Download as
Browse Code »

Commit 80abb883be5972c15d1a417949ba46e27573ba11

Authored by perry.werneck@gmail.com
1 parent e3df55ed
Exists in master and in 5 other branches develop, edit-header-bar, keypads, script-support, v5.2

Melhorando negociação SSL

Showing 1 changed file with 27 additions and 28 deletions   Show diff stats
src/lib3270/telnet.c
  Diff comments   View file @80abb88
@@ -239,15 +239,20 @@ static const char *trsp_flag[2] = { "POSITIVE-RESPONSE", "NEGATIVE-RESPONSE" }; @@ -239,15 +239,20 @@ static const char *trsp_flag[2] = { "POSITIVE-RESPONSE", "NEGATIVE-RESPONSE" };
239 #define XMIT_COLS hSession->maxCOLS 239 #define XMIT_COLS hSession->maxCOLS
240 240
241 #if defined(HAVE_LIBSSL) /*[*/ 241 #if defined(HAVE_LIBSSL) /*[*/
242 -// static Boolean need_tls_follows = False;  
243 -static void ssl_init(H3270 *session);  
244 -#if OPENSSL_VERSION_NUMBER >= 0x00907000L /*[*/  
245 -#define INFO_CONST const  
246 -#else /*][*/  
247 -#define INFO_CONST  
248 -#endif /*]*/  
249 -static void ssl_info_callback(INFO_CONST SSL *s, int where, int ret);  
250 -static void continue_tls(H3270 *hSession, unsigned char *sbbuf, int len); 242 +
  243 + static void ssl_init(H3270 *session);
  244 +
  245 + #if OPENSSL_VERSION_NUMBER >= 0x00907000L /*[*/
  246 + #define INFO_CONST const
  247 + #else /*][*/
  248 + #define INFO_CONST
  249 + #endif /*]*/
  250 +
  251 + static void ssl_info_callback(INFO_CONST SSL *s, int where, int ret);
  252 + static void continue_tls(H3270 *hSession, unsigned char *sbbuf, int len);
  253 +
  254 + static int ssl_3270_ex_index = -1; /**< Index of h3270 handle in SSL session */
  255 +
251 #endif /*]*/ 256 #endif /*]*/
252 257
253 #if defined(_WIN32) /*[*/ 258 #if defined(_WIN32) /*[*/
@@ -3083,6 +3088,9 @@ static void ssl_init(H3270 *session) @@ -3083,6 +3088,9 @@ static void ssl_init(H3270 *session)
3083 SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); 3088 SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
3084 SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); 3089 SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback);
3085 SSL_CTX_set_default_verify_paths(ssl_ctx); 3090 SSL_CTX_set_default_verify_paths(ssl_ctx);
  3091 +
  3092 + ssl_3270_ex_index = SSL_get_ex_new_index(0,NULL,NULL,NULL,NULL);
  3093 +
3086 } 3094 }
3087 3095
3088 if(session->ssl_con) 3096 if(session->ssl_con)
@@ -3096,32 +3104,23 @@ static void ssl_init(H3270 *session) @@ -3096,32 +3104,23 @@ static void ssl_init(H3270 *session)
3096 return; 3104 return;
3097 } 3105 }
3098 3106
3099 - SSL_set_verify(session->ssl_con, 0/*xxx*/, NULL);  
3100 -  
3101 - /* XXX: May need to get key file and password. */  
3102 - /*  
3103 - if (appres.cert_file)  
3104 - {  
3105 - if (!(SSL_CTX_use_certificate_chain_file(ssl_ctx,  
3106 - appres.cert_file))) {  
3107 - unsigned long e;  
3108 - char err_buf[120]; 3107 + SSL_set_ex_data(session->ssl_con,ssl_3270_ex_index,(char *) session);
3109 3108
3110 - e = ERR_get_error();  
3111 - (void) ERR_error_string(e, err_buf); 3109 + SSL_set_verify(session->ssl_con, 0, NULL);
3112 3110
3113 - popup_an_error(NULL,"SSL_CTX_use_certificate_chain_file("  
3114 - "\"%s\") failed:\n%s",  
3115 - appres.cert_file, err_buf);  
3116 - }  
3117 - }  
3118 - */  
3119 } 3111 }
3120 3112
3121 /* Callback for tracing protocol negotiation. */ 3113 /* Callback for tracing protocol negotiation. */
3122 static void ssl_info_callback(INFO_CONST SSL *s, int where, int ret) 3114 static void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
3123 { 3115 {
3124 - H3270 *hSession = lib3270_get_default_session_handle(); // TODO: Find a better way! 3116 +// H3270 *hSession = lib3270_get_default_session_handle(); // TODO: Find a better way!
  3117 + H3270 *hSession = (H3270 *) SSL_get_ex_data(s,ssl_3270_ex_index);
  3118 +
  3119 +#ifdef DEBUG
  3120 + trace("%s: hsession=%p, session=%p",__FUNCTION__,hSession,lib3270_get_default_session_handle());
  3121 + if(hSession != lib3270_get_default_session_handle())
  3122 + exit(-1);
  3123 +#endif // DEBUG
3125 3124
3126 switch(where) 3125 switch(where)
3127 { 3126 {