Changes On Branch 3824e80ab512a21d

Changes In Branch codebykevin Through [3824e80ab5] Excluding Merge-Ins

This is equivalent to a diff from 01caf8a372 to 3824e80ab5

2024-02-20
13:10
Merge 1.8 Closed-Leaf check-in: 08c2b4ad63 user: jan.nijtmans tags: codebykevin, nijtmans
2024-02-16
13:54
Merge 1.7 check-in: b8b1970122 user: jan.nijtmans tags: nijtmans
2024-02-12
10:39
Merge 1.8 check-in: 3824e80ab5 user: jan.nijtmans tags: codebykevin, nijtmans
10:32
Merge 1.7. Forget about Tcl < 8.6 for this branch check-in: 01caf8a372 user: jan.nijtmans tags: nijtmans
10:22
Tcl_GetStringFromObj() -> Tcl_GetString(). Update ChangeLog/README.txt check-in: 663996a17b user: jan.nijtmans tags: tls-1.7
2024-01-25
22:56
Extracted from https://www.codebykevin.com/fossil.cgi/tcltls check-in: 737ebb9576 user: jan.nijtmans tags: codebykevin, nijtmans
22:41
Add some newer TEA files, not enough to build yet check-in: 6a87953d33 user: jan.nijtmans tags: nijtmans

1
2
3
4
5
6
7
8
9
10
11
12
13


14
if {[package vsatisfies [package present Tcl] 8.6-]} {
	package ifneeded tls @PACKAGE_VERSION@ [list apply {{dir} {
		if {{@TCLEXT_BUILD@} eq "static"} {
			load {} Tls
		} else {
			load [file join $dir @EXTENSION_TARGET@] Tls
		}

		set tlsTclInitScript [file join $dir tls.tcl]
		if {[file exists $tlsTclInitScript]} {
			source $tlsTclInitScript
		}
	}} $dir]


}
|












>
>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
if {[package vsatisfies [package present Tcl] 8.5-]} {
	package ifneeded tls @PACKAGE_VERSION@ [list apply {{dir} {
		if {{@TCLEXT_BUILD@} eq "static"} {
			load {} Tls
		} else {
			load [file join $dir @EXTENSION_TARGET@] Tls
		}

		set tlsTclInitScript [file join $dir tls.tcl]
		if {[file exists $tlsTclInitScript]} {
			source $tlsTclInitScript
		}
	}} $dir]
} elseif {[package vsatisfies [package present Tcl] 8.4]} {
	package ifneeded tls @PACKAGE_VERSION@ [list load [file join $dir @EXTENSION_TARGET@] Tls]
}
Modified tclOpts.h from [f9620d33de] to [38710f0c1f].
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
#define OPTOBJ(option, var)			\
    OPT_PROLOG(option)				\
    var = objv[idx];				\
    OPT_POSTLOG()

#define OPTSTR(option, var)			\
    OPT_PROLOG(option)				\
    var = Tcl_GetString(objv[idx]);\
    OPT_POSTLOG()

#define OPTINT(option, var)			\
    OPT_PROLOG(option)				\
    if (Tcl_GetIntFromObj(interp, objv[idx],	\
	    &(var)) != TCL_OK) {		\
	    return TCL_ERROR;			\







|







22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
#define OPTOBJ(option, var)			\
    OPT_PROLOG(option)				\
    var = objv[idx];				\
    OPT_POSTLOG()

#define OPTSTR(option, var)			\
    OPT_PROLOG(option)				\
    var = Tcl_GetStringFromObj(objv[idx], (Tcl_Size *)NULL);\
    OPT_POSTLOG()

#define OPTINT(option, var)			\
    OPT_PROLOG(option)				\
    if (Tcl_GetIntFromObj(interp, objv[idx],	\
	    &(var)) != TCL_OK) {		\
	    return TCL_ERROR;			\
12
13
14
15
16
17
18

19
20
21
22
23
24
25
#set auto_path [linsert $auto_path 0 [file normalize [file join [file dirname [info script]] ..]]]
set auto_path [linsert $auto_path 0 [file normalize [pwd]]]

if {[lsearch [namespace children] ::tcltest] == -1} {
    package require tcltest
    namespace import ::tcltest::*
}


set ::tcltest::testSingleFile false
set ::tcltest::testsDirectory [file dir [info script]]

# We should ensure that the testsDirectory is absolute.
# This was introduced in Tcl 8.3+'s tcltest, so we need a catch.
catch {::tcltest::normalizePath ::tcltest::testsDirectory}







>







12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#set auto_path [linsert $auto_path 0 [file normalize [file join [file dirname [info script]] ..]]]
set auto_path [linsert $auto_path 0 [file normalize [pwd]]]

if {[lsearch [namespace children] ::tcltest] == -1} {
    package require tcltest
    namespace import ::tcltest::*
}


set ::tcltest::testSingleFile false
set ::tcltest::testsDirectory [file dir [info script]]

# We should ensure that the testsDirectory is absolute.
# This was introduced in Tcl 8.3+'s tcltest, so we need a catch.
catch {::tcltest::normalizePath ::tcltest::testsDirectory}
Modified tls.c from [959c6dc2b0] to [66160cd5f2].
21
22
23
24
25
26
27




28
29
30
31
32
33
34
 *
 */

#include "tlsInt.h"
#include "tclOpts.h"
#include <stdlib.h>





/*
 * External functions
 */

/*
 * Forward declarations
 */







>
>
>
>







21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 *
 */

#include "tlsInt.h"
#include "tclOpts.h"
#include <stdlib.h>

#if TCL_MAJOR_VERSION < 9
    typedef int Tcl_Size;
#endif

/*
 * External functions
 */

/*
 * Forward declarations
 */
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
 *-------------------------------------------------------------------
 */
static int
VerifyCallback(int ok, X509_STORE_CTX *ctx)
{
    Tcl_Obj *cmdPtr, *result;
    char *errStr, *string;
    int length;
    SSL   *ssl		= (SSL*)X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
    X509  *cert		= X509_STORE_CTX_get_current_cert(ctx);
    State *statePtr	= (State*)SSL_get_app_data(ssl);
    int depth		= X509_STORE_CTX_get_error_depth(ctx);
    int err		= X509_STORE_CTX_get_error(ctx);

    dprintf("Verify: %d", ok);







|







273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
 *-------------------------------------------------------------------
 */
static int
VerifyCallback(int ok, X509_STORE_CTX *ctx)
{
    Tcl_Obj *cmdPtr, *result;
    char *errStr, *string;
    Tcl_Size length;
    SSL   *ssl		= (SSL*)X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
    X509  *cert		= X509_STORE_CTX_get_current_cert(ctx);
    State *statePtr	= (State*)SSL_get_app_data(ssl);
    int depth		= X509_STORE_CTX_get_error_depth(ctx);
    int err		= X509_STORE_CTX_get_error(ctx);

    dprintf("Verify: %d", ok);
Modified tlsIO.c from [7a01031cff] to [8419ba5e25].
19
20
21
22
23
24
25

26



27
28
29
30
31
32
33

#include "tlsInt.h"

/*
 * Forward declarations
 */
static int  TlsBlockModeProc (ClientData instanceData, int mode);

static int  TlsCloseProc (ClientData instanceData, Tcl_Interp *interp);



static int  TlsInputProc (ClientData instanceData, char *buf, int bufSize, int *errorCodePtr);
static int  TlsOutputProc (ClientData instanceData, const char *buf, int toWrite, int *errorCodePtr);
static int  TlsGetOptionProc (ClientData instanceData, Tcl_Interp *interp, const char *optionName, Tcl_DString *dsPtr);
static void TlsWatchProc (ClientData instanceData, int mask);
static int  TlsGetHandleProc (ClientData instanceData, int direction, ClientData *handlePtr);
static int  TlsNotifyProc (ClientData instanceData, int mask);
#if 0







>

>
>
>







19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

#include "tlsInt.h"

/*
 * Forward declarations
 */
static int  TlsBlockModeProc (ClientData instanceData, int mode);
#if TCL_MAJOR_VERSION < 9
static int  TlsCloseProc (ClientData instanceData, Tcl_Interp *interp);
#else
static int  TlsClose2Proc (ClientData instanceData, Tcl_Interp *interp, int flags);
#endif
static int  TlsInputProc (ClientData instanceData, char *buf, int bufSize, int *errorCodePtr);
static int  TlsOutputProc (ClientData instanceData, const char *buf, int toWrite, int *errorCodePtr);
static int  TlsGetOptionProc (ClientData instanceData, Tcl_Interp *interp, const char *optionName, Tcl_DString *dsPtr);
static void TlsWatchProc (ClientData instanceData, int mask);
static int  TlsGetHandleProc (ClientData instanceData, int direction, ClientData *handlePtr);
static int  TlsNotifyProc (ClientData instanceData, int mask);
#if 0
84
85
86
87
88
89
90

91



92
93
94
95
96
97
98

		/*
		 * Common elements of the structure (no changes in location or name)
		 * close2Proc, seekProc, setOptionProc stay NULL.
		 */

		tlsChannelType->typeName	= "tls";

		tlsChannelType->closeProc	= TlsCloseProc;



		tlsChannelType->inputProc	= TlsInputProc;
		tlsChannelType->outputProc	= TlsOutputProc;
		tlsChannelType->getOptionProc	= TlsGetOptionProc;
		tlsChannelType->watchProc	= TlsWatchProc;
		tlsChannelType->getHandleProc	= TlsGetHandleProc;

		/*







>

>
>
>







88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106

		/*
		 * Common elements of the structure (no changes in location or name)
		 * close2Proc, seekProc, setOptionProc stay NULL.
		 */

		tlsChannelType->typeName	= "tls";
#if TCL_MAJOR_VERSION < 9
		tlsChannelType->closeProc	= TlsCloseProc;
#else
		tlsChannelType->close2Proc	= TlsClose2Proc;
#endif
		tlsChannelType->inputProc	= TlsInputProc;
		tlsChannelType->outputProc	= TlsOutputProc;
		tlsChannelType->getOptionProc	= TlsGetOptionProc;
		tlsChannelType->watchProc	= TlsWatchProc;
		tlsChannelType->getHandleProc	= TlsGetHandleProc;

		/*
157
158
159
160
161
162
163

















164
165
166
167
168
169
170
171
172
173
174

175
176
177
178
179
180
181
182
183
 *
 * Side effects:
 *	Closes the socket of the channel.
 *
 *-------------------------------------------------------------------
 */
static int TlsCloseProc(ClientData instanceData, Tcl_Interp *interp) {

















	State *statePtr = (State *) instanceData;

	dprintf("TlsCloseProc(%p)", (void *) statePtr);

	Tls_Clean(statePtr);
	Tcl_EventuallyFree((ClientData)statePtr, Tls_Free);

	dprintf("Returning TCL_OK");

	return(TCL_OK);


	/* Interp is unused. */
	interp = interp;
}

/*
 *------------------------------------------------------*
 *
 *	Tls_WaitForConnect --
 *







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>










|
>
|
|







165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
 *
 * Side effects:
 *	Closes the socket of the channel.
 *
 *-------------------------------------------------------------------
 */
static int TlsCloseProc(ClientData instanceData, Tcl_Interp *interp) {
    State *statePtr = (State *) instanceData;

    dprintf("TlsCloseProc(%p)", (void *) statePtr);

    Tls_Clean(statePtr);
    Tcl_EventuallyFree((ClientData)statePtr, Tls_Free);

    dprintf("Returning TCL_OK");

    return(TCL_OK);

    /* Interp is unused. */
    interp = interp;
}

static int TlsClose2Proc(ClientData instanceData, Tcl_Interp *interp, int flags) {
    if ((flags & (TCL_CLOSE_READ|TCL_CLOSE_WRITE)) == 0) {
	State *statePtr = (State *) instanceData;

	dprintf("TlsCloseProc(%p)", (void *) statePtr);

	Tls_Clean(statePtr);
	Tcl_EventuallyFree((ClientData)statePtr, Tls_Free);

	dprintf("Returning TCL_OK");

	return(TCL_OK);
    }

    /* Interp is unused. */
    interp = interp;
}

/*
 *------------------------------------------------------*
 *
 *	Tls_WaitForConnect --
 *
1
2

3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

51

52
53
54

55

56
57
58
59
60
61
62
63

64
	Windows DLL Build instructions using nmake build system
	2020-10-15 Harald.Oehlmann@elmicron.de


Properties:
- 32 bit DLL
- VisualStudio 2015
Note: Visual C++ 6 does not build OpenSSL (long long syntax error)
- Cygwin32 (temporary helper, please help to replace by tclsh)
- OpenSSL statically linked to TCLTLS DLL.
Note: Dynamic linking also works but results in a DLL dependeny on OPENSSL DLL's

1) Build OpenSSL static libraries:

OpenSSL source distribtution unpacked in:
c:\test\tcltls\Openssl_1_1_1h

- Install Perl from http://strawberryperl.com/download/5.32.0.1/strawberry-perl-5.32.0.1-32bit.msi
  to C:\perl
  (ActivePerl failed due to missing 32 bit console module)
- Install NASM Assembler:

https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win32/nasm-2.15.05-installer-x86.exe
  to C:\Program Files (x86)\NASM
  
-> Visual Studio x86 native prompt.

set Path=%PATH%;C:\Program Files (x86)\NASM;C:\Perl\perl\bin

perl Configure VC-WIN32 --prefix=c:\test\tcltls\openssl --openssldir=c:\test\tcltls\openssldir no-shared no-filenames threads

nmake
nmake test
namke install

2) Build TCLTLS

Unzip distribution in:
c:\test\tcltls\tcltls-1.8.0

-> start cygwin bash prompt

cd /cygdrive/c/test/tcltls/tcltls-1.8.0
./gen_dh_params > dh_params.h

od -A n -v -t xC < 'tls.tcl' > tls.tcl.h.new.1
sed 's@[^0-9A-Fa-f]@@g;s@..@0x&, @g' < tls.tcl.h.new.1 > tls.tcl.h
rm -f tls.tcl.h.new.1

-> Visual Studio x86 native prompt.


cd C:\test\tcltls\tcltls-1.8.0\win


nmake -f makefile.vc TCLDIR=c:\test\tcl8610 SSL_INSTALL_FOLDER=C:\test\tcltls\openssl


nmake -f makefile.vc install TCLDIR=c:\test\tcl8610 INSTALLDIR=c:\test\tcltls SSL_INSTALL_FOLDER=C:\test\tcltls\openssl


3) Test

Start tclsh or wish

lappend auto_path {C:\test\tcltls\tls1.8.0}
package require tls


A small "1.8.0" showing up is hopefully the end of this long way...


>


|
|
<
|
<
<
|
<

<
<
|
<
<
<
<

<
<
|
<
|
<
|
<

<
<
<



|
<
|
|

<








>
|
>

|

>
|
>



|

<

|
>
|
1
2
3
4
5
6
7

8


9

10


11




12


13

14

15

16



17
18
19
20

21
22
23

24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

46
47
48
49
	Windows DLL Build instructions using nmake build system
	2020-10-15 Harald.Oehlmann@elmicron.de
	2023-08-22 Kevin Walzer (kw@codebykevin.com)

Properties:
- 64 bit DLL
- VisualStudio 2019

- WSL 


- OpenSSL dynamically linked to TCLTLS DLL. We used a freely redistributable build of OpenSSL from https://www.firedaemon.com/firedaemon-openssl. Unzip and install OpenSSL in an accessible place (we used the lib subdirectory of our Tcl installation).




1. Visual Studio x86 native prompt. Update environmental variables for building Tcltls. Customize the below entries for your setup. 







set PATH=%PATH%;C:\tcl-trunk\lib\openssl-3\x64\bin

set INCLUDE=%INCLUDE%;C:\tcl-trunk\tcl\lib\openssl-3\x64\include\openssl

set LIB=%LIB%;C:\tcl-trunk\tcl\lib\openssl-3\x64\bin






2) Build TCLTLS

-> Unzip distribution on your system. 

-> Start WSL.
-> cd /mnt/c/path/to/tcltls


./gen_dh_params > dh_params.h

od -A n -v -t xC < 'tls.tcl' > tls.tcl.h.new.1
sed 's@[^0-9A-Fa-f]@@g;s@..@0x&, @g' < tls.tcl.h.new.1 > tls.tcl.h
rm -f tls.tcl.h.new.1

-> Visual Studio x86 native prompt.

cd C:path\to\tcltls\win

Run the following commands (modify the flags to your specific installations).

nmake -f makefile.vc TCLDIR=c:\users\wordt\tcl INSTALLDIR=c:\tcl-trunk\tcl\lib SSL_INSTALL_FOLDER=C:\tcl-trunk\tcl\lib\openssl-3\x64

nmake -f makefile.vc TCLDIR=c:\users\wordt\tcl INSTALLDIR=c:\tcl-trunk\tcl\lib SSL_INSTALL_FOLDER=C:\tcl-trunk\tcl\lib\openssl-3\x64 install

The resulting installation will include both the tcltls package and also have libcrypto.dll and libssl.dll copied into the same directory. 

3) Test

Start tclsh


package require tls
package require http
http::register https 443 [list ::tls::socket -autoservername true]
set tok [http::data [http::geturl https://www.tcl-lang.org]]
1
2
3
4
5





6
7
8
9
10
11
12
13

14
15
16
17
18
19
20
21
22
23



24
# call nmake with additional parameter SSL_INSTALL_FOLDER= with the
# OpenSSL instalation folder following.

PROJECT=tls
DOTVERSION = 1.8.0






PRJ_INCLUDES	= -I"$(SSL_INSTALL_FOLDER)\include"
PRJ_DEFINES =  -D NO_SSL2 -D NO_SSL3 -D _CRT_SECURE_NO_WARNINGS

PRJ_LIBS = \
	"$(SSL_INSTALL_FOLDER)\lib\libssl.lib" \
	"$(SSL_INSTALL_FOLDER)\lib\libcrypto.lib" \
	WS2_32.LIB GDI32.LIB ADVAPI32.LIB CRYPT32.LIB USER32.LIB


PRJ_OBJS = $(TMP_DIR)\tls.obj \
               $(TMP_DIR)\tlsBIO.obj \
               $(TMP_DIR)\tlsIO.obj \
               $(TMP_DIR)\tlsX509.obj

!include "rules-ext.vc"
!include "targets.vc"

pkgindex: default-pkgindex









>
>
>
>
>







|
>





|
<



>
>
>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

26
27
28
29
30
31
32
# call nmake with additional parameter SSL_INSTALL_FOLDER= with the
# OpenSSL instalation folder following.

PROJECT=tls
DOTVERSION = 1.8.0

PRJLIBNAME	= $(PROJECT)$(VERSION)$(SUFX).$(EXT)
PRJLIB		= $(OUT_DIR)\$(PRJLIBNAME)

!include "rules-ext.vc"

PRJ_INCLUDES	= -I"$(SSL_INSTALL_FOLDER)\include"
PRJ_DEFINES =  -D NO_SSL2 -D NO_SSL3 -D _CRT_SECURE_NO_WARNINGS

PRJ_LIBS = \
	"$(SSL_INSTALL_FOLDER)\lib\libssl.lib" \
	"$(SSL_INSTALL_FOLDER)\lib\libcrypto.lib" \
	WS2_32.LIB GDI32.LIB ADVAPI32.LIB CRYPT32.LIB USER32.LIB 


PRJ_OBJS = $(TMP_DIR)\tls.obj \
               $(TMP_DIR)\tlsBIO.obj \
               $(TMP_DIR)\tlsIO.obj \
               $(TMP_DIR)\tlsX509.obj
			   

!include "targets.vc"

pkgindex: default-pkgindex
install:
	copy "$(SSL_INSTALL_FOLDER)\bin\libcrypto-3-x64.dll" "$(INSTALLDIR)\$(PROJECT)$(DOTVERSION)\libcrypto-3-x64.dll"
	copy "$(SSL_INSTALL_FOLDER)\bin\libssl-3-x64.dll" "$(INSTALLDIR)\$(PROJECT)$(DOTVERSION)\libssl-3-x64.dll"