Overview
Comment: | Merged changes from master. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | crypto |
Files: | files | file ages | folders |
SHA3-256: |
45be9618dc901c4f5991704e3148a315 |
User & Date: | bohagan on 2024-02-11 20:51:27 |
Other Links: | branch diff | manifest | tags |
Context
2024-02-11
| ||
21:24 | Updated test cases for OpenSSL 3.0. Added load legacy provider for obsolete algorithms. check-in: 8440f589be user: bohagan tags: crypto | |
20:51 | Merged changes from master. check-in: 45be9618dc user: bohagan tags: crypto | |
02:16 | Corrected memory leaks in use of dynamic strings check-in: 6287936460 user: bohagan tags: trunk | |
2024-02-06
| ||
02:42 | Added provider test cases check-in: 5a41ff9aa1 user: bohagan tags: crypto | |
Changes
Modified doc/tls.html
from [12b4e9e9d7]
to [9f9597a4e4].
︙ | |||
17 18 19 20 21 22 23 | 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | - + | <dl> <dd><b>tls</b> - binding to <b>OpenSSL</b> library for socket and I/O channel communications.</dd> </dl> </dd> <dd><a href="#SYNOPSIS">SYNOPSIS</a> </dd> <dd><dl> |
︙ | |||
49 50 51 52 53 54 55 | 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | - + - - - - - - + + + + + + + | <h3><a name="NAME">NAME</a></h3> <p><strong>tls</strong> - binding to <strong>OpenSSL</strong> library for socket and I/O channel communications.</p> <h3><a name="SYNOPSIS">SYNOPSIS</a></h3> |
︙ | |||
457 458 459 460 461 462 463 | 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 | - + + - - + + + - + - - + + + - + + - - - - - + + + + + + - + - - - - + + + + + + + | <br> <br> <dl> <dt> |
︙ | |||
538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 | 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 | + - - + + + - + - - - + + + + - + + - - - + + + + + + + + + + + + + + + + + + + - - - - - - - - - - - - - - + - - + + - - + - - + + - - - + | </dt> <dd> Invoked when loading or storing a PEM certificate with encryption. Where <em>rwflag</em> is 0 for reading/decryption or 1 for writing/encryption (can prompt user to confirm) and <em>size</em> is the max password length in bytes. The callback should return the password as a string. Both arguments are new for TLS 1.8. </dd> </dd> <br> <dt><strong>-validatecommand</strong> <em>callback</em></dt> <dd> Invokes the specified <em>callback</em> script during handshake in order to validate the provided value(s). See below for the possible |
︙ | |||
666 667 668 669 670 671 672 | 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 | - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + + + - - + + + | decrypt the data. <p> The <strong>tls::debug</strong> variable provides some additional control over these reference callbacks. Its value is zero by default. Higher values produce more diagnostic output, and will also force the verify method in <strong>tls::callback</strong> to accept the |
Modified generic/tls.c
from [08e7f9d341]
to [e039ae1932].
︙ | |||
48 49 50 51 52 53 54 | 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 | - + | #define F2N(key, dsp) \ (((key) == NULL) ? (char *) NULL : \ Tcl_TranslateFileName(interp, (key), (dsp))) static SSL_CTX *CTX_Init(State *statePtr, int isServer, int proto, char *key, char *certfile, unsigned char *key_asn1, unsigned char *cert_asn1, |
︙ | |||
188 189 190 191 192 193 194 | 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 | - + | if (where & SSL_CB_READ) minor = "read"; else if (where & SSL_CB_WRITE) minor = "write"; else if (where & SSL_CB_LOOP) minor = "loop"; else if (where & SSL_CB_EXIT) minor = "exit"; else minor = "unknown"; } |
︙ | |||
314 315 316 317 318 319 320 | 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 | - + | n = BIO_read(bio, buffer, BIO_pending(bio) < 15000 ? BIO_pending(bio) : 14999); n = (n<0) ? 0 : n; buffer[n] = 0; (void)BIO_flush(bio); BIO_free(bio); } |
︙ | |||
392 393 394 395 396 397 398 | 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 | - + | } } else if (cert == NULL || ssl == NULL) { return 0; } dprintf("VerifyCallback: eval callback"); |
︙ | |||
442 443 444 445 446 447 448 | 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 | - + | statePtr->err = msg; dprintf("Called"); if (statePtr->callback == (Tcl_Obj*)NULL) return; |
︙ | |||
532 533 534 535 536 537 538 | 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 | - + | strncpy(buf, ret, (size_t) size); return (int)strlen(ret); } else { return -1; } } |
︙ | |||
611 612 613 614 615 616 617 | 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 | - + | if (statePtr->callback == (Tcl_Obj*)NULL) { return SSL_TLSEXT_ERR_OK; } else if (ssl == NULL) { return SSL_TLSEXT_ERR_NOACK; } |
︙ | |||
688 689 690 691 692 693 694 | 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 | - + | res = SSL_TLSEXT_ERR_NOACK; } if (statePtr->vcmd == (Tcl_Obj*)NULL) { return res; } |
︙ | |||
801 802 803 804 805 806 807 | 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 | - + | return SSL_TLSEXT_ERR_NOACK; } if (statePtr->vcmd == (Tcl_Obj*)NULL) { return SSL_TLSEXT_ERR_OK; } |
︙ | |||
903 904 905 906 907 908 909 | 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 | - + | if (len + 2 > remaining) { *alert = SSL_R_TLSV1_ALERT_INTERNAL_ERROR; return SSL_CLIENT_HELLO_ERROR; } remaining = len; servername = (const char *)p; |
︙ | |||
985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 | 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 | + + + + | ret = Tls_WaitForConnect(statePtr, &err, 1); dprintf("Tls_WaitForConnect returned: %i", ret); if (ret < 0 && ((statePtr->flags & TLS_TCL_ASYNC) && (err == EAGAIN))) { dprintf("Async set and err = EAGAIN"); ret = 0; } else if (ret < 0) { long result; errStr = statePtr->err; Tcl_ResetResult(interp); Tcl_SetErrno(err); if (!errStr || (*errStr == 0)) { errStr = Tcl_PosixError(interp); } Tcl_AppendResult(interp, "handshake failed: ", errStr, (char *) NULL); if ((result = SSL_get_verify_result(statePtr->ssl)) != X509_V_OK) { Tcl_AppendResult(interp, " due to \"", X509_verify_cert_error_string(result), "\"", (char *) NULL); } Tcl_SetErrorCode(interp, "TLS", "HANDSHAKE", "FAILED", (char *) NULL); dprintf("Returning TCL_ERROR with handshake failed: %s", errStr); return(TCL_ERROR); } else { if (err != 0) { dprintf("Got an error with a completed handshake: err = %i", err); } |
︙ | |||
1044 1045 1046 1047 1048 1049 1050 | 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 | - - - - + + + + - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + - + | * *------------------------------------------------------------------- */ static int ImportObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) { Tcl_Channel chan; /* The channel to set a mode on. */ State *statePtr; /* client state for ssl socket */ |
︙ | |||
1121 1122 1123 1124 1125 1126 1127 | 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 | - + | } switch(fn) { case _opt_alpn: alpnObj = objv[idx]; break; case _opt_cadir: |
︙ | |||
1223 1224 1225 1226 1227 1228 1229 | 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 | - + | if (cert && !*cert) cert = NULL; if (key && !*key) key = NULL; if (certfile && !*certfile) certfile = NULL; if (keyfile && !*keyfile) keyfile = NULL; if (ciphers && !*ciphers) ciphers = NULL; if (ciphersuites && !*ciphersuites) ciphersuites = NULL; if (CAfile && !*CAfile) CAfile = NULL; |
︙ | |||
1285 1286 1287 1288 1289 1290 1291 | 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 | - + | Tcl_SetErrorCode(interp, "TLS", "IMPORT", "CHANNEL", "INVALID", (char *) NULL); Tls_Free((char *) statePtr); return TCL_ERROR; } ctx = ((State *)Tcl_GetChannelInstanceData(chan))->ctx; } else { if ((ctx = CTX_Init(statePtr, server, proto, keyfile, certfile, key, cert, (int) key_len, |
︙ | |||
1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 | 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 | + + + + | return TCL_ERROR; } Tcl_SetChannelOption(interp, statePtr->self, "-translation", Tcl_DStringValue(&upperChannelTranslation)); Tcl_SetChannelOption(interp, statePtr->self, "-encoding", Tcl_DStringValue(&upperChannelEncoding)); Tcl_SetChannelOption(interp, statePtr->self, "-eofchar", Tcl_DStringValue(&upperChannelEOFChar)); Tcl_SetChannelOption(interp, statePtr->self, "-blocking", Tcl_DStringValue(&upperChannelBlocking)); Tcl_DStringFree(&upperChannelTranslation); Tcl_DStringFree(&upperChannelEncoding); Tcl_DStringFree(&upperChannelEOFChar); Tcl_DStringFree(&upperChannelBlocking); /* * SSL Initialization */ statePtr->ssl = SSL_new(statePtr->ctx); if (!statePtr->ssl) { /* SSL library error */ |
︙ | |||
1568 1569 1570 1571 1572 1573 1574 | 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 | - + - - + | * Side effects: * constructs SSL context (CTX) * *------------------------------------------------------------------- */ static SSL_CTX * CTX_Init(State *statePtr, int isServer, int proto, char *keyfile, char *certfile, |
︙ | |||
1754 1755 1756 1757 1758 1759 1760 | 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 | - | return NULL; } #else { DH* dh; if (DHparams != NULL) { BIO *bio; |
︙ | |||
1790 1791 1792 1793 1794 1795 1796 | 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 | - - + + - + - | #endif /* set our certificate */ load_private_key = 0; if (certfile != NULL) { load_private_key = 1; |
︙ | |||
1847 1848 1849 1850 1851 1852 1853 | 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 | - - + - - - - - + - - - - + + + + + + + + + + + - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - - - - - - - - | SSL_CTX_free(ctx); return NULL; } Tcl_DStringFree(&ds); } else if (key != NULL) { if (SSL_CTX_use_PrivateKey_ASN1(EVP_PKEY_RSA, ctx, key,key_len) <= 0) { |
︙ |
Modified generic/tlsIO.c
from [7b8e3f850c]
to [bf4be12b9f].
︙ | |||
161 162 163 164 165 166 167 | 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 | - + | dprintf("Accept or connect failed"); } rc = SSL_get_error(statePtr->ssl, err); backingError = ERR_get_error(); if (rc != SSL_ERROR_NONE) { dprintf("Got error: %i (rc = %i)", err, rc); |
︙ | |||
185 186 187 188 189 190 191 192 193 194 195 196 197 198 | 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 | + | if (bioShouldRetry) { dprintf("The I/O did not complete -- but we should try it again"); if (statePtr->flags & TLS_TCL_ASYNC) { dprintf("Returning EAGAIN so that it can be retried later"); *errorCodePtr = EAGAIN; Tls_Error(statePtr, "Handshake not complete, will retry later"); return(-1); } else { dprintf("Doing so now"); continue; } } |
︙ | |||
224 225 226 227 228 229 230 | 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 | - + - + + + + - - - | } else if (backingError == 0 && err == -1) { dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno()); *errorCodePtr = Tcl_GetErrno(); if (*errorCodePtr == ECONNRESET) { *errorCodePtr = ECONNABORTED; } |
︙ | |||
363 364 365 366 367 368 369 370 371 372 373 374 375 376 | 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 | + + + + | break; case SSL_ERROR_SSL: /* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */ dprintf("SSL error, indicating that the connection has been aborted"); if (backingError != 0) { Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError)); } else if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) { Tls_Error(statePtr, (char *) X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl))); } else { Tls_Error(statePtr, "Unknown SSL error"); } *errorCodePtr = ECONNABORTED; bytesRead = -1; #if OPENSSL_VERSION_NUMBER >= 0x30000000L /* Unexpected EOF from the peer for OpenSSL 3.0+ */ if (ERR_GET_REASON(backingError) == SSL_R_UNEXPECTED_EOF_WHILE_READING) { |
︙ | |||
391 392 393 394 395 396 397 | 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 | - + - + | bytesRead = 0; Tls_Error(statePtr, "EOF reached"); } else if (backingError == 0 && bytesRead == -1) { dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno()); *errorCodePtr = Tcl_GetErrno(); bytesRead = -1; |
︙ | |||
419 420 421 422 423 424 425 426 427 428 | 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 | + - - - | Tls_Error(statePtr, "SSL_ERROR_WANT_READ"); break; default: dprintf("Unknown error (err = %i), mapping to EOF", err); *errorCodePtr = 0; bytesRead = 0; Tls_Error(statePtr, "Unknown error"); break; } |
︙ | |||
486 487 488 489 490 491 492 493 494 495 496 497 498 499 | 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 | + | if (toWrite == 0) { dprintf("zero-write"); err = BIO_flush(statePtr->bio); if (err <= 0) { dprintf("Flushing failed"); Tls_Error(statePtr, "Flush failed"); *errorCodePtr = EIO; written = 0; return(-1); } written = 0; |
︙ | |||
558 559 560 561 562 563 564 | 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 | - + - + + + + + + - - - | written = 0; Tls_Error(statePtr, "EOF reached"); } else if (backingError == 0 && written == -1) { dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno()); *errorCodePtr = Tcl_GetErrno(); written = -1; |
︙ |
Modified tests/README.txt
from [673cb36188]
to [dc27a7e2a2].
1 2 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | - + - + - - + + - - + + + - + + + + + + | Create Test Cases |
Modified tests/badssl.csv
from [152d5864b6]
to [0bcd6b3e35].
1 2 3 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 | - - - - + - + - + + - + + - + + - + + - + - - - + + + - - + + - - - - + + + + - + - + - - - - + + + + + + - - + + - - - - + + + + + + + - + + - - + + + | # Group,Name,Constraints,Setup,Body,Cleanup,Match,Result,Output,Error Output,Return Codes command,package require tls,,,,,,,,, ,,,,,,,,,, |
Modified tests/badssl.test
from [62a312d78a]
to [4b748d171a].
1 2 3 4 5 6 7 8 9 10 11 12 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 | - - - - + - + - + - + - + + + + + - + - + - + + + + + - + - + + + + + - + - + + + + + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + + + + - + + - + - + - + - + - + + + + + - + - + - + - + - + - + - + - + + - + + + + - + - + - + - + + + + + - + + + + + - + + - + + + + - + - + - + + + + + - + - + - + - + | # Auto generated test cases for badssl.csv # Load Tcl Test package if {[lsearch [namespace children] ::tcltest] == -1} { package require tcltest namespace import ::tcltest::* } set auto_path [concat [list [file dirname [file dirname [info script]]]] $auto_path] package require tls |
Modified tests/common.tcl
from [019f917847]
to [3f4b3346c0].
︙ | |||
16 17 18 19 20 21 22 | 16 17 18 19 20 21 22 23 24 25 26 27 28 | + + + + + + | # OpenSSL version ::tcltest::testConstraint OpenSSL [string match "OpenSSL*" [::tls::version]] # Legacy OpenSSL v1.1.1 vs new v3.x scan [lindex [split [::tls::version]] 1] %f version ::tcltest::testConstraint new_api [expr {$version >= 3.0}] ::tcltest::testConstraint old_api [expr {$version < 3.0}] # Load legacy provider if {$version >= 3.0} { tls::provider legacy } |
Modified tests/digest.csv
from [e953e823d3]
to [3371cf815e].
1 2 3 4 | 1 2 3 4 5 6 7 8 9 10 11 12 13 | - + + | # Group,Name,Constraints,Setup,Body,Cleanup,Match,Result,Output,Error Output,Return Codes command,package require tls,,,,,,,,, ,,,,,,,,,, command,# Constraints,,,,,,,,, |
︙ |
Modified tests/digest.test
from [ee7d628a1a]
to [cdebbb86d7].
︙ | |||
8 9 10 11 12 13 14 15 16 17 18 19 20 21 | 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | + | set auto_path [concat [list [file dirname [file dirname [info script]]]] $auto_path] package require tls # Constraints ::tcltest::testConstraint md4 [expr {"md4" in [::tls::digests]}] catch {tls::provider legacy} # Helper functions - See common.tcl proc digest_read_chan {cmd filename args} {;set ch [open $filename rb];set bsize [fconfigure $ch -buffersize];set new [$cmd {*}$args -chan $ch];while {![eof $new]} {set md [read $new $bsize]};close $new;return $md} proc digest_write_chan {cmd filename data args} {;set ch [open $filename wb];set new [$cmd {*}$args -chan $ch];puts -nonewline $new $data;flush $new;close $new;set ch [open $filename rb];set md [read $ch];close $ch;return $md} proc digest_accumulate {string args} {;set cmd [{*}$args -command dcmd]; $cmd update [string range $string 0 20];$cmd update [string range $string 21 end];return [$cmd finalize]} set test_data "Example string for message digest tests.\n" |
︙ |