Overview
Comment: | Do not expose implementation details in user interface |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | mjanssen-asn1-certs |
Files: | files | file ages | folders |
SHA3-256: |
ef0be0d731e19a6183250f24b550c455 |
User & Date: | mjanssen on 2019-06-17 14:27:39 |
Other Links: | branch diff | manifest | tags |
Context
2019-06-17
| ||
18:08 | Align code with option names check-in: 4945b7588e user: mjanssen tags: mjanssen-asn1-certs | |
14:27 | Do not expose implementation details in user interface check-in: ef0be0d731 user: mjanssen tags: mjanssen-asn1-certs | |
12:05 | Add support for ASN1 blobs for certificates and keys check-in: 49278969f2 user: mjanssen tags: mjanssen-asn1-certs | |
Changes
Modified tls.c
from [8332b7761d]
to [d8dd86370e].
︙ | ︙ | |||
816 817 818 819 820 821 822 | OPTBOOL( "-ssl2", ssl2); OPTBOOL( "-ssl3", ssl3); OPTBOOL( "-tls1", tls1); OPTBOOL( "-tls1.1", tls1_1); OPTBOOL( "-tls1.2", tls1_2); OPTBOOL( "-tls1.3", tls1_3); | < | | | | 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 | OPTBOOL( "-ssl2", ssl2); OPTBOOL( "-ssl3", ssl3); OPTBOOL( "-tls1", tls1); OPTBOOL( "-tls1.1", tls1_1); OPTBOOL( "-tls1.2", tls1_2); OPTBOOL( "-tls1.3", tls1_3); OPTBYTE("-cert", cert_asn1, cert_asn1_len); OPTBYTE("-key", key_asn1, key_asn1_len); OPTBAD( "option", "-cadir, -cafile, -cert, -certfile, -cipher, -command, -dhparams, -key, -keyfile, -model, -password, -require, -request, -server, -servername, -ssl2, -ssl3, -tls1, -tls1.1, -tls1.2, or tls1.3"); return TCL_ERROR; } if (request) verify |= SSL_VERIFY_CLIENT_ONCE | SSL_VERIFY_PEER; if (request && require) verify |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT; if (verify == 0) verify = SSL_VERIFY_NONE; |
︙ | ︙ | |||
1304 1305 1306 1307 1308 1309 1310 | SSL_CTX_free(ctx); return (SSL_CTX *)0; } } else if (cert_asn1 != NULL) { if (SSL_CTX_use_certificate_ASN1(ctx, cert_asn1_len, cert_asn1) <= 0) { Tcl_DStringFree(&ds); Tcl_AppendResult(interp, | | | | 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 | SSL_CTX_free(ctx); return (SSL_CTX *)0; } } else if (cert_asn1 != NULL) { if (SSL_CTX_use_certificate_ASN1(ctx, cert_asn1_len, cert_asn1) <= 0) { Tcl_DStringFree(&ds); Tcl_AppendResult(interp, "unable to set certificate: ", REASON(), (char *) NULL); SSL_CTX_free(ctx); return (SSL_CTX *)0; } if (key_asn1 == NULL) { key_asn1=cert_asn1; key_asn1_len = cert_asn1_len; } if (SSL_CTX_use_PrivateKey_ASN1(EVP_PKEY_RSA, ctx, key_asn1,key_asn1_len) <= 0) { Tcl_DStringFree(&ds); /* flush the passphrase which might be left in the result */ Tcl_SetResult(interp, NULL, TCL_STATIC); Tcl_AppendResult(interp, "unable to set public key: ", REASON(), (char *) NULL); SSL_CTX_free(ctx); return (SSL_CTX *)0; } } else { cert = (char*)X509_get_default_cert_file(); |
︙ | ︙ |