Overview
Comment: | Merge trunk |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | bohagan |
Files: | files | file ages | folders |
SHA3-256: |
47f7634a14146c177de91e956f743a81 |
User & Date: | jan.nijtmans on 2024-02-24 22:32:00 |
Other Links: | branch diff | manifest | tags |
Context
2024-02-27
| ||
14:41 | Merge trunk check-in: 4fdf191b58 user: jan.nijtmans tags: bohagan | |
2024-02-24
| ||
22:32 | Merge trunk check-in: 47f7634a14 user: jan.nijtmans tags: bohagan | |
22:07 | Eliminate some deprecated function usages. Disable ssl3 by default too (just as ssl2) check-in: 3090c676df user: jan.nijtmans tags: nijtmans | |
00:02 | Merge-mark check-in: 367b275044 user: jan.nijtmans tags: bohagan | |
Changes
Modified Makefile.in
from [d1585703c7]
to [a6031ad08b].
︙ | |||
153 154 155 156 157 158 159 | 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 | - + | # TCL_DEFS is not strictly need here, but if you remove it, then you # must make sure that configure.ac checks for the necessary components # that your library may use. TCL_DEFS can actually be a problem if # you do not compile with a similar machine setup as the Tcl core was # compiled with. #DEFS = $(TCL_DEFS) @DEFS@ $(PKG_CFLAGS) |
︙ |
Modified generic/tls.c
from [c4917ab97f]
to [41a05faa4a].
︙ | |||
243 244 245 246 247 248 249 | 243 244 245 246 247 248 249 250 251 252 253 254 255 256 | - - - - - | dprintf("Called"); if (statePtr->callback == (Tcl_Obj*)NULL) return; switch(version) { |
︙ | |||
980 981 982 983 984 985 986 | 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 | - - - - | ERR_clear_error(); switch ((enum protocol)index) { case TLS_SSL2: Tcl_AppendResult(interp, protocols[index], ": protocol not supported", (char *)NULL); return TCL_ERROR; case TLS_SSL3: |
︙ | |||
1114 1115 1116 1117 1118 1119 1120 | 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 | - - - | return TCL_ERROR; } ERR_clear_error(); objPtr = Tcl_NewListObj(0, NULL); |
︙ | |||
1761 1762 1763 1764 1765 1766 1767 | 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 | - - | } /* create SSL context */ if (ENABLED(proto, TLS_PROTO_SSL2)) { Tcl_AppendResult(interp, "SSL2 protocol not supported", (char *)NULL); return NULL; } |
︙ | |||
1798 1799 1800 1801 1802 1803 1804 | 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 | - - - - - | if (proto == 0) { /* Use full range */ SSL_CTX_set_min_proto_version(ctx, 0); SSL_CTX_set_max_proto_version(ctx, 0); } switch (proto) { |
︙ | |||
1827 1828 1829 1830 1831 1832 1833 | 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 | - - - | /* Use the generic method and constraint range after context is created */ method = isServer ? TLS_server_method() : TLS_client_method(); break; #endif default: /* Negotiate highest available SSL/TLS version */ method = isServer ? TLS_server_method() : TLS_client_method(); |
︙ | |||
2349 2350 2351 2352 2353 2354 2355 | 2327 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 | - + - + - + | LAPPEND_STR(interp, objPtr, "npn", (char *) proto, (Tcl_Size) ulen); #endif /* Resumable session */ LAPPEND_BOOL(interp, objPtr, "resumable", SSL_SESSION_is_resumable(session)); /* Session start time (seconds since epoch) */ |
︙ |
Modified generic/tlsInt.h
from [cdb65a3a91]
to [bdd63383e2].
︙ | |||
108 109 110 111 112 113 114 | 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 | - + - - - - | } #define LAPPEND_STR(interp, obj, text, value, size) {\ if (text != NULL) Tcl_ListObjAppendElement(interp, obj, Tcl_NewStringObj(text, -1)); \ Tcl_ListObjAppendElement(interp, obj, Tcl_NewStringObj(value, size)); \ } #define LAPPEND_INT(interp, obj, text, value) {\ if (text != NULL) Tcl_ListObjAppendElement(interp, obj, Tcl_NewStringObj(text, -1)); \ |
︙ |
Modified generic/tlsX509.c
from [e4f9edb46f]
to [033f00bcbc].
︙ | |||
403 404 405 406 407 408 409 | 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 | - + | sig_nid = OBJ_obj2nid(sig_alg->algorithm); LAPPEND_STR(interp, certPtr, "signatureAlgorithm", OBJ_nid2ln(sig_nid), -1); len = (sig_nid != NID_undef) ? String_to_Hex(sig->data, sig->length, (unsigned char *) buffer, BUFSIZ) : 0; LAPPEND_STR(interp, certPtr, "signatureValue", buffer, (Tcl_Size) len); } /* Version of the encoded certificate - RFC 5280 section 4.1.2.1 */ |
︙ | |||
548 549 550 551 552 553 554 | 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 | - + - + | /* Subject Directory Attributes provides identification attributes (e.g., nationality) of the subject. RFC 5280 section 4.2.1.8 (subjectDirectoryAttributes) */ /* Basic Constraints identifies whether the subject of the cert is a CA and the max depth of valid cert paths for this cert. RFC 5280 section 4.2.1.9, NID_basic_constraints */ if (!(xflags & EXFLAG_PROXY)) { |
︙ |
Modified win/makefile.vc
from [9aa1648d15]
to [90843e9af1].
︙ | |||
31 32 33 34 35 36 37 | 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | - + | $(TMP_DIR)\tlsX509.obj # Define any additional project include flags # SSL_INSTALL_FOLDER = with the OpenSSL installation folder following. PRJ_INCLUDES = -I"$(SSL_INSTALL_FOLDER)\include" -I"$(OPENSSL_INSTALL_DIR)\include" # Define any additional compiler flags that might be required for the project |
︙ |