Index: configure
==================================================================
--- configure
+++ configure
@@ -1,8 +1,8 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.72 for tls 1.8.0.
+# Generated by GNU Autoconf 2.72 for tls 2.0b1.
#
#
# Copyright (C) 1992-1996, 1998-2017, 2020-2023 Free Software Foundation,
# Inc.
#
@@ -599,12 +599,12 @@
MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='tls'
PACKAGE_TARNAME='tls'
-PACKAGE_VERSION='1.8.0'
-PACKAGE_STRING='tls 1.8.0'
+PACKAGE_VERSION='2.0b1'
+PACKAGE_STRING='tls 2.0b1'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
# Factoring default headers for most tests.
ac_includes_default="\
@@ -1340,11 +1340,11 @@
#
if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-'configure' configures tls 1.8.0 to adapt to many kinds of systems.
+'configure' configures tls 2.0b1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE. See below for descriptions of some of the useful variables.
@@ -1402,11 +1402,11 @@
_ACEOF
fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of tls 1.8.0:";;
+ short | recursive ) echo "Configuration of tls 2.0b1:";;
esac
cat <<\_ACEOF
Optional Features:
--disable-option-checking ignore unrecognized --enable/--with options
@@ -1528,11 +1528,11 @@
fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-tls configure 1.8.0
+tls configure 2.0b1
generated by GNU Autoconf 2.72
Copyright (C) 2023 Free Software Foundation, Inc.
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.
@@ -1835,11 +1835,11 @@
cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by tls $as_me 1.8.0, which was
+It was created by tls $as_me 2.0b1, which was
generated by GNU Autoconf 2.72. Invocation command line was
$ $0$ac_configure_args_raw
_ACEOF
@@ -10291,11 +10291,11 @@
cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# Save the log message, to keep $0 and so on meaningful, and to
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by tls $as_me 1.8.0, which was
+This file was extended by tls $as_me 2.0b1, which was
generated by GNU Autoconf 2.72. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
CONFIG_HEADERS = $CONFIG_HEADERS
CONFIG_LINKS = $CONFIG_LINKS
@@ -10346,11 +10346,11 @@
ac_cs_config=`printf "%s\n" "$ac_configure_args" | sed "$ac_safe_unquote"`
ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\''/g"`
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config='$ac_cs_config_escaped'
ac_cs_version="\\
-tls config.status 1.8.0
+tls config.status 2.0b1
configured by $0, generated by GNU Autoconf 2.72,
with options \\"\$ac_cs_config\\"
Copyright (C) 2023 Free Software Foundation, Inc.
This config.status script is free software; the Free Software Foundation
Index: configure.ac
==================================================================
--- configure.ac
+++ configure.ac
@@ -14,11 +14,11 @@
# so you can encode the package version directly into the source files.
# This will also define a special symbol for Windows (BUILD_<PACKAGE_NAME>
# so that we create the export library with the dll.
#-----------------------------------------------------------------------
-AC_INIT([tls],[1.8.0])
+AC_INIT([tls],[2.0b1])
#--------------------------------------------------------------------
# Call TEA_INIT as the first TEA_ macro to set up initial vars.
# This will define a ${TEA_PLATFORM} variable == "unix" or "windows"
# as well as PKG_LIB_FILE and PKG_STUB_LIB_FILE.
Index: doc/tls.html
==================================================================
--- doc/tls.html
+++ doc/tls.html
@@ -98,37 +98,38 @@
<!-- Copyright &copy; 1999 Matt Newman -- Copyright &copy; 2004 Starfish Systems -- Copyright &copy; 2024 Brian O'Hagan
-->
<!-- tls.n
-->
<body><div class="doctools">
-<h1 class="doctools_title">tls(n) 1.8 tls "Tcl TLS extension"</h1>
+<h1 class="doctools_title">tls(n) 2.0b1 tls "Tcl TLS extension"</h1>
<div id="name" class="doctools_section"><h2><a name="name">Name</a></h2>
<p>tls - binding to the OpenSSL library for encrypted socket and I/O channel communications</p>
</div>
<div id="toc" class="doctools_section"><h2><a name="toc">Table Of Contents</a></h2>
<ul class="doctools_toc">
<li class="doctools_section"><a href="#toc">Table Of Contents</a></li>
<li class="doctools_section"><a href="#synopsis">Synopsis</a></li>
<li class="doctools_section"><a href="#section1">Description</a></li>
-<li class="doctools_section"><a href="#section2">Commands</a></li>
-<li class="doctools_section"><a href="#section3">Certificate Validation</a>
+<li class="doctools_section"><a href="#section2">Compatibility</a></li>
+<li class="doctools_section"><a href="#section3">Commands</a></li>
+<li class="doctools_section"><a href="#section4">Certificate Validation</a>
<ul>
<li class="doctools_subsection"><a href="#subsection1">PKI and Certificates</a></li>
<li class="doctools_subsection"><a href="#subsection2">Summary of command line options</a></li>
<li class="doctools_subsection"><a href="#subsection3">When are command line options needed?</a></li>
</ul>
</li>
-<li class="doctools_section"><a href="#section4">Callback Options</a>
+<li class="doctools_section"><a href="#section5">Callback Options</a>
<ul>
<li class="doctools_subsection"><a href="#subsection4">Values for Command Callback</a></li>
<li class="doctools_subsection"><a href="#subsection5">Values for Password Callback</a></li>
<li class="doctools_subsection"><a href="#subsection6">Values for Validate Command Callback</a></li>
</ul>
</li>
-<li class="doctools_section"><a href="#section5">Debug</a></li>
-<li class="doctools_section"><a href="#section6">HTTP Package Examples</a></li>
-<li class="doctools_section"><a href="#section7">Special Considerations</a></li>
+<li class="doctools_section"><a href="#section6">Debug</a></li>
+<li class="doctools_section"><a href="#section7">Examples</a></li>
+<li class="doctools_section"><a href="#section8">Special Considerations</a></li>
<li class="doctools_section"><a href="#see-also">See Also</a></li>
<li class="doctools_section"><a href="#keywords">Keywords</a></li>
<li class="doctools_section"><a href="#category">Category</a></li>
<li class="doctools_section"><a href="#copyright">Copyright</a></li>
</ul>
@@ -135,11 +136,11 @@
</div>
<div id="synopsis" class="doctools_section"><h2><a name="synopsis">Synopsis</a></h2>
<div class="doctools_synopsis">
<ul class="doctools_requirements">
<li>package require <b class="pkgname">Tcl 8.5-</b></li>
-<li>package require <b class="pkgname">tls 1.8</b></li>
+<li>package require <b class="pkgname">tls 2.0b1</b></li>
</ul>
<ul class="doctools_syntax">
<li><a href="#1"><b class="cmd">tls::init</b> <span class="opt">?<i class="arg">-option</i>?</span> <span class="opt">?<i class="arg">value</i>?</span> <span class="opt">?<i class="arg">-option value ...</i>?</span></a></li>
<li><a href="#2"><b class="cmd">tls::socket</b> <span class="opt">?<i class="arg">-option</i>?</span> <span class="opt">?<i class="arg">value</i>?</span> <span class="opt">?<i class="arg">-option value ...</i>?</span> <i class="arg">host</i> <i class="arg">port</i></a></li>
<li><a href="#3"><b class="cmd">tls::socket</b> <b class="option">-server</b> <i class="arg">command</i> <span class="opt">?<i class="arg">-option</i>?</span> <span class="opt">?<i class="arg">value</i>?</span> <span class="opt">?<i class="arg">-option value ...</i>?</span> <i class="arg">port</i></a></li>
@@ -156,36 +157,41 @@
</div>
<div id="section1" class="doctools_section"><h2><a name="section1">Description</a></h2>
<p>This extension provides TCL script access to secure socket communications
using the Transport Layer Security (TLS) protocol. It provides a generic
binding to <a href="https://www.openssl.org/">OpenSSL</a>, utilizing the
-<b class="syscmd">Tcl_StackChannel</b> API in TCL 8.4 and higher.
+<b class="syscmd">Tcl_StackChannel</b> API in TCL 8.4 or later.
These sockets behave exactly the same as channels created using the built-in
-<b class="syscmd">socket</b> command, along with additional options for controlling
+<b class="syscmd">socket</b> command, but provide additional options for controlling
the SSL/TLS session.</p>
</div>
-<div id="section2" class="doctools_section"><h2><a name="section2">Commands</a></h2>
-<p>Typically one would use the <b class="cmd">tls::socket</b> command to create a new encrypted
-TCP socket. It is compatible with the native TCL <b class="syscmd">::socket</b> command.
-Alternatively for an existing TCP socket, the <b class="cmd">tls::import</b> command can be
-used to start TLS on the connection.</p>
+<div id="section2" class="doctools_section"><h2><a name="section2">Compatibility</a></h2>
+<p>This extension is compatible with OpenSSL 1.1.1 or later. It requires Tcl
+version 8.5 or later and will work with Tcl 9.0.</p>
+</div>
+<div id="section3" class="doctools_section"><h2><a name="section3">Commands</a></h2>
+<p>The following are the commands provided by the TcLTLS package. See the
+<span class="sectref"><a href="#section7">Examples</a></span> for example usage and the "<b class="file">demos</b>" directory for
+more example usage.</p>
<dl class="doctools_definitions">
<dt><a name="1"><b class="cmd">tls::init</b> <span class="opt">?<i class="arg">-option</i>?</span> <span class="opt">?<i class="arg">value</i>?</span> <span class="opt">?<i class="arg">-option value ...</i>?</span></a></dt>
<dd><p>Optional function to set the default options used by <b class="cmd">tls::socket</b>. If you
-call <b class="cmd">tls::import</b> directly, this command has no effect. This command
-supports all of the same options as the <b class="cmd">tls::socket</b> command, though you
-should limit your options to only TLS related ones.</p></dd>
+call <b class="cmd">tls::import</b> directly, the values set by this command have no effect.
+This command supports all of the same options as the <b class="cmd">tls::socket</b> command,
+though you should limit your options to only the TLS related ones.</p></dd>
<dt><a name="2"><b class="cmd">tls::socket</b> <span class="opt">?<i class="arg">-option</i>?</span> <span class="opt">?<i class="arg">value</i>?</span> <span class="opt">?<i class="arg">-option value ...</i>?</span> <i class="arg">host</i> <i class="arg">port</i></a></dt>
<dd><p>This is a helper function that utilizes the underlying commands <b class="syscmd">socket</b>
and <b class="cmd">tls::import</b> to create the connection. It behaves the same as the
-native TCL <b class="syscmd">socket</b> command, but also supports the <b class="cmd">tls:import</b>
+native TCL <b class="syscmd">socket</b> command, but also supports the <b class="cmd">tls::import</b>
command options with one additional option. It returns the channel handle id
for the new socket.</p>
<dl class="doctools_options">
<dt><b class="option">-autoservername</b> <i class="arg">bool</i></dt>
<dd><p>If <b class="const">true</b>, automatically set the <b class="option">-servername</b> argument to the
-<em>host</em> argument. Default is <b class="const">false</b>.</p></dd>
+<em>host</em> argument. Prior to TclTLS 2.0, the default is <b class="const">false</b>.
+Starting in TclTLS 2.0, the default is <b class="const">true</b> unless <b class="option">-servername</b>
+is also specified.</p></dd>
</dl></dd>
<dt><a name="3"><b class="cmd">tls::socket</b> <b class="option">-server</b> <i class="arg">command</i> <span class="opt">?<i class="arg">-option</i>?</span> <span class="opt">?<i class="arg">value</i>?</span> <span class="opt">?<i class="arg">-option value ...</i>?</span> <i class="arg">port</i></a></dt>
<dd><p>Same as previous, but instead creates a server socket for clients to connect to
just like the Tcl <b class="syscmd">socket -server</b> command. It returns the channel
handle id for the new socket.</p></dd>
@@ -195,27 +201,28 @@
parameters for SSL handshake. Valid options are:</p>
<dl class="doctools_options">
<dt><b class="option">-alpn</b> <i class="arg">list</i></dt>
<dd><p>List of protocols to offer during Application-Layer Protocol Negotiation
(ALPN). For example: <b class="const">h2</b> and <b class="const">http/1.1</b>, but not <b class="const">h3</b> or
-<b class="const">quic</b>.</p></dd>
+<b class="const">quic</b>. This option is new for TclTLS 1.8.</p></dd>
<dt><b class="option">-cadir</b> <i class="arg">directory</i></dt>
<dd><p>Specifies the directory where the Certificate Authority (CA) certificates are
stored. The default is platform specific and can be set at compile time. The
default location can be overridden by the <b class="variable">SSL_CERT_DIR</b> environment
-variable. See <span class="sectref"><a href="#section3">Certificate Validation</a></span> for more details.</p></dd>
+variable. See <span class="sectref"><a href="#section4">Certificate Validation</a></span> for more details.</p></dd>
<dt><b class="option">-cafile</b> <i class="arg">filename</i></dt>
<dd><p>Specifies the file with the Certificate Authority (CA) certificates to use in
<b class="const">PEM</b> file format. The default is "<b class="file">cert.pem</b>", in the OpenSSL
directory. The default file can be overridden by the <b class="variable">SSL_CERT_FILE</b> environment
-variable. See <span class="sectref"><a href="#section3">Certificate Validation</a></span> for more details.</p></dd>
+variable. See <span class="sectref"><a href="#section4">Certificate Validation</a></span> for more details.</p></dd>
<dt><b class="option">-castore</b> <i class="arg">URI</i></dt>
<dd><p>Specifies the Uniform Resource Identifier (URI) for the Certificate Authority
(CA) store, which may be a single container or a catalog of containers.
Starting with OpenSSL 3.2 on MS Windows, set to "<b class="const">org.openssl.winstore://</b>"
-to use the built-in MS Windows Certificate Store. See
-<span class="sectref"><a href="#section3">Certificate Validation</a></span> for more details.</p></dd>
+to use the built-in MS Windows Certificate Store.
+See <span class="sectref"><a href="#section4">Certificate Validation</a></span> for more details.
+This option is new for TclTLS 1.8.</p></dd>
<dt><b class="option">-certfile</b> <i class="arg">filename</i></dt>
<dd><p>Specifies the name of the file with the certificate to use in PEM format
as the local (client or server) certificate. It also contains the public key.</p></dd>
<dt><b class="option">-cert</b> <i class="arg">string</i></dt>
<dd><p>Specifies the certificate to use as a DER encoded string (X.509 DER).</p></dd>
@@ -232,87 +239,95 @@
documentation for the full list of valid values.</p></dd>
<dt><b class="option">-ciphersuites</b> <i class="arg">string</i></dt>
<dd><p>Specifies the list of cipher suites to use for TLS 1.3 as a colon
"<b class="const">:</b>" separated list of cipher suite names. See the
<a href="https://docs.openssl.org/master/man1/openssl-ciphers/#options">OpenSSL</a>
-documentation for the full list of valid values.</p></dd>
+documentation for the full list of valid values.
+This option is new for TclTLS 1.8.</p></dd>
<dt><b class="option">-command</b> <i class="arg">callback</i></dt>
<dd><p>Specifies the callback command to be invoked at several points during the
handshake to pass errors, tracing information, and protocol messages.
-See <span class="sectref"><a href="#section4">Callback Options</a></span> for more info.</p></dd>
+See <span class="sectref"><a href="#section5">Callback Options</a></span> for more info.</p></dd>
<dt><b class="option">-dhparams</b> <i class="arg">filename</i></dt>
<dd><p>Specifies the Diffie-Hellman (DH) parameters file.</p></dd>
<dt><b class="option">-keyfile</b> <i class="arg">filename</i></dt>
<dd><p>Specifies the private key file. The default is to use the file
-specified by the <i class="arg">-certfile</i> option.</p></dd>
+specified by the <b class="option">-certfile</b> option.</p></dd>
<dt><b class="option">-key</b> <i class="arg">string</i></dt>
<dd><p>Specifies the private key to use as a DER encoded string (PKCS#1 DER).</p></dd>
<dt><b class="option">-model</b> <i class="arg">channel</i></dt>
<dd><p>Force this channel to share the same <i class="term">SSL_CTX</i> structure as the
specified <i class="arg">channel</i>, and therefore share config, callbacks, etc.</p></dd>
<dt><b class="option">-password</b> <i class="arg">callback</i></dt>
<dd><p>Specifies the callback command to invoke when OpenSSL needs to obtain a
password. This is typically used to unlock the private key of a certificate.
-The callback should return a password string. See <span class="sectref"><a href="#section4">Callback Options</a></span>
-for more info.</p></dd>
+The callback should return a password string. This option has changed for
+TclTLS 1.8. See <span class="sectref"><a href="#section5">Callback Options</a></span> for more info.</p></dd>
<dt><b class="option">-post_handshake</b> <i class="arg">bool</i></dt>
-<dd><p>Allow post-handshake session ticket updates.</p></dd>
+<dd><p>Allow post-handshake session ticket updates. This option is new for TclTLS 1.8.</p></dd>
<dt><b class="option">-request</b> <i class="arg">bool</i></dt>
<dd><p>Request a certificate from the peer during the SSL handshake. This is needed
to do Certificate Validation. Starting in TclTLS 1.8, the default is
-<b class="const">true</b>.
-See <span class="sectref"><a href="#section3">Certificate Validation</a></span> for more details.</p></dd>
+<b class="const">true</b>. Starting in TclTLS 2.0, if set to <b class="const">false</b> and
+<b class="option">-require</b> is <b class="const">true</b>, then this will be overridden to <b class="const">true</b>.
+See <span class="sectref"><a href="#section4">Certificate Validation</a></span> for more details.</p></dd>
<dt><b class="option">-require</b> <i class="arg">bool</i></dt>
<dd><p>Require a valid certificate from the peer during the SSL handshake. If this is
set to true, then <b class="option">-request</b> must also be set to true and a either
<b class="option">-cadir</b>, <b class="option">-cafile</b>, <b class="option">-castore</b>, or a platform default
must be provided in order to validate against. The default in TclTLS 1.8 and
earlier versions is <b class="const">false</b> since not all platforms have certificates to
-validate against in a form compatible with OpenSSL.
-See <span class="sectref"><a href="#section3">Certificate Validation</a></span> for more details.</p></dd>
+validate against in a form compatible with OpenSSL. Starting in TclTLS 2.0,
+the default is <b class="const">true</b>.
+See <span class="sectref"><a href="#section4">Certificate Validation</a></span> for more details.</p></dd>
<dt><b class="option">-security_level</b> <i class="arg">integer</i></dt>
<dd><p>Specifies the security level (value from 0 to 5). The security level affects
the allowed cipher suite encryption algorithms, supported ECC curves,
supported signature algorithms, DH parameter sizes, certificate key sizes
and signature algorithms. The default is 1 prior to OpenSSL 3.2 and 2
thereafter. Level 3 and higher disable support for session tickets and
-only accept cipher suites that provide forward secrecy.</p></dd>
+only accept cipher suites that provide forward secrecy.
+This option is new for TclTLS 1.8.</p></dd>
<dt><b class="option">-server</b> <i class="arg">bool</i></dt>
<dd><p>Specifies whether to act as a server and respond with a server handshake when a
client connects and provides a client handshake. The default is <b class="const">false</b>.</p></dd>
<dt><b class="option">-servername</b> <i class="arg">hostname</i></dt>
-<dd><p>Specify the peer's hostname. This is used to set the TLS Server Name
-Indication (SNI) extension. Set this to the expected servername in the
-server's certificate or one of the Subject Alternate Names (SAN).</p></dd>
+<dd><p>Specify the peer's hostname. This is used to set the TLS Server Name Indication
+(SNI) extension. Set this to the expected servername in the server's certificate
+or one of the Subject Alternate Names (SAN). Starting in TclTLS 2.0, this will
+default to the host for the <b class="cmd">tls::socket</b> command.</p></dd>
<dt><b class="option">-session_id</b> <i class="arg">binary_string</i></dt>
-<dd><p>Specifies the session id to resume a session. Not supported yet.</p></dd>
+<dd><p>Specifies the session id to resume a session. Not supported yet.
+This option is new for TclTLS 1.8.</p></dd>
<dt><b class="option">-ssl2</b> <i class="arg">bool</i></dt>
-<dd><p>Enable use of SSL v2. The default is <b class="const">false</b>. Note: Recent versions of
-OpenSSL no longer support SSLv2, so this may not have any effect. See the
-<b class="cmd">tls::protocols</b> command for supported protocols.</p></dd>
+<dd><p>Enable use of SSL v2.The default is <b class="const">false</b>.
+OpenSSL 1.1+ no longer supports SSL v2, so this may not have any effect.
+See the <b class="cmd">tls::protocols</b> command for supported protocols.</p></dd>
<dt><b class="option">-ssl3</b> <i class="arg">bool</i></dt>
-<dd><p>Enable use of SSL v3. The default is <b class="const">false</b>. Note: Recent versions
-of OpenSSL may have this disabled at compile time, so this may not have any
-effect. See the <b class="cmd">tls::protocols</b> command for supported protocols.</p></dd>
+<dd><p>Enable use of SSL v3. The default is <b class="const">false</b>. Starting in TclTLS 1.8,
+use of SSL v3 if only available via a compile time option.
+See the <b class="cmd">tls::protocols</b> command for supported protocols.</p></dd>
<dt><b class="option">-tls1</b> <i class="arg">bool</i></dt>
-<dd><p>Enable use of TLS v1. The default is <b class="const">true</b>. Note: TLS 1.0 needs
-SHA1 to operate, which is only available in security level 0 for Open SSL 3.0+.
-See the <i class="arg">-security_level</i> option.</p></dd>
+<dd><p>Enable use of TLS v1. Starting in TclTLS 2.0, the default is <b class="const">false</b>.
+Note: TLS 1.0 needs SHA1 to operate, which is only available in security level
+0 for Open SSL 3.0+. See the <b class="option">-security_level</b> option.</p></dd>
<dt><b class="option">-tls1.1</b> <i class="arg">bool</i></dt>
-<dd><p>Enable use of TLS v1.1. The default is <b class="const">true</b>. Note: TLS 1.1 needs
-SHA1 to operate, which is only available in security level 0 for Open SSL 3.0+.
-See the <i class="arg">-security_level</i> option.</p></dd>
+<dd><p>Enable use of TLS v1.1. Starting in TclTLS 2.0, the default is <b class="const">false</b>.
+Note: TLS 1.1 needs SHA1 to operate, which is only available in security level
+0 for Open SSL 3.0+. See the <b class="option">-security_level</b> option.</p></dd>
<dt><b class="option">-tls1.2</b> <i class="arg">bool</i></dt>
<dd><p>Enable use of TLS v1.2. The default is <b class="const">true</b>.</p></dd>
<dt><b class="option">-tls1.3</b> <i class="arg">bool</i></dt>
-<dd><p>Enable use of TLS v1.3. The default is <b class="const">true</b>.</p></dd>
+<dd><p>Enable use of TLS v1.3. The default is <b class="const">true</b>. This is only available
+starting with OpenSSL 1.1.1 and TclTLS 1.7.</p></dd>
<dt><b class="option">-validatecommand</b> <i class="arg">callback</i></dt>
<dd><p>Specifies the callback command to invoke to validate the peer certificates
and other config info during the protocol negotiation phase. This can be used
by TCL scripts to perform their own Certificate Validation to supplement the
default validation provided by OpenSSL. The script must return a boolean true
-to continue the negotiation. See <span class="sectref"><a href="#section4">Callback Options</a></span> for more info.</p></dd>
+to continue the negotiation. See <span class="sectref"><a href="#section5">Callback Options</a></span> for more info.
+This option is new for TclTLS 1.8.</p></dd>
</dl></dd>
<dt><a name="5"><b class="cmd">tls::unimport</b> <i class="arg">channel</i></a></dt>
<dd><p>Compliment to <b class="cmd">tls::import</b>. Used to remove the top level stacked channel
from <i class="arg">channel</i>. This unstacks the encryption of a regular TCL channel. An
error is thrown if TLS is not the top stacked channel type.</p></dd>
@@ -327,42 +342,54 @@
<b class="option">-local</b> option is specified, then the local certificate is used. Returned
values include:</p>
<p>SSL Status</p>
<dl class="doctools_definitions">
<dt><b class="variable">alpn</b> <i class="arg">protocol</i></dt>
-<dd><p>The protocol selected after Application-Layer Protocol Negotiation (ALPN).</p></dd>
+<dd><p>The protocol selected after Application-Layer Protocol Negotiation (ALPN).
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">cipher</b> <i class="arg">cipher</i></dt>
<dd><p>The current cipher in use for the session.</p></dd>
<dt><b class="variable">peername</b> <i class="arg">name</i></dt>
-<dd><p>The peername from the certificate.</p></dd>
+<dd><p>The peername from the certificate.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">protocol</b> <i class="arg">version</i></dt>
-<dd><p>The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1.1, TLS1.2, TLS1.3, or unknown.</p></dd>
+<dd><p>The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1.1, TLS1.2,
+TLS1.3, or unknown. This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">sbits</b> <i class="arg">n</i></dt>
<dd><p>The number of bits used for the session key.</p></dd>
<dt><b class="variable">signatureHashAlgorithm</b> <i class="arg">algorithm</i></dt>
-<dd><p>The signature hash algorithm.</p></dd>
+<dd><p>The signature hash algorithm.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">signatureType</b> <i class="arg">type</i></dt>
-<dd><p>The signature type value.</p></dd>
+<dd><p>The signature type value.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">verifyDepth</b> <i class="arg">n</i></dt>
-<dd><p>Maximum depth for the certificate chain verification. Default is -1, to check all.</p></dd>
+<dd><p>Maximum depth for the certificate chain verification. Default is -1, to check all.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">verifyMode</b> <i class="arg">list</i></dt>
-<dd><p>List of certificate verification modes.</p></dd>
+<dd><p>List of certificate verification modes.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">verifyResult</b> <i class="arg">result</i></dt>
-<dd><p>Certificate verification result.</p></dd>
+<dd><p>Certificate verification result.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">ca_names</b> <i class="arg">list</i></dt>
-<dd><p>List of the Certificate Authorities used to create the certificate.</p></dd>
+<dd><p>List of the Certificate Authorities used to create the certificate.
+This value is new for TclTLS 1.8.</p></dd>
</dl>
<p>Certificate Status</p>
<dl class="doctools_definitions">
<dt><b class="variable">all</b> <i class="arg">string</i></dt>
-<dd><p>Dump of all certificate info.</p></dd>
+<dd><p>Dump of all certificate info.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">version</b> <i class="arg">value</i></dt>
<dd><p>The certificate version.</p></dd>
<dt><b class="variable">serialNumber</b> <i class="arg">string</i></dt>
-<dd><p>The serial number of the certificate as a hex string.</p></dd>
+<dd><p>The serial number of the certificate as a hex string.
+This value was changed from serial in TclTLS 1.8.</p></dd>
<dt><b class="variable">signature</b> <i class="arg">algorithm</i></dt>
-<dd><p>Cipher algorithm used for certificate signature.</p></dd>
+<dd><p>Cipher algorithm used for certificate signature.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">issuer</b> <i class="arg">string</i></dt>
<dd><p>The distinguished name (DN) of the certificate issuer.</p></dd>
<dt><b class="variable">notBefore</b> <i class="arg">date</i></dt>
<dd><p>The beginning date of the certificate validity.</p></dd>
<dt><b class="variable">notAfter</b> <i class="arg">date</i></dt>
@@ -370,54 +397,72 @@
<dt><b class="variable">subject</b> <i class="arg">string</i></dt>
<dd><p>The distinguished name (DN) of the certificate subject. Fields include: Common
Name (CN), Organization (O), Locality or City (L), State or Province (S), and
Country Name (C).</p></dd>
<dt><b class="variable">issuerUniqueID</b> <i class="arg">string</i></dt>
-<dd><p>The issuer unique id.</p></dd>
+<dd><p>The issuer unique id.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">subjectUniqueID</b> <i class="arg">string</i></dt>
-<dd><p>The subject unique id.</p></dd>
+<dd><p>The subject unique id.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">num_extensions</b> <i class="arg">n</i></dt>
-<dd><p>Number of certificate extensions.</p></dd>
+<dd><p>Number of certificate extensions.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">extensions</b> <i class="arg">list</i></dt>
-<dd><p>List of certificate extension names.</p></dd>
+<dd><p>List of certificate extension names.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">authorityKeyIdentifier</b> <i class="arg">string</i></dt>
<dd><p>Authority Key Identifier (AKI) of the Issuing CA certificate that signed the
SSL certificate as a hex string. This value matches the SKI value of the
-Intermediate CA certificate.</p></dd>
+Intermediate CA certificate.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">subjectKeyIdentifier</b> <i class="arg">string</i></dt>
<dd><p>Subject Key Identifier (SKI) hash of the public key inside the certificate as a
-hex string. Used to identify certificates that contain a particular public key.</p></dd>
+hex string. Used to identify certificates that contain a particular public key.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">subjectAltName</b> <i class="arg">list</i></dt>
<dd><p>List of all of the Subject Alternative Names (SAN) including domain names, sub
-domains, and IP addresses that are secured by the certificate.</p></dd>
+domains, and IP addresses that are secured by the certificate.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">ocsp</b> <i class="arg">list</i></dt>
<dd><p>List of all Online Certificate Status Protocol (OCSP) URLs that can be used to
-check the validity of this certificate.</p></dd>
+check the validity of this certificate.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">certificate</b> <i class="arg">cert</i></dt>
<dd><p>The PEM encoded certificate.</p></dd>
<dt><b class="variable">signatureAlgorithm</b> <i class="arg">algorithm</i></dt>
-<dd><p>Cipher algorithm used for the certificate signature.</p></dd>
+<dd><p>Cipher algorithm used for the certificate signature.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">signatureValue</b> <i class="arg">string</i></dt>
-<dd><p>Certificate signature as a hex string.</p></dd>
+<dd><p>Certificate signature as a hex string.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">signatureDigest</b> <i class="arg">version</i></dt>
-<dd><p>Certificate signing digest as a hex string.</p></dd>
+<dd><p>Certificate signing digest as a hex string.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">publicKeyAlgorithm</b> <i class="arg">algorithm</i></dt>
-<dd><p>Certificate signature public key algorithm.</p></dd>
+<dd><p>Certificate signature public key algorithm.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">publicKey</b> <i class="arg">string</i></dt>
-<dd><p>Certificate signature public key as a hex string.</p></dd>
+<dd><p>Certificate signature public key as a hex string.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">bits</b> <i class="arg">n</i></dt>
-<dd><p>Number of bits used for certificate signature key.</p></dd>
+<dd><p>Number of bits used for certificate signature key.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">self_signed</b> <i class="arg">boolean</i></dt>
-<dd><p>Whether the certificate signature is self signed.</p></dd>
+<dd><p>Whether the certificate signature is self signed.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">sha1_hash</b> <i class="arg">hash</i></dt>
-<dd><p>The SHA1 hash of the certificate as a hex string.</p></dd>
+<dd><p>The SHA1 hash of the certificate as a hex string.
+This value is new for TclTLS 1.8.</p></dd>
<dt><b class="variable">sha256_hash</b> <i class="arg">hash</i></dt>
-<dd><p>The SHA256 hash of the certificate as a hex string.</p></dd>
+<dd><p>The SHA256 hash of the certificate as a hex string.
+This value is new for TclTLS 1.8.</p></dd>
</dl></dd>
<dt><a name="8"><b class="cmd">tls::connection</b> <i class="arg">channel</i></a></dt>
<dd><p>Returns the current connection status of an SSL channel. The result is a list
-of key-value pairs describing the connection. Returned values include:</p>
+of key-value pairs describing the connection.
+This command is new for TclTLS 1.8. Returned values include:</p>
<p>SSL Status</p>
<dl class="doctools_definitions">
<dt><b class="variable">state</b> <i class="arg">state</i></dt>
<dd><p>State of the connection.</p></dd>
<dt><b class="variable">servername</b> <i class="arg">name</i></dt>
@@ -482,25 +527,27 @@
<dd><p>Unique session master key.</p></dd>
<dt><b class="variable">session_cache_mode</b> <i class="arg">mode</i></dt>
<dd><p>Server cache mode (client, server, or both).</p></dd>
</dl></dd>
<dt><a name="9"><b class="cmd">tls::ciphers</b> <span class="opt">?<i class="arg">protocol</i>?</span> <span class="opt">?<i class="arg">verbose</i>?</span> <span class="opt">?<i class="arg">supported</i>?</span></a></dt>
-<dd><p>Without any args, returns a list of all symmetric ciphers for use with the
+<dd><p>Without any options, it returns a list of all symmetric ciphers for use with the
<i class="arg">-cipher</i> option. With <i class="arg">protocol</i>, only the ciphers supported for that
protocol are returned. See the <b class="cmd">tls::protocols</b> command for the supported
protocols. If <i class="arg">verbose</i> is specified as true then a verbose, human readable
list is returned with additional information on the cipher. If <i class="arg">supported</i>
-is specified as true, then only the ciphers supported for protocol will be listed.</p></dd>
+is specified as true, then only the ciphers supported for protocol will be listed.
+The <i class="arg">supported</i> arg is new for TclTLS 1.8.</p></dd>
<dt><a name="10"><b class="cmd">tls::protocols</b></a></dt>
<dd><p>Returns a list of the supported SSL/TLS protocols. Valid values are:
<b class="const">ssl2</b>, <b class="const">ssl3</b>, <b class="const">tls1</b>, <b class="const">tls1.1</b>, <b class="const">tls1.2</b>, and
-<b class="const">tls1.3</b>. Exact list depends on OpenSSL version and compile time flags.</p></dd>
+<b class="const">tls1.3</b>. Exact list depends on OpenSSL version and compile time flags.
+This command is new for TclTLS 1.8.</p></dd>
<dt><a name="11"><b class="cmd">tls::version</b></a></dt>
<dd><p>Returns the OpenSSL version string.</p></dd>
</dl>
</div>
-<div id="section3" class="doctools_section"><h2><a name="section3">Certificate Validation</a></h2>
+<div id="section4" class="doctools_section"><h2><a name="section4">Certificate Validation</a></h2>
<div id="subsection1" class="doctools_subsection"><h3><a name="subsection1">PKI and Certificates</a></h3>
<p>Using the Public Key Infrastructure (PKI), each user creates a private key that
only they know about and a public key they can exchange with others for use in
encrypting and decrypting data. The process is the sender encrypts their data
using their private key and the receiver's public key. The data is then sent
@@ -514,11 +561,11 @@
certificate and that certificate is authenticated (i.e. signed) by a Certificate
Authority (CA). Users can then exchange these certificates during the TLS
initialization process and check them against the root CA certificates to ensure
they are valid. This is handled by OpenSSL via the <b class="option">-request</b> and
<b class="option">-require</b> options. See the <b class="option">-cadir</b>, <b class="option">-cadir</b>, and
-<b class="option">-castore</b> options for how tp specify where to find the CA certificates.
+<b class="option">-castore</b> options for how to specify where to find the CA certificates.
Optionally, in a future release, they can also be checked against the Certificate
Revocation List (CRL) of revoked certificates. Certificates can also be
self-signed, but they are by default not trusted unless you add them to your
certificate store.</p>
<p>Typically when visiting web sites, only the client needs to check the server's
@@ -542,34 +589,38 @@
variable.</p></dd>
<dt><b class="option">-castore</b> <i class="arg">URI</i></dt>
<dd><p>Specifies the Uniform Resource Identifier (URI) for the Certificate Authority
(CA) store, which may be a single container or a catalog of containers.
Starting with OpenSSL 3.2 on MS Windows, set to "<b class="const">org.openssl.winstore://</b>"
-to use the built-in MS Windows Certificate Store.
-This store only supports root certificate stores. See
-<span class="sectref"><a href="#section3">Certificate Validation</a></span> for more details.</p></dd>
+to use the built-in MS Windows Certificate Store. Starting in TclTLS 2.0, this
+is the default if <b class="option">-cadir</b>, <b class="option">-cadir</b>, and <b class="option">-castore</b> are
+not specified. This store only supports root certificate stores.</p></dd>
<dt><b class="option">-request</b> <i class="arg">bool</i></dt>
<dd><p>Request a certificate from the peer during the SSL handshake. This is needed
to do Certificate Validation. Starting in TclTLS 1.8, the default is
-<b class="const">true</b>. In addition, the client can manually inspect and accept or reject
-each certificate using the <i class="arg">-validatecommand</i> option.</p></dd>
+<b class="const">true</b>. Starting in TclTLS 2.0, if set to <b class="const">false</b> and
+<b class="option">-require</b> is <b class="const">true</b>, then this will be overridden to <b class="const">true</b>.
+In addition, the client can manually inspect and accept or reject
+each certificate using the <b class="option">-validatecommand</b> option.</p></dd>
<dt><b class="option">-require</b> <i class="arg">bool</i></dt>
<dd><p>Require a valid certificate from the peer during the SSL handshake. If this is
set to true, then <b class="option">-request</b> must also be set to true and a either
<b class="option">-cadir</b>, <b class="option">-cafile</b>, <b class="option">-castore</b>, or a platform default
must be provided in order to validate against. The default in TclTLS 1.8 and
earlier versions is <b class="const">false</b> since not all platforms have certificates to
-validate against in a form compatible with OpenSSL.</p></dd>
+validate against in a form compatible with OpenSSL. Starting in TclTLS 2.0,
+the default is <b class="const">true</b>.</p></dd>
</dl>
</div>
<div id="subsection3" class="doctools_subsection"><h3><a name="subsection3">When are command line options needed?</a></h3>
<p>In TclTLS 1.8 and earlier versions, certificate validation is
<em>NOT</em> enabled by default. This limitation is due to the lack of a common
cross platform database of Certificate Authority (CA) provided certificates to
validate against. Many Linux systems natively support OpenSSL and thus have
these certificates installed as part of the OS, but MacOS and MS Windows do not.
-In order to use the <b class="option">-require</b> option, one of the following
+Staring in TclTLS 2.0, this has been changed to require certificate validation
+by default. In order to use the <b class="option">-require</b> option, one of the following
must be true:</p>
<ul class="doctools_itemized">
<li><p>On Linux and Unix systems with OpenSSL already installed or if the CA
certificates are available in PEM format, and if they are stored in the
standard locations, or if the <b class="variable">SSL_CERT_DIR</b> or <b class="variable">SSL_CERT_FILE</b>
@@ -579,11 +630,13 @@
or MS Windows and OpenSSL is installed, the <b class="variable">SSL_CERT_DIR</b> and/or
<b class="variable">SSL_CERT_FILE</b> environment variables or the one of the <b class="option">-cadir</b>,
<b class="option">-cadir</b>, or <b class="option">-castore</b> options must be defined.</p></li>
<li><p>On MS Windows, starting in OpenSSL 3.2, it is now possible to access the
built-in Windows Certificate Store from OpenSSL. This can utilized by
-setting the <b class="option">-castore</b> option to "<b class="const">org.openssl.winstore://</b>".</p></li>
+setting the <b class="option">-castore</b> option to "<b class="const">org.openssl.winstore://</b>".
+In TclTLS 2.0, this is the default value if <b class="option">-cadir</b>,
+<b class="option">-cadir</b>, and <b class="option">-castore</b> are not specified.</p></li>
<li><p>If OpenSSL is not installed or the CA certificates are not available in PEM
format, the CA certificates must be downloaded and installed with the user
software. The CURL team makes them available at
<a href="https://curl.se/docs/caextract.html">CA certificates extracted
from Mozilla</a> in the "<b class="file">cacert.pem</b>" file. You must then either set the
@@ -591,11 +644,11 @@
<b class="option">-cadir</b> or <b class="option">-cafile</b> options to the CA cert file's install
location. It is your responsibility to keep this file up to date.</p></li>
</ul>
</div>
</div>
-<div id="section4" class="doctools_section"><h2><a name="section4">Callback Options</a></h2>
+<div id="section5" class="doctools_section"><h2><a name="section5">Callback Options</a></h2>
<p>As previously described, each channel can be given their own callbacks
to handle intermediate processing by the OpenSSL library, using the
<b class="option">-command</b>, <b class="option">-password</b>, and <b class="option">-validate_command</b> options
passed to either of <b class="cmd">tls::socket</b> or <b class="cmd">tls::import</b>.
Unlike previous versions of TclTLS, only if the callback generates an error,
@@ -696,23 +749,23 @@
<dt><b class="option">alpn</b> <i class="arg">channelId protocol match</i></dt>
<dd><p>For servers, this form of callback is invoked when the client ALPN extension is
received. If <i class="arg">match</i> is true, then <i class="arg">protocol</i> is the first
<b class="option">-alpn</b> protocol option in common to both the client and server.
If not, the first client specified protocol is used. This callback is called
-after the Hello and ALPN callbacks.</p></dd>
+after the Hello and SNI callbacks.</p></dd>
<dt><b class="option">hello</b> <i class="arg">channelId servername</i></dt>
<dd><p>For servers, this form of callback is invoked during client hello message
processing. The purpose is so the server can select the appropriate certificate
to present to the client, and to make other configuration adjustments relevant
to that server name and its configuration. It is called before the SNI and ALPN
callbacks.</p></dd>
<dt><b class="option">sni</b> <i class="arg">channelId servername</i></dt>
<dd><p>For servers, this form of callback is invoked when the Server Name Indication
(SNI) extension is received. The <i class="arg">servername</i> argument is the client
-provided server name specified in the <b class="option">-servername</b></b> option. The
+provided server name specified in the <b class="option">-servername</b> option. The
purpose is so when a server supports multiple names, the right certificate
-can be used. It is called after the hello callback but before the ALPN
+can be used. It is called after the Hello callback but before the ALPN
callback.</p></dd>
<dt><b class="option">verify</b> <i class="arg">channelId depth cert status error</i></dt>
<dd><p>This form of callback is invoked by OpenSSL when a new certificate is received
from the peer. It allows the client to check the certificate verification
results and choose whether to continue or not. It is called for each
@@ -749,11 +802,11 @@
implementations.</p>
<p><em>The use of the reference callbacks <b class="cmd">tls::callback</b>, <b class="cmd">tls::password</b>,
and <b class="cmd">tls::validate_command</b> is not recommended. They may be removed from future releases.</em></p>
</div>
</div>
-<div id="section5" class="doctools_section"><h2><a name="section5">Debug</a></h2>
+<div id="section6" class="doctools_section"><h2><a name="section6">Debug</a></h2>
<p>For most debugging needs, the <b class="option">-callback</b> option can be used to provide
sufficient insight and information on the TLS handshake and progress. If
further troubleshooting insight is needed, the compile time option
<b class="option">--enable-debug</b> can be used to get detailed execution flow status.</p>
<p>TLS key logging can be enabled by setting the environment variable
@@ -768,15 +821,15 @@
certificate, even if it is invalid when the <b class="option">-validatecommand</b>
option is set to <b class="cmd">tls::validate_command</b>.</p>
<p><em>The use of the variable <b class="variable">tls::debug</b> is not recommended.
It may be removed from future releases.</em></p>
</div>
-<div id="section6" class="doctools_section"><h2><a name="section6">HTTP Package Examples</a></h2>
+<div id="section7" class="doctools_section"><h2><a name="section7">Examples</a></h2>
<p>The following are example scripts to download a webpage and file using the
-http package. See <span class="sectref"><a href="#section3">Certificate Validation</a></span> for whether the
+http package. See <span class="sectref"><a href="#section4">Certificate Validation</a></span> for when the
<b class="option">-cadir</b>, <b class="option">-cafile</b>, and <b class="option">-castore</b> options are also
-needed. See the demos directory for more example scripts.</p>
+needed. See the "<b class="file">demos</b>" directory for more example scripts.</p>
<p>Example #1: Download a web page</p>
<pre class="doctools_example">
package require http
package require tls
set url "https://www.tcl.tk/"
@@ -812,15 +865,15 @@
# Cleanup
close $ch
::http::cleanup $token
</pre>
</div>
-<div id="section7" class="doctools_section"><h2><a name="section7">Special Considerations</a></h2>
+<div id="section8" class="doctools_section"><h2><a name="section8">Special Considerations</a></h2>
<p>The capabilities of this package can vary enormously based upon how the
linked to OpenSSL library was configured and built. New versions may obsolete
older protocol versions, add or remove ciphers, change default values, etc.
-Use the <b class="cmd">tls::protocols</b> commands to obtain the supported
+Use the <b class="cmd">tls::protocols</b> command to obtain the supported
protocol versions.</p>
</div>
<div id="see-also" class="doctools_section"><h2><a name="see-also">See Also</a></h2>
<p><a href="https://www.openssl.org/">OpenSSL</a>, http, socket</p>
</div>
Index: doc/tls.man
==================================================================
--- doc/tls.man
+++ doc/tls.man
@@ -1,60 +1,65 @@
[comment {-*- tcl -*- doctools manpage}]
[comment {To convert this to another documentation format use the dtplite
script from tcllib: dtplite -o tls.n nroff tls.man
dtplite -o tls.html html tls.man
}]
-[manpage_begin tls n 1.8]
+[manpage_begin tls n 2.0b1]
[category tls]
[copyright {1999 Matt Newman}]
[copyright {2004 Starfish Systems}]
[copyright {2024 Brian O'Hagan}]
[keywords tls I/O "IP Address" OpenSSL SSL TCP TLS "asynchronous I/O" bind certificate channel connection "domain name" host "https" "network address" network socket TclTLS]
[moddesc {Tcl TLS extension}]
[see_also http socket [uri https://www.openssl.org/ OpenSSL]]
[titledesc {binding to the OpenSSL library for encrypted socket and I/O channel communications}]
[require Tcl 8.5-]
-[require tls 1.8]
+[require tls 2.0b1]
[description]
This extension provides TCL script access to secure socket communications
using the Transport Layer Security (TLS) protocol. It provides a generic
binding to [uri "https://www.openssl.org/" OpenSSL], utilizing the
-[syscmd Tcl_StackChannel] API in TCL 8.4 and higher.
+[syscmd Tcl_StackChannel] API in TCL 8.4 or later.
These sockets behave exactly the same as channels created using the built-in
-[syscmd socket] command, along with additional options for controlling
+[syscmd socket] command, but provide additional options for controlling
the SSL/TLS session.
+[section Compatibility]
+This extension is compatible with OpenSSL 1.1.1 or later. It requires Tcl
+version 8.5 or later and will work with Tcl 9.0.
+
[section Commands]
-Typically one would use the [cmd tls::socket] command to create a new encrypted
-TCP socket. It is compatible with the native TCL [syscmd ::socket] command.
-Alternatively for an existing TCP socket, the [cmd tls::import] command can be
-used to start TLS on the connection.
+The following are the commands provided by the TcLTLS package. See the
+[sectref Examples] for example usage and the [file demos] directory for
+more example usage.
[list_begin definitions]
[call [cmd tls::init] [opt [arg -option]] [opt [arg value]] [opt [arg "-option value ..."]]]
Optional function to set the default options used by [cmd tls::socket]. If you
-call [cmd tls::import] directly, this command has no effect. This command
-supports all of the same options as the [cmd tls::socket] command, though you
-should limit your options to only TLS related ones.
+call [cmd tls::import] directly, the values set by this command have no effect.
+This command supports all of the same options as the [cmd tls::socket] command,
+though you should limit your options to only the TLS related ones.
[call [cmd tls::socket] [opt [arg -option]] [opt [arg value]] [opt [arg "-option value ..."]] [arg host] [arg port]]
This is a helper function that utilizes the underlying commands [syscmd socket]
and [cmd tls::import] to create the connection. It behaves the same as the
-native TCL [syscmd socket] command, but also supports the [cmd tls:import]
+native TCL [syscmd socket] command, but also supports the [cmd tls::import]
command options with one additional option. It returns the channel handle id
for the new socket.
[list_begin options]
[opt_def -autoservername [arg bool]]
If [const true], automatically set the [option -servername] argument to the
-[emph host] argument. Default is [const false].
+[emph host] argument. Prior to TclTLS 2.0, the default is [const false].
+Starting in TclTLS 2.0, the default is [const true] unless [option -servername]
+is also specified.
[list_end]
[call [cmd tls::socket] [option -server] [arg command] [opt [arg -option]] [opt [arg value]] [opt [arg "-option value ..."]] [arg port]]
@@ -71,11 +76,11 @@
[list_begin options]
[opt_def -alpn [arg list]]
List of protocols to offer during Application-Layer Protocol Negotiation
(ALPN). For example: [const h2] and [const http/1.1], but not [const h3] or
-[const quic].
+[const quic]. This option is new for TclTLS 1.8.
[opt_def -cadir [arg directory]]
Specifies the directory where the Certificate Authority (CA) certificates are
stored. The default is platform specific and can be set at compile time. The
default location can be overridden by the [var SSL_CERT_DIR] environment
@@ -89,12 +94,13 @@
[opt_def -castore [arg URI]]
Specifies the Uniform Resource Identifier (URI) for the Certificate Authority
(CA) store, which may be a single container or a catalog of containers.
Starting with OpenSSL 3.2 on MS Windows, set to "[const "org.openssl.winstore://"]"
-to use the built-in MS Windows Certificate Store. See
-[sectref "Certificate Validation"] for more details.
+to use the built-in MS Windows Certificate Store.
+See [sectref "Certificate Validation"] for more details.
+This option is new for TclTLS 1.8.
[opt_def -certfile [arg filename]]
Specifies the name of the file with the certificate to use in PEM format
as the local (client or server) certificate. It also contains the public key.
@@ -116,10 +122,11 @@
[opt_def -ciphersuites [arg string]]
Specifies the list of cipher suites to use for TLS 1.3 as a colon
"[const :]" separated list of cipher suite names. See the
[uri "https://docs.openssl.org/master/man1/openssl-ciphers/#options" OpenSSL]
documentation for the full list of valid values.
+This option is new for TclTLS 1.8.
[opt_def -command [arg callback]]
Specifies the callback command to be invoked at several points during the
handshake to pass errors, tracing information, and protocol messages.
See [sectref "Callback Options"] for more info.
@@ -127,11 +134,11 @@
[opt_def -dhparams [arg filename]]
Specifies the Diffie-Hellman (DH) parameters file.
[opt_def -keyfile [arg filename]]
Specifies the private key file. The default is to use the file
-specified by the [arg -certfile] option.
+specified by the [option -certfile] option.
[opt_def -key [arg string]]
Specifies the private key to use as a DER encoded string (PKCS#1 DER).
[opt_def -model [arg channel]]
@@ -139,83 +146,90 @@
specified [arg channel], and therefore share config, callbacks, etc.
[opt_def -password [arg callback]]
Specifies the callback command to invoke when OpenSSL needs to obtain a
password. This is typically used to unlock the private key of a certificate.
-The callback should return a password string. See [sectref "Callback Options"]
-for more info.
+The callback should return a password string. This option has changed for
+TclTLS 1.8. See [sectref "Callback Options"] for more info.
[opt_def -post_handshake [arg bool]]
-Allow post-handshake session ticket updates.
+Allow post-handshake session ticket updates. This option is new for TclTLS 1.8.
[opt_def -request [arg bool]]
Request a certificate from the peer during the SSL handshake. This is needed
to do Certificate Validation. Starting in TclTLS 1.8, the default is
-[const true].
+[const true]. Starting in TclTLS 2.0, if set to [const false] and
+[option -require] is [const true], then this will be overridden to [const true].
See [sectref "Certificate Validation"] for more details.
[opt_def -require [arg bool]]
Require a valid certificate from the peer during the SSL handshake. If this is
set to true, then [option -request] must also be set to true and a either
[option -cadir], [option -cafile], [option -castore], or a platform default
must be provided in order to validate against. The default in TclTLS 1.8 and
earlier versions is [const false] since not all platforms have certificates to
-validate against in a form compatible with OpenSSL.
+validate against in a form compatible with OpenSSL. Starting in TclTLS 2.0,
+the default is [const true].
See [sectref "Certificate Validation"] for more details.
[opt_def -security_level [arg integer]]
Specifies the security level (value from 0 to 5). The security level affects
the allowed cipher suite encryption algorithms, supported ECC curves,
supported signature algorithms, DH parameter sizes, certificate key sizes
and signature algorithms. The default is 1 prior to OpenSSL 3.2 and 2
thereafter. Level 3 and higher disable support for session tickets and
only accept cipher suites that provide forward secrecy.
+This option is new for TclTLS 1.8.
[opt_def -server [arg bool]]
Specifies whether to act as a server and respond with a server handshake when a
client connects and provides a client handshake. The default is [const false].
[opt_def -servername [arg hostname]]
-Specify the peer's hostname. This is used to set the TLS Server Name
-Indication (SNI) extension. Set this to the expected servername in the
-server's certificate or one of the Subject Alternate Names (SAN).
+Specify the peer's hostname. This is used to set the TLS Server Name Indication
+(SNI) extension. Set this to the expected servername in the server's certificate
+or one of the Subject Alternate Names (SAN). Starting in TclTLS 2.0, this will
+default to the host for the [cmd tls::socket] command.
[opt_def -session_id [arg binary_string]]
Specifies the session id to resume a session. Not supported yet.
+This option is new for TclTLS 1.8.
[opt_def -ssl2 [arg bool]]
-Enable use of SSL v2. The default is [const false]. Note: Recent versions of
-OpenSSL no longer support SSLv2, so this may not have any effect. See the
-[cmd tls::protocols] command for supported protocols.
+Enable use of SSL v2.The default is [const false].
+OpenSSL 1.1+ no longer supports SSL v2, so this may not have any effect.
+See the [cmd tls::protocols] command for supported protocols.
[opt_def -ssl3 [arg bool]]
-Enable use of SSL v3. The default is [const false]. Note: Recent versions
-of OpenSSL may have this disabled at compile time, so this may not have any
-effect. See the [cmd tls::protocols] command for supported protocols.
+Enable use of SSL v3. The default is [const false]. Starting in TclTLS 1.8,
+use of SSL v3 if only available via a compile time option.
+See the [cmd tls::protocols] command for supported protocols.
[opt_def -tls1 [arg bool]]
-Enable use of TLS v1. The default is [const true]. Note: TLS 1.0 needs
-SHA1 to operate, which is only available in security level 0 for Open SSL 3.0+.
-See the [arg -security_level] option.
+Enable use of TLS v1. Starting in TclTLS 2.0, the default is [const false].
+Note: TLS 1.0 needs SHA1 to operate, which is only available in security level
+0 for Open SSL 3.0+. See the [option -security_level] option.
[opt_def -tls1.1 [arg bool]]
-Enable use of TLS v1.1. The default is [const true]. Note: TLS 1.1 needs
-SHA1 to operate, which is only available in security level 0 for Open SSL 3.0+.
-See the [arg -security_level] option.
+Enable use of TLS v1.1. Starting in TclTLS 2.0, the default is [const false].
+Note: TLS 1.1 needs SHA1 to operate, which is only available in security level
+0 for Open SSL 3.0+. See the [option -security_level] option.
[opt_def -tls1.2 [arg bool]]
Enable use of TLS v1.2. The default is [const true].
[opt_def -tls1.3 [arg bool]]
-Enable use of TLS v1.3. The default is [const true].
+Enable use of TLS v1.3. The default is [const true]. This is only available
+starting with OpenSSL 1.1.1 and TclTLS 1.7.
[opt_def -validatecommand [arg callback]]
Specifies the callback command to invoke to validate the peer certificates
and other config info during the protocol negotiation phase. This can be used
by TCL scripts to perform their own Certificate Validation to supplement the
default validation provided by OpenSSL. The script must return a boolean true
to continue the negotiation. See [sectref "Callback Options"] for more info.
+This option is new for TclTLS 1.8.
[list_end]
[call [cmd tls::unimport] [arg channel]]
@@ -243,58 +257,70 @@
[list_begin definitions]
[def "[var alpn] [arg protocol]"]
The protocol selected after Application-Layer Protocol Negotiation (ALPN).
+This value is new for TclTLS 1.8.
[def "[var cipher] [arg cipher]"]
The current cipher in use for the session.
[def "[var peername] [arg name]"]
The peername from the certificate.
+This value is new for TclTLS 1.8.
[def "[var protocol] [arg version]"]
-The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1.1, TLS1.2, TLS1.3, or unknown.
+The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1.1, TLS1.2,
+TLS1.3, or unknown. This value is new for TclTLS 1.8.
[def "[var sbits] [arg n]"]
The number of bits used for the session key.
[def "[var signatureHashAlgorithm] [arg algorithm]"]
The signature hash algorithm.
+This value is new for TclTLS 1.8.
[def "[var signatureType] [arg type]"]
The signature type value.
+This value is new for TclTLS 1.8.
[def "[var verifyDepth] [arg n]"]
Maximum depth for the certificate chain verification. Default is -1, to check all.
+This value is new for TclTLS 1.8.
[def "[var verifyMode] [arg list]"]
List of certificate verification modes.
+This value is new for TclTLS 1.8.
[def "[var verifyResult] [arg result]"]
Certificate verification result.
+This value is new for TclTLS 1.8.
[def "[var ca_names] [arg list]"]
List of the Certificate Authorities used to create the certificate.
+This value is new for TclTLS 1.8.
[list_end]
Certificate Status
[list_begin definitions]
[def "[var all] [arg string]"]
Dump of all certificate info.
+This value is new for TclTLS 1.8.
[def "[var version] [arg value]"]
The certificate version.
[def "[var serialNumber] [arg string]"]
The serial number of the certificate as a hex string.
+This value was changed from serial in TclTLS 1.8.
[def "[var signature] [arg algorithm]"]
Cipher algorithm used for certificate signature.
+This value is new for TclTLS 1.8.
[def "[var issuer] [arg string]"]
The distinguished name (DN) of the certificate issuer.
[def "[var notBefore] [arg date]"]
@@ -308,73 +334,91 @@
Name (CN), Organization (O), Locality or City (L), State or Province (S), and
Country Name (C).
[def "[var issuerUniqueID] [arg string]"]
The issuer unique id.
+This value is new for TclTLS 1.8.
[def "[var subjectUniqueID] [arg string]"]
The subject unique id.
+This value is new for TclTLS 1.8.
[def "[var num_extensions] [arg n]"]
Number of certificate extensions.
+This value is new for TclTLS 1.8.
[def "[var extensions] [arg list]"]
List of certificate extension names.
+This value is new for TclTLS 1.8.
[def "[var authorityKeyIdentifier] [arg string]"]
Authority Key Identifier (AKI) of the Issuing CA certificate that signed the
SSL certificate as a hex string. This value matches the SKI value of the
Intermediate CA certificate.
+This value is new for TclTLS 1.8.
[def "[var subjectKeyIdentifier] [arg string]"]
Subject Key Identifier (SKI) hash of the public key inside the certificate as a
hex string. Used to identify certificates that contain a particular public key.
+This value is new for TclTLS 1.8.
[def "[var subjectAltName] [arg list]"]
List of all of the Subject Alternative Names (SAN) including domain names, sub
domains, and IP addresses that are secured by the certificate.
+This value is new for TclTLS 1.8.
[def "[var ocsp] [arg list]"]
List of all Online Certificate Status Protocol (OCSP) URLs that can be used to
check the validity of this certificate.
+This value is new for TclTLS 1.8.
[def "[var certificate] [arg cert]"]
The PEM encoded certificate.
[def "[var signatureAlgorithm] [arg algorithm]"]
Cipher algorithm used for the certificate signature.
+This value is new for TclTLS 1.8.
[def "[var signatureValue] [arg string]"]
Certificate signature as a hex string.
+This value is new for TclTLS 1.8.
[def "[var signatureDigest] [arg version]"]
Certificate signing digest as a hex string.
+This value is new for TclTLS 1.8.
[def "[var publicKeyAlgorithm] [arg algorithm]"]
Certificate signature public key algorithm.
+This value is new for TclTLS 1.8.
[def "[var publicKey] [arg string]"]
Certificate signature public key as a hex string.
+This value is new for TclTLS 1.8.
[def "[var bits] [arg n]"]
Number of bits used for certificate signature key.
+This value is new for TclTLS 1.8.
[def "[var self_signed] [arg boolean]"]
Whether the certificate signature is self signed.
+This value is new for TclTLS 1.8.
[def "[var sha1_hash] [arg hash]"]
The SHA1 hash of the certificate as a hex string.
+This value is new for TclTLS 1.8.
[def "[var sha256_hash] [arg hash]"]
The SHA256 hash of the certificate as a hex string.
+This value is new for TclTLS 1.8.
[list_end]
[call [cmd tls::connection] [arg channel]]
Returns the current connection status of an SSL channel. The result is a list
-of key-value pairs describing the connection. Returned values include:
+of key-value pairs describing the connection.
+This command is new for TclTLS 1.8. Returned values include:
[para]
SSL Status
@@ -481,22 +525,24 @@
[list_end]
[call [cmd tls::ciphers] [opt [arg protocol]] [opt [arg verbose]] [opt [arg supported]]]
-Without any args, returns a list of all symmetric ciphers for use with the
+Without any options, it returns a list of all symmetric ciphers for use with the
[arg -cipher] option. With [arg protocol], only the ciphers supported for that
protocol are returned. See the [cmd tls::protocols] command for the supported
protocols. If [arg verbose] is specified as true then a verbose, human readable
list is returned with additional information on the cipher. If [arg supported]
is specified as true, then only the ciphers supported for protocol will be listed.
+The [arg supported] arg is new for TclTLS 1.8.
[call [cmd tls::protocols]]
Returns a list of the supported SSL/TLS protocols. Valid values are:
[const ssl2], [const ssl3], [const tls1], [const tls1.1], [const tls1.2], and
[const tls1.3]. Exact list depends on OpenSSL version and compile time flags.
+This command is new for TclTLS 1.8.
[call [cmd tls::version]]
Returns the OpenSSL version string.
@@ -522,11 +568,11 @@
certificate and that certificate is authenticated (i.e. signed) by a Certificate
Authority (CA). Users can then exchange these certificates during the TLS
initialization process and check them against the root CA certificates to ensure
they are valid. This is handled by OpenSSL via the [option -request] and
[option -require] options. See the [option -cadir], [option -cadir], and
-[option -castore] options for how tp specify where to find the CA certificates.
+[option -castore] options for how to specify where to find the CA certificates.
Optionally, in a future release, they can also be checked against the Certificate
Revocation List (CRL) of revoked certificates. Certificates can also be
self-signed, but they are by default not trusted unless you add them to your
certificate store.
[para]
@@ -542,11 +588,11 @@
[list_begin options]
[opt_def -cadir [arg directory]]
Specifies the directory where the Certificate Authority (CA) certificates are
-stored. The default is platform specific, but is usually [file "/etc/ssl/certs"] on
+stored. The default is platform specific, but is usually [file /etc/ssl/certs] on
Linux/Unix systems. The default location can be overridden by the
[var SSL_CERT_DIR] environment variable.
[opt_def -cafile [arg filename]]
Specifies the file with the Certificate Authority (CA) certificates to use in
@@ -557,27 +603,30 @@
[opt_def -castore [arg URI]]
Specifies the Uniform Resource Identifier (URI) for the Certificate Authority
(CA) store, which may be a single container or a catalog of containers.
Starting with OpenSSL 3.2 on MS Windows, set to "[const "org.openssl.winstore://"]"
-to use the built-in MS Windows Certificate Store.
-This store only supports root certificate stores. See
-[sectref "Certificate Validation"] for more details.
+to use the built-in MS Windows Certificate Store. Starting in TclTLS 2.0, this
+is the default if [option -cadir], [option -cadir], and [option -castore] are
+not specified. This store only supports root certificate stores.
[opt_def -request [arg bool]]
Request a certificate from the peer during the SSL handshake. This is needed
to do Certificate Validation. Starting in TclTLS 1.8, the default is
-[const true]. In addition, the client can manually inspect and accept or reject
-each certificate using the [arg -validatecommand] option.
+[const true]. Starting in TclTLS 2.0, if set to [const false] and
+[option -require] is [const true], then this will be overridden to [const true].
+In addition, the client can manually inspect and accept or reject
+each certificate using the [option -validatecommand] option.
[opt_def -require [arg bool]]
Require a valid certificate from the peer during the SSL handshake. If this is
set to true, then [option -request] must also be set to true and a either
[option -cadir], [option -cafile], [option -castore], or a platform default
must be provided in order to validate against. The default in TclTLS 1.8 and
earlier versions is [const false] since not all platforms have certificates to
-validate against in a form compatible with OpenSSL.
+validate against in a form compatible with OpenSSL. Starting in TclTLS 2.0,
+the default is [const true].
[list_end]
[subsection "When are command line options needed?"]
@@ -584,11 +633,12 @@
In TclTLS 1.8 and earlier versions, certificate validation is
[emph NOT] enabled by default. This limitation is due to the lack of a common
cross platform database of Certificate Authority (CA) provided certificates to
validate against. Many Linux systems natively support OpenSSL and thus have
these certificates installed as part of the OS, but MacOS and MS Windows do not.
-In order to use the [option -require] option, one of the following
+Staring in TclTLS 2.0, this has been changed to require certificate validation
+by default. In order to use the [option -require] option, one of the following
must be true:
[list_begin itemized]
[item]
@@ -606,10 +656,12 @@
[item]
On MS Windows, starting in OpenSSL 3.2, it is now possible to access the
built-in Windows Certificate Store from OpenSSL. This can utilized by
setting the [option -castore] option to "[const org.openssl.winstore://]".
+In TclTLS 2.0, this is the default value if [option -cadir],
+[option -cadir], and [option -castore] are not specified.
[item]
If OpenSSL is not installed or the CA certificates are not available in PEM
format, the CA certificates must be downloaded and installed with the user
software. The CURL team makes them available at
@@ -762,11 +814,11 @@
[opt_def alpn [arg "channelId protocol match"]]
For servers, this form of callback is invoked when the client ALPN extension is
received. If [arg match] is true, then [arg protocol] is the first
[option -alpn] protocol option in common to both the client and server.
If not, the first client specified protocol is used. This callback is called
-after the Hello and ALPN callbacks.
+after the Hello and SNI callbacks.
[opt_def hello [arg "channelId servername"]]
For servers, this form of callback is invoked during client hello message
processing. The purpose is so the server can select the appropriate certificate
to present to the client, and to make other configuration adjustments relevant
@@ -774,13 +826,13 @@
callbacks.
[opt_def sni [arg "channelId servername"]]
For servers, this form of callback is invoked when the Server Name Indication
(SNI) extension is received. The [arg servername] argument is the client
-provided server name specified in the [option -servername</b>] option. The
+provided server name specified in the [option -servername] option. The
purpose is so when a server supports multiple names, the right certificate
-can be used. It is called after the hello callback but before the ALPN
+can be used. It is called after the Hello callback but before the ALPN
callback.
[opt_def verify [arg "channelId depth cert status error"]]
This form of callback is invoked by OpenSSL when a new certificate is received
from the peer. It allows the client to check the certificate verification
@@ -860,16 +912,16 @@
[para]
[emph "The use of the variable [var tls::debug] is not recommended.
It may be removed from future releases."]
-[section "HTTP Package Examples"]
+[section "Examples"]
The following are example scripts to download a webpage and file using the
-http package. See [sectref "Certificate Validation"] for whether the
+http package. See [sectref "Certificate Validation"] for when the
[option -cadir], [option -cafile], and [option -castore] options are also
-needed. See the demos directory for more example scripts.
+needed. See the [file demos] directory for more example scripts.
[para]
Example #1: Download a web page
@@ -928,9 +980,9 @@
[section "Special Considerations"]
The capabilities of this package can vary enormously based upon how the
linked to OpenSSL library was configured and built. New versions may obsolete
older protocol versions, add or remove ciphers, change default values, etc.
-Use the [cmd tls::protocols] commands to obtain the supported
+Use the [cmd tls::protocols] command to obtain the supported
protocol versions.
[manpage_end]
Index: doc/tls.n
==================================================================
--- doc/tls.n
+++ doc/tls.n
@@ -2,11 +2,11 @@
'\" Generated from file 'tls\&.man' by tcllib/doctools with format 'nroff'
'\" Copyright (c) 1999 Matt Newman
'\" Copyright (c) 2004 Starfish Systems
'\" Copyright (c) 2024 Brian O'Hagan
'\"
-.TH "tls" n 1\&.8 tls "Tcl TLS extension"
+.TH "tls" n 2\&.0b1 tls "Tcl TLS extension"
.\" The -*- nroff -*- definitions below are for supplemental macros used
.\" in Tcl/Tk manual entries.
.\"
.\" .AP type name in/out ?indent?
.\" Start paragraph describing an argument to a library procedure.
@@ -276,11 +276,11 @@
.SH NAME
tls \- binding to the OpenSSL library for encrypted socket and I/O channel communications
.SH SYNOPSIS
package require \fBTcl 8\&.5-\fR
.sp
-package require \fBtls 1\&.8\fR
+package require \fBtls 2\&.0b1\fR
.sp
\fBtls::init\fR ?\fI-option\fR? ?\fIvalue\fR? ?\fI-option value \&.\&.\&.\fR?
.sp
\fBtls::socket\fR ?\fI-option\fR? ?\fIvalue\fR? ?\fI-option value \&.\&.\&.\fR? \fIhost\fR \fIport\fR
.sp
@@ -305,37 +305,41 @@
.BE
.SH DESCRIPTION
This extension provides TCL script access to secure socket communications
using the Transport Layer Security (TLS) protocol\&. It provides a generic
binding to \fIOpenSSL\fR [https://www\&.openssl\&.org/], utilizing the
-\fBTcl_StackChannel\fR API in TCL 8\&.4 and higher\&.
+\fBTcl_StackChannel\fR API in TCL 8\&.4 or later\&.
These sockets behave exactly the same as channels created using the built-in
-\fBsocket\fR command, along with additional options for controlling
+\fBsocket\fR command, but provide additional options for controlling
the SSL/TLS session\&.
+.SH COMPATIBILITY
+This extension is compatible with OpenSSL 1\&.1\&.1 or later\&. It requires Tcl
+version 8\&.5 or later and will work with Tcl 9\&.0\&.
.SH COMMANDS
-Typically one would use the \fBtls::socket\fR command to create a new encrypted
-TCP socket\&. It is compatible with the native TCL \fB::socket\fR command\&.
-Alternatively for an existing TCP socket, the \fBtls::import\fR command can be
-used to start TLS on the connection\&.
+The following are the commands provided by the TcLTLS package\&. See the
+\fBExamples\fR for example usage and the "\fIdemos\fR" directory for
+more example usage\&.
.TP
\fBtls::init\fR ?\fI-option\fR? ?\fIvalue\fR? ?\fI-option value \&.\&.\&.\fR?
Optional function to set the default options used by \fBtls::socket\fR\&. If you
-call \fBtls::import\fR directly, this command has no effect\&. This command
-supports all of the same options as the \fBtls::socket\fR command, though you
-should limit your options to only TLS related ones\&.
+call \fBtls::import\fR directly, the values set by this command have no effect\&.
+This command supports all of the same options as the \fBtls::socket\fR command,
+though you should limit your options to only the TLS related ones\&.
.TP
\fBtls::socket\fR ?\fI-option\fR? ?\fIvalue\fR? ?\fI-option value \&.\&.\&.\fR? \fIhost\fR \fIport\fR
This is a helper function that utilizes the underlying commands \fBsocket\fR
and \fBtls::import\fR to create the connection\&. It behaves the same as the
-native TCL \fBsocket\fR command, but also supports the \fBtls:import\fR
+native TCL \fBsocket\fR command, but also supports the \fBtls::import\fR
command options with one additional option\&. It returns the channel handle id
for the new socket\&.
.RS
.TP
\fB-autoservername\fR \fIbool\fR
If \fBtrue\fR, automatically set the \fB-servername\fR argument to the
-\fIhost\fR argument\&. Default is \fBfalse\fR\&.
+\fIhost\fR argument\&. Prior to TclTLS 2\&.0, the default is \fBfalse\fR\&.
+Starting in TclTLS 2\&.0, the default is \fBtrue\fR unless \fB-servername\fR
+is also specified\&.
.RE
.TP
\fBtls::socket\fR \fB-server\fR \fIcommand\fR ?\fI-option\fR? ?\fIvalue\fR? ?\fI-option value \&.\&.\&.\fR? \fIport\fR
Same as previous, but instead creates a server socket for clients to connect to
just like the Tcl \fBsocket -server\fR command\&. It returns the channel
@@ -348,11 +352,11 @@
.RS
.TP
\fB-alpn\fR \fIlist\fR
List of protocols to offer during Application-Layer Protocol Negotiation
(ALPN)\&. For example: \fBh2\fR and \fBhttp/1\&.1\fR, but not \fBh3\fR or
-\fBquic\fR\&.
+\fBquic\fR\&. This option is new for TclTLS 1\&.8\&.
.TP
\fB-cadir\fR \fIdirectory\fR
Specifies the directory where the Certificate Authority (CA) certificates are
stored\&. The default is platform specific and can be set at compile time\&. The
default location can be overridden by the \fBSSL_CERT_DIR\fR environment
@@ -366,12 +370,13 @@
.TP
\fB-castore\fR \fIURI\fR
Specifies the Uniform Resource Identifier (URI) for the Certificate Authority
(CA) store, which may be a single container or a catalog of containers\&.
Starting with OpenSSL 3\&.2 on MS Windows, set to "\fBorg\&.openssl\&.winstore://\fR"
-to use the built-in MS Windows Certificate Store\&. See
-\fBCertificate Validation\fR for more details\&.
+to use the built-in MS Windows Certificate Store\&.
+See \fBCertificate Validation\fR for more details\&.
+This option is new for TclTLS 1\&.8\&.
.TP
\fB-certfile\fR \fIfilename\fR
Specifies the name of the file with the certificate to use in PEM format
as the local (client or server) certificate\&. It also contains the public key\&.
.TP
@@ -393,10 +398,11 @@
\fB-ciphersuites\fR \fIstring\fR
Specifies the list of cipher suites to use for TLS 1\&.3 as a colon
"\fB:\fR" separated list of cipher suite names\&. See the
\fIOpenSSL\fR [https://docs\&.openssl\&.org/master/man1/openssl-ciphers/#options]
documentation for the full list of valid values\&.
+This option is new for TclTLS 1\&.8\&.
.TP
\fB-command\fR \fIcallback\fR
Specifies the callback command to be invoked at several points during the
handshake to pass errors, tracing information, and protocol messages\&.
See \fBCallback Options\fR for more info\&.
@@ -404,11 +410,11 @@
\fB-dhparams\fR \fIfilename\fR
Specifies the Diffie-Hellman (DH) parameters file\&.
.TP
\fB-keyfile\fR \fIfilename\fR
Specifies the private key file\&. The default is to use the file
-specified by the \fI-certfile\fR option\&.
+specified by the \fB-certfile\fR option\&.
.TP
\fB-key\fR \fIstring\fR
Specifies the private key to use as a DER encoded string (PKCS#1 DER)\&.
.TP
\fB-model\fR \fIchannel\fR
@@ -416,83 +422,90 @@
specified \fIchannel\fR, and therefore share config, callbacks, etc\&.
.TP
\fB-password\fR \fIcallback\fR
Specifies the callback command to invoke when OpenSSL needs to obtain a
password\&. This is typically used to unlock the private key of a certificate\&.
-The callback should return a password string\&. See \fBCallback Options\fR
-for more info\&.
+The callback should return a password string\&. This option has changed for
+TclTLS 1\&.8\&. See \fBCallback Options\fR for more info\&.
.TP
\fB-post_handshake\fR \fIbool\fR
-Allow post-handshake session ticket updates\&.
+Allow post-handshake session ticket updates\&. This option is new for TclTLS 1\&.8\&.
.TP
\fB-request\fR \fIbool\fR
Request a certificate from the peer during the SSL handshake\&. This is needed
to do Certificate Validation\&. Starting in TclTLS 1\&.8, the default is
-\fBtrue\fR\&.
+\fBtrue\fR\&. Starting in TclTLS 2\&.0, if set to \fBfalse\fR and
+\fB-require\fR is \fBtrue\fR, then this will be overridden to \fBtrue\fR\&.
See \fBCertificate Validation\fR for more details\&.
.TP
\fB-require\fR \fIbool\fR
Require a valid certificate from the peer during the SSL handshake\&. If this is
set to true, then \fB-request\fR must also be set to true and a either
\fB-cadir\fR, \fB-cafile\fR, \fB-castore\fR, or a platform default
must be provided in order to validate against\&. The default in TclTLS 1\&.8 and
earlier versions is \fBfalse\fR since not all platforms have certificates to
-validate against in a form compatible with OpenSSL\&.
+validate against in a form compatible with OpenSSL\&. Starting in TclTLS 2\&.0,
+the default is \fBtrue\fR\&.
See \fBCertificate Validation\fR for more details\&.
.TP
\fB-security_level\fR \fIinteger\fR
Specifies the security level (value from 0 to 5)\&. The security level affects
the allowed cipher suite encryption algorithms, supported ECC curves,
supported signature algorithms, DH parameter sizes, certificate key sizes
and signature algorithms\&. The default is 1 prior to OpenSSL 3\&.2 and 2
thereafter\&. Level 3 and higher disable support for session tickets and
only accept cipher suites that provide forward secrecy\&.
+This option is new for TclTLS 1\&.8\&.
.TP
\fB-server\fR \fIbool\fR
Specifies whether to act as a server and respond with a server handshake when a
client connects and provides a client handshake\&. The default is \fBfalse\fR\&.
.TP
\fB-servername\fR \fIhostname\fR
-Specify the peer's hostname\&. This is used to set the TLS Server Name
-Indication (SNI) extension\&. Set this to the expected servername in the
-server's certificate or one of the Subject Alternate Names (SAN)\&.
+Specify the peer's hostname\&. This is used to set the TLS Server Name Indication
+(SNI) extension\&. Set this to the expected servername in the server's certificate
+or one of the Subject Alternate Names (SAN)\&. Starting in TclTLS 2\&.0, this will
+default to the host for the \fBtls::socket\fR command\&.
.TP
\fB-session_id\fR \fIbinary_string\fR
Specifies the session id to resume a session\&. Not supported yet\&.
+This option is new for TclTLS 1\&.8\&.
.TP
\fB-ssl2\fR \fIbool\fR
-Enable use of SSL v2\&. The default is \fBfalse\fR\&. Note: Recent versions of
-OpenSSL no longer support SSLv2, so this may not have any effect\&. See the
-\fBtls::protocols\fR command for supported protocols\&.
+Enable use of SSL v2\&.The default is \fBfalse\fR\&.
+OpenSSL 1\&.1+ no longer supports SSL v2, so this may not have any effect\&.
+See the \fBtls::protocols\fR command for supported protocols\&.
.TP
\fB-ssl3\fR \fIbool\fR
-Enable use of SSL v3\&. The default is \fBfalse\fR\&. Note: Recent versions
-of OpenSSL may have this disabled at compile time, so this may not have any
-effect\&. See the \fBtls::protocols\fR command for supported protocols\&.
+Enable use of SSL v3\&. The default is \fBfalse\fR\&. Starting in TclTLS 1\&.8,
+use of SSL v3 if only available via a compile time option\&.
+See the \fBtls::protocols\fR command for supported protocols\&.
.TP
\fB-tls1\fR \fIbool\fR
-Enable use of TLS v1\&. The default is \fBtrue\fR\&. Note: TLS 1\&.0 needs
-SHA1 to operate, which is only available in security level 0 for Open SSL 3\&.0+\&.
-See the \fI-security_level\fR option\&.
+Enable use of TLS v1\&. Starting in TclTLS 2\&.0, the default is \fBfalse\fR\&.
+Note: TLS 1\&.0 needs SHA1 to operate, which is only available in security level
+0 for Open SSL 3\&.0+\&. See the \fB-security_level\fR option\&.
.TP
\fB-tls1\&.1\fR \fIbool\fR
-Enable use of TLS v1\&.1\&. The default is \fBtrue\fR\&. Note: TLS 1\&.1 needs
-SHA1 to operate, which is only available in security level 0 for Open SSL 3\&.0+\&.
-See the \fI-security_level\fR option\&.
+Enable use of TLS v1\&.1\&. Starting in TclTLS 2\&.0, the default is \fBfalse\fR\&.
+Note: TLS 1\&.1 needs SHA1 to operate, which is only available in security level
+0 for Open SSL 3\&.0+\&. See the \fB-security_level\fR option\&.
.TP
\fB-tls1\&.2\fR \fIbool\fR
Enable use of TLS v1\&.2\&. The default is \fBtrue\fR\&.
.TP
\fB-tls1\&.3\fR \fIbool\fR
-Enable use of TLS v1\&.3\&. The default is \fBtrue\fR\&.
+Enable use of TLS v1\&.3\&. The default is \fBtrue\fR\&. This is only available
+starting with OpenSSL 1\&.1\&.1 and TclTLS 1\&.7\&.
.TP
\fB-validatecommand\fR \fIcallback\fR
Specifies the callback command to invoke to validate the peer certificates
and other config info during the protocol negotiation phase\&. This can be used
by TCL scripts to perform their own Certificate Validation to supplement the
default validation provided by OpenSSL\&. The script must return a boolean true
to continue the negotiation\&. See \fBCallback Options\fR for more info\&.
+This option is new for TclTLS 1\&.8\&.
.RE
.TP
\fBtls::unimport\fR \fIchannel\fR
Compliment to \fBtls::import\fR\&. Used to remove the top level stacked channel
from \fIchannel\fR\&. This unstacks the encryption of a regular TCL channel\&. An
@@ -513,56 +526,68 @@
SSL Status
.RS
.TP
\fBalpn\fR \fIprotocol\fR
The protocol selected after Application-Layer Protocol Negotiation (ALPN)\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBcipher\fR \fIcipher\fR
The current cipher in use for the session\&.
.TP
\fBpeername\fR \fIname\fR
The peername from the certificate\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBprotocol\fR \fIversion\fR
-The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1\&.1, TLS1\&.2, TLS1\&.3, or unknown\&.
+The protocol version used for the connection: SSL2, SSL3, TLS1, TLS1\&.1, TLS1\&.2,
+TLS1\&.3, or unknown\&. This value is new for TclTLS 1\&.8\&.
.TP
\fBsbits\fR \fIn\fR
The number of bits used for the session key\&.
.TP
\fBsignatureHashAlgorithm\fR \fIalgorithm\fR
The signature hash algorithm\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBsignatureType\fR \fItype\fR
The signature type value\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBverifyDepth\fR \fIn\fR
Maximum depth for the certificate chain verification\&. Default is -1, to check all\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBverifyMode\fR \fIlist\fR
List of certificate verification modes\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBverifyResult\fR \fIresult\fR
Certificate verification result\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBca_names\fR \fIlist\fR
List of the Certificate Authorities used to create the certificate\&.
+This value is new for TclTLS 1\&.8\&.
.RE
.IP
Certificate Status
.RS
.TP
\fBall\fR \fIstring\fR
Dump of all certificate info\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBversion\fR \fIvalue\fR
The certificate version\&.
.TP
\fBserialNumber\fR \fIstring\fR
The serial number of the certificate as a hex string\&.
+This value was changed from serial in TclTLS 1\&.8\&.
.TP
\fBsignature\fR \fIalgorithm\fR
Cipher algorithm used for certificate signature\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBissuer\fR \fIstring\fR
The distinguished name (DN) of the certificate issuer\&.
.TP
\fBnotBefore\fR \fIdate\fR
@@ -576,71 +601,89 @@
Name (CN), Organization (O), Locality or City (L), State or Province (S), and
Country Name (C)\&.
.TP
\fBissuerUniqueID\fR \fIstring\fR
The issuer unique id\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBsubjectUniqueID\fR \fIstring\fR
The subject unique id\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBnum_extensions\fR \fIn\fR
Number of certificate extensions\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBextensions\fR \fIlist\fR
List of certificate extension names\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBauthorityKeyIdentifier\fR \fIstring\fR
Authority Key Identifier (AKI) of the Issuing CA certificate that signed the
SSL certificate as a hex string\&. This value matches the SKI value of the
Intermediate CA certificate\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBsubjectKeyIdentifier\fR \fIstring\fR
Subject Key Identifier (SKI) hash of the public key inside the certificate as a
hex string\&. Used to identify certificates that contain a particular public key\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBsubjectAltName\fR \fIlist\fR
List of all of the Subject Alternative Names (SAN) including domain names, sub
domains, and IP addresses that are secured by the certificate\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBocsp\fR \fIlist\fR
List of all Online Certificate Status Protocol (OCSP) URLs that can be used to
check the validity of this certificate\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBcertificate\fR \fIcert\fR
The PEM encoded certificate\&.
.TP
\fBsignatureAlgorithm\fR \fIalgorithm\fR
Cipher algorithm used for the certificate signature\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBsignatureValue\fR \fIstring\fR
Certificate signature as a hex string\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBsignatureDigest\fR \fIversion\fR
Certificate signing digest as a hex string\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBpublicKeyAlgorithm\fR \fIalgorithm\fR
Certificate signature public key algorithm\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBpublicKey\fR \fIstring\fR
Certificate signature public key as a hex string\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBbits\fR \fIn\fR
Number of bits used for certificate signature key\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBself_signed\fR \fIboolean\fR
Whether the certificate signature is self signed\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBsha1_hash\fR \fIhash\fR
The SHA1 hash of the certificate as a hex string\&.
+This value is new for TclTLS 1\&.8\&.
.TP
\fBsha256_hash\fR \fIhash\fR
The SHA256 hash of the certificate as a hex string\&.
+This value is new for TclTLS 1\&.8\&.
.RE
.TP
\fBtls::connection\fR \fIchannel\fR
Returns the current connection status of an SSL channel\&. The result is a list
-of key-value pairs describing the connection\&. Returned values include:
+of key-value pairs describing the connection\&.
+This command is new for TclTLS 1\&.8\&. Returned values include:
.sp
SSL Status
.RS
.TP
\fBstate\fR \fIstate\fR
@@ -738,21 +781,23 @@
\fBsession_cache_mode\fR \fImode\fR
Server cache mode (client, server, or both)\&.
.RE
.TP
\fBtls::ciphers\fR ?\fIprotocol\fR? ?\fIverbose\fR? ?\fIsupported\fR?
-Without any args, returns a list of all symmetric ciphers for use with the
+Without any options, it returns a list of all symmetric ciphers for use with the
\fI-cipher\fR option\&. With \fIprotocol\fR, only the ciphers supported for that
protocol are returned\&. See the \fBtls::protocols\fR command for the supported
protocols\&. If \fIverbose\fR is specified as true then a verbose, human readable
list is returned with additional information on the cipher\&. If \fIsupported\fR
is specified as true, then only the ciphers supported for protocol will be listed\&.
+The \fIsupported\fR arg is new for TclTLS 1\&.8\&.
.TP
\fBtls::protocols\fR
Returns a list of the supported SSL/TLS protocols\&. Valid values are:
\fBssl2\fR, \fBssl3\fR, \fBtls1\fR, \fBtls1\&.1\fR, \fBtls1\&.2\fR, and
\fBtls1\&.3\fR\&. Exact list depends on OpenSSL version and compile time flags\&.
+This command is new for TclTLS 1\&.8\&.
.TP
\fBtls::version\fR
Returns the OpenSSL version string\&.
.PP
.SH "CERTIFICATE VALIDATION"
@@ -772,11 +817,11 @@
certificate and that certificate is authenticated (i\&.e\&. signed) by a Certificate
Authority (CA)\&. Users can then exchange these certificates during the TLS
initialization process and check them against the root CA certificates to ensure
they are valid\&. This is handled by OpenSSL via the \fB-request\fR and
\fB-require\fR options\&. See the \fB-cadir\fR, \fB-cadir\fR, and
-\fB-castore\fR options for how tp specify where to find the CA certificates\&.
+\fB-castore\fR options for how to specify where to find the CA certificates\&.
Optionally, in a future release, they can also be checked against the Certificate
Revocation List (CRL) of revoked certificates\&. Certificates can also be
self-signed, but they are by default not trusted unless you add them to your
certificate store\&.
.PP
@@ -802,35 +847,39 @@
.TP
\fB-castore\fR \fIURI\fR
Specifies the Uniform Resource Identifier (URI) for the Certificate Authority
(CA) store, which may be a single container or a catalog of containers\&.
Starting with OpenSSL 3\&.2 on MS Windows, set to "\fBorg\&.openssl\&.winstore://\fR"
-to use the built-in MS Windows Certificate Store\&.
-This store only supports root certificate stores\&. See
-\fBCertificate Validation\fR for more details\&.
+to use the built-in MS Windows Certificate Store\&. Starting in TclTLS 2\&.0, this
+is the default if \fB-cadir\fR, \fB-cadir\fR, and \fB-castore\fR are
+not specified\&. This store only supports root certificate stores\&.
.TP
\fB-request\fR \fIbool\fR
Request a certificate from the peer during the SSL handshake\&. This is needed
to do Certificate Validation\&. Starting in TclTLS 1\&.8, the default is
-\fBtrue\fR\&. In addition, the client can manually inspect and accept or reject
-each certificate using the \fI-validatecommand\fR option\&.
+\fBtrue\fR\&. Starting in TclTLS 2\&.0, if set to \fBfalse\fR and
+\fB-require\fR is \fBtrue\fR, then this will be overridden to \fBtrue\fR\&.
+In addition, the client can manually inspect and accept or reject
+each certificate using the \fB-validatecommand\fR option\&.
.TP
\fB-require\fR \fIbool\fR
Require a valid certificate from the peer during the SSL handshake\&. If this is
set to true, then \fB-request\fR must also be set to true and a either
\fB-cadir\fR, \fB-cafile\fR, \fB-castore\fR, or a platform default
must be provided in order to validate against\&. The default in TclTLS 1\&.8 and
earlier versions is \fBfalse\fR since not all platforms have certificates to
-validate against in a form compatible with OpenSSL\&.
+validate against in a form compatible with OpenSSL\&. Starting in TclTLS 2\&.0,
+the default is \fBtrue\fR\&.
.PP
.SS "WHEN ARE COMMAND LINE OPTIONS NEEDED?"
In TclTLS 1\&.8 and earlier versions, certificate validation is
\fINOT\fR enabled by default\&. This limitation is due to the lack of a common
cross platform database of Certificate Authority (CA) provided certificates to
validate against\&. Many Linux systems natively support OpenSSL and thus have
these certificates installed as part of the OS, but MacOS and MS Windows do not\&.
-In order to use the \fB-require\fR option, one of the following
+Staring in TclTLS 2\&.0, this has been changed to require certificate validation
+by default\&. In order to use the \fB-require\fR option, one of the following
must be true:
.IP \(bu
On Linux and Unix systems with OpenSSL already installed or if the CA
certificates are available in PEM format, and if they are stored in the
standard locations, or if the \fBSSL_CERT_DIR\fR or \fBSSL_CERT_FILE\fR
@@ -843,10 +892,12 @@
\fB-cadir\fR, or \fB-castore\fR options must be defined\&.
.IP \(bu
On MS Windows, starting in OpenSSL 3\&.2, it is now possible to access the
built-in Windows Certificate Store from OpenSSL\&. This can utilized by
setting the \fB-castore\fR option to "\fBorg\&.openssl\&.winstore://\fR"\&.
+In TclTLS 2\&.0, this is the default value if \fB-cadir\fR,
+\fB-cadir\fR, and \fB-castore\fR are not specified\&.
.IP \(bu
If OpenSSL is not installed or the CA certificates are not available in PEM
format, the CA certificates must be downloaded and installed with the user
software\&. The CURL team makes them available at
\fICA certificates extracted
@@ -973,11 +1024,11 @@
\fBalpn\fR \fIchannelId protocol match\fR
For servers, this form of callback is invoked when the client ALPN extension is
received\&. If \fImatch\fR is true, then \fIprotocol\fR is the first
\fB-alpn\fR protocol option in common to both the client and server\&.
If not, the first client specified protocol is used\&. This callback is called
-after the Hello and ALPN callbacks\&.
+after the Hello and SNI callbacks\&.
.TP
\fBhello\fR \fIchannelId servername\fR
For servers, this form of callback is invoked during client hello message
processing\&. The purpose is so the server can select the appropriate certificate
to present to the client, and to make other configuration adjustments relevant
@@ -985,13 +1036,13 @@
callbacks\&.
.TP
\fBsni\fR \fIchannelId servername\fR
For servers, this form of callback is invoked when the Server Name Indication
(SNI) extension is received\&. The \fIservername\fR argument is the client
-provided server name specified in the \fB-servername</b>\fR option\&. The
+provided server name specified in the \fB-servername\fR option\&. The
purpose is so when a server supports multiple names, the right certificate
-can be used\&. It is called after the hello callback but before the ALPN
+can be used\&. It is called after the Hello callback but before the ALPN
callback\&.
.TP
\fBverify\fR \fIchannelId depth cert status error\fR
This form of callback is invoked by OpenSSL when a new certificate is received
from the peer\&. It allows the client to check the certificate verification
@@ -1054,15 +1105,15 @@
certificate, even if it is invalid when the \fB-validatecommand\fR
option is set to \fBtls::validate_command\fR\&.
.PP
\fIThe use of the variable \fBtls::debug\fR is not recommended\&.
It may be removed from future releases\&.\fR
-.SH "HTTP PACKAGE EXAMPLES"
+.SH EXAMPLES
The following are example scripts to download a webpage and file using the
-http package\&. See \fBCertificate Validation\fR for whether the
+http package\&. See \fBCertificate Validation\fR for when the
\fB-cadir\fR, \fB-cafile\fR, and \fB-castore\fR options are also
-needed\&. See the demos directory for more example scripts\&.
+needed\&. See the "\fIdemos\fR" directory for more example scripts\&.
.PP
Example #1: Download a web page
.CS
@@ -1120,11 +1171,11 @@
.CE
.SH "SPECIAL CONSIDERATIONS"
The capabilities of this package can vary enormously based upon how the
linked to OpenSSL library was configured and built\&. New versions may obsolete
older protocol versions, add or remove ciphers, change default values, etc\&.
-Use the \fBtls::protocols\fR commands to obtain the supported
+Use the \fBtls::protocols\fR command to obtain the supported
protocol versions\&.
.SH "SEE ALSO"
\fIOpenSSL\fR [https://www\&.openssl\&.org/], http, socket
.SH KEYWORDS
I/O, IP Address, OpenSSL, SSL, TCP, TLS, TclTLS, asynchronous I/O, bind, certificate, channel, connection, domain name, host, https, network, network address, socket, tls
Index: generic/tls.c
==================================================================
--- generic/tls.c
+++ generic/tls.c
@@ -82,11 +82,11 @@
* Side effects:
* Evaluates callback command
*
*-------------------------------------------------------------------
*/
-
+
static int
EvalCallback(
Tcl_Interp *interp, /* Tcl interpreter */
State *statePtr, /* Client state for TLS socket */
Tcl_Obj *cmdPtr) /* Command to eval as a Tcl object */
@@ -137,11 +137,11 @@
* Side effects:
* Calls callback (if defined)
*
*-------------------------------------------------------------------
*/
-
+
static void
InfoCallback(
const SSL *ssl, /* SSL context */
int where, /* Source of info */
int ret) /* message enum */
@@ -214,11 +214,11 @@
* Side effects:
* Calls callback (if defined)
*
*-------------------------------------------------------------------
*/
-
+
#ifndef OPENSSL_NO_SSL_TRACE
static void
MessageCallback(
int write_p, /* Message 0=received, 1=sent */
int version, /* TLS version */
@@ -364,11 +364,11 @@
* The err field of the currently operative State is set
* to a string describing the SSL negotiation failure reason
*
*-------------------------------------------------------------------
*/
-
+
static int
VerifyCallback(
int ok, /* Verify result */
X509_STORE_CTX *ctx) /* CTX context */
{
@@ -434,11 +434,11 @@
* The err field of the currently operative State is set to a
* string describing the SSL negotiation failure reason
*
*-------------------------------------------------------------------
*/
-
+
void
Tls_Error(
State *statePtr, /* Client state for TLS socket */
const char *msg) /* Error message */
{
@@ -492,11 +492,11 @@
* Side effects:
* none
*
*-------------------------------------------------------------------
*/
-
+
void KeyLogCallback(
const SSL *ssl, /* Client state for TLS socket */
const char *line) /* Key data to be logged */
{
char *str = getenv(SSLKEYLOGFILE);
@@ -529,11 +529,11 @@
* Returns:
* Password size in bytes or -1 for an error.
*
*-------------------------------------------------------------------
*/
-
+
static int
PasswordCallback(
char *buf, /* Pointer to buffer to store password in */
int size, /* Buffer length in bytes */
int rwflag, /* Whether password is needed for read or write */
@@ -614,11 +614,11 @@
* 0 = error where session will be immediately removed from the internal cache.
* 1 = success where app retains session in session cache, and must call SSL_SESSION_free() when done.
*
*-------------------------------------------------------------------
*/
-
+
static int
SessionCallback(
SSL *ssl, /* SSL context */
SSL_SESSION *session) /* Session context */
{
@@ -687,11 +687,11 @@
* SSL_TLSEXT_ERR_NOACK: ALPN protocol not selected, e.g., because no ALPN
* protocols are configured for this connection. The connection continues.
*
*-------------------------------------------------------------------
*/
-
+
static int
ALPNCallback(
SSL *ssl, /* SSL context */
const unsigned char **out, /* Return buffer to store selected protocol */
unsigned char *outlen, /* Return buffer size */
@@ -762,11 +762,11 @@
* SSL_TLSEXT_ERR_OK: NPN protocol selected. The connection continues.
* SSL_TLSEXT_ERR_NOACK: NPN protocol not selected. The connection continues.
*
*-------------------------------------------------------------------
*/
-
+
#ifdef USE_NPN
static int
NPNCallback(
const SSL *ssl, /* SSL context */
const unsigned char **out, /* Return buffer to store selected protocol */
@@ -817,11 +817,11 @@
* SSL_TLSEXT_ERR_NOACK: SNI hostname is not accepted and not acknowledged,
* e.g. if SNI has not been configured. The connection continues.
*
*-------------------------------------------------------------------
*/
-
+
static int
SNICallback(
const SSL *ssl, /* SSL context */
int *alert, /* Returned alert message */
void *arg) /* Client state for TLS socket */
@@ -894,11 +894,11 @@
* SSL_CLIENT_HELLO_ERROR: failure, terminate connection. Set alert to error code.
* SSL_CLIENT_HELLO_SUCCESS: success
*
*-------------------------------------------------------------------
*/
-
+
static int
HelloCallback(
SSL *ssl, /* SSL context */
int *alert, /* Returned alert message */
void *arg) /* Client state for TLS socket */
@@ -995,11 +995,11 @@
* Side effects:
* constructs and destroys SSL context (CTX)
*
*-------------------------------------------------------------------
*/
-
+
static const char *protocols[] = {
"ssl2", "ssl3", "tls1", "tls1.1", "tls1.2", "tls1.3", NULL
};
enum protocol {
TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_TLS1_3, TLS_NONE
@@ -1348,13 +1348,13 @@
char *model = NULL;
char *servername = NULL; /* hostname for Server Name Indication */
char *session_id = NULL;
Tcl_Obj *alpn = NULL;
int ssl2 = 0, ssl3 = 0;
- int tls1 = 1, tls1_1 = 1, tls1_2 = 1, tls1_3 = 1;
+ int tls1 = 0, tls1_1 = 0, tls1_2 = 1, tls1_3 = 1;
int proto = 0, level = -1;
- int verify = 0, require = 0, request = 1, post_handshake = 0;
+ int verify = 0, require = 1, request = 1, post_handshake = 0;
dprintf("Called");
#if defined(NO_TLS1) || defined(OPENSSL_NO_TLS1)
tls1 = 0;
@@ -1423,13 +1423,14 @@
OPTBAD("option", "-alpn, -cadir, -cafile, -castore, -cert, -certfile, -cipher, -ciphersuites, -command, -dhparams, -key, -keyfile, -model, -password, -post_handshake, -request, -require, -security_level, -server, -servername, -session_id, -ssl2, -ssl3, -tls1, -tls1.1, -tls1.2, -tls1.3, or -validatecommand");
return TCL_ERROR;
}
+ if (require) request = 1;
if (request) verify |= SSL_VERIFY_CLIENT_ONCE | SSL_VERIFY_PEER;
if (request && require) verify |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
- if (request && post_handshake) verify |= SSL_VERIFY_POST_HANDSHAKE;
+ if (request && post_handshake) verify |= SSL_VERIFY_POST_HANDSHAKE;
if (verify == 0) verify = SSL_VERIFY_NONE;
proto |= (ssl2 ? TLS_PROTO_SSL2 : 0);
proto |= (ssl3 ? TLS_PROTO_SSL3 : 0);
proto |= (tls1 ? TLS_PROTO_TLS1 : 0);
@@ -1611,14 +1612,14 @@
/* Enable Application-Layer Protocol Negotiation. Examples are: http/1.0,
http/1.1, h2, h3, ftp, imap, pop3, xmpp-client, xmpp-server, mqtt, irc, etc. */
if (alpn) {
/* Convert a TCL list into a protocol-list in wire-format */
- unsigned char *protos, *p;
+ unsigned char *protos = NULL, *p;
unsigned int protos_len = 0;
Tcl_Size cnt, i;
- int j;
+ int res = TCL_OK;
Tcl_Obj **list;
if (Tcl_ListObjGetElements(interp, alpn, &cnt, &list) != TCL_OK) {
Tls_Free((tls_free_type *) statePtr);
return TCL_ERROR;
@@ -1628,21 +1629,21 @@
for (i = 0; i < cnt; i++) {
Tcl_GetStringFromObj(list[i], &len);
if (len > 255) {
Tcl_AppendResult(interp, "ALPN protocol names too long", (char *)NULL);
Tcl_SetErrorCode(interp, "TLS", "IMPORT", "ALPN", "FAILED", (char *)NULL);
- Tls_Free((tls_free_type *) statePtr);
- return TCL_ERROR;
+ res = TCL_ERROR;
+ goto done;
}
protos_len += 1 + (int) len;
}
/* Build the complete protocol-list */
protos = ckalloc(protos_len);
/* protocol-lists consist of 8-bit length-prefixed, byte strings */
- for (j = 0, p = protos; j < cnt; j++) {
- char *str = Tcl_GetStringFromObj(list[j], &len);
+ for (i = 0, p = protos; i < cnt; i++) {
+ char *str = Tcl_GetStringFromObj(list[i], &len);
*p++ = (unsigned char) len;
memcpy(p, str, (size_t) len);
p += len;
}
@@ -1649,12 +1650,23 @@
/* SSL_set_alpn_protos makes a copy of the protocol-list */
/* Note: This function reverses the return value convention */
if (SSL_set_alpn_protos(statePtr->ssl, protos, protos_len)) {
Tcl_AppendResult(interp, "Set ALPN protocols failed: ", GET_ERR_REASON(), (char *)NULL);
Tcl_SetErrorCode(interp, "TLS", "IMPORT", "ALPN", "FAILED", (char *)NULL);
+ res = TCL_ERROR;
+ }
+
+done: for (i = 0; i < cnt; i++) {
+ Tcl_IncrRefCount(list[i]);
+ Tcl_DecrRefCount(list[i]);
+ }
+
+ if (res != TCL_OK) {
Tls_Free((tls_free_type *) statePtr);
- ckfree(protos);
+ if (protos != NULL) {
+ ckfree(protos);
+ }
return TCL_ERROR;
}
/* Store protocols list */
statePtr->protos = protos;
@@ -1844,11 +1856,11 @@
* Side effects:
* Loads CA certificates
*
*-------------------------------------------------------------------
*/
-
+
static int
TlsLoadClientCAFileFromMemory(
Tcl_Interp *interp, /* Tcl interpreter */
SSL_CTX *ctx, /* CTX context */
Tcl_Obj *file) /* CA certificates filename */
@@ -2340,14 +2352,15 @@
Tcl_Obj *cafileobj = Tcl_NewStringObj(CAfile, -1);
Tcl_IncrRefCount(cafileobj);
Tcl_Obj *fsinfo = Tcl_FSFileSystemInfo(cafileobj);
if (fsinfo) {
+ Tcl_Obj *fstype = NULL;
Tcl_IncrRefCount(fsinfo);
- Tcl_Obj *fstype = NULL;
Tcl_ListObjIndex(interp, fsinfo, 0, &fstype);
+ Tcl_IncrRefCount(fstype);
if (Tcl_StringMatch("native", Tcl_GetString(fstype))) {
if (!SSL_CTX_load_verify_file(ctx, F2N(CAfile, &ds))) {
abort++;
}
@@ -2364,10 +2377,11 @@
/* Load certificate into memory */
if (!TlsLoadClientCAFileFromMemory(interp, ctx, cafileobj)) {
abort++;
}
}
+ Tcl_DecrRefCount(fstype);
Tcl_DecrRefCount(fsinfo);
} else {
abort++; /* Path is not recognized */
}
@@ -2393,11 +2407,11 @@
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
-
+
static int
StatusObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
@@ -2800,11 +2814,11 @@
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
-
+
static int
VersionObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
TCL_UNUSED(int), /* objc - Arg count */
@@ -2831,11 +2845,11 @@
* Side effects:
* None.
*
*-------------------------------------------------------------------
*/
-
+
static int
MiscObjCmd(
TCL_UNUSED(ClientData), /* Client data */
Tcl_Interp *interp, /* Tcl interpreter */
int objc, /* Arg count */
@@ -2843,10 +2857,11 @@
{
static const char *commands [] = { "req", "strreq", NULL };
enum command { C_REQ, C_STRREQ, C_DUMMY };
int cmd, isStr;
char buffer[16384];
+ int res = TCL_OK;
dprintf("Called");
if (objc < 2) {
Tcl_WrongNumArgs(interp, 1, objv, "subcommand ?args?");
@@ -2868,11 +2883,11 @@
Tcl_Obj **listv;
Tcl_Size listc, i;
BIO *out=NULL;
- const char *k_C="",*k_ST="",*k_L="",*k_O="",*k_OU="",*k_CN="",*k_Email="";
+ Tcl_Obj *k_C=NULL,*k_ST=NULL,*k_L=NULL,*k_O=NULL,*k_OU=NULL,*k_CN=NULL,*k_Email=NULL;
char *keyout,*pemout,*str;
int keysize,serial=0,days=365;
#if OPENSSL_VERSION_NUMBER < 0x30000000L
BIGNUM *bne = NULL;
@@ -2901,38 +2916,57 @@
return TCL_ERROR;
}
if ((listc%2) != 0) {
Tcl_SetResult(interp,"Information list must have even number of arguments",NULL);
- return TCL_ERROR;
+ res = TCL_ERROR;
}
for (i=0; i<listc; i+=2) {
str=Tcl_GetString(listv[i]);
if (strcmp(str,"days")==0) {
- if (Tcl_GetIntFromObj(interp,listv[i+1],&days)!=TCL_OK)
- return TCL_ERROR;
+ if (Tcl_GetIntFromObj(interp,listv[i+1],&days)!=TCL_OK) {
+ res = TCL_ERROR;
+ break;
+ }
} else if (strcmp(str,"serial")==0) {
- if (Tcl_GetIntFromObj(interp,listv[i+1],&serial)!=TCL_OK)
- return TCL_ERROR;
+ if (Tcl_GetIntFromObj(interp,listv[i+1],&serial)!=TCL_OK) {
+ res = TCL_ERROR;
+ break;
+ }
} else if (strcmp(str,"C")==0) {
- k_C=Tcl_GetString(listv[i+1]);
+ k_C = listv[i+1];
+ Tcl_IncrRefCount(k_C);
} else if (strcmp(str,"ST")==0) {
- k_ST=Tcl_GetString(listv[i+1]);
+ k_ST = listv[i+1];
+ Tcl_IncrRefCount(k_ST);
} else if (strcmp(str,"L")==0) {
- k_L=Tcl_GetString(listv[i+1]);
+ k_L = listv[i+1];
+ Tcl_IncrRefCount(k_L);
} else if (strcmp(str,"O")==0) {
- k_O=Tcl_GetString(listv[i+1]);
+ k_O = listv[i+1];
+ Tcl_IncrRefCount(k_O);
} else if (strcmp(str,"OU")==0) {
- k_OU=Tcl_GetString(listv[i+1]);
+ k_OU = listv[i+1];
+ Tcl_IncrRefCount(k_OU);
} else if (strcmp(str,"CN")==0) {
- k_CN=Tcl_GetString(listv[i+1]);
+ k_CN = listv[i+1];
+ Tcl_IncrRefCount(k_CN);
} else if (strcmp(str,"Email")==0) {
- k_Email=Tcl_GetString(listv[i+1]);
+ k_Email = listv[i+1];
+ Tcl_IncrRefCount(k_Email);
} else {
Tcl_SetResult(interp,"Unknown parameter",NULL);
- return TCL_ERROR;
+ res = TCL_ERROR;
+ break;
}
+ }
+ for (i=0; i<listc; i+=2) {
+ Tcl_IncrRefCount(listv[i]);
+ Tcl_DecrRefCount(listv[i]);
+ }
+ if (res != TCL_OK) {
+ goto done;
}
}
#if OPENSSL_VERSION_NUMBER < 0x30000000L
bne = BN_new();
@@ -2950,12 +2984,17 @@
!EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, keysize) || !EVP_PKEY_keygen(ctx, &pkey)) {
EVP_PKEY_free(pkey);
EVP_PKEY_CTX_free(ctx);
#endif
Tcl_SetResult(interp,"Error generating private key",NULL);
- return TCL_ERROR;
+ res = TCL_ERROR;
+ goto done;
+
} else {
+ const unsigned char *string;
+ Tcl_Size len;
+
if (isStr) {
out=BIO_new(BIO_s_mem());
PEM_write_bio_PrivateKey(out,pkey,NULL,NULL,0,NULL,NULL);
i=BIO_read(out,buffer,sizeof(buffer)-1);
i=(i<0) ? 0 : i;
@@ -2975,11 +3014,12 @@
Tcl_SetResult(interp,"Error generating certificate request",NULL);
EVP_PKEY_free(pkey);
#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_free(bne);
#endif
- return TCL_ERROR;
+ res = TCL_ERROR;
+ goto done;
}
X509_set_version(cert,2);
ASN1_INTEGER_set(X509_get_serialNumber(cert),serial);
X509_gmtime_adj(X509_getm_notBefore(cert),0);
@@ -2986,17 +3026,65 @@
X509_gmtime_adj(X509_getm_notAfter(cert),(long)60*60*24*days);
X509_set_pubkey(cert,pkey);
name=X509_get_subject_name(cert);
- X509_NAME_add_entry_by_txt(name,"C", MBSTRING_ASC, (const unsigned char *) k_C, -1, -1, 0);
- X509_NAME_add_entry_by_txt(name,"ST", MBSTRING_ASC, (const unsigned char *) k_ST, -1, -1, 0);
- X509_NAME_add_entry_by_txt(name,"L", MBSTRING_ASC, (const unsigned char *) k_L, -1, -1, 0);
- X509_NAME_add_entry_by_txt(name,"O", MBSTRING_ASC, (const unsigned char *) k_O, -1, -1, 0);
- X509_NAME_add_entry_by_txt(name,"OU", MBSTRING_ASC, (const unsigned char *) k_OU, -1, -1, 0);
- X509_NAME_add_entry_by_txt(name,"CN", MBSTRING_ASC, (const unsigned char *) k_CN, -1, -1, 0);
- X509_NAME_add_entry_by_txt(name,"Email", MBSTRING_ASC, (const unsigned char *) k_Email, -1, -1, 0);
+ if (k_C != NULL) {
+ string = (const unsigned char *) Tcl_GetStringFromObj(k_C, &len);
+ } else {
+ string = NULL;
+ len = 0;
+ }
+ X509_NAME_add_entry_by_txt(name,"C", MBSTRING_ASC, string, (int) len, -1, 0);
+
+ if (k_ST != NULL) {
+ string = (const unsigned char *) Tcl_GetStringFromObj(k_ST, &len);
+ } else {
+ string = NULL;
+ len = 0;
+ }
+ X509_NAME_add_entry_by_txt(name,"ST", MBSTRING_ASC, string, (int) len, -1, 0);
+
+ if (k_L != NULL) {
+ string = (const unsigned char *) Tcl_GetStringFromObj(k_L, &len);
+ } else {
+ string = NULL;
+ len = 0;
+ }
+ X509_NAME_add_entry_by_txt(name,"L", MBSTRING_ASC, string, (int) len, -1, 0);
+
+ if (k_O != NULL) {
+ string = (const unsigned char *) Tcl_GetStringFromObj(k_O, &len);
+ } else {
+ string = NULL;
+ len = 0;
+ }
+ X509_NAME_add_entry_by_txt(name,"O", MBSTRING_ASC, string, (int) len, -1, 0);
+
+ if (k_OU != NULL) {
+ string = (const unsigned char *) Tcl_GetStringFromObj(k_OU, &len);
+ } else {
+ string = NULL;
+ len = 0;
+ }
+ X509_NAME_add_entry_by_txt(name,"OU", MBSTRING_ASC, string, (int) len, -1, 0);
+
+ if (k_CN != NULL) {
+ string = (const unsigned char *) Tcl_GetStringFromObj(k_CN, &len);
+ } else {
+ string = NULL;
+ len = 0;
+ }
+ X509_NAME_add_entry_by_txt(name,"CN", MBSTRING_ASC, string, (int) len, -1, 0);
+
+ if (k_Email != NULL) {
+ string = (const unsigned char *) Tcl_GetStringFromObj(k_Email, &len);
+ } else {
+ string = NULL;
+ len = 0;
+ }
+ X509_NAME_add_entry_by_txt(name,"Email", MBSTRING_ASC, string, (int) len, -1, 0);
X509_set_subject_name(cert,name);
if (!X509_sign(cert,pkey,EVP_sha256())) {
X509_free(cert);
@@ -3003,11 +3091,12 @@
EVP_PKEY_free(pkey);
#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_free(bne);
#endif
Tcl_SetResult(interp,"Error signing certificate",NULL);
- return TCL_ERROR;
+ res = TCL_ERROR;
+ goto done;
}
if (isStr) {
out=BIO_new(BIO_s_mem());
PEM_write_bio_X509(out,cert);
@@ -3028,16 +3117,37 @@
EVP_PKEY_free(pkey);
#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_free(bne);
#endif
}
+done: if (k_C != NULL) {
+ Tcl_DecrRefCount(k_C);
+ }
+ if (k_ST != NULL) {
+ Tcl_DecrRefCount(k_ST);
+ }
+ if (k_L != NULL) {
+ Tcl_DecrRefCount(k_L);
+ }
+ if (k_O != NULL) {
+ Tcl_DecrRefCount(k_O);
+ }
+ if (k_OU != NULL) {
+ Tcl_DecrRefCount(k_OU);
+ }
+ if (k_CN != NULL) {
+ Tcl_DecrRefCount(k_CN);
+ }
+ if (k_Email != NULL) {
+ Tcl_DecrRefCount(k_Email);
+ }
}
break;
default:
break;
}
- return TCL_OK;
+ return res;
}
�
/********************/
/* Init */
/********************/
@@ -3056,11 +3166,11 @@
* Side effects:
* Frees all the state
*
*-------------------------------------------------------------------
*/
-
+
void
Tls_Free(
tls_free_type *blockPtr) /* Client state for TLS socket */
{
State *statePtr = (State *)blockPtr;
@@ -3087,11 +3197,11 @@
* Side effects:
* Frees all the state
*
*-------------------------------------------------------------------
*/
-
+
void Tls_Clean(
State *statePtr) /* Client state for TLS socket */
{
dprintf("Called");
@@ -3246,11 +3356,11 @@
* Side effects:
* Shutdown SSL library
*
*------------------------------------------------------*
*/
-
+
void TlsLibShutdown(
ClientData clientData) /* Not used */
{
dprintf("Called");
@@ -3270,11 +3380,11 @@
* Side effects:
* Initializes SSL library
*
*------------------------------------------------------*
*/
-
+
static int TlsLibInit() {
static int initialized = 0;
dprintf("Called");
@@ -3378,12 +3488,12 @@
* Side effects:
* Same as of 'Tls_Init'
*
*-------------------------------------------------------------------
*/
-
+
DLLEXPORT int Tls_SafeInit(
Tcl_Interp *interp) /* Tcl interpreter */
{
dprintf("Called");
return Tls_Init(interp);
}
Index: generic/tlsInt.h
==================================================================
--- generic/tlsInt.h
+++ generic/tlsInt.h
@@ -35,11 +35,11 @@
/* Windows needs to know which symbols to export. */
#ifdef BUILD_tls
#undef TCL_STORAGE_CLASS
#define TCL_STORAGE_CLASS DLLEXPORT
-#endif /* BUILD_udp */
+#endif /* BUILD_tls */
/* Handle TCL 8.6 CONST changes */
#ifndef CONST86
# if TCL_MAJOR_VERSION > 8
# define CONST86 const
Index: library/tls.tcl
==================================================================
--- library/tls.tcl
+++ library/tls.tcl
@@ -263,10 +263,17 @@
if {![info exists argsArray(-servername)]} {
set argsArray(-servername) $host
lappend iopts -servername $host
}
}
+
+ # Use host as SNI server name without -autoservername and -servername args
+ if {![info exists argsArray(-autoservername)] &&
+ ![info exists argsArray(-servername)]} {
+ set argsArray(-servername) $host
+ lappend iopts -servername $host
+ }
lappend sopts $host $port
}
#
# Create TCP/IP socket