Melhorando tratamento do indicador de SSL

perry.werneck@gmail.com
1 parent a4aa3906
Showing 9 changed files with 163 additions and 51 deletions Show diff stats
src/include/lib3270.h
src/include/lib3270/session.h
src/lib3270/api.h
src/lib3270/init.c
src/lib3270/screen.c
src/lib3270/telnet.c
src/pw3270/v3270/oia.c
src/pw3270/v3270/private.h
src/pw3270/v3270/widget.c
@@ -138,7 +138,7 @@
 	{
 		LIB3270_FLAG_BOXSOLID,	/**< System available */
 		LIB3270_FLAG_UNDERA,	/**< Control Unit STATUS */
-		LIB3270_FLAG_SECURE,	/**< Security status */
+//		LIB3270_FLAG_SECURE,	/**< Security status */
 		LIB3270_FLAG_TYPEAHEAD,
 		LIB3270_FLAG_PRINTER,
 		LIB3270_FLAG_REVERSE,
@@ -213,6 +213,20 @@
 	/**
+	 * SSL state
+	 *
+	 */
+	typedef enum lib3270_ssl_state
+	{
+		LIB3270_SSL_UNSECURE,			/**< No secure connection */
+		LIB3270_SSL_SECURE,				/**< Connection secure */
+		LIB3270_SSL_NEGOTIATING,		/**< Negotiating SSL */
+		LIB3270_SSL_UNDEFINED			/**< Undefined */
+	} LIB3270_SSL_STATE;
+
+	#define LIB3270_SSL_FAILED LIB3270_SSL_UNSECURE
+
+	/**
 	 * Notification message types.
 	 *
 	 */
@@ -611,6 +625,9 @@
 	LIB3270_EXPORT int lib3270_in_tn3270e(H3270 *h);
 	LIB3270_EXPORT int lib3270_in_e(H3270 *h);
+	LIB3270_EXPORT LIB3270_SSL_STATE lib3270_get_secure(H3270 *session);
+
+
 	/**
 	 * Call non gui function.
 	 *
@@ -71,7 +71,7 @@
 		unsigned short 		  	  sz;					/**< Struct size */
 		// Connection info
-		int						  secure_connection;
+//		int						  secure_connection;
 		int   	 	  			  sock;					/**< Network socket */
 		int						  net_sock;
 		LIB3270_CSTATE			  cstate;				/**< Connection state */
@@ -81,6 +81,8 @@
 		int					  	  selected	: 1;	/**< Has selected region? */
 		int						  rectsel	: 1;	/**< Selected region is a rectangle ? */
+		LIB3270_SSL_STATE		  secure;
+
 		struct lib3270_toggle	  toggle[LIB3270_TOGGLE_COUNT];
 		// Network & Termtype
@@ -177,6 +179,7 @@
 		void (*update_connect)(H3270 *session, unsigned char connected);
 		void (*update_model)(H3270 *session, const char *name, int model, int rows, int cols);
 		void (*update_selection)(H3270 *session, int start, int end);
+		void (*update_ssl)(H3270 *session, LIB3270_SSL_STATE state);
 		void (*set_timer)(H3270 *session, unsigned char on);
 		void (*erase)(H3270 *session);
@@ -157,7 +157,7 @@
 		#define OIA_FLAG_BOXSOLID	LIB3270_FLAG_BOXSOLID
 		#define OIA_FLAG_UNDERA		LIB3270_FLAG_UNDERA
-		#define OIA_FLAG_SECURE		LIB3270_FLAG_SECURE
+//		#define OIA_FLAG_SECURE		LIB3270_FLAG_SECURE
 		#define OIA_FLAG_TYPEAHEAD	LIB3270_FLAG_TYPEAHEAD
 		#define OIA_FLAG_PRINTER	LIB3270_FLAG_PRINTER
 		#define OIA_FLAG_REVERSE	LIB3270_FLAG_REVERSE
@@ -356,7 +356,7 @@
 		LOCAL_EXTERN void Input_String(const unsigned char *str);
 		LOCAL_EXTERN void screen_size(int *rows, int *cols);
-		#define query_secure_connection(h) lib3270_get_ssl_state(h)
+//		#define query_secure_connection(h) lib3270_get_ssl_state(h)
 		#define lib3270_paste_string(str) lib3270_set_string(NULL,str)
 		#define get_3270_terminal_size(h,r,c) lib3270_get_screen_size(h,r,c)
@@ -118,6 +118,10 @@ static void message(H3270 *session, LIB3270_NOTIFY id , const char *title, const
 	lib3270_write_log(session,"%s",text);
 }
+static void update_ssl(H3270 *session, LIB3270_SSL_STATE state)
+{
+}
+
 static void lib3270_session_init(H3270 *hSession, const char *model)
 {
 	int 	ovc, ovr;
@@ -144,6 +148,7 @@ static void lib3270_session_init(H3270 *hSession, const char *model)
 	hSession->update_selection	= update_selection;
 	hSession->cursor 			= set_cursor;
 	hSession->message			= message;
+	hSession->update_ssl		= update_ssl;
 	hSession->sock = -1;
 	hSession->model_num = -1;
@@ -546,15 +546,19 @@ static void status_connect(H3270 *session, int connected, void *dunno)
 		else
 			id = LIB3270_STATUS_CONNECTED;
-#if defined(HAVE_LIBSSL) /*[*/
+/*
+#if defined(HAVE_LIBSSL)
 		set_status(session,OIA_FLAG_SECURE,session->secure_connection);
-#endif /*]*/
+#endif
+*/
 	}
 	else
 	{
 		set_status(session,OIA_FLAG_BOXSOLID,False);
+/*
 		set_status(session,OIA_FLAG_SECURE,False);
+*/
 		id = LIB3270_STATUS_DISCONNECTED;
 	}
@@ -351,8 +351,19 @@ static void output_possible(H3270 *session);
 #endif /*]*/
+/*--[ Implement ]------------------------------------------------------------------------------------*/
+
+void set_ssl_state(H3270 *session, LIB3270_SSL_STATE state)
+{
+	if(state == session->secure)
+		return;
+
+	trace_dsn("SSL state changes to %d",(int) state);
+	trace("SSL state changes to %d",(int) state);
+
+	session->update_ssl(session,session->secure = state);
+}
-
 #if defined(_WIN32) /*[*/
 void sockstart(H3270 *session)
 {
@@ -477,6 +488,8 @@ int net_connect(H3270 *session, const char *host, char *portname, Boolean ls, Bo
 #define close_fail { (void) SOCK_CLOSE(session->sock); session->sock = -1; return -1; }
+	set_ssl_state(session,LIB3270_SSL_UNSECURE);
+
 #if defined(_WIN32)
 	sockstart(session);
 #endif
@@ -763,44 +776,49 @@ static void net_connected(H3270 *session)
 #if defined(HAVE_LIBSSL) /*[*/
 	/* Set up SSL. */
-	if(session->ssl_host && !session->secure_connection)
+	if(session->ssl_con && session->secure == LIB3270_SSL_UNDEFINED)
 	{
 		int rc;
+		set_ssl_state(session,LIB3270_SSL_NEGOTIATING);
+
 		if (SSL_set_fd(session->ssl_con, session->sock) != 1)
 		{
 			trace_dsn("Can't set fd!\n");
 			popup_system_error(&h3270,_( "Connection failed" ), _( "Can't set SSL socket file descriptor" ), "%s", SSL_state_string_long(session->ssl_con));
+			set_ssl_state(session,LIB3270_SSL_UNSECURE);
 		}
+		else
+		{
+			non_blocking(False);
+			rc = SSL_connect(session->ssl_con);
-		non_blocking(False);
-		rc = SSL_connect(session->ssl_con);
+			if(rc != 1)
+			{
+				unsigned long 	  e		= ERR_get_error();
+				const char  	* state	= SSL_state_string_long(session->ssl_con);
-		if(rc != 1)
-		{
-			unsigned long 	  e		= ERR_get_error();
-			const char  	* state	= SSL_state_string_long(session->ssl_con);
+				trace_dsn("TLS/SSL tunneled connection failed with error %ld, rc=%d and state=%s",e,rc,state);
-			trace_dsn("TLS/SSL tunneled connection failed with error %ld, rc=%d and state=%s",e,rc,state);
+				host_disconnect(session,True);
-			host_disconnect(session,True);
+				if(e != session->last_ssl_error)
+				{
+					session->message(	&h3270,
+										LIB3270_NOTIFY_ERROR,
+										_( "Connection failed" ),
+										_( "SSL negotiation failed" ),
+										state);
+					session->last_ssl_error = e;
+				}
+				return;
-			if(e != session->last_ssl_error)
-			{
-				session->message(	&h3270,
-									LIB3270_NOTIFY_ERROR,
-									_( "Connection failed" ),
-									_( "SSL negotiation failed" ),
-									state);
-				session->last_ssl_error = e;
 			}
-			return;
-
+			non_blocking(True);
 		}
-		non_blocking(True);
-		session->secure_connection = True;
-		trace_dsn("TLS/SSL tunneled connection complete. Connection is now secure.\n");
+//		session->secure_connection = True;
+//		trace_dsn("TLS/SSL tunneled connection complete. Connection is now secure.\n");
 		/* Tell everyone else again. */
 		host_connected(session);
@@ -897,18 +915,22 @@ static void output_possible(H3270 *session)
  */
 void net_disconnect(void)
 {
-#if defined(HAVE_LIBSSL) /*[*/
+#if defined(HAVE_LIBSSL)
 	if (h3270.ssl_con != NULL)
 	{
 		SSL_shutdown(h3270.ssl_con);
 		SSL_free(h3270.ssl_con);
 		h3270.ssl_con = NULL;
 	}
-	h3270.secure_connection = False;
-#endif /*]*/
+#endif
+
+	set_ssl_state(&h3270,LIB3270_SSL_UNSECURE);
+
 	if (CONNECTED)
 		(void) shutdown(h3270.sock, 2);
+
 	(void) SOCK_CLOSE(h3270.sock);
+
 	h3270.sock = -1;
 	trace_dsn("SENT disconnect\n");
@@ -3233,6 +3255,8 @@ static void ssl_init(H3270 *session)
 {
 	static SSL_CTX *ssl_ctx = NULL;
+	set_ssl_state(session,LIB3270_SSL_UNDEFINED);
+
 	if(ssl_ctx == NULL)
 	{
 		lib3270_write_log(session,"%s","Initializing SSL context");
@@ -3293,6 +3317,9 @@ static void client_info_callback(INFO_CONST SSL *s, int where, int ret)
 		break;
 	case SSL_CB_CONNECT_EXIT:
+
+		trace("%s: SSL_CB_CONNECT_EXIT",__FUNCTION__);
+
 		if (ret == 0)
 		{
 			trace_dsn("SSL_connect: failed in %s\n",SSL_state_string_long(s));
@@ -3349,6 +3376,15 @@ static void client_info_callback(INFO_CONST SSL *s, int where, int ret)
 	if(where & SSL_CB_ALERT)
 		lib3270_write_log(NULL,"SSL","ALERT: %s",SSL_alert_type_string_long(ret));
+
+	if(where & SSL_CB_HANDSHAKE_DONE)
+	{
+		trace("%s: SSL_CB_HANDSHAKE_DONE state=%04x",__FUNCTION__,SSL_state(s));
+		if(SSL_state(s) == 0x03)
+			set_ssl_state(&h3270,LIB3270_SSL_SECURE);
+		else
+			set_ssl_state(&h3270,LIB3270_SSL_UNSECURE);
+	}
 }
 /* Process a STARTTLS subnegotiation. */
@@ -3406,10 +3442,10 @@ static void continue_tls(unsigned char *sbbuf, int len)
 		return;
 	}
-	h3270.secure_connection = True;
+//	h3270.secure_connection = True;
 	/* Success. */
-	trace_dsn("TLS/SSL negotiated connection complete. Connection is now secure.\n");
+//	trace_dsn("TLS/SSL negotiated connection complete. Connection is now secure.\n");
 	/* Tell the world that we are (still) connected, now in secure mode. */
 	host_connected(&h3270);
@@ -3455,6 +3491,13 @@ net_proxy_port(void)
 	    	return NULL;
 }
+LIB3270_EXPORT LIB3270_SSL_STATE lib3270_get_secure(H3270 *session)
+{
+	CHECK_SESSION_HANDLE(session);
+	return session->secure;
+}
+
+/*
 LIB3270_EXPORT int lib3270_get_ssl_state(H3270 *h)
 {
 	CHECK_SESSION_HANDLE(h);
@@ -3465,6 +3508,7 @@ LIB3270_EXPORT int lib3270_get_ssl_state(H3270 *h)
 		return 0;
 #endif
 }
+*/
 /*
 int Get3270Socket(void)
@@ -306,18 +306,10 @@ void v3270_draw_ssl_status(cairo_t *cr, H3270 *host, struct v3270_metrics *metri
 {
 	cairo_surface_t		* icon;
 	double				  sz	= rect->width < rect->height ? rect->width : rect->height;
-	int					  idx	= lib3270_get_ssl_state(host) ? 1 : 0;
-
-	static const struct
-	{
-		unsigned short	  width;
-		unsigned short	  height;
-		unsigned char 	* bits;
-	} bitmap[] =
-	{
-		{ unlocked_width,	unlocked_height,	unlocked_bits	},
-		{ locked_width,		locked_height,		locked_bits 	},
-	};
+	int					  idx	= 0; // lib3270_get_ssl_state(host) ? 1 : 0;
+	unsigned short		  width;
+	unsigned short		  height;
+	unsigned char	 	* bits;
 #ifdef DEBUG
 	cairo_set_source_rgb(cr,0.1,0.1,0.1);
@@ -330,15 +322,42 @@ void v3270_draw_ssl_status(cairo_t *cr, H3270 *host, struct v3270_metrics *metri
 	cairo_rectangle(cr, 0, 0, rect->width, rect->height);
 	cairo_fill(cr);
-	gdk_cairo_set_source_color(cr,color+V3270_COLOR_OIA_FOREGROUND);
+	switch(lib3270_get_secure(host))
+	{
+	case LIB3270_SSL_UNSECURE:	/**< No secure connection */
+		gdk_cairo_set_source_color(cr,color+V3270_COLOR_OIA_FOREGROUND);
+		width   = unlocked_width;
+		height  = unlocked_height;
+		bits	= (unsigned char *) unlocked_bits;
+		break;
+
+	case LIB3270_SSL_SECURE:	/**< Connection secure */
+		gdk_cairo_set_source_color(cr,color+V3270_COLOR_OIA_FOREGROUND);
+		width   = locked_width;
+		height  = locked_height;
+		bits	= (unsigned char *) locked_bits;
+		break;
+
+	case LIB3270_SSL_NEGOTIATING:	/**< Negotiating SSL */
+		gdk_cairo_set_source_color(cr,color+V3270_COLOR_OIA_STATUS_WARNING);
+		width   = locked_width;
+		height  = locked_height;
+		bits	= (unsigned char *) locked_bits;
+		break;
+
+	default:
+		return;
+
+	}
+
-	icon = cairo_image_surface_create_for_data(	(unsigned char *) bitmap[idx].bits,
+	icon = cairo_image_surface_create_for_data(	bits,
 												CAIRO_FORMAT_A1,
-												bitmap[idx].width,bitmap[idx].height,
+												width,height,
 												cairo_format_stride_for_width(CAIRO_FORMAT_A1,locked_width));
-	cairo_scale(cr,	sz / ((double) bitmap[idx].width),
-					sz / ((double) bitmap[idx].height));
+	cairo_scale(cr,	sz / ((double) width),
+					sz / ((double) height));
 	cairo_mask_surface(cr,icon,(rect->width-sz)/2,(rect->height-sz)/2);
@@ -985,6 +1004,22 @@ void v3270_stop_timer(GtkWidget *widget)
 }
+void v3270_update_ssl(H3270 *session, LIB3270_SSL_STATE state)
+{
+	v3270 			* terminal = GTK_V3270(session->widget);
+	cairo_t			* cr;
+	GdkRectangle	* r;
+
+	if(!terminal->surface)
+		return;
+
+	cr = set_update_region(terminal,&r,V3270_OIA_SSL);
+	v3270_draw_ssl_status(cr,terminal->host,&terminal->metrics,terminal->color,r);
+	gtk_widget_queue_draw_area(GTK_WIDGET(terminal),r->x,r->y,r->width,r->height);
+	cairo_destroy(cr);
+
+}
+
 void v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on)
 {
 	cairo_t *cr;
@@ -1011,12 +1046,14 @@ void v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on)
 		cairo_destroy(cr);
 		break;
+/*
 	case LIB3270_FLAG_SECURE:
 		cr = set_update_region(terminal,&r,V3270_OIA_SSL);
 		v3270_draw_ssl_status(cr,terminal->host,&terminal->metrics,terminal->color,r);
 		gtk_widget_queue_draw_area(GTK_WIDGET(terminal),r->x,r->y,r->width,r->height);
 		cairo_destroy(cr);
 		break;
+*/
 	case LIB3270_FLAG_TYPEAHEAD:
 		update_text_field(terminal,on,V3270_OIA_TYPEAHEAD,"T");
@@ -224,6 +224,7 @@ void 		  v3270_update_luname(GtkWidget *widget,const gchar *name);
 void		  v3270_update_message(v3270 *widget, LIB3270_MESSAGE id);
 void		  v3270_update_cursor(H3270 *session, unsigned short row, unsigned short col, unsigned char c, unsigned short attr);
 void		  v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on);
+void		  v3270_update_ssl(H3270 *session, LIB3270_SSL_STATE state);
 // Keyboard & Mouse
 gboolean	  v3270_key_press_event(GtkWidget *widget, GdkEventKey *event);
@@ -769,6 +769,7 @@ static void v3270_init(v3270 *widget)
 	widget->host->changed			= changed;
 	widget->host->ctlr_done			= ctlr_done;
 	widget->host->message			= message;
+	widget->host->update_ssl		= v3270_update_ssl;
 	// Setup input method
 	widget->input_method 			= gtk_im_multicontext_new();
	@@ -138,7 +138,7 @@		@@ -138,7 +138,7 @@
138	{	138	{
139	LIB3270_FLAG_BOXSOLID, /*< System available /	139	LIB3270_FLAG_BOXSOLID, /*< System available /
140	LIB3270_FLAG_UNDERA, /*< Control Unit STATUS /	140	LIB3270_FLAG_UNDERA, /*< Control Unit STATUS /
141	- LIB3270_FLAG_SECURE, /*< Security status /	141	+// LIB3270_FLAG_SECURE, /*< Security status /
142	LIB3270_FLAG_TYPEAHEAD,	142	LIB3270_FLAG_TYPEAHEAD,
143	LIB3270_FLAG_PRINTER,	143	LIB3270_FLAG_PRINTER,
144	LIB3270_FLAG_REVERSE,	144	LIB3270_FLAG_REVERSE,
	@@ -213,6 +213,20 @@		@@ -213,6 +213,20 @@
213		213
214		214
215	/**	215	/**
		216	+ * SSL state
		217	+ *
		218	+ */
		219	+ typedef enum lib3270_ssl_state
		220	+ {
		221	+ LIB3270_SSL_UNSECURE, /*< No secure connection /
		222	+ LIB3270_SSL_SECURE, /*< Connection secure /
		223	+ LIB3270_SSL_NEGOTIATING, /*< Negotiating SSL /
		224	+ LIB3270_SSL_UNDEFINED /*< Undefined /
		225	+ } LIB3270_SSL_STATE;
		226	+
		227	+ #define LIB3270_SSL_FAILED LIB3270_SSL_UNSECURE
		228	+
		229	+ /**
216	* Notification message types.	230	* Notification message types.
217	*	231	*
218	*/	232	*/
	@@ -611,6 +625,9 @@		@@ -611,6 +625,9 @@
611	LIB3270_EXPORT int lib3270_in_tn3270e(H3270 *h);	625	LIB3270_EXPORT int lib3270_in_tn3270e(H3270 *h);
612	LIB3270_EXPORT int lib3270_in_e(H3270 *h);	626	LIB3270_EXPORT int lib3270_in_e(H3270 *h);
613		627
		628	+ LIB3270_EXPORT LIB3270_SSL_STATE lib3270_get_secure(H3270 *session);
		629	+
		630	+
614	/**	631	/**
615	* Call non gui function.	632	* Call non gui function.
616	*	633	*
	@@ -157,7 +157,7 @@		@@ -157,7 +157,7 @@
157		157
158	#define OIA_FLAG_BOXSOLID LIB3270_FLAG_BOXSOLID	158	#define OIA_FLAG_BOXSOLID LIB3270_FLAG_BOXSOLID
159	#define OIA_FLAG_UNDERA LIB3270_FLAG_UNDERA	159	#define OIA_FLAG_UNDERA LIB3270_FLAG_UNDERA
160	- #define OIA_FLAG_SECURE LIB3270_FLAG_SECURE	160	+// #define OIA_FLAG_SECURE LIB3270_FLAG_SECURE
161	#define OIA_FLAG_TYPEAHEAD LIB3270_FLAG_TYPEAHEAD	161	#define OIA_FLAG_TYPEAHEAD LIB3270_FLAG_TYPEAHEAD
162	#define OIA_FLAG_PRINTER LIB3270_FLAG_PRINTER	162	#define OIA_FLAG_PRINTER LIB3270_FLAG_PRINTER
163	#define OIA_FLAG_REVERSE LIB3270_FLAG_REVERSE	163	#define OIA_FLAG_REVERSE LIB3270_FLAG_REVERSE
	@@ -356,7 +356,7 @@		@@ -356,7 +356,7 @@
356	LOCAL_EXTERN void Input_String(const unsigned char *str);	356	LOCAL_EXTERN void Input_String(const unsigned char *str);
357	LOCAL_EXTERN void screen_size(int rows, int cols);	357	LOCAL_EXTERN void screen_size(int rows, int cols);
358		358
359	- #define query_secure_connection(h) lib3270_get_ssl_state(h)	359	+// #define query_secure_connection(h) lib3270_get_ssl_state(h)
360	#define lib3270_paste_string(str) lib3270_set_string(NULL,str)	360	#define lib3270_paste_string(str) lib3270_set_string(NULL,str)
361	#define get_3270_terminal_size(h,r,c) lib3270_get_screen_size(h,r,c)	361	#define get_3270_terminal_size(h,r,c) lib3270_get_screen_size(h,r,c)
362		362
	@@ -306,18 +306,10 @@ void v3270_draw_ssl_status(cairo_t cr, H3270 host, struct v3270_metrics *metri		@@ -306,18 +306,10 @@ void v3270_draw_ssl_status(cairo_t cr, H3270 host, struct v3270_metrics *metri
306	{	306	{
307	cairo_surface_t * icon;	307	cairo_surface_t * icon;
308	double sz = rect->width < rect->height ? rect->width : rect->height;	308	double sz = rect->width < rect->height ? rect->width : rect->height;
309	- int idx = lib3270_get_ssl_state(host) ? 1 : 0;
310	-
311	- static const struct
312	- {
313	- unsigned short width;
314	- unsigned short height;
315	- unsigned char * bits;
316	- } bitmap[] =
317	- {
318	- { unlocked_width, unlocked_height, unlocked_bits },
319	- { locked_width, locked_height, locked_bits },
320	- };	309	+ int idx = 0; // lib3270_get_ssl_state(host) ? 1 : 0;
		310	+ unsigned short width;
		311	+ unsigned short height;
		312	+ unsigned char * bits;
321		313
322	#ifdef DEBUG	314	#ifdef DEBUG
323	cairo_set_source_rgb(cr,0.1,0.1,0.1);	315	cairo_set_source_rgb(cr,0.1,0.1,0.1);
	@@ -330,15 +322,42 @@ void v3270_draw_ssl_status(cairo_t cr, H3270 host, struct v3270_metrics *metri		@@ -330,15 +322,42 @@ void v3270_draw_ssl_status(cairo_t cr, H3270 host, struct v3270_metrics *metri
330	cairo_rectangle(cr, 0, 0, rect->width, rect->height);	322	cairo_rectangle(cr, 0, 0, rect->width, rect->height);
331	cairo_fill(cr);	323	cairo_fill(cr);
332		324
333	- gdk_cairo_set_source_color(cr,color+V3270_COLOR_OIA_FOREGROUND);	325	+ switch(lib3270_get_secure(host))
		326	+ {
		327	+ case LIB3270_SSL_UNSECURE: /*< No secure connection /
		328	+ gdk_cairo_set_source_color(cr,color+V3270_COLOR_OIA_FOREGROUND);
		329	+ width = unlocked_width;
		330	+ height = unlocked_height;
		331	+ bits = (unsigned char *) unlocked_bits;
		332	+ break;
		333	+
		334	+ case LIB3270_SSL_SECURE: /*< Connection secure /
		335	+ gdk_cairo_set_source_color(cr,color+V3270_COLOR_OIA_FOREGROUND);
		336	+ width = locked_width;
		337	+ height = locked_height;
		338	+ bits = (unsigned char *) locked_bits;
		339	+ break;
		340	+
		341	+ case LIB3270_SSL_NEGOTIATING: /*< Negotiating SSL /
		342	+ gdk_cairo_set_source_color(cr,color+V3270_COLOR_OIA_STATUS_WARNING);
		343	+ width = locked_width;
		344	+ height = locked_height;
		345	+ bits = (unsigned char *) locked_bits;
		346	+ break;
		347	+
		348	+ default:
		349	+ return;
		350	+
		351	+ }
		352	+
334		353
335	- icon = cairo_image_surface_create_for_data( (unsigned char *) bitmap[idx].bits,	354	+ icon = cairo_image_surface_create_for_data( bits,
336	CAIRO_FORMAT_A1,	355	CAIRO_FORMAT_A1,
337	- bitmap[idx].width,bitmap[idx].height,	356	+ width,height,
338	cairo_format_stride_for_width(CAIRO_FORMAT_A1,locked_width));	357	cairo_format_stride_for_width(CAIRO_FORMAT_A1,locked_width));
339		358
340	- cairo_scale(cr, sz / ((double) bitmap[idx].width),
341	- sz / ((double) bitmap[idx].height));	359	+ cairo_scale(cr, sz / ((double) width),
		360	+ sz / ((double) height));
342		361
343	cairo_mask_surface(cr,icon,(rect->width-sz)/2,(rect->height-sz)/2);	362	cairo_mask_surface(cr,icon,(rect->width-sz)/2,(rect->height-sz)/2);
344		363
	@@ -985,6 +1004,22 @@ void v3270_stop_timer(GtkWidget *widget)		@@ -985,6 +1004,22 @@ void v3270_stop_timer(GtkWidget *widget)
985		1004
986	}	1005	}
987		1006
		1007	+void v3270_update_ssl(H3270 *session, LIB3270_SSL_STATE state)
		1008	+{
		1009	+ v3270 * terminal = GTK_V3270(session->widget);
		1010	+ cairo_t * cr;
		1011	+ GdkRectangle * r;
		1012	+
		1013	+ if(!terminal->surface)
		1014	+ return;
		1015	+
		1016	+ cr = set_update_region(terminal,&r,V3270_OIA_SSL);
		1017	+ v3270_draw_ssl_status(cr,terminal->host,&terminal->metrics,terminal->color,r);
		1018	+ gtk_widget_queue_draw_area(GTK_WIDGET(terminal),r->x,r->y,r->width,r->height);
		1019	+ cairo_destroy(cr);
		1020	+
		1021	+}
		1022	+
988	void v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on)	1023	void v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on)
989	{	1024	{
990	cairo_t *cr;	1025	cairo_t *cr;
	@@ -1011,12 +1046,14 @@ void v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on)		@@ -1011,12 +1046,14 @@ void v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on)
1011	cairo_destroy(cr);	1046	cairo_destroy(cr);
1012	break;	1047	break;
1013		1048
		1049	+/*
1014	case LIB3270_FLAG_SECURE:	1050	case LIB3270_FLAG_SECURE:
1015	cr = set_update_region(terminal,&r,V3270_OIA_SSL);	1051	cr = set_update_region(terminal,&r,V3270_OIA_SSL);
1016	v3270_draw_ssl_status(cr,terminal->host,&terminal->metrics,terminal->color,r);	1052	v3270_draw_ssl_status(cr,terminal->host,&terminal->metrics,terminal->color,r);
1017	gtk_widget_queue_draw_area(GTK_WIDGET(terminal),r->x,r->y,r->width,r->height);	1053	gtk_widget_queue_draw_area(GTK_WIDGET(terminal),r->x,r->y,r->width,r->height);
1018	cairo_destroy(cr);	1054	cairo_destroy(cr);
1019	break;	1055	break;
		1056	+*/
1020		1057
1021	case LIB3270_FLAG_TYPEAHEAD:	1058	case LIB3270_FLAG_TYPEAHEAD:
1022	update_text_field(terminal,on,V3270_OIA_TYPEAHEAD,"T");	1059	update_text_field(terminal,on,V3270_OIA_TYPEAHEAD,"T");
	@@ -224,6 +224,7 @@ void v3270_update_luname(GtkWidget widget,const gchar name);		@@ -224,6 +224,7 @@ void v3270_update_luname(GtkWidget widget,const gchar name);
224	void v3270_update_message(v3270 *widget, LIB3270_MESSAGE id);	224	void v3270_update_message(v3270 *widget, LIB3270_MESSAGE id);
225	void v3270_update_cursor(H3270 *session, unsigned short row, unsigned short col, unsigned char c, unsigned short attr);	225	void v3270_update_cursor(H3270 *session, unsigned short row, unsigned short col, unsigned char c, unsigned short attr);
226	void v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on);	226	void v3270_update_oia(H3270 *session, LIB3270_FLAG id, unsigned char on);
		227	+void v3270_update_ssl(H3270 *session, LIB3270_SSL_STATE state);
227		228
228	// Keyboard & Mouse	229	// Keyboard & Mouse
229	gboolean v3270_key_press_event(GtkWidget widget, GdkEventKey event);	230	gboolean v3270_key_press_event(GtkWidget widget, GdkEventKey event);
	@@ -769,6 +769,7 @@ static void v3270_init(v3270 *widget)		@@ -769,6 +769,7 @@ static void v3270_init(v3270 *widget)
769	widget->host->changed = changed;	769	widget->host->changed = changed;
770	widget->host->ctlr_done = ctlr_done;	770	widget->host->ctlr_done = ctlr_done;
771	widget->host->message = message;	771	widget->host->message = message;
		772	+ widget->host->update_ssl = v3270_update_ssl;
772		773
773	// Setup input method	774	// Setup input method
774	widget->input_method = gtk_im_multicontext_new();	775	widget->input_method = gtk_im_multicontext_new();