Check-in [6aedc8c1b5]
Overview
Comment:Merged in several outstanding patches
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 6aedc8c1b555605ff77c607a68f2562c1582fe9c
User & Date: rkeene on 2016-11-22 21:43:13
Other Links: manifest | tags
Context
2016-12-08
04:26
Merged in work for TclTLS 1.7 to trunk check-in: 0409513536 user: rkeene tags: trunk
2016-11-22
22:07
Create new branch named "tcltls-2" check-in: ae164b967d user: rkeene tags: tls-1-7
21:43
Merged in several outstanding patches check-in: 6aedc8c1b5 user: rkeene tags: trunk
21:36
Applied patch Closed-Leaf check-in: 4ec3fe7449 user: rkeene tags: rkeene-eoffix
17:58
Applied patch Closed-Leaf check-in: db95f55e95 user: rkeene tags: rkeene-unthreaded
17:58
Applied patch Closed-Leaf check-in: a141858eec user: rkeene tags: rkeene-fixcrosscompile
17:58
Applied patch Closed-Leaf check-in: 0c7fd93cac user: rkeene tags: rkeene-peercertificate
2015-07-07
17:16
Updated with dhparam.2.patch for tls ticket #59. check-in: 2aadaa4c28 user: andreas_kupries tags: trunk
Changes
225
226
227
228
229
230
231
232

233
234
235
236
237
238
239
225
226
227
228
229
230
231

232
233
234
235
236
237
238
239







-
+







# library.  In most cases these object files will correspond to the
# source files above.
#========================================================================

$(PKG_LIB_FILE): $(PKG_OBJECTS)
	-rm -f $(PKG_LIB_FILE)
	${MAKE_LIB}
	$(RANLIB) $(PKG_LIB_FILE)
	-$(RANLIB) $(PKG_LIB_FILE)

#========================================================================
# We need to enumerate the list of .c to .o lines here.
#
# In the following lines, $(srcdir) refers to the toplevel directory
# containing your extension.  If your sources are in a subdirectory,
# you will have to modify the paths to reflect this:
Modified configure from [701a0c22b6] to [c1aa70d493].
1383
1384
1385
1386
1387
1388
1389

1390


1391
1392
1393
1394
1395
1396
1397
1398
1399

1400


1401
1402
1403
1404
1405
1406
1407
1383
1384
1385
1386
1387
1388
1389
1390

1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402

1403
1404
1405
1406
1407
1408
1409
1410
1411







+
-
+
+









+
-
+
+







echo "${ECHO_T}$CYGPATH" >&6
else
  echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi

	    EXEEXT=".exe"
		if [ -z "${TEA_PLATFORM}" ]; then
	    TEA_PLATFORM="windows"
			TEA_PLATFORM="windows"
		fi
	    ;;
	*CYGWIN_*)
	    CYGPATH=echo
	    EXEEXT=".exe"
	    # TEA_PLATFORM is determined later
	    ;;
	*)
	    CYGPATH=echo
	    EXEEXT=""
		if [ -z "${TEA_PLATFORM}" ]; then
	    TEA_PLATFORM="unix"
			TEA_PLATFORM="unix"
		fi
	    ;;
    esac

    # Check if exec_prefix is set. If not use fall back to prefix.
    # Note when adjusted, so that TEA_PREFIX can correct for this.
    # This is needed for recursive configures, since autoconf propagates
    # $prefix, but not $exec_prefix (doh!).
1678
1679
1680
1681
1682
1683
1684

1685


1686
1687
1688
1689
1690

1691


1692
1693
1694
1695
1696
1697
1698
1682
1683
1684
1685
1686
1687
1688
1689

1690
1691
1692
1693
1694
1695
1696
1697

1698
1699
1700
1701
1702
1703
1704
1705
1706







+
-
+
+





+
-
+
+








    case "`uname -s`" in
	*CYGWIN_*)
	    echo "$as_me:$LINENO: checking for cygwin variant" >&5
echo $ECHO_N "checking for cygwin variant... $ECHO_C" >&6
	    case ${TCL_EXTRA_CFLAGS} in
		*-mwin32*|*-mno-cygwin*)
			if [ -z "${TEA_PLATFORM}" ]; then
		    TEA_PLATFORM="windows"
				TEA_PLATFORM="windows"
			fi
		    CFLAGS="$CFLAGS -mwin32"
		    echo "$as_me:$LINENO: result: win32" >&5
echo "${ECHO_T}win32" >&6
		    ;;
		*)
			if [ -z "${TEA_PLATFORM}" ]; then
		    TEA_PLATFORM="unix"
				TEA_PLATFORM="unix"
			fi
		    echo "$as_me:$LINENO: result: unix" >&5
echo "${ECHO_T}unix" >&6
		    ;;
	    esac
	    EXEEXT=".exe"
	    ;;
	*)
10312
10313
10314
10315
10316
10317
10318
10319

10320
10321
10322
10323
10324
10325
10326
10320
10321
10322
10323
10324
10325
10326

10327
10328
10329
10330
10331
10332
10333
10334







-
+







	PKG_LIBS="$PKG_LIBS $i"
    done


    fi
    if test -n "${OPENSSL}"; then

    vars="ssleay32.lib libeay32.lib"
    vars="ssl.lib crypto.lib"
    for i in $vars; do
	if test "${TEA_PLATFORM}" = "windows" -a "$GCC" = "yes" ; then
	    # Convert foo.lib to -lfoo for GCC.  No-op if not *.lib
	    i=`echo "$i" | sed -e 's/^\([^-].*\)\.lib$/-l\1/i'`
	fi
	PKG_LIBS="$PKG_LIBS $i"
    done
Modified tls.c from [5f36052c70] to [15a7d7809d].
1768
1769
1770
1771
1772
1773
1774

1775
1776
1777
1778
1779
1780
1781
1782
1783

1784
1785
1786
1787
1788
1789
1790
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777


1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790







+


-
-





+







 *------------------------------------------------------*
 */
static int
TlsLibInit ()
{
    int i;
    char rnd_seed[16] = "GrzSlplKqUdnnzP!";	/* 16 bytes */
    int status=TCL_OK;
#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
    size_t num_locks;
#endif
    int status=TCL_OK;

    if (!initialized) {
	Tcl_MutexLock(&init_mx);
	if (!initialized) {
	    initialized = 1;
#endif

	    if (CRYPTO_set_mem_functions((void *(*)(size_t))Tcl_Alloc,
					 (void *(*)(void *, size_t))Tcl_Realloc,
					 (void(*)(void *))Tcl_Free) == 0) {
	       /* Not using Tcl's mem functions ... not critical */
	    }

1823
1824
1825
1826
1827
1828
1829

1830

1831
1832
1833
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835







+

+



		    rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0));
		}
		RAND_seed(rnd_seed, sizeof(rnd_seed));
	    } while (RAND_status() != 1);
	}
    	done:

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
	Tcl_MutexUnlock(&init_mx);
#endif
    }
    return status;
}
Modified tlsIO.c from [cd93e606f5] to [ed5e46f5ea].
929
930
931
932
933
934
935



936
937
938
939
940
941
942
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945







+
+
+







		    dprintf(stderr,"E! ");
		    *errorCodePtr = EAGAIN;
		    return -1;
		} else {
		    continue;
		}
	    } else if (err == 0) {
                if (Tcl_Eof(statePtr->self)) {
                    return 0;
                }
		dprintf(stderr,"CR! ");
		*errorCodePtr = ECONNRESET;
		return -1;
	    }
	    if (statePtr->flags & TLS_TCL_SERVER) {
		err = SSL_get_verify_result(statePtr->ssl);
		if (err != X509_V_OK) {
Modified tlsX509.c from [3f68dadacd] to [24e0063023].
96
97
98
99
100
101
102

103
104
105
106
107
108

109
110
111
112
113
114
115
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117







+






+







    int n;
    unsigned long flags;
    char subject[BUFSIZ];
    char issuer[BUFSIZ];
    char serial[BUFSIZ];
    char notBefore[BUFSIZ];
    char notAfter[BUFSIZ];
    char certStr[BUFSIZ];
#ifndef NO_SSL_SHA
    int shai;
    char sha_hash[SHA_DIGEST_LENGTH*2];
    const char *shachars="0123456789ABCDEF";
#endif

    certStr[0] = 0;
    if ((bio = BIO_new(BIO_s_mem())) == NULL) {
	subject[0] = 0;
	issuer[0]  = 0;
	serial[0]  = 0;
    } else {
	flags = XN_FLAG_RFC2253 | ASN1_STRFLGS_UTF8_CONVERT;
	flags &= ~ASN1_STRFLGS_ESC_MSB;
127
128
129
130
131
132
133







134
135
136
137
138
139
140
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149







+
+
+
+
+
+
+







	BIO_flush(bio);

	i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert));
	n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1));
	n = max(n, 0);
	serial[n] = 0;
	BIO_flush(bio);

        if (PEM_write_bio_X509(bio, cert)) {
            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
            n = max(n, 0);
            certStr[n] = 0;
            BIO_flush(bio);
        }

	BIO_free(bio);
    }

    strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) ));
    strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) ));

170
171
172
173
174
175
176





177
178
179
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193







+
+
+
+
+



    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( notAfter, -1) );

    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( "serial", -1) );
    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( serial, -1) );

    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( "certificate", -1) );
    Tcl_ListObjAppendElement( interp, certPtr,
	    Tcl_NewStringObj( certStr, -1) );

    return certPtr;
}