Check-in [2771dc7670]
Overview
Comment:More modernization of the code
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 2771dc7670db9e6606e367d744b5cad425a0fa0b
User & Date: rkeene on 2016-12-10 05:02:02
Other Links: manifest | tags
Context
2016-12-10
05:02
Remove obsolete references check-in: fc00b36be8 user: rkeene tags: trunk
05:02
More modernization of the code check-in: 2771dc7670 user: rkeene tags: trunk
04:29
Minor whitespace cleanup check-in: 88815cbc52 user: rkeene tags: trunk
Changes
Modified tls.h from [6362c4c989] to [5e9dbae35a].
14
15
16
17
18
19
20
21

22
23
24
25
26
27
28
29
30
31
32
33

34
35

36
37

38
39
14
15
16
17
18
19
20

21
22









23

24
25

26


27
28
29







-
+

-
-
-
-
-
-
-
-
-

-
+

-
+
-
-
+


 *	tclSSL (Colin McCormack, Shared Technology)
 *	SSLtcl (Peter Antman)
 *
 */
#ifndef _TLS_H
#define _TLS_H

#include <tcl.h>	/* Internal definitions for Tcl. */
#include <tcl.h>

#ifdef TCL_STORAGE_CLASS
# undef TCL_STORAGE_CLASS
#endif
#ifdef BUILD_tls
# define TCL_STORAGE_CLASS DLLEXPORT
#else
# define TCL_STORAGE_CLASS DLLIMPORT
#endif

/*
 * Forward declarations
 * Initialization routines -- our entire public C API.
 */

int Tls_Init(Tcl_Interp *interp);
EXTERN int Tls_Init _ANSI_ARGS_ ((Tcl_Interp *));
EXTERN int Tls_SafeInit _ANSI_ARGS_ ((Tcl_Interp *));
int Tls_SafeInit(Tcl_Interp *interp);

#endif /* _TLS_H */
Modified tlsIO.c from [c5a7b3dcc1] to [9eaf78f936].
248
249
250
251
252
253
254
255

256
257
258
259
260
261
262
248
249
250
251
252
253
254

255
256
257
258
259
260
261
262







-
+







    bytesRead = BIO_read(statePtr->bio, buf, bufSize);
    dprintf("BIO_read -> %d", bytesRead);

    if (bytesRead < 0) {
	int err = SSL_get_error(statePtr->ssl, bytesRead);

	if (err == SSL_ERROR_SSL) {
	    Tls_Error(statePtr, SSL_ERROR(statePtr->ssl, bytesRead));
	    Tls_Error(statePtr, TCLTLS_SSL_ERROR(statePtr->ssl, bytesRead));
	    *errorCodePtr = ECONNABORTED;
	} else if (BIO_should_retry(statePtr->bio)) {
	    dprintf("RE! ");
	    *errorCodePtr = EAGAIN;
	} else {
	    *errorCodePtr = Tcl_GetErrno();
	    if (*errorCodePtr == ECONNRESET) {
366
367
368
369
370
371
372
373

374
375
376
377
378
379
380
366
367
368
369
370
371
372

373
374
375
376
377
378
379
380







-
+







	    case SSL_ERROR_SYSCALL:
		*errorCodePtr = Tcl_GetErrno();
		dprintf(" [%d] syscall errr: %d",
			written, *errorCodePtr);
		written = -1;
		break;
	    case SSL_ERROR_SSL:
		Tls_Error(statePtr, SSL_ERROR(statePtr->ssl, written));
		Tls_Error(statePtr, TCLTLS_SSL_ERROR(statePtr->ssl, written));
		*errorCodePtr = ECONNABORTED;
		written = -1;
		break;
	    default:
		dprintf(" unknown err: %d", err);
		break;
	}
Modified tlsInt.h from [3805fea315] to [fe15261c75].
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

90
91
92
93
94
95
96
40
41
42
43
44
45
46





47
48
49
50

51
52
53
54
55
56
57
58
59









60
61
62
63
64
65
66
67
68
69
70
71
72


73
74
75
76
77
78
79
80







-
-
-
-
-




-









-
-
-
-
-
-
-
-
-













-
-
+







#  define NO_RC5
#  define NO_RSA
#  ifndef NO_SSL2
#    define NO_SSL2
#  endif
#endif

#ifdef BSAFE
#include <ssl.h>
#include <err.h>
#include <rand.h>
#else
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/opensslv.h>
#endif

/*
 * Determine if we should use the pre-OpenSSL 1.1.0 API
 */
#undef TCLTLS_OPENSSL_PRE_1_1
#if (defined(LIBRESSL_VERSION_NUMBER)) || OPENSSL_VERSION_NUMBER < 0x10100000L
#  define TCLTLS_OPENSSL_PRE_1_1_API 1
#endif

#ifdef TCL_STORAGE_CLASS
# undef TCL_STORAGE_CLASS
#endif
#ifdef BUILD_tls
# define TCL_STORAGE_CLASS DLLEXPORT
#else
# define TCL_STORAGE_CLASS DLLIMPORT
#endif
 
#ifndef ECONNABORTED
#define ECONNABORTED	130	/* Software caused connection abort */
#endif
#ifndef ECONNRESET
#define ECONNRESET	131	/* Connection reset by peer */
#endif

#ifdef TCLEXT_TCLTLS_DEBUG
#define dprintf(...) { fprintf(stderr, "%s:%i:", __func__, __LINE__); fprintf(stderr, __VA_ARGS__); fprintf(stderr, "\n"); }
#else
#define dprintf(...) if (0) { fprintf(stderr, __VA_ARGS__); }
#endif

#define SSL_ERROR(ssl,err)	\
    ((char*)ERR_reason_error_string((unsigned long)SSL_get_error((ssl),(err))))
#define TCLTLS_SSL_ERROR(ssl,err) ((char*)ERR_reason_error_string((unsigned long)SSL_get_error((ssl),(err))))
/*
 * OpenSSL BIO Routines
 */
#define BIO_TYPE_TCL	(19|0x0400)

/*
 * Defines for State.flags
110
111
112
113
114
115
116
117
118


119
120
121
122



123
124
125
126



127
128
129
130
131
132





133
134

135
136
137
138
139
140
141
142
143
144
145
146
147
148


149
150
151
152
153
154





155
156

157
158
94
95
96
97
98
99
100


101
102
103



104
105
106
107



108
109
110
111





112
113
114
115
116
117

118
119
120
121
122
123
124
125
126
127
128
129



130
131
132





133
134
135
136
137
138

139
140
141







-
-
+
+

-
-
-
+
+
+

-
-
-
+
+
+

-
-
-
-
-
+
+
+
+
+

-
+











-
-
-
+
+

-
-
-
-
-
+
+
+
+
+

-
+


/*
 * This structure describes the per-instance state
 * of an ssl channel.
 *
 * The SSL processing context is maintained here, in the ClientData
 */
typedef struct State {
    Tcl_Channel self;	/* this socket channel */
    Tcl_TimerToken timer;
	Tcl_Channel self;       /* this socket channel */
	Tcl_TimerToken timer;

    int flags;		/* see State.flags above  */
    int watchMask;	/* current WatchProc mask */
    int mode;		/* current mode of parent channel */
	int flags;              /* see State.flags above  */
	int watchMask;          /* current WatchProc mask */
	int mode;               /* current mode of parent channel */

    Tcl_Interp *interp;	/* interpreter in which this resides */
    Tcl_Obj *callback;	/* script called for tracing, verifying and errors */
    Tcl_Obj *password;	/* script called for certificate password */ 
	Tcl_Interp *interp;     /* interpreter in which this resides */
	Tcl_Obj *callback;      /* script called for tracing, verifying and errors */
	Tcl_Obj *password;      /* script called for certificate password */ 

    int vflags;		/* verify flags */
    SSL *ssl;		/* Struct for SSL processing */
    SSL_CTX *ctx;	/* SSL Context */
    BIO *bio;		/* Struct for SSL processing */
    BIO *p_bio;		/* Parent BIO (that is layered on Tcl_Channel) */
	int vflags;             /* verify flags */
	SSL *ssl;               /* Struct for SSL processing */
	SSL_CTX *ctx;           /* SSL Context */
	BIO *bio;               /* Struct for SSL processing */
	BIO *p_bio;             /* Parent BIO (that is layered on Tcl_Channel) */

    char *err;
	char *err;
} State;

#ifdef USE_TCL_STUBS
#ifndef Tcl_StackChannel
#error "Unable to compile on this version of Tcl"
#endif /* Tcl_GetStackedChannel */
#endif /* USE_TCL_STUBS */

/*
 * Forward declarations
 */

Tcl_ChannelType *Tls_ChannelType _ANSI_ARGS_((void));
Tcl_Channel     Tls_GetParent _ANSI_ARGS_((State *statePtr));
Tcl_ChannelType *Tls_ChannelType(void);
Tcl_Channel     Tls_GetParent(State *statePtr);

Tcl_Obj         *Tls_NewX509Obj _ANSI_ARGS_ (( Tcl_Interp *interp, X509 *cert));
void            Tls_Error _ANSI_ARGS_ ((State *statePtr, char *msg));
void            Tls_Free _ANSI_ARGS_ ((char *blockPtr));
void            Tls_Clean _ANSI_ARGS_ ((State *statePtr));
int             Tls_WaitForConnect _ANSI_ARGS_(( State *statePtr, int *errorCodePtr));
Tcl_Obj         *Tls_NewX509Obj(Tcl_Interp *interp, X509 *cert);
void            Tls_Error(State *statePtr, char *msg);
void            Tls_Free(char *blockPtr);
void            Tls_Clean(State *statePtr);
int             Tls_WaitForConnect(State *statePtr, int *errorCodePtr);

BIO             *BIO_new_tcl _ANSI_ARGS_((State* statePtr, int flags));
BIO             *BIO_new_tcl(State* statePtr, int flags);

#endif /* _TLSINT_H */