Check-in [2fb4e30853]
Not logged in
Home Downloads Timeline Branches Tags Tickets Wiki Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:turn off ssl3 in tkchat
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 2fb4e30853004ca395c24ee178052d6f107b1e9c
User & Date: chw 2016-11-06 22:14:44.592
Context
2016-11-06
22:17
turn off ssl3 in tls for [AndroWish] and [undroidwish] check-in: 6b64b4fafa user: chw tags: trunk
22:14
turn off ssl3 in tkchat check-in: 2fb4e30853 user: chw tags: trunk
15:45
update freetype to version 2.7 check-in: 77f9a90216 user: chw tags: trunk
Changes
Unified Diff Ignore Whitespace Patch
Changes to tkchat/assets/app/jabberlib/jlibtls.tcl. 
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

	  "received incorrectly namespaced proceed element"
    }

    set sock $lib(sock)

    # Make it a SSL connection.
    array set a [list -cafile "" -certfile "" -keyfile "" \
                     -request 1 -server 0 -require 0 -ssl2 no -ssl3 yes -tls1 yes]
    array set a $locals(tls,uargs)
    eval [linsert [array get a] 0 ::tls::import $sock]
    #tls::import $sock -cafile "" -certfile "" -keyfile "" \
    #  -request 1 -server 0 -require 0 -ssl2 no -ssl3 yes -tls1 yes
    set retry 0
    
    while {1} {
	if {$retry > 20} {
	    catch {close $sock}
	    set err "too long retry to setup SSL connection"
	    tls_finish $jlibname startls-failure $err








|



|








77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

	  "received incorrectly namespaced proceed element"
    }

    set sock $lib(sock)

    # Make it a SSL connection.
    array set a [list -cafile "" -certfile "" -keyfile "" \
                     -request 1 -server 0 -require 0 -ssl2 no -ssl3 no -tls1 yes]
    array set a $locals(tls,uargs)
    eval [linsert [array get a] 0 ::tls::import $sock]
    #tls::import $sock -cafile "" -certfile "" -keyfile "" \
    #  -request 1 -server 0 -require 0 -ssl2 no -ssl3 no -tls1 yes
    set retry 0
    
    while {1} {
	if {$retry > 20} {
	    catch {close $sock}
	    set err "too long retry to setup SSL connection"
	    tls_finish $jlibname startls-failure $err
Changes to tkchat/assets/app/tkchat.tcl. 
7667
7668
7669
7670
7671
7672
7673
7674
7675
7676
7677
7678
7679
7680
7681

    }
    if { [catch {
	if { $Options(UseProxy) && [string length $Options(ProxyHost)] > 0 } {
	    set socket [ProxyConnect $Options(ProxyHost) $Options(ProxyPort) \
		    $Options(JabberServer) $Options(JabberPort)]
	} elseif { $have_tls && $Options(UseJabberSSL) eq "ssl" } {
	    set socket \
		    [tls::socket -ssl2 false -ssl3 true -tls1 true \
                         -cafile [get_cafile] \
                         -command [namespace origin tls_callback] \
                         $Options(JabberServer) $Options(JabberPort)]
	} else {
	    if { $Options(JabberPort) == 5223 } {
		incr Options(JabberPort) -1
	    }








|








7667
7668
7669
7670
7671
7672
7673
7674
7675
7676
7677
7678
7679
7680
7681

    }
    if { [catch {
	if { $Options(UseProxy) && [string length $Options(ProxyHost)] > 0 } {
	    set socket [ProxyConnect $Options(ProxyHost) $Options(ProxyPort) \
		    $Options(JabberServer) $Options(JabberPort)]
	} elseif { $have_tls && $Options(UseJabberSSL) eq "ssl" } {
	    set socket \
		    [tls::socket -ssl2 false -ssl3 false -tls1 true \
                         -cafile [get_cafile] \
                         -command [namespace origin tls_callback] \
                         $Options(JabberServer) $Options(JabberPort)]
	} else {
	    if { $Options(JabberPort) == 5223 } {
		incr Options(JabberPort) -1
	    }

9786
9787
9788
9789
9790
9791
9792
9793
9794
9795
9796
9797
9798
9799
9800

    set result [lindex [split $block \n] 0]
    set code [lindex [split $result { }] 1]
    fconfigure $sock -blocking 1 -translation binary -buffering none

    if {$code >= 200 && $code < 300} {
	if {$have_tls && $Options(UseJabberSSL) eq "ssl"} {
            ::tkchat::addStatus 0 "Securing network link"
	    ::tls::import $sock -ssl2 false -ssl3 true -tls1 true \
                -cafile [get_cafile] \
                -command [namespace origin tls_callback]
	} else {
            ::tkchat::addStatus 0 "Connected"
        }
    } else {
	error "proxy connect failed: $block"








|








9786
9787
9788
9789
9790
9791
9792
9793
9794
9795
9796
9797
9798
9799
9800

    set result [lindex [split $block \n] 0]
    set code [lindex [split $result { }] 1]
    fconfigure $sock -blocking 1 -translation binary -buffering none

    if {$code >= 200 && $code < 300} {
	if {$have_tls && $Options(UseJabberSSL) eq "ssl"} {
            ::tkchat::addStatus 0 "Securing network link"
	    ::tls::import $sock -ssl2 false -ssl3 false -tls1 true \
                -cafile [get_cafile] \
                -command [namespace origin tls_callback]
	} else {
            ::tkchat::addStatus 0 "Connected"
        }
    } else {
	error "proxy connect failed: $block"
Fossil version [bcbf150dc2] 2025-06-30 17:00:42