Commit 3b32273a30de961f011393174f3a3e221d70d087
1 parent
3b563b02
Exists in
master
and in
3 other branches
Refactoring CRL download engine.
Showing
8 changed files
with
304 additions
and
100 deletions
Show diff stats
lib3270.cbp
| ... | ... | @@ -314,10 +314,16 @@ |
| 314 | 314 | <Unit filename="src/network_modules/openssl/context.c"> |
| 315 | 315 | <Option compilerVar="CC" /> |
| 316 | 316 | </Unit> |
| 317 | + <Unit filename="src/network_modules/openssl/crl.c"> | |
| 318 | + <Option compilerVar="CC" /> | |
| 319 | + </Unit> | |
| 317 | 320 | <Unit filename="src/network_modules/openssl/main.c"> |
| 318 | 321 | <Option compilerVar="CC" /> |
| 319 | 322 | </Unit> |
| 320 | 323 | <Unit filename="src/network_modules/openssl/private.h" /> |
| 324 | + <Unit filename="src/network_modules/openssl/start.c"> | |
| 325 | + <Option compilerVar="CC" /> | |
| 326 | + </Unit> | |
| 321 | 327 | <Unit filename="src/network_modules/openssl/states.c"> |
| 322 | 328 | <Option compilerVar="CC" /> |
| 323 | 329 | </Unit> | ... | ... |
src/core/session.c
| ... | ... | @@ -260,18 +260,6 @@ static void nop_int(H3270 GNUC_UNUSED(*session), int GNUC_UNUSED(width)) |
| 260 | 260 | return; |
| 261 | 261 | } |
| 262 | 262 | |
| 263 | -#ifdef HAVE_LIBSSL | |
| 264 | -static void set_peer_certificate(const X509 GNUC_UNUSED(*cert)) | |
| 265 | -{ | |
| 266 | - | |
| 267 | -} | |
| 268 | -#else | |
| 269 | -static void set_peer_certificate(const void GNUC_UNUSED(*cert)) | |
| 270 | -{ | |
| 271 | - | |
| 272 | -} | |
| 273 | -#endif // HAVE_LIBSSL | |
| 274 | - | |
| 275 | 263 | static void default_update_luname(H3270 GNUC_UNUSED(*session), const char GNUC_UNUSED(*name)) |
| 276 | 264 | { |
| 277 | 265 | } |
| ... | ... | @@ -307,7 +295,6 @@ void lib3270_reset_callbacks(H3270 *hSession) |
| 307 | 295 | hSession->cbk.print = print; |
| 308 | 296 | hSession->cbk.save = save; |
| 309 | 297 | hSession->cbk.load = load; |
| 310 | - hSession->cbk.set_peer_certificate = set_peer_certificate; | |
| 311 | 298 | hSession->cbk.update_luname = default_update_luname; |
| 312 | 299 | hSession->cbk.update_url = default_update_url; |
| 313 | 300 | ... | ... |
src/include/internals.h
| ... | ... | @@ -860,3 +860,5 @@ LIB3270_INTERNAL void set_ssl_state(H3270 *session, LIB3270_SSL_STATE state); |
| 860 | 860 | LIB3270_INTERNAL int lib3270_start_tls(H3270 *hSession); |
| 861 | 861 | |
| 862 | 862 | |
| 863 | + /// @brief Load file using URL. | |
| 864 | + LIB3270_INTERNAL char * lib3270_url_get(H3270 *hSession, const char *url, LIB3270_POPUP **popup); | ... | ... |
src/include/lib3270/session.h
| ... | ... | @@ -80,12 +80,6 @@ |
| 80 | 80 | |
| 81 | 81 | int (*popup)(H3270 *hSession, const LIB3270_POPUP *popup, unsigned char wait); |
| 82 | 82 | |
| 83 | -#ifdef HAVE_LIBSSL | |
| 84 | - void (*set_peer_certificate)(const X509 *cert); | |
| 85 | -#else | |
| 86 | - void (*set_peer_certificate)(const void *cert); | |
| 87 | -#endif // HAVE_LIBSSL | |
| 88 | - | |
| 89 | 83 | }; |
| 90 | 84 | |
| 91 | 85 | /** | ... | ... |
| ... | ... | @@ -0,0 +1,93 @@ |
| 1 | +/* | |
| 2 | + * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270 e X3270 | |
| 3 | + * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a | |
| 4 | + * aplicativos mainframe. Registro no INPI sob o nome G3270. | |
| 5 | + * | |
| 6 | + * Copyright (C) <2008> <Banco do Brasil S.A.> | |
| 7 | + * | |
| 8 | + * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob | |
| 9 | + * os termos da GPL v.2 - Licença Pública Geral GNU, conforme publicado pela | |
| 10 | + * Free Software Foundation. | |
| 11 | + * | |
| 12 | + * Este programa é distribuído na expectativa de ser útil, mas SEM QUALQUER | |
| 13 | + * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou de ADEQUAÇÃO | |
| 14 | + * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para | |
| 15 | + * obter mais detalhes. | |
| 16 | + * | |
| 17 | + * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este | |
| 18 | + * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin | |
| 19 | + * St, Fifth Floor, Boston, MA 02110-1301 USA | |
| 20 | + * | |
| 21 | + * Este programa está nomeado como - e possui - linhas de código. | |
| 22 | + * | |
| 23 | + * Contatos: | |
| 24 | + * | |
| 25 | + * perry.werneck@gmail.com (Alexandre Perry de Souza Werneck) | |
| 26 | + * erico.mendonca@gmail.com (Erico Mascarenhas Mendonça) | |
| 27 | + * | |
| 28 | + */ | |
| 29 | + | |
| 30 | +/// @brief Get CRL infro from X509 cert. | |
| 31 | +/// | |
| 32 | +/// References: | |
| 33 | +/// | |
| 34 | +/// http://www.zedwood.com/article/cpp-check-crl-for-revocation | |
| 35 | + | |
| 36 | + | |
| 37 | +#include "private.h" | |
| 38 | + | |
| 39 | +/*--[ Implement ]------------------------------------------------------------------------------------*/ | |
| 40 | + | |
| 41 | +LIB3270_STRING_ARRAY * lib3270_openssl_get_crls_from_peer(H3270 *hSession, X509 *cert) { | |
| 42 | + | |
| 43 | + // | |
| 44 | + // Get Distribution points. | |
| 45 | + // | |
| 46 | + lib3270_autoptr(CRL_DIST_POINTS) dist_points = (CRL_DIST_POINTS *) X509_get_ext_d2i(cert, NID_crl_distribution_points, NULL, NULL); | |
| 47 | + | |
| 48 | + if(!dist_points) { | |
| 49 | + trace_ssl(hSession,"The host certificate doesn't have CRL distribution points\n"); | |
| 50 | + return NULL; | |
| 51 | + } | |
| 52 | + | |
| 53 | + LIB3270_STRING_ARRAY * uris = lib3270_string_array_new(); | |
| 54 | + | |
| 55 | + size_t ix; | |
| 56 | + for(ix = 0; ix < (size_t) sk_DIST_POINT_num(dist_points); ix++) { | |
| 57 | + | |
| 58 | + DIST_POINT *dp = sk_DIST_POINT_value(dist_points, ix); | |
| 59 | + | |
| 60 | + if(!dp->distpoint || dp->distpoint->type != 0) | |
| 61 | + continue; | |
| 62 | + | |
| 63 | + GENERAL_NAMES *gens = dp->distpoint->name.fullname; | |
| 64 | + | |
| 65 | + size_t i; | |
| 66 | + for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { | |
| 67 | + int gtype; | |
| 68 | + GENERAL_NAME *gen = sk_GENERAL_NAME_value(gens, i); | |
| 69 | + ASN1_STRING *uri = GENERAL_NAME_get0_value(gen, >ype); | |
| 70 | + | |
| 71 | + if(uri && gtype == GEN_URI) | |
| 72 | + { | |
| 73 | + int length = ASN1_STRING_length(uri); | |
| 74 | + | |
| 75 | +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) // OpenSSL 1.1.0+ | |
| 76 | + const unsigned char * data = ASN1_STRING_get0_data(uri); | |
| 77 | +#else | |
| 78 | + const unsigned char * data = ASN1_STRING_data(uri); | |
| 79 | +#endif // OpenSSL 1.1.0+ | |
| 80 | + | |
| 81 | + if(data && length > 0) | |
| 82 | + lib3270_string_array_append_with_length(uris,(char *) data, (size_t) length); | |
| 83 | + | |
| 84 | + } | |
| 85 | + | |
| 86 | + } | |
| 87 | + | |
| 88 | + } | |
| 89 | + | |
| 90 | + return uris; | |
| 91 | + | |
| 92 | +} | |
| 93 | + | ... | ... |
src/network_modules/openssl/main.c
| ... | ... | @@ -178,87 +178,6 @@ static int openssl_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state |
| 178 | 178 | |
| 179 | 179 | } |
| 180 | 180 | |
| 181 | -static int openssl_network_start_tls(H3270 *hSession, LIB3270_NETWORK_STATE *state) { | |
| 182 | - | |
| 183 | - SSL_CTX * ctx_context = (SSL_CTX *) lib3270_openssl_get_context(state,state); | |
| 184 | - if(!ctx_context) | |
| 185 | - return -1; | |
| 186 | - | |
| 187 | - LIB3270_NET_CONTEXT * context = hSession->network.context; | |
| 188 | - | |
| 189 | - debug("%s",__FUNCTION__); | |
| 190 | - | |
| 191 | - set_ssl_state(hSession,LIB3270_SSL_NEGOTIATING); | |
| 192 | - context->con = SSL_new(ctx_context); | |
| 193 | - if(context->con == NULL) | |
| 194 | - { | |
| 195 | - static const LIB3270_POPUP popup = { | |
| 196 | - .type = LIB3270_NOTIFY_SECURE, | |
| 197 | - .summary = N_( "Cant create a new SSL structure for current connection." ) | |
| 198 | - }; | |
| 199 | - | |
| 200 | - state->popup = &popup; | |
| 201 | - return -1; | |
| 202 | - } | |
| 203 | - | |
| 204 | - SSL_set_ex_data(context->con,lib3270_openssl_get_ex_index(hSession),(char *) hSession); | |
| 205 | -// SSL_set_verify(context->con, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); | |
| 206 | - SSL_set_verify(context->con, 0, NULL); | |
| 207 | - | |
| 208 | - if(SSL_set_fd(context->con, context->sock) != 1) | |
| 209 | - { | |
| 210 | - trace_ssl(hSession,"%s","SSL_set_fd failed!\n"); | |
| 211 | - | |
| 212 | - static const LIB3270_NETWORK_POPUP popup = { | |
| 213 | - .summary = N_( "SSL negotiation failed" ), | |
| 214 | - .body = N_( "Cant set the file descriptor for the input/output facility for the TLS/SSL (encrypted) side of ssl." ) | |
| 215 | - }; | |
| 216 | - | |
| 217 | - state->popup = &popup; | |
| 218 | - return -1; | |
| 219 | - | |
| 220 | - } | |
| 221 | - | |
| 222 | - trace_ssl(hSession, "%s","Running SSL_connect\n"); | |
| 223 | - int rv = SSL_connect(context->con); | |
| 224 | - trace_ssl(hSession, "SSL_connect exits with rc=%d\n",rv); | |
| 225 | - | |
| 226 | - if (rv != 1) | |
| 227 | - { | |
| 228 | - int code = SSL_get_error(context->con,rv); | |
| 229 | - | |
| 230 | - if(code == SSL_ERROR_SYSCALL && hSession->ssl.error) | |
| 231 | - code = hSession->ssl.error; | |
| 232 | - | |
| 233 | - state->error_message = ERR_lib_error_string(code); | |
| 234 | - | |
| 235 | - trace_ssl(hSession,"SSL_connect failed: %s\n",ERR_reason_error_string(code)); | |
| 236 | - | |
| 237 | - static const LIB3270_POPUP popup = { | |
| 238 | - .type = LIB3270_NOTIFY_ERROR, | |
| 239 | - .summary = N_( "SSL Connect failed" ), | |
| 240 | - }; | |
| 241 | - | |
| 242 | - state->popup = &popup; | |
| 243 | - return -1; | |
| 244 | - | |
| 245 | - } | |
| 246 | - | |
| 247 | - // | |
| 248 | - // Connection succeeded, do we need to download the CRL? | |
| 249 | - // | |
| 250 | - if(lib3270_ssl_get_crl_download(hSession)) { | |
| 251 | - | |
| 252 | - | |
| 253 | - } else { | |
| 254 | - | |
| 255 | - trace_ssl(hSession,"CRL download is disabled\n"); | |
| 256 | - | |
| 257 | - } | |
| 258 | - | |
| 259 | - return 0; | |
| 260 | -} | |
| 261 | - | |
| 262 | 181 | void lib3270_set_openssl_network_module(H3270 *hSession) { |
| 263 | 182 | |
| 264 | 183 | static const LIB3270_NET_MODULE module = { | ... | ... |
src/network_modules/openssl/private.h
| ... | ... | @@ -44,12 +44,14 @@ |
| 44 | 44 | #include <lib3270.h> |
| 45 | 45 | #include <lib3270/log.h> |
| 46 | 46 | #include <lib3270/popup.h> |
| 47 | + #include <array.h> | |
| 47 | 48 | #include <internals.h> |
| 48 | 49 | #include <networking.h> |
| 49 | 50 | #include <trace_dsc.h> |
| 50 | 51 | |
| 51 | 52 | #include <openssl/ssl.h> |
| 52 | 53 | #include <openssl/x509.h> |
| 54 | + #include <openssl/err.h> | |
| 53 | 55 | |
| 54 | 56 | struct _lib3270_network_popup { |
| 55 | 57 | LIB3270_POPUP_HEAD |
| ... | ... | @@ -80,9 +82,27 @@ |
| 80 | 82 | |
| 81 | 83 | }; |
| 82 | 84 | |
| 85 | + /// @brief X509 auto-cleanup. | |
| 86 | + static inline void lib3270_autoptr_cleanup_X509(X509 **ptr) { | |
| 87 | + if(*ptr) | |
| 88 | + X509_free(*ptr); | |
| 89 | + *ptr = NULL; | |
| 90 | + } | |
| 91 | + | |
| 92 | + /// @brief Dist points auto-cleanup. | |
| 93 | + static inline void lib3270_autoptr_cleanup_CRL_DIST_POINTS(CRL_DIST_POINTS **ptr) | |
| 94 | + { | |
| 95 | + if(*ptr) | |
| 96 | + CRL_DIST_POINTS_free(*ptr); | |
| 97 | + *ptr = NULL; | |
| 98 | + } | |
| 99 | + | |
| 83 | 100 | LIB3270_INTERNAL SSL_CTX * lib3270_openssl_get_context(H3270 *hSession, LIB3270_NETWORK_STATE *state); |
| 84 | 101 | LIB3270_INTERNAL int lib3270_openssl_get_ex_index(H3270 *hSession); |
| 85 | 102 | LIB3270_INTERNAL const LIB3270_NETWORK_POPUP * lib3270_openssl_get_popup_from_error_code(long id); |
| 86 | 103 | |
| 104 | + LIB3270_INTERNAL int openssl_network_start_tls(H3270 *hSession, LIB3270_NETWORK_STATE *state); | |
| 105 | + | |
| 106 | + LIB3270_INTERNAL LIB3270_STRING_ARRAY * lib3270_openssl_get_crls_from_peer(H3270 *hSession, X509 *cert); | |
| 87 | 107 | |
| 88 | 108 | #endif // !LIB3270_OPENSSL_MODULE_PRIVATE_H_INCLUDED | ... | ... |
| ... | ... | @@ -0,0 +1,183 @@ |
| 1 | +/* | |
| 2 | + * "Software PW3270, desenvolvido com base nos códigos fontes do WC3270 e X3270 | |
| 3 | + * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a | |
| 4 | + * aplicativos mainframe. Registro no INPI sob o nome G3270. | |
| 5 | + * | |
| 6 | + * Copyright (C) <2008> <Banco do Brasil S.A.> | |
| 7 | + * | |
| 8 | + * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob | |
| 9 | + * os termos da GPL v.2 - Licença Pública Geral ', conforme publicado pela | |
| 10 | + * Free Software Foundation. | |
| 11 | + * | |
| 12 | + * Este programa é distribuído na expectativa de ser útil, mas SEM QUALQUER | |
| 13 | + * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou de ADEQUAÇÃO | |
| 14 | + * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para | |
| 15 | + * obter mais detalhes. | |
| 16 | + * | |
| 17 | + * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este | |
| 18 | + * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin | |
| 19 | + * St, Fifth Floor, Boston, MA 02110-1301 USA | |
| 20 | + * | |
| 21 | + * Este programa está nomeado como openssl.c e possui - linhas de código. | |
| 22 | + * | |
| 23 | + * Contatos: | |
| 24 | + * | |
| 25 | + * perry.werneck@gmail.com (Alexandre Perry de Souza Werneck) | |
| 26 | + * erico.mendonca@gmail.com (Erico Mascarenhas de Mendonça) | |
| 27 | + * | |
| 28 | + */ | |
| 29 | + | |
| 30 | + /** | |
| 31 | + * @brief Negotiate OpenSSL session. | |
| 32 | + * | |
| 33 | + */ | |
| 34 | + | |
| 35 | + #include "private.h" | |
| 36 | + #include <lib3270/properties.h> | |
| 37 | + | |
| 38 | + int openssl_network_start_tls(H3270 *hSession, LIB3270_NETWORK_STATE *state) { | |
| 39 | + | |
| 40 | + SSL_CTX * ctx_context = (SSL_CTX *) lib3270_openssl_get_context(hSession,state); | |
| 41 | + if(!ctx_context) | |
| 42 | + return -1; | |
| 43 | + | |
| 44 | + LIB3270_NET_CONTEXT * context = hSession->network.context; | |
| 45 | + | |
| 46 | + debug("%s",__FUNCTION__); | |
| 47 | + | |
| 48 | + set_ssl_state(hSession,LIB3270_SSL_NEGOTIATING); | |
| 49 | + context->con = SSL_new(ctx_context); | |
| 50 | + if(context->con == NULL) | |
| 51 | + { | |
| 52 | + static const LIB3270_NETWORK_POPUP popup = { | |
| 53 | + .type = LIB3270_NOTIFY_SECURE, | |
| 54 | + .summary = N_( "Cant create a new SSL structure for current connection." ) | |
| 55 | + }; | |
| 56 | + | |
| 57 | + state->popup = &popup; | |
| 58 | + return -1; | |
| 59 | + } | |
| 60 | + | |
| 61 | + SSL_set_ex_data(context->con,lib3270_openssl_get_ex_index(hSession),(char *) hSession); | |
| 62 | +// SSL_set_verify(context->con, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); | |
| 63 | + SSL_set_verify(context->con, 0, NULL); | |
| 64 | + | |
| 65 | + if(SSL_set_fd(context->con, context->sock) != 1) | |
| 66 | + { | |
| 67 | + trace_ssl(hSession,"%s","SSL_set_fd failed!\n"); | |
| 68 | + | |
| 69 | + static const LIB3270_NETWORK_POPUP popup = { | |
| 70 | + .summary = N_( "SSL negotiation failed" ), | |
| 71 | + .body = N_( "Cant set the file descriptor for the input/output facility for the TLS/SSL (encrypted) side of ssl." ) | |
| 72 | + }; | |
| 73 | + | |
| 74 | + state->popup = &popup; | |
| 75 | + return -1; | |
| 76 | + | |
| 77 | + } | |
| 78 | + | |
| 79 | + trace_ssl(hSession, "%s","Running SSL_connect\n"); | |
| 80 | + int rv = SSL_connect(context->con); | |
| 81 | + trace_ssl(hSession, "SSL_connect exits with rc=%d\n",rv); | |
| 82 | + | |
| 83 | + if (rv != 1) | |
| 84 | + { | |
| 85 | + int code = SSL_get_error(context->con,rv); | |
| 86 | + | |
| 87 | + if(code == SSL_ERROR_SYSCALL && hSession->ssl.error) | |
| 88 | + code = hSession->ssl.error; | |
| 89 | + | |
| 90 | + state->error_message = ERR_lib_error_string(code); | |
| 91 | + | |
| 92 | + trace_ssl(hSession,"SSL_connect failed: %s\n",ERR_reason_error_string(code)); | |
| 93 | + | |
| 94 | + static const LIB3270_NETWORK_POPUP popup = { | |
| 95 | + .summary = N_( "SSL Connect failed" ), | |
| 96 | + }; | |
| 97 | + | |
| 98 | + state->popup = &popup; | |
| 99 | + return -1; | |
| 100 | + | |
| 101 | + } | |
| 102 | + | |
| 103 | + // Get peer certificate, notify application before validation. | |
| 104 | + lib3270_autoptr(X509) peer = SSL_get_peer_certificate(context->con); | |
| 105 | + | |
| 106 | + if(peer) { | |
| 107 | + | |
| 108 | + if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE)) | |
| 109 | + { | |
| 110 | + BIO * out = BIO_new(BIO_s_mem()); | |
| 111 | + unsigned char * data; | |
| 112 | + unsigned char * text; | |
| 113 | + int n; | |
| 114 | + | |
| 115 | + X509_print(out,peer); | |
| 116 | + | |
| 117 | + n = BIO_get_mem_data(out, &data); | |
| 118 | + text = (unsigned char *) malloc (n+1); | |
| 119 | + text[n] ='\0'; | |
| 120 | + memcpy(text,data,n); | |
| 121 | + | |
| 122 | + trace_ssl(hSession,"TLS/SSL peer certificate:\n%s\n",text); | |
| 123 | + | |
| 124 | + free(text); | |
| 125 | + BIO_free(out); | |
| 126 | + | |
| 127 | + } | |
| 128 | + | |
| 129 | + } | |
| 130 | + | |
| 131 | + // Do we really need to download a new CRL? | |
| 132 | + if(lib3270_ssl_get_crl_download(hSession) && SSL_get_verify_result(context->con) == X509_V_ERR_UNABLE_TO_GET_CRL) { | |
| 133 | + | |
| 134 | + trace_ssl(hSession,"CRL Validation has failed, requesting download\n"); | |
| 135 | + | |
| 136 | + lib3270_autoptr(char) crl_text = NULL; | |
| 137 | + if(context->crl.url) { | |
| 138 | + | |
| 139 | + // There's a pre-defined URL, use it. | |
| 140 | + const LIB3270_POPUP * popup = NULL; | |
| 141 | + crl_text = lib3270_url_get(hSession, context->crl.url,&popup); | |
| 142 | + | |
| 143 | + if(popup) { | |
| 144 | + state->popup = popup; | |
| 145 | + trace_ssl(hSession,"Error downloading CRL from %s: %s\n",context->crl.url,popup->summary); | |
| 146 | + } | |
| 147 | + | |
| 148 | +#ifndef DEBUG | |
| 149 | + #error TODO: Import crl_text; | |
| 150 | +#endif // DEBUG | |
| 151 | + | |
| 152 | + } else if(peer) { | |
| 153 | + | |
| 154 | + // There's no pre-defined URL, get them from peer. | |
| 155 | + lib3270_autoptr(LIB3270_STRING_ARRAY) uris = lib3270_openssl_get_crls_from_peer(hSession, peer); | |
| 156 | + | |
| 157 | + if(uris) { | |
| 158 | + | |
| 159 | + size_t ix; | |
| 160 | + for(ix = 0; ix < uris->length; ix++) { | |
| 161 | + | |
| 162 | + LIB3270_POPUP * popup = NULL; | |
| 163 | + crl_text = lib3270_url_get(hSession, uris->str[ix], &popup); | |
| 164 | + | |
| 165 | + if(popup) { | |
| 166 | + trace_ssl(hSession,"Error downloading CRL from %s: %s\n",uris[ix],popup->summary); | |
| 167 | + } | |
| 168 | + | |
| 169 | +#ifndef DEBUG | |
| 170 | + #error TODO: Import crl_text; | |
| 171 | +#endif // DEBUG | |
| 172 | + | |
| 173 | + } | |
| 174 | + } | |
| 175 | + | |
| 176 | + } | |
| 177 | + | |
| 178 | + } | |
| 179 | + | |
| 180 | + | |
| 181 | + | |
| 182 | + return 0; | |
| 183 | +} | ... | ... |