Check-in [c747afd200]
Overview
Comment:Changes to fix warnings
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | tls-1.8
Files: files | file ages | folders
SHA3-256: c747afd2002a4cbf12344657a10d37fee136609288aebc3b9200fd024ecc7b5f
User & Date: bohagan on 2024-10-05 17:46:37
Other Links: branch diff | manifest | tags
Context
2024-10-25
05:13
More TCL9 updates check-in: ea36bcf6c4 user: bohagan tags: tls-1.8
2024-10-05
17:46
Changes to fix warnings check-in: c747afd200 user: bohagan tags: tls-1.8
17:20
Removed LibreSSL from the documentation since its not currently supported check-in: af471f6aef user: bohagan tags: tls-1.8
Changes
2127
2128
2129
2130
2131
2132
2133




2134
2135
2136
2137
2138
2139
2140
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144







+
+
+
+







	    if (certNames != NULL) {
		SSL_CTX_set_client_CA_list(ctx, certNames);
	    }
	    Tcl_DStringFree(&ds);
	}
#endif
    }
 
    if (abort > 0) {
	/* return error */
    }
    return ctx;
}

/*
 *-------------------------------------------------------------------
 *
 * StatusObjCmd -- return certificate for connected peer info.
2210
2211
2212
2213
2214
2215
2216
2217

2218
2219
2220
2221

2222
2223
2224

2225
2226
2227

2228
2229
2230

2231
2232
2233
2234
2235
2236
2237
2214
2215
2216
2217
2218
2219
2220

2221
2222
2223
2224

2225
2226
2227

2228
2229
2230

2231
2232
2233

2234
2235
2236
2237
2238
2239
2240
2241







-
+



-
+


-
+


-
+


-
+








    /* Verify the X509 certificate presented by the peer */
    LAPPEND_STR(interp, objPtr, "verifyResult",
	X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl)), -1);

    /* Verify mode */
    mode = SSL_get_verify_mode(statePtr->ssl);
    if (mode && SSL_VERIFY_NONE) {
    if (mode & SSL_VERIFY_NONE) {
	LAPPEND_STR(interp, objPtr, "verifyMode", "none", -1);
    } else {
	Tcl_Obj *listObjPtr = Tcl_NewListObj(0, NULL);
	if (mode && SSL_VERIFY_PEER) {
	if (mode & SSL_VERIFY_PEER) {
	    Tcl_ListObjAppendElement(interp, listObjPtr, Tcl_NewStringObj("peer", -1));
	}
	if (mode && SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
	if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
	    Tcl_ListObjAppendElement(interp, listObjPtr, Tcl_NewStringObj("fail if no peer cert", -1));
	}
	if (mode && SSL_VERIFY_CLIENT_ONCE) {
	if (mode & SSL_VERIFY_CLIENT_ONCE) {
	    Tcl_ListObjAppendElement(interp, listObjPtr, Tcl_NewStringObj("client once", -1));
	}
	if (mode && SSL_VERIFY_POST_HANDSHAKE) {
	if (mode & SSL_VERIFY_POST_HANDSHAKE) {
	    Tcl_ListObjAppendElement(interp, listObjPtr, Tcl_NewStringObj("post handshake", -1));
	}
	LAPPEND_OBJ(interp, objPtr, "verifyMode", listObjPtr)
    }

    /* Verify mode depth */
    LAPPEND_INT(interp, objPtr, "verifyDepth", SSL_get_verify_depth(statePtr->ssl));