SOURCES: tcl-tls-pkgIndex.patch (NEW), tcl-tls-load-ssl-config.pat...

arekm arekm at pld-linux.org
Wed Apr 25 23:06:08 CEST 2007 

Author: arekm                        Date: Wed Apr 25 21:06:08 2007 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- one enhacement and one fix from debian

---- Files affected:
SOURCES:
   tcl-tls-pkgIndex.patch (NONE -> 1.1)  (NEW), tcl-tls-load-ssl-config.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/tcl-tls-pkgIndex.patch
diff -u /dev/null SOURCES/tcl-tls-pkgIndex.patch:1.1
--- /dev/null	Wed Apr 25 23:06:08 2007
+++ SOURCES/tcl-tls-pkgIndex.patch	Wed Apr 25 23:06:03 2007
@@ -0,0 +1,17 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 03_change_pkgIndex.in.dpatch by  <muammar at localhost>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Changing pkgIndex.in
+
+ at DPATCH@
+
+--- tcltls-1.5.0/pkgIndex.tcl.in	2003-12-15 14:46:20.000000000 -0400
++++ pkgIndex.tcl.in	2007-04-11 13:26:57.000000000 -0400
+@@ -5,5 +5,5 @@
+ #    replace the original which didn't include the commands from "tls.tcl".
+ #
+ 
+-package ifneeded tls 1.5 "[list load [file join $dir @RELPATH@ @tls_LIB_FILE@] ] ; [list source [file join $dir tls.tcl] ]"
++package ifneeded tls 1.50 "[list load [file join $dir .. libtls1.50.so] ] ; [list source [file join $dir tls.tcl] ]"
+ 

================================================================
Index: SOURCES/tcl-tls-load-ssl-config.patch
diff -u /dev/null SOURCES/tcl-tls-load-ssl-config.patch:1.1
--- /dev/null	Wed Apr 25 23:06:08 2007
+++ SOURCES/tcl-tls-load-ssl-config.patch	Wed Apr 25 23:06:03 2007
@@ -0,0 +1,196 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 01_load_ssl_configuration.dpatch by  <boll@>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Load SSL configuration
+
+ at DPATCH@
+diff -urNad tcltls-1.5.0~/tls.c tcltls-1.5.0/tls.c
+--- tcltls-1.5.0~/tls.c	2004-02-13 02:09:21.000000000 +0000
++++ tcltls-1.5.0/tls.c	2006-01-20 12:32:31.000000000 +0000
+@@ -26,7 +26,12 @@
+ #include "tlsInt.h"
+ #include "tclOpts.h"
+ #include <stdlib.h>
+-
++#if OPENSSL_VERSION_NUMBER >= 0x0090800
++#include <openssl/conf.h>
++#ifndef OPENSSL_NO_ENGINE
++#include <openssl/engine.h>
++#endif
++#endif
+ /*
+  * External functions
+  */
+@@ -1155,8 +1160,10 @@
+  *	A standard Tcl result.
+  *
+  * Side effects:
+- *	None.
+- *
++ *   req - none
++ *   config - Openssl configuration file is loaded	
++ *   engine - specifig engine is loaded or configured
++ *   
+  *-------------------------------------------------------------------
+  */
+ static int
+@@ -1166,8 +1173,22 @@
+     int objc;
+     Tcl_Obj	*CONST objv[];
+ {
+-    const char *commands [] = { "req", NULL };
+-    enum command { C_REQ, C_DUMMY };
++    const char *commands [] = { "req", 
++#if OPENSSL_VERSION_NUMBER >= 0x0090800L		
++		"config", 
++#ifndef OPENSSL_NO_ENGINE		
++		"engine", 
++#endif		
++#endif		
++		NULL };
++    enum command { C_REQ, 
++#if OPENSSL_VERSION_NUMBER >= 0x0090800L		
++		C_CONFIG,
++#ifndef OPENSSL_NO_ENGINE		
++		C_ENGINE, 
++#endif		
++#endif		
++		C_DUMMY };
+     int cmd;
+ 
+     if (objc < 2) {
+@@ -1302,6 +1323,48 @@
+ 	    }
+ 	}
+ 	break;
++#if OPENSSL_VERSION_NUMBER >= 0x0090800L	
++	case C_CONFIG:
++		if (objc<2 || objc>3) {
++			Tcl_WrongNumArgs(interp,2,objv,"?filename?");
++			return TCL_ERROR;
++		} else if (objc == 2) {
++			OPENSSL_config(NULL);
++		} else {
++			OPENSSL_config(Tcl_GetString(objv[2]));
++		}	
++	break;	
++#ifndef OPENSSL_NO_ENGINE	
++	case C_ENGINE:
++		{ ENGINE *e;
++		static int loaded_engines = 0;
++		if (objc!=3) {
++			Tcl_WrongNumArgs(interp,2,objv,"engine_id");
++			return TCL_ERROR;
++		}
++		if (!loaded_engines) {
++			ENGINE_load_builtin_engines();
++			loaded_engines=1;
++		}	
++		if ((e= ENGINE_by_id(Tcl_GetString(objv[2])))==NULL) {
++			Tcl_AppendResult(interp,"failed to load engine ",
++					Tcl_GetString(objv[2]),
++					"\n",ERR_error_string(ERR_get_error(),NULL),
++					NULL);
++			return TCL_ERROR;
++		}
++		if (!ENGINE_set_default(e,ENGINE_METHOD_ALL)) {
++			Tcl_AppendResult(interp,"Failed to enable engine ",
++					Tcl_GetString(objv[2]),
++					"\n",ERR_error_string(ERR_get_error(),NULL),
++					NULL);
++			return TCL_ERROR;
++		}	
++		ENGINE_free(e);
++		}
++	break;
++#endif	
++#endif	
+     }
+     return TCL_OK;
+ }
+diff -urNad tcltls-1.5.0~/tls.htm tcltls-1.5.0/tls.htm
+--- tcltls-1.5.0~/tls.htm	2004-02-13 02:09:21.000000000 +0000
++++ tcltls-1.5.0/tls.htm	2006-01-20 12:32:31.000000000 +0000
+@@ -31,6 +31,7 @@
+             <dd><b>tls::import</b><em> channel ?options?</em></dd>
+             <dd><b>tls::ciphers </b><em>protocol ?verbose?</em></dd>
+             <dd><b>tls::version</b></dd>
++			<dd><b>tls::misc</b> <em>subcommand ?args?</em></dd>
+         </dl>
+     </dd>
+     <dd><a href="#COMMANDS">COMMANDS</a></dd>
+@@ -62,7 +63,8 @@
+ <a href="#tls::import"><b>tls::import </b><i>channel ?options?</i></a><br>
+ <a href="#tls::ciphers protocol ?verbose?"><strong>tls::ciphers</strong>
+ <em>protocol ?verbose?</em></a><br>
+-<a href="#tls::version"><b>tls::version</b></a>
++<a href="#tls::version"><b>tls::version</b></a><br>
++<a href="#tls::misc"><b>tls::misc </b><i>subcommand ?args?</i></a><br>
+ </p>
+ 
+ <h3><a name="DESCRIPTION">DESCRIPTION</a></h3>
+@@ -223,7 +225,62 @@
+     <dt><a name="tls::version"><strong>tls::version</strong></a></dt>
+     <dd>Returns the version string defined by OpenSSL.</dd>
+ </dl>
+-
++<dl><tt><a name="tls::misc"><strong>tls::misc</strong></a></tt></dt>
++<dd>Miscellaneous openssl functions. This command provides functions
++which are not directly related to TLS, but neccessary for proper
++operations. Following subcommands are supportd
++<dl>
++<dt><b>rec</b> <em>keysize keyfile certfile ?info?</em></dt>
++<p>
++Generates private key and certificate request in the keyfile and
++certfile. Currently only RSA keys are supported. Keysize is specified in
++bits. It is typically
++1024, because 512-bit keys are totally insecure, and 2048 bits too
++computational expensive.
++</p>
++<p>
++This command is here, because some tls applications, notably web
++browsers should have ability to generate requests for client
++certificates.
++</p>
++<p>
++Optional <em>info</em> argument is the list of key-value pairs which
++can contain following request attributes:
++<ol>
++<li><b>days</b> - how long certificate should be valid
++<li><b>serial</b> - serial number of certificate
++<li><b>C</b> - Country part of certificate subject
++<LI><b>ST</b> - State part of certificate subject
++<LI><b>L</b> -locality
++<LI><b>O</b> - organization
++<LI><b>OU</b> - organization unit
++<LI><b>CN</B> - Common Name
++<LI><b>Email</B> email address of certificate subject
++</OL>
++Default values for these options are obtained from OpenSSL configuration
++file if one is loaded by <b>tls::misc config</b>.
++<dd>
++<dt><b>config</b> <em>?filename?</em>
++<dd>Loads an OpenSSL configuration file. If no <em>filename</em>
++argument is provided, loads default configuration file, which is
++hardcoded into OpenSSL. Otherwise loads specified file. This command
++doesn't report error if file doesn't exist.
++</dd>
++<dt><b>engine</b> <em>engine_id</em>
++<dd><p>Loads alternate (hardware) implementation of cryptoalgorithms -
++engine in OpenSSL terminology and makes this implementation default for
++all algorithms, supported by particular engine.
++</p>
++<p>
++For now there is no way to send control commands to engine and specify
++path to dynamically loadable engine explicitely. So, only builtin
++engines and engines located in the default OpenSSL engine directory
++could be loaded.
++</p>
++</dd>
++</dl>
++</dd>
++</dl>
+ <h3><a name="CALLBACK OPTIONS">CALLBACK OPTIONS</a></h3>
+ 
+ <p>
================================================================

More information about the pld-cvs-commit mailing list