 04:25 | Added function to encrypt and decrypt data file: [3ece83c57b] check-in: [b395f93924] user: bohagan branch: crypto, size: 82722 | |
|
2023-11-27
| ||
| 02:15 | Backport changes from crypto branch including change -securitylevel option to -security_level. Optimized binary to hex conversion. file: [d44fcd8515] check-in: [d351d79642] user: bohagan branch: trunk, size: 90346 | |
|
2023-11-21
| ||
| 03:44 | Add digest and MAC use of EVP_DigestFinalXOF for XOF hash functions. Renamed security level option from -securitylevel to -security_level. Added more description info to digest and hash documentation. Added examples for tls::digest command to documentation. file: [66b088c361] check-in: [c5c9b26ac8] user: bohagan branch: crypto, size: 82689 | |
|
2023-11-18
| ||
| 05:59 | Optimized DigestInputProc to use common digest functions. Fixed write to channel digest transform. Updated comments file: [0db9f8be24] check-in: [3120c0a647] user: bohagan branch: crypto, size: 82686 | |
|
2023-11-03
| ||
| 22:03 | Moved info commands to tlsInfo.c file. Moved REASON macro definition to tlsInt.h file so all files can use. file: [2858ec05c6] check-in: [61a7c2c15a] user: bohagan branch: crypto, size: 82682 | |
|
2023-10-27
| ||
| 23:01 | Moved digest command to new tlsDigest.c file file: [860bf39ae0] check-in: [b120c6d336] user: bohagan branch: crypto, size: 91841 | |
|
2023-10-14
| ||
| 23:16 | Updated digests command to filter out RSA digests since only used for signature algorithms. file: [5aecfbd855] check-in: [0a899f2c18] user: bohagan branch: crypto, size: 95326 | |
| 21:35 | Optimized byte array to hex conversions file: [e558c674d7] check-in: [049f9cb970] user: bohagan branch: crypto, size: 95180 | |
|
2023-10-11
| ||
| 23:13 | Renamed hash command to digest and hashes command to digests. file: [33f81c89e9] check-in: [38f5e78596] user: bohagan branch: crypto, size: 95121 | |
| 22:34 | Modified ciphers command to make protocol arg optional to list all supported ciphers. file: [3f80fde031] check-in: [a44d361c13] user: bohagan branch: crypto, size: 95021 | |
|
2023-10-10
| ||
| 04:10 | Added hashes command to list OpenSSL supported hash digests. file: [d77314704b] check-in: [78cf378796] user: bohagan branch: crypto, size: 94288 | |
| 02:43 | Added hash command to calculate hash using any OpenSSL digest. Added convenience commands for md4, md5, sha1, and sha-256 digests. file: [30dc12770e] check-in: [cafd2dc6ba] user: bohagan branch: crypto, size: 93252 | |
| 00:06 | Created cryptography branch file: [a4b3c334bf] check-in: [0cd384c2ff] user: bohagan branch: crypto, size: 89897 | |
|
2023-09-24
| ||
| 20:12 | Moved definition of Append to List macros to tlsInt.h. Updated tls.c to use Append to List macros. file: [f4a59d7949] check-in: [28d6418fa7] user: bohagan branch: trunk, size: 90229 | |
|
2023-09-23
| ||
| 22:37 | Updates for TCL 9.0 and Tcl_Size change file: [6525346f21] check-in: [c740ba0cb8] user: bohagan branch: trunk, size: 93217 | |
|
2023-09-02
| ||
| 22:07 | Added verify result to handshake fail error message. file: [b2882089e7] check-in: [2e3a232d85] user: bohagan branch: trunk, size: 92696 | |
| 21:13 | Set automatic curve selection for ECDH temporary keys used during key exchange. Used to make a server always choose the most appropriate curve for a client. Disable compression even if supported. file: [050ef8b065] check-in: [1dbae1afec] user: bohagan branch: trunk, size: 92512 | |
| 20:03 | Changed to only allow SSL2 and SSL3 to be manually enabled. See RFC 8996, Deprecating TLS 1.0 and TLS 1.1. Also see NIST SP 800-52r2 which requires TLS 1.2 and TLS 1.3, should not use TLS 1.1, and shall not use TLS 1.0, SSL 3.0, or SSL 2.0. file: [a404941892] check-in: [9d1bdab9a6] user: bohagan branch: trunk, size: 92162 | |
|
2023-08-28
| ||
| 01:56 | Added load CA file comments file: [18bce24fbb] check-in: [d4b5b9bd2a] user: bohagan branch: status_x509, size: 92428 | |
|
2023-08-19
| ||
| 20:30 | Updated ConnectionInfoObjCmd to localize variables file: [4969f5a74b] check-in: [070af72ccb] user: bohagan branch: status_x509, size: 91951 | |
| 18:04 | Optimized CiphersObjCmd to use method variable. file: [8772a03dc7] check-in: [543e7ab6d3] user: bohagan branch: status_x509, size: 91855 | |
|
2023-08-13
| ||
| 01:00 | Added get CA list to connection status file: [3a81d8a8fc] check-in: [c95df396da] user: bohagan branch: status_x509, size: 91801 | |
|
2023-08-12
| ||
| 04:07 | Added session context, basic constraints, and publickeyhash status file: [59bf4e72f6] check-in: [4a0a74f238] user: bohagan branch: status_x509, size: 91234 | |
|
2023-08-10
| ||
| 03:16 | Reordered get parameters in Tls_NewX509Obj to follow RFC 5280 section order. Added get self issued, Key usage, Extended Key usage, and purpose values. Added more comments, optimized code, etc. file: [5b3a9ccd27] check-in: [10bcd4c88f] user: bohagan branch: status_x509, size: 90876 | |
|
2023-07-31
| ||
| 02:17 | Added verify depth and mode status to connection status, renamed signatureType and signatureType file: [876a0b1ced] check-in: [87010ba1d9] user: bohagan branch: status_x509, size: 90773 | |
|
2023-07-30
| ||
| 02:53 | Updated default callbacks in tls.tcl file file: [b314eff29c] check-in: [cdb51c799e] user: bohagan branch: errors_and_callbacks, size: 89573 | |
| 02:09 | Add match result to ALPN callback parameters. This indicates if a common protocol was found or not. file: [45bcc590a0] check-in: [75f1cfb376] user: bohagan branch: errors_and_callbacks, size: 89137 | |
| 00:20 | Updated password callback to add rwflag size arguments to callback. Callback now works like other callbacks with the function followed by args. Refactored get result processing. Added more info to doc file. file: [c6cfb160ec] check-in: [c072b00aeb] user: bohagan branch: errors_and_callbacks, size: 89046 | |
|
2023-07-29
| ||
| 21:33 | Added message status to callback command results. It is only available when OpenSSL is complied with the enable-ssl-trace option. file: [a5b24e4b6d] check-in: [5ddead759f] user: bohagan branch: errors_and_callbacks, size: 88623 | |
|
2023-07-28
| ||
| 19:42 | Set ErrorCode for returned errors file: [d37fbac857] check-in: [d7ece0aec4] user: bohagan branch: errors_and_callbacks, size: 85356 | |
| 17:01 | Disabled skip channel IO during verify callback processing. Call Tcl_Error for connect/handshake errors. file: [fa1e23179a] check-in: [6866efe8ea] user: bohagan branch: errors_and_callbacks, size: 84348 | |
| 16:07 | Refactored Tls_Error handler to not set errorCode. Use error message, return result, or if none, fall-back to OpenSSL error queue. Added clear OpenSSL errors to start of each command function to remove old error messages. file: [477116b5a6] check-in: [e85a439068] user: bohagan branch: errors_and_callbacks, size: 84210 | |
|
2023-07-24
| ||
| 23:12 | Comment and documentation updates. Added more checks for supported protocol versions. file: [8e541b360a] check-in: [a4c50c7c74] user: bohagan branch: errors_and_callbacks, size: 84023 | |
|
2023-07-21
| ||
| 23:29 | Removed connect or handshake errors trigger background error. Removed Tls_Error call to background error handler when a callback command isn't defined. This would occur during connect/handshake errors. Fixes bug: https://core.tcl-lang.org/tcltls/tktview/2c7b748796 file: [459c02ba4b] check-in: [6a11f12158] user: bohagan branch: errors_and_callbacks, size: 83745 | |
| 23:01 | Added new option -validatecommand to handle callbacks that require a return value. Consolidated evaluate callback commands into one function EvalCallback. Return alert codes for callbacks. Added more comments to callback functions. file: [d05c00dc5b] check-in: [91ff651d51] user: bohagan branch: errors_and_callbacks, size: 84109 | |
|
2023-07-16
| ||
| 18:41 | Added Next Protocol Negotiation (NPN) for TLS 1.0 to TLS 1.2. file: [6f8aac6c9a] check-in: [f7b84d671a] user: bohagan branch: errors_and_callbacks, size: 82875 | |
| 17:26 | Added alert type to info callback parameters and refactored code. file: [a232f29e3c] check-in: [0aa8ad9487] user: bohagan branch: errors_and_callbacks, size: 81255 | |
| 16:02 | Register ALPN callbacks only if protocols defined. Catch more errors in callbacks, return after set return values. file: [459b6052cb] check-in: [3b2e00d8a5] user: bohagan branch: errors_and_callbacks, size: 81208 | |
|
2023-07-09
| ||
| 22:46 | Changed to pass verify ok results string to callback. Renamed certificate status signature_hash to signatureHashAlgorithm. file: [55d19f65b6] check-in: [a5858c387a] user: bohagan branch: status_x509, size: 81017 | |
|
2023-06-18
| ||
| 21:47 | Added post handshake cert request option file: [57bb811cee] check-in: [fec0e414e9] user: bohagan branch: status_x509, size: 81100 | |
|
2023-06-17
| ||
| 23:09 | Added signature hash and type to connection status Changed validation result to verification. file: [15b3de1fe1] check-in: [e02e24c84a] user: bohagan branch: status_x509, size: 80626 | |
|
2023-06-16
| ||
| 18:04 | Change to use NULL for empty pointers file: [03a1400f39] check-in: [ee0728f6d6] user: bohagan branch: status_x509, size: 79882 | |
|
2023-06-11
| ||
| 23:26 | Use client or server methods instead of generic methods for protocol version selection file: [311a8c5ace] check-in: [f9da715266] user: bohagan branch: status_x509, size: 80037 | |
| 20:12 | Optimized get X509 certificate extensions file: [65ec9cb148] check-in: [eccad70fa9] user: bohagan branch: status_x509, size: 79701 | |
| 02:27 | Added more X509 certificate status info, show algorithm names, list used extensions, etc. file: [fb9e2c2ae2] check-in: [7265279af2] user: bohagan branch: status_x509, size: 79702 | |
|
2023-06-10
| ||
| 21:25 | Added master key, is server, and ticket lifetime to connection status. Reordered connection status results for better grouping. file: [34dae888de] check-in: [4e75be42e6] user: bohagan branch: status_x509, size: 79783 | |
| 20:33 | Set protocol version method based on client or server option. file: [a24507cd1f] check-in: [50c71137cb] user: bohagan branch: status_x509, size: 78524 | |
| 19:45 | Added ALPN callback update to catch and return errors in select next protocol. file: [3072fade94] check-in: [1a03a74d6e] user: bohagan branch: status_x509, size: 78444 | |
|
2023-06-05
| ||
| 02:47 | More callback error checking. Added session ticket callback handling. Split set client and server session caching callbacks. file: [bf31ce69c0] check-in: [e1f08bc122] user: bohagan branch: status_x509, size: 77953 | |
| 02:09 | Use SSL connection states instead of custom states. file: [a126391165] check-in: [3d083cdfaf] user: bohagan branch: status_x509, size: 77524 | |
|
2023-06-04
| ||
| 03:20 | Set host name for certificate checks. Pass peer specified host name to Hello callback. Set host name for certificate checks. This is separate from SNI. Added peername to status command results. Source: https://core.tcl-lang.org/tcltls/tktview/b023257dcf and https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 file: [62ec7882d5] check-in: [65f84287e7] user: bohagan branch: status_x509, size: 77639 | |
|
2023-06-03
| ||
| 22:33 | Added ALPN callback protocol selection. In ALPNCallback, server select from client provided protocol list uses -alpn protocols list to find first common protocol. file: [36d88366bc] check-in: [f50ee33fd6] user: bohagan branch: status_x509, size: 76135 | |
|
2023-06-02
| ||
| 22:23 | Added compression state to connection status file: [edf428a0fb] check-in: [e5975c8072] user: bohagan branch: status_x509, size: 75712 | |
|
2023-05-29
| ||
| 23:15 | Added server callbacks for ALPN, SNI, and Hello messages file: [30923f52a9] check-in: [a04a3aef6b] user: bohagan branch: status_x509, size: 75640 | |
|
2023-05-27
| ||
| 21:14 | Optimized use of pointers and comment format updates. file: [78a5edc11d] check-in: [500c6b97d6] user: bohagan branch: status_x509, size: 68331 | |
| 19:20 | Added session id and ticket to connection status. Added callback to handle session id and ticket updates after the handshake. file: [6e32fbd0db] check-in: [489f45bd81] user: bohagan branch: status_x509, size: 68304 | |
| 03:06 | Removed support for obsolete OpenSSL versions prior to v1.1.1. file: [c78a7d27a7] check-in: [0de7b4fc0a] user: bohagan branch: status_x509, size: 64125 | |
|
2023-05-26
| ||
| 22:43 | Added set security level option to set all relevant parameters including cipher suite, encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key sizes and signature algorithms in one operation. file: [0c71e3381c] check-in: [32ce5d6220] user: bohagan branch: status_x509, size: 67292 | |
|
2023-05-24
| ||
| 02:40 | Added new option -ciphersuites to set ciphers suites for TLS 1.3. Addresses defect: https://core.tcl-lang.org/tcltls/tktview/d0518a5645 file: [57a6f16cff] check-in: [cd11c125e8] user: bohagan branch: status_x509, size: 66797 | |
| 01:18 | Updated ciphers command to use current APIs and added an option to return only ciphers as would be sent in ClientHello. Updated test suite to use OpenSSL executable to get ciphers comparison data. Added more test cases. Addresses defects: https://core.tcl-lang.org/tcltls/tktview/688788a45c and https://sourceforge.net/p/tls/bugs/36/ file: [f33536e873] check-in: [05b2dd47be] user: bohagan branch: status_x509, size: 66321 | |
|
2023-05-20
| ||
| 04:46 | Added get supported protocol versions command file: [138bbe9b64] check-in: [168ce6abb1] user: bohagan branch: status_x509, size: 65830 | |
| 00:56 | Added new connection info command which returns connection configuration and status. file: [4728c9082f] check-in: [04e10976f7] user: bohagan branch: status_x509, size: 64046 | |
|
2023-05-13
| ||
| 20:25 | Deleted: Merged TEA branch into master check-in: [6c02d4d029] user: bohagan branch: trunk, size: 0 | |
|
2023-05-06
| ||
| 19:35 | Replaced custom build scripts with TEA scripts. Removed custom build scripts and replaced with latest TEA config files. Updated pkgIndex.tcl.in to support static builds. Incorporated relevant previous build macros into scripts. file: [e3d417c077] check-in: [a329ea2ff4] user: bohagan branch: TEA, size: 58725 | |
|
2023-04-30
| ||
| 16:07 | Added: Moved files to subdirectories per TEA directory structure. file: [4c6200b506] check-in: [3dcd70f98e] user: bohagan branch: TEA, size: 58688 | |
| 16:07 | Deleted: Moved files to subdirectories per TEA directory structure. check-in: [3dcd70f98e] user: bohagan branch: TEA, size: 0 | |
| 02:08 | Format clean-ups. file: [4c6200b506] check-in: [e02b79f82f] user: bohagan branch: TEA, size: 58688 | |
|
2023-04-23
| ||
| 03:34 | Use server cipher preference order. Source: https://sourceforge.net/p/tls/bugs/60/ and https://www.androwish.org/home/info/5718c3eb47cced4d and https://core.tcl-lang.org/tcltls/tktview/305ee10b86 file: [9adcbda92a] check-in: [ba1403b62c] user: bohagan branch: trunk, size: 58860 | |
| 02:36 | Applied patch to add OpenSSL3 KTLS trivial processing. Description: Patch adds trivial processing for BIO_CTRL_GET_KTLS_SEND and BIO_CTRL_GET_KTLS_RECV control commands to make tcltls working with OpenSSL 3.0. See also: - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006587 - https://bugzilla.redhat.com/show_bug.cgi?id=2088363 Source: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/openssl3.patch file: [07454bb7bd] check-in: [6f19aa6623] user: bohagan branch: trunk, size: 58774 | |
| 02:08 | Changes for OpenSSL v1.1.1 to make compatible with no deprecated option. file: [e79ec1582f] check-in: [2ed802a7af] user: bohagan branch: trunk, size: 58775 | |
|
2023-04-10
| ||
| 01:27 | Initial changes for TCL 9.0. Fixed package requires to work with TCL 9.0. Removed obsolete macro _ANSI_ARGS_, use ANSI arg definitions, etc. Macros: CONST84 to const, WIN32 to _WIN32, CONST to const, VOID to void, etc. Replaced Tcl_SaveResult with Tcl_SaveInterpState, Tcl_RestoreResult with Tcl_RestoreInterpState, and Tcl_DiscardResult with Tcl_DiscardInterpState. Use Tcl_BackgroundError for pre TCL 8.6 and Tcl_BackgroundException for TCL 8.6+. file: [28a1c0e368] check-in: [275ecbcc5d] user: bohagan branch: trunk, size: 54660 | |
|
2023-03-04
| ||
| 23:33 | Patch by Sergei Golovan (Debian) to fix the compiler warnings about implicit fall-through in case. Source: File: https://sources.debian.org/src/tcltls/1.7.22-3/debian/patches/fall-through.patch file: [5e9f95c600] check-in: [e2e798877b] user: bohagan branch: trunk, size: 55593 | |
| 20:19 | Added key and PEM output to variables and updated keytest1 test script. Source: https://www.androwish.org/home/info/80b11e9594532414 and https://www.androwish.org/home/info/56087b886c6c105f and https://core.tcl-lang.org/tcltls/tktview/04d6bb909b ids: [80b11e9594] and [56087b886c] file: [c5b2929595] check-in: [899a950204] user: bohagan branch: trunk, size: 55555 | |
| 19:33 | Casting clean-ups to fix compiler warnings. Source: https://sourceforge.net/p/tls/patches/11/ and https://sourceforge.net/p/tls/patches/_discuss/thread/988300e7/b6bb/attachment/patch-warnings file: [fe25c88f91] check-in: [227a7d7d10] user: bohagan branch: trunk, size: 54893 | |
| 18:54 | Added names of unavailable protocols to error messages so its easier to understand. Source: https://sourceforge.net/p/tls/patches/14/ File: protocols.patch file: [2c09b41ecd] check-in: [6a3f83340d] user: bohagan branch: trunk, size: 54851 | |
| 16:14 | Merge feature-dump-keys into main file: [65324f8bcd] check-in: [bed86d3303] user: bohagan branch: trunk, size: 54701 | |
|
2022-05-30
| ||
| 16:14 | Bug [8de7f5aa07]: Add support for dumping SSL keys file: [6b3fa216e0] check-in: [2c773b9a38] user: schelte branch: feature-dump-keys, size: 52900 | |
| 16:08 | Bug [e1f9a21c67]: Start of ALPN support file: [48a25c8f03] check-in: [07bafe02de] user: schelte branch: add-support-alpn, size: 54373 | |
|
2020-10-15
| ||
| 10:36 | Ticket [604bb68b5c]. Add first sketch of a nmake build. file: [b7a88587d1] check-in: [2babef91c5] user: oehhar branch: bug-604bb68b5c-nmake, size: 52572 | |
|
2020-10-12
| ||
| 20:32 | add "version" element with SSL/TLS protocol version to tls::status file: [2675578b45] check-in: [9c32a526ed] user: resuna branch: trunk, size: 52552 | |
|
2020-05-04
| ||
| 15:09 | Only load private key if we loaded a non-default certificate file: [93c7ba9ac0] check-in: [51a2b1ec9a] user: rkeene branch: mjanssen-asn1-certs, size: 52369 | |
| 15:02 | Updated to support cert/certfile independantly of key/keyfile file: [e32cfd6f1e] check-in: [952ef184e6] user: rkeene branch: mjanssen-asn1-certs, size: 52228 | |
| 14:57 | Corrected wrong use of "key" file: [f5c55ed5c6] check-in: [f3a497fc67] user: rkeene branch: mjanssen-asn1-certs, size: 51997 | |
|
2019-06-17
| ||
| 18:08 | Align code with option names file: [cb66151e80] check-in: [4945b7588e] user: mjanssen branch: mjanssen-asn1-certs, size: 51978 | |
| 14:27 | Do not expose implementation details in user interface file: [d8dd86370e] check-in: [ef0be0d731] user: mjanssen branch: mjanssen-asn1-certs, size: 52016 | |
| 12:05 | Add support for ASN1 blobs for certificates and keys file: [8332b7761d] check-in: [49278969f2] user: mjanssen branch: mjanssen-asn1-certs, size: 52053 | |
|
2019-05-29
| ||
| 18:52 | Try to find headers in a specific path and do not allow "mp_int"/"mp_digit" to conflict with other things file: [391c72843c] check-in: [bd8b53ced2] user: rkeene branch: x-header-work, size: 50430 | |
|
2019-04-09
| ||
| 17:04 | Added remaining TLSv1.3 support file: [c565bf20f1] check-in: [569c10f3b2] user: rkeene branch: enhancement/tls-1.3, size: 50402 | |
|
2018-11-07
| ||
| 23:51 | Added missing TLSv1.3 support file: [b408a25024] check-in: [efc1e122f2] user: rkeene branch: enhancement/tls-1.3, size: 49325 | |
| 23:27 | Started adding support for TLSv1.3 file: [f0ecc97895] check-in: [e245d231ee] user: rkeene branch: enhancement/tls-1.3, size: 49228 | |
|
2018-02-07
| ||
| 15:37 | Updated to reset "eofchar" and "encoding" when importing channels as well as translation and blocking (part of [f798e2ea12]) file: [7d9b3af7fe] check-in: [1d757f7e2d] user: rkeene branch: trunk, size: 49023 | |
|
2017-12-21
| ||
| 05:34 | Added experiment patch for [f798e2ea12] to preserve channel state when importing a channel file: [73f6874245] check-in: [60f37290f3] user: rkeene branch: bug-f798e2ea12, size: 48553 | |
|
2017-05-01
| ||
| 14:42 | Print a debug message when handshaking works but an error is being captured file: [0dc23990ac] check-in: [87d7c791f5] user: rkeene branch: trunk, size: 48010 | |
| 14:41 | Fixed an issue where EAGAIN was translated into a successful handshake, addressing [1367823d51] file: [8221535697] check-in: [689d55e070] user: rkeene branch: trunk, size: 47917 | |
| 14:32 | Reformatted handshake command code file: [325d38b6f1] check-in: [2893572aa6] user: rkeene branch: trunk, size: 47909 | |
|
2017-04-18
| ||
| 14:29 | Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely file: [57028b60c1] check-in: [83b1dea4d4] user: rkeene branch: trunk, size: 48085 | |
|
2016-12-13
| ||
| 16:00 | Updated to return soft errors on during SSL negotiation retries on reads and hard errors on SSL negotiation during writes or handshake commands file: [347d650461] check-in: [b9557ba691] user: rkeene branch: trunk, size: 48083 | |
| 06:56 | Simplified code for detecting which SSL protocols to use -- disabled SSLv2 and SSLv3 by default if other options are available file: [6c127f2542] check-in: [aaac45cfca] user: rkeene branch: trunk, size: 48013 | |
| 06:39 | Commented out debugging printf for returning from the locking function as well file: [f62df33327] check-in: [8e27f5595c] user: rkeene branch: trunk, size: 47916 | |
| 06:27 | Updated to use POSIX tool "od" to create tls.tcl.h and since we can now rebuild this file more freely, do so to "fully" support out-of-source-dir builds file: [fa35866bf7] check-in: [34ff31cd97] user: rkeene branch: trunk, size: 47910 | |
| 05:11 | Updated to properly sanitize memory needed for the dynamically allocated locks file: [8eeae8c00a] check-in: [f73f94ae35] user: rkeene branch: wip-fix-io-layer, size: 47912 | |
| 03:46 | Made all unused variables self-assignments file: [f6e2948561] check-in: [7b169db8a3] user: rkeene branch: wip-fix-io-layer, size: 47484 | |
| 03:21 | Merged in trunk file: [87308823ff] check-in: [e5c9bfe50f] user: rkeene branch: wip-fix-io-layer, size: 47131 | |
| 03:20 | Updated to deal with locking slightly better, maybe file: [96e2a45ac0] check-in: [387697ce68] user: rkeene branch: trunk, size: 46292 | |
|
2016-12-12
| ||
| 22:29 | Merged in trunk file: [21bebdaf3c] check-in: [77c3091474] user: rkeene branch: wip-fix-io-layer, size: 47229 | |
| 22:10 | Updated to dynamically allocate mutexes and support being de-initialized file: [5a902a9319] check-in: [abf861e4d5] user: rkeene branch: trunk, size: 46390 | |
| 01:14 | More work on improving I/O routines file: [2904872c77] check-in: [7df7a8696e] user: rkeene branch: wip-fix-io-layer, size: 46867 | |
|
2016-12-11
| ||
| 19:10 | Added a lot of work towards fixing the I/O layer file: [04ea01d342] check-in: [ee7ea6a917] user: rkeene branch: wip-fix-io-layer, size: 46806 | |
|
2016-12-10
| ||
| 05:12 | More clean-up and modernization file: [788b6c9daa] check-in: [5fc38beddb] user: rkeene branch: trunk, size: 46028 | |
| 05:02 | Remove obsolete references file: [0322248de8] check-in: [fc00b36be8] user: rkeene branch: trunk, size: 46277 | |
| 02:55 | Removed backwards compatibility hacks and much reformatting file: [ae2cba46b1] check-in: [f087e1fe61] user: rkeene branch: trunk, size: 46321 | |
|
2016-12-08
| ||
| 08:36 | Moved BIO_ wrappers into the BIO source and added more debugging output file: [a1d0fac62c] check-in: [333d833f31] user: rkeene branch: trunk, size: 47922 | |
| 07:32 | Do not try to set memory functions -- prototype is broken in newer version and older versions have bugs related to it file: [6dd111d1a2] check-in: [bbe273b3dc] user: rkeene branch: openssl-1.1, size: 47816 | |
| 07:25 | Whitspace formatting changes file: [1ee30f1327] check-in: [2ed4afb942] user: rkeene branch: openssl-1.1, size: 48031 | |
| 06:53 | Initial working version of OpenSSL 1.1.0 API support adapted from patch from Sergei Golovan and Jeremy Sowden file: [6e0707c50a] check-in: [af83631fbb] user: rkeene branch: openssl-1.1, size: 48056 | |
|
2016-12-07
| ||
| 16:41 | Set a default channel type version file: [9b5d593b52] check-in: [fe5bc0bc67] user: rkeene branch: tls-1-7, size: 47958 | |
| 14:38 | Added additional debugging around asyncronous sockets file: [9a523164da] check-in: [033849bf66] user: rkeene branch: tls-1-7, size: 47934 | |
|
2016-12-05
| ||
| 17:04 | Disable protocols if they are not compiled in file: [829214fd98] check-in: [8e510a3598] user: rkeene branch: tls-1-7, size: 47879 | |
|
2016-12-02
| ||
| 19:00 | Minor casting to address compiler warnings file: [606371c2d5] check-in: [e3b94c4a74] user: rkeene branch: tls-1-7, size: 47715 | |
| 18:58 | Double check that we got a usable value at all from the verification callback file: [95469d79b3] check-in: [664badad67] user: rkeene branch: tls-1-7, size: 47589 | |
| 18:55 | Fixed signed-ness issue with init script file: [8652a6d576] check-in: [fa844b3fcc] user: rkeene branch: tls-1-7, size: 47571 | |
| 16:41 | Ensure initialization happens only once even with unthreaded Tcl file: [31dba4da9e] check-in: [10e3f2e20c] user: rkeene branch: tls-1-7, size: 47580 | |
| 16:25 | Added an --enable-debug and made debug-printf macro more fancy file: [63f1a729cf] check-in: [8a3f4fc732] user: rkeene branch: tls-1-7, size: 47616 | |
| 16:09 | Minor cleanup of global variables and void function file: [898daed710] check-in: [ee18d6c91e] user: rkeene branch: tls-1-7, size: 47646 | |
|
2016-12-01
| ||
| 21:36 | Updated to generate DH parameters more dynamically file: [05e974345e] check-in: [3d5e70d1d5] user: rkeene branch: tls-1-7, size: 47630 | |
|
2016-11-24
| ||
| 05:18 | Updated to use a meaningful package name and version file: [b151916d75] check-in: [8f8805845f] user: rkeene branch: tls-1-7, size: 49350 | |
| 04:09 | Updated to build the "tls.tcl" file into the library file: [a38b0196bb] check-in: [195000fcab] user: rkeene branch: tls-1-7, size: 49357 | |
|
2016-11-23
| ||
| 05:14 | Fixed issue with building without Tcl threads file: [40d53c0b7a] check-in: [3135e8cc5c] user: rkeene branch: tls-1-7, size: 49212 | |
|
2016-11-22
| ||
| 22:11 | Removed artifacts from conversion from CVS file: [25af59055a] check-in: [c75816429f] user: rkeene branch: tls-1-7, size: 49179 | |
| 17:58 | Applied patch file: [15a7d7809d] check-in: [db95f55e95] user: rkeene branch: rkeene-unthreaded, size: 49295 | |
|
2015-07-07
| ||
| 17:16 | Updated with dhparam.2.patch for tls ticket #59. file: [5f36052c70] check-in: [2aadaa4c28] user: andreas_kupries branch: trunk, size: 49235 | |
|
2015-05-01
| ||
| 18:44 | * configure.in: Bump to version 1.6.5. * win/makefile.vc: * configure: regen with ac-2.59 * tls.c: Accepted SF TLS [bug/patch #57](https://sourceforge.net/p/tls/bugs/57/). * tlsIO.c: Accepted core Tcl patch in [ticket](http://core.tcl.tk/tcl/tktview/0f94f855cafed92d0e174b7d835453a02831b4dd). file: [2da923fe43] check-in: [b3dc06600e] user: andreas_kupries branch: trunk, size: 47182 | |
|
2014-12-08
| ||
| 19:09 | Applied patches #12 and #13 for Server Name Indication (SNI) support, and TLS 1.1, 1.2 support. file: [343f6572a7] check-in: [54d14de805] user: andreas_kupries branch: trunk, size: 47012 | |
|
2014-04-16
| ||
| 18:33 | Ticket 47, applied patch with last suggested change by Jeff (moving setting of "initialization"-flag). file: [34519f36fc] check-in: [d248bc5f5e] user: andreas_kupries branch: trunk, size: 44839 | |
|
2012-07-09
| ||
| 23:28 | * configure.in: Bump to version 1.6.3. * win/makefile.vc: * configure: regen with ac-2.59 * tls.c (MiscObjCmd): Fixed non-static string array used in call of Tcl_GetIndexFromObj(). Memory smash waiting to happen. Thanks to Brian Griffin for alerting us all to the problem. file: [493d79f8dc] check-in: [c1eb553b32] user: andreas_kupries branch: trunk, size: 44101 | |
|
2012-06-01
| ||
| 22:59 | * tls.c: Applied Jeff's patch from http://www.mail-archive.com/aolserver@listserv.aol.com/msg12356.html file: [36929764b9] check-in: [a652b4f6a7] user: andreas_kupries branch: trunk, size: 44094 | |
|
2010-08-11
| ||
| 19:50 | * tls.c (StatusObjCmd): memleak: free peer if loaded. [Bug 3041925] file: [510496cc5c] check-in: [366542d9a0] user: hobbs2 branch: trunk, size: 42550 | |
|
2008-03-19
| ||
| 22:06 | * tests/tlsIO.test (tlsIO-14.*): Add tls::unimport for symmetry * tls.htm, tls.c (UnimportObjCmd): to tls::import. [Bug 1203273] file: [863315bd45] check-in: [61890c4886] user: hobbs2 branch: trunk, size: 42501 | |
| 21:31 | Use better Eval APIs, cleaner Tcl_Obj-handling. file: [66ecdb7d9a] check-in: [5804017ad3] user: hobbs2 branch: trunk, size: 41015 | |
| 19:59 | * tls.c (Tls_Clean, ImportObjCmd): Fix cleanup mem leak [Bug 1414045] file: [ad0e17ca78] check-in: [8dd7366fcc] user: hobbs2 branch: trunk, size: 40998 | |
| 02:34 | Updated the nmake build files with MSVC9 support and fixed to run the test-suite properly. Corrected namespace handling in tls::initlib on Windows. Applied #1890223 to fix handshake on non-blocking sockets file: [531e26fa4b] check-in: [5fb2d63afa] user: patthoyts branch: trunk, size: 40791 | |
|
2007-09-06
| ||
| 21:01 | Silence 64 bit integer conversion warnings Update build system to support AMD64 target with MSVC8 file: [0abefbb942] check-in: [0fdb07692d] user: patthoyts branch: trunk, size: 40715 | |
|
2007-06-22
| ||
| 21:20 | * tlsIO.c (TlsInputProc, TlsOutputProc, TlsWatchProc): * tls.c (VerifyCallback): add an state flag in the verify callback that prevents possibly recursion (on 'update'). [Bug 1652380] file: [7da5f18bba] check-in: [c692cb9684] user: hobbs2 branch: trunk, size: 40699 | |
|
2004-12-17
| ||
| 16:01 | * win/makefile.vc: Added the MSVC build system (from the Tcl * win/rules.vc: sampleextension). * win/nmakehlp.c: * win/tls.rc Added Windows resource file. * tls.tcl: From patch #948155, added support for alternate socket commands. * tls.c: Quieten some MSVC warnings. Prefer ckalloc over Tcl_Alloc. (David Graveraux). file: [c3a95bcf2f] check-in: [fe79338a36] user: patthoyts branch: trunk, size: 40915 | |
|
2004-06-29
| ||
| 11:07 | * tls.c: Fixup to build against tcl 8.3.3. Handle * tlsIO.c: 8.4 constification. file: [823c68fcb0] check-in: [9633ce0e5c] user: patthoyts branch: trunk, size: 40840 | |
|
2004-03-24
| ||
| 05:22 | Fix build warnings. file: [e35ed3b05f] check-in: [67bf2dd40d] user: razzell branch: trunk, size: 40834 | |
|
2004-03-19
| ||
| 21:05 | * tls.c (Tls_Init): replaced older TEA config with newer * config/* (removed): * pkgIndex.tcl.in, strncasecmp.c (removed): * Makefile.in, aclocal.m4, configure, configure.in: * tclconfig/README.txt, tclconfig/install-sh, tclconfig/tcl.m4: file: [f2f5d0dfc5] check-in: [bf83205ca8] user: hobbs branch: trunk, size: 40771 | |
|
2004-02-13
| ||
| 02:09 | Unify result handling in callback options. file: [e64436e2e3] check-in: [20fd9291ba] user: razzell branch: trunk, size: 40760 | |
|
2004-02-04
| ||
| 04:02 | Fix build warnings. file: [ebec730afe] check-in: [bc575f4a87] user: razzell branch: trunk, size: 40444 | |
|
2003-10-07
| ||
| 22:57 | Added CONST with intent similar to Revision 1.14. file: [b31fec4fee] check-in: [bb720c804e] user: razzell branch: trunk, size: 40441 | |
|
2003-07-07
| ||
| 20:24 | * tls.c (Tls_Init): added tls::misc command provided by * tlsX509.c: Wojciech Kocjan (wojciech kocjan.org) * tests/keytest1.tcl: to expose more low-level SSL commands * tests/keytest2.tcl: file: [f43c6403f5] check-in: [b423807e0e] user: hobbs branch: trunk, size: 40433 | |
|
2003-05-15
| ||
| 21:02 | Added password callback support and version command. Fixed memory leak. file: [85e46e8624] check-in: [509dd7a9b6] user: razzell branch: trunk, size: 36240 | |
| 20:44 | *** empty log message *** file: [32f77b5e42] check-in: [3631274d64] user: razzell branch: trunk, size: 36239 | |
|
2002-02-04
| ||
| 22:46 | * tls.htm: * tls.c: added support for local certificate status check, as well as returning the # of bits in the session key. [Patch #505698] (rose) * tls.c: * tlsIO.c: * tlsBIO.c: added CONSTs to satisfy Tcl 8.4 sources. This may give warnings when compiled against 8.3, but they can be ignored. file: [1f1f2854e3] check-in: [c34385bbcd] user: hobbs branch: trunk, size: 34229 | |
|
2001-03-14
| ||
| 22:04 | * tls.c (Tls_Init): add do/while for random number initialization to work around some OSes quirks. (Ralph.Billes@teltech.com.au) file: [7a7ec2f3d3] check-in: [dfc33d3b84] user: hobbs branch: trunk, size: 33681 | |
|
2000-08-18
| ||
| 19:22 | * tls.c (Tls_Init): added call to RAND_seed to seed the SSL random number generator. Without this, OpenSSL 0.9.5 chokes, and in any case it is a big security hole to do without it. file: [860e712dac] check-in: [4b5fd24dad] user: hobbs branch: trunk, size: 33223 | |
|
2000-08-16
| ||
| 17:44 | * tls.c (Tls_Init): corrected interpretation of version number (patchlevel and release/serial were swapped). file: [e741b6dd44] check-in: [090741a97a] user: hobbs branch: trunk, size: 32889 | |
|
2000-08-15
| ||
| 18:49 | * tlsInt.h: * tls.c: * tlsIO.c: corrected structure initialization to work when compiling with 8.2. Now compiles with 8.2+ and tested to work with 8.2+ and dynamically adjust to the version of Tcl it was loaded into. TLS will fail the test suite with Tcl 8.2-8.3.1. file: [bc1abaf8b3] check-in: [e7ef654f47] user: hobbs branch: trunk, size: 32877 | |
| 00:02 | * tlsInt.h: * tlsIO.c: * tlsBIO.c: * tls.c: changed around to only working with 8.2.0+ (8.3.2+ preferred), with runtime checks for pre- and post-io-rewrite. file: [468d0efc89] check-in: [33ea0b5a9d] user: hobbs branch: trunk, size: 32838 | |
|
2000-08-14
| ||
| 21:55 | * tls.c (Tls_Init): changed it to require 8.3.2 when Tcl_InitStubs was called because we don't want people using TLS with the original stacked channel implementation. file: [5bbd225a1e] check-in: [2b0ce3e01b] user: hobbs branch: trunk, size: 32154 | |
|
2000-07-27
| ||
| 01:58 | * merged all changes from tls-1-3-io-rewrite back into main branch file: [a379b2ee3e] check-in: [a636fa7c56] user: hobbs branch: trunk, size: 31891 | |
|
2000-07-26
| ||
| 22:15 | * tls.c (ImportObjCmd): removed unnecessary use of 'bio' arg. (Tls_Init): check return value of SSL_library_init. Also lots of whitespace cleanup (more like Tcl Eng style guide), but not all code was cleaned up. * tlsBIO.c: minor whitespace cleanup * tlsIO.c: minor whitespace cleanup. (TlsInputProc, TlsOutputProc): Added ERR_clear_error before calls to BIO_read or BIO_write, because we could otherwise end up pulling an error off the stack that didn't belong to us. Also cleanup up excessive use of gotos. file: [d793bbc229] check-in: [e64e21d80e] user: hobbs branch: tls-1-3-io-rewrite, size: 31895 | |
|
2000-07-21
| ||
| 05:32 | * tests/tlsIO.test: corrected various tests to be correct for TLS stacked channels (as opposed to the standard sockets the test suite was adopted from). Key differences are that TLS cannot operate in one process without all channels being non-blocking, or the handshake will block, and handshaking must be forced in some cases. Also, handshakes don't seem to complete unless the client has placed at least one byte for the server to read in the channel. * tests/remote.tcl: corrected the finding of tests certificates * tlsIO.c (TlsCloseProc): removed deleting of timer handler as that is handled by Tls_Clean. * tls.tcl (tls::_accept): corrected the internal _accept to trickle callback errors to the user. * Makefile.in: made the install-binaries target regenerate the pkgIndex.tcl correctly. The test target probably shouldn't screw it up, but this is to be on the safe side. file: [82fbf20832] check-in: [977988aed6] user: hobbs branch: tls-1-3-io-rewrite, size: 31604 | |
|
2000-07-11
| ||
| 04:58 | * tlsBIO.c (BioWrite, BioRead): changed Tcl_Read/Write to Tcl_ReadRaw/TclWriteRaw. * tls.c: added use of Tcl_GetTopChannel after Tcl_GetChannel and got return value from Tcl_StackChannel. * tests/tlsIO.test: added some handshaking that shouldn't be necessary, but we crash otherwise (needs more testing). * tlsIO.c: added support for "corrected" stacked channels. All the above channels are in TCL_CHANNEL_VERSION_2 #ifdefs. file: [f0ce1e5480] check-in: [fb9a612600] user: hobbs branch: tls-1-3-io-rewrite, size: 31581 | |
|
2000-06-06
| ||
| 01:34 | Merging with similar changes by Scott S. file: [1fe77384fc] check-in: [08fc9629ab] user: welch branch: trunk, size: 30869 | |
| 01:04 | * tlsInt.h: * tls.c: Cleaned up declarations of Tls_Clean to avoid errors on Windows (lint). file: [caad573382] check-in: [5ab4c35956] user: stanton branch: trunk, size: 30795 | |
|
2000-06-05
| ||
| 18:09 | Moved SSL shutdown up into the CloseProc, away from the asynchronous EventuallyFree file: [574ea1f12d] check-in: [b3abc0c1c4] user: welch branch: trunk, size: 30959 | |
|
2000-05-04
| ||
| 20:40 | added code to allow compilation with either OpenSSL or BSAFE file: [58fc6e64f6] check-in: [cc4e8de2d7] user: aborr branch: trunk, size: 30262 | |
|
2000-01-20
| ||
| 01:50 | added Matt's patches for the tclhttpd server file: [230e3f6e31] check-in: [efd347fa7e] user: aborr branch: trunk, size: 30050 | |
|
2000-01-19
| ||
| 22:10 | Added: Initial import of tls extension. file: [65b25f6ccd] check-in: [27770ce26d] user: aborr branch: tls-vendor-branch, size: 29804 | |