Download as
Browse Code »

Commit 3b563b021039e56eca100102644a6d22d71c20eb

Authored by Perry Werneck
2 parents 22767ee5 ff3ec356
Exists in master and in 3 other branches develop, macos, network_module

Merge branch 'develop' into network_module

Showing 13 changed files with 172 additions and 70 deletions   Show diff stats
src/core/properties/boolean.c
  Diff comments   View file @3b563b0
... ... @@ -52,12 +52,22 @@
52 52 hSession->ssl.crl.download = enabled ? 1 : 0;
53 53 return 0;
54 54 }
  55 +
  56 +LIB3270_EXPORT int lib3270_ssl_get_crl_download(const H3270 *hSession)
  57 +{
  58 + return hSession->ssl.crl.download;
  59 +}
55 60 #else
56 61 LIB3270_EXPORT int lib3270_ssl_set_crl_download(H3270 GNUC_UNUSED(*hSession), int GNUC_UNUSED(enabled))
57 62 {
58 63 return errno = ENOTSUP;
59 64 }
60   -#endif // HAVE_LIBSSL && SSL_ENABLE_CRL_CHECK
  65 +
  66 + LIB3270_EXPORT int lib3270_ssl_get_crl_download(const H3270 GNUC_UNUSED(*hSession))
  67 + {
  68 + return 0;
  69 + }
  70 +#endif // SSL_ENABLE_CRL_CHECK
61 71  
62 72 const LIB3270_INT_PROPERTY * lib3270_get_boolean_properties_list(void)
63 73 {
... ... @@ -199,6 +209,13 @@
199 209 },
200 210  
201 211 {
  212 + .name = "crlget", // Property name.
  213 + .description = N_( "Non zero if the download of CRL is enabled" ), // Property description.
  214 + .get = lib3270_ssl_get_crl_download, // Get value.
  215 + .set = lib3270_ssl_set_crl_download // Set value.
  216 + },
  217 +
  218 + {
202 219 .name = NULL,
203 220 .description = NULL,
204 221 .get = NULL,
... ...
src/core/screen.c
  Diff comments   View file @3b563b0
... ... @@ -594,15 +594,16 @@ void status_reset(H3270 *session)
594 594 }
595 595  
596 596 /**
597   - * Query the updated terminal status.
  597 + * @brief Query the updated terminal status.
598 598 *
599 599 * @return status-code.
600 600 *
601 601 * @see LIB3270_MESSAGE
602 602 */
603   -LIB3270_EXPORT LIB3270_MESSAGE lib3270_get_program_message(const H3270 *session)
  603 +LIB3270_EXPORT LIB3270_MESSAGE lib3270_get_program_message(const H3270 *hSession)
604 604 {
605   - return session->oia.status;
  605 + debug("OIA Status=%d",hSession->oia.status);
  606 + return hSession->oia.status;
606 607 }
607 608  
608 609 /**
... ... @@ -618,12 +619,12 @@ LIB3270_EXPORT LIB3270_MESSAGE lib3270_get_program_message(const H3270 *session)
618 619 */
619 620 LIB3270_EXPORT LIB3270_MESSAGE lib3270_get_lock_status(const H3270 *hSession)
620 621 {
621   - if(hSession->oia.status)
622   - return hSession->oia.status;
623   -
624 622 if(hSession->kybdlock)
625 623 return LIB3270_MESSAGE_KYBDLOCK;
626 624  
  625 + if(hSession->oia.status)
  626 + return hSession->oia.status;
  627 +
627 628 return LIB3270_MESSAGE_NONE;
628 629  
629 630 }
... ...
src/core/session.c
  Diff comments   View file @3b563b0
... ... @@ -341,7 +341,7 @@ static void lib3270_session_init(H3270 *hSession, const char *model, const char
341 341 hSession->onlcr = 1;
342 342 hSession->model_num = -1;
343 343 hSession->connection.state = LIB3270_NOT_CONNECTED;
344   - hSession->oia.status = -1;
  344 + hSession->oia.status = LIB3270_MESSAGE_DISCONNECTED;
345 345 hSession->kybdlock = KL_NOT_CONNECTED;
346 346 hSession->aid = AID_NO;
347 347 hSession->reply_mode = SF_SRM_FIELD;
... ... @@ -554,14 +554,22 @@ LIB3270_EXPORT char lib3270_get_session_id(H3270 *hSession)
554 554 return hSession->id;
555 555 }
556 556  
557   -struct lib3270_session_callbacks * lib3270_get_session_callbacks(H3270 *session, unsigned short sz)
  557 +struct lib3270_session_callbacks * lib3270_get_session_callbacks(H3270 *hSession, const char *revision, unsigned short sz)
558 558 {
559   - CHECK_SESSION_HANDLE(session);
  559 + if(revision && strcasecmp(revision,"20200803") < 0)
  560 + {
  561 + debug("%s: Revision test was %d",__FUNCTION__,strcasecmp(revision,"20200803"));
  562 + errno = EINVAL;
  563 + return NULL;
  564 + }
560 565  
561 566 if(sz != sizeof(struct lib3270_session_callbacks))
  567 + {
  568 + errno = EINVAL;
562 569 return NULL;
  570 + }
563 571  
564   - return &session->cbk;
  572 + return &hSession->cbk;
565 573 }
566 574  
567 575  
... ...
src/core/wait.c
  Diff comments   View file @3b563b0
... ... @@ -248,16 +248,22 @@ LIB3270_EXPORT LIB3270_KEYBOARD_LOCK_STATE lib3270_wait_for_keyboard_unlock(H327
248 248 // Timeout! The timer was destroyed.
249 249 debug("%s exits with ETIMEDOUT",__FUNCTION__);
250 250 errno = ETIMEDOUT;
251   - return (LIB3270_KEYBOARD_LOCK_STATE) hSession->kybdlock;
  251 + break;
252 252 }
253 253  
254   - if(lib3270_is_disconnected(hSession))
  254 + if(hSession->kybdlock == LIB3270_KL_NOT_CONNECTED)
255 255 {
256 256 errno = ENOTCONN;
257 257 break;
258 258 }
259 259  
260 260 if(KYBDLOCK_IS_OERR(hSession))
  261 + {
  262 + errno = EPERM;
  263 + break;
  264 + }
  265 +
  266 + if(hSession->kybdlock == LIB3270_KL_UNLOCKED)
261 267 break;
262 268  
263 269 debug("%s: Waiting",__FUNCTION__);
... ...
src/include/internals.h
  Diff comments   View file @3b563b0
... ... @@ -793,6 +793,8 @@ LIB3270_INTERNAL void set_ssl_state(H3270 *session, LIB3270_SSL_STATE state);
793 793 DWORD lasterror;
794 794 #endif // _WIN32
795 795  
  796 + const char *body;
  797 +
796 798 const LIB3270_POPUP *popup; /// @brief Pointer to popup message.
797 799  
798 800 } SSL_ERROR_MESSAGE;
... ...
src/include/lib3270/keyboard.h
  Diff comments   View file @3b563b0
... ... @@ -66,6 +66,8 @@
66 66 * @param seconds Number of seconds to wait.
67 67 *
68 68 * @return keyboard lock status.
  69 + *
  70 + * @retval LIB3270_KL_UNLOCKED Keyboard unlocked, acess ok.
69 71 */
70 72 LIB3270_EXPORT LIB3270_KEYBOARD_LOCK_STATE lib3270_wait_for_keyboard_unlock(H3270 *hSession, int seconds);
71 73  
... ...
src/include/lib3270/properties.h
  Diff comments   View file @3b563b0
... ... @@ -225,6 +225,8 @@
225 225 */
226 226 LIB3270_EXPORT int lib3270_ssl_set_crl_download(H3270 *hSession, int enabled);
227 227  
  228 + LIB3270_EXPORT int lib3270_ssl_get_crl_download(const H3270 *hSession);
  229 +
228 230 /**
229 231 * @brief Get lib3270 version info.
230 232 *
... ...
src/include/lib3270/session.h
  Diff comments   View file @3b563b0
... ... @@ -101,7 +101,17 @@
101 101 LIB3270_EXPORT int lib3270_getpeername(H3270 *hSession, struct sockaddr *addr, socklen_t *addrlen);
102 102 LIB3270_EXPORT int lib3270_getsockname(H3270 *hSession, struct sockaddr *addr, socklen_t *addrlen);
103 103  
104   - LIB3270_EXPORT struct lib3270_session_callbacks * lib3270_get_session_callbacks(H3270 *session, unsigned short sz);
  104 + /**
  105 + * @brief Get lib3270 callback table.
  106 + *
  107 + * @param hSession TN3270 Session.
  108 + . @param revision Expected lib3270 revision.
  109 + * @param sz Expected lib3270_session_callbacks struct length.
  110 + *
  111 + * @return Callback table if ok, NULL if failed.
  112 + *
  113 + */
  114 + LIB3270_EXPORT struct lib3270_session_callbacks * lib3270_get_session_callbacks(H3270 *hSession, const char *revision, unsigned short sz);
105 115  
106 116 #endif // LIB3270_SESSION_H_INCLUDED
107 117  
... ...
src/network_modules/openssl/main.c
  Diff comments   View file @3b563b0
... ... @@ -80,6 +80,8 @@ static int openssl_network_disconnect(H3270 *hSession) {
80 80 context->sock = -1;
81 81 }
82 82  
  83 + return 0;
  84 +
83 85 }
84 86  
85 87 ssize_t openssl_network_send(H3270 *hSession, const void *buffer, size_t length) {
... ... @@ -121,11 +123,9 @@ static int openssl_network_init(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
121 123 if(!ctx_context)
122 124 return -1;
123 125  
124   - //
125   - // Create SSL context.
126   - //
127 126 LIB3270_NET_CONTEXT * context = hSession->network.context;
128 127  
  128 + return 0;
129 129 }
130 130  
131 131 static int openssl_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
... ... @@ -244,6 +244,18 @@ static int openssl_network_start_tls(H3270 *hSession, LIB3270_NETWORK_STATE *sta
244 244  
245 245 }
246 246  
  247 + //
  248 + // Connection succeeded, do we need to download the CRL?
  249 + //
  250 + if(lib3270_ssl_get_crl_download(hSession)) {
  251 +
  252 +
  253 + } else {
  254 +
  255 + trace_ssl(hSession,"CRL download is disabled\n");
  256 +
  257 + }
  258 +
247 259 return 0;
248 260 }
249 261  
... ...
src/ssl/negotiate.c
  Diff comments   View file @3b563b0
... ... @@ -57,6 +57,7 @@
57 57 #include <lib3270/trace.h>
58 58 #include <lib3270/log.h>
59 59 #include <lib3270/toggle.h>
  60 +#include <lib3270/properties.h>
60 61 #include "hostc.h" // host_disconnect
61 62 #include "trace_dsc.h"
62 63  
... ... @@ -401,17 +402,33 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
401 402  
402 403 #ifdef SSL_ENABLE_SELF_SIGNED_CERT_CHECK
403 404 static const LIB3270_POPUP popup = {
404   - .name = "SelfSignedCert",
405 405 .type = LIB3270_NOTIFY_SECURE,
406 406 .summary = N_( "The SSL certificate for this host is not trusted." ),
407 407 .body = N_( "The security certificate presented by this host was not issued by a trusted certificate authority." )
408   - }
  408 + };
  409 +
409 410 ((SSL_ERROR_MESSAGE *) message)->popup = &popup;
410 411 return EACCES;
411 412 #else
412 413 break;
413 414 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK
414 415  
  416 + case X509_V_ERR_UNABLE_TO_GET_CRL:
  417 +
  418 + trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->body);
  419 +
  420 + ((SSL_ERROR_MESSAGE *) message)->popup = (LIB3270_POPUP *) msg;
  421 +
  422 + debug("message: %s",((SSL_ERROR_MESSAGE *) message)->popup->summary);
  423 + debug("description: %s",((SSL_ERROR_MESSAGE *) message)->popup->body);
  424 +
  425 + set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED);
  426 +
  427 + if(msg->type == LIB3270_NOTIFY_ERROR && lib3270_ssl_get_crl_download(hSession))
  428 + return EACCES;
  429 +
  430 + break;
  431 +
415 432 default:
416 433 trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->body);
417 434  
... ...
src/ssl/notify.c
  Diff comments   View file @3b563b0
... ... @@ -59,14 +59,16 @@ static LIB3270_POPUP * translate_ssl_error_message(const SSL_ERROR_MESSAGE *msg,
59 59  
60 60 printf("\n\nMSG-CODE=%d\n\n",msg->code);
61 61  
  62 + const char *body = (msg->body ? msg->body : msg->popup->body);
  63 +
62 64 if(msg->code)
63 65 {
64   - if(msg->popup->body)
  66 + if(body)
65 67 {
66 68 popup = lib3270_popup_clone_printf(
67 69 msg->popup,
68 70 _( "%s\nThe SSL error message was \"%s\"(%d)" ),
69   - dgettext(GETTEXT_PACKAGE,msg->popup->body),
  71 + dgettext(GETTEXT_PACKAGE,body),
70 72 ERR_reason_error_string(msg->code),
71 73 msg->code
72 74 );
... ... @@ -87,12 +89,12 @@ static LIB3270_POPUP * translate_ssl_error_message(const SSL_ERROR_MESSAGE *msg,
87 89 {
88 90 lib3270_autoptr(char) windows_error = lib3270_win32_translate_error_code(msg->lasterror);
89 91  
90   - if(msg->popup->body)
  92 + if(body)
91 93 {
92 94 popup = lib3270_popup_clone_printf(
93 95 msg->popup,
94 96 _( "%s\nThe windows error was \"%s\" (%u)" ),
95   - dgettext(GETTEXT_PACKAGE,msg->popup->body),
  97 + dgettext(GETTEXT_PACKAGE,body),
96 98 windows_error,
97 99 (unsigned int) msg->lasterror
98 100 );
... ... @@ -111,12 +113,12 @@ static LIB3270_POPUP * translate_ssl_error_message(const SSL_ERROR_MESSAGE *msg,
111 113 #endif // _WIN32
112 114 else if(rc)
113 115 {
114   - if(msg->popup->body)
  116 + if(body)
115 117 {
116 118 popup = lib3270_popup_clone_printf(
117 119 msg->popup,
118 120 _( "%s\nThe operating system error was \"%s\" (%u)" ),
119   - dgettext(GETTEXT_PACKAGE,msg->popup->body),
  121 + dgettext(GETTEXT_PACKAGE,body),
120 122 strerror(rc),
121 123 rc
122 124 );
... ... @@ -137,8 +139,8 @@ static LIB3270_POPUP * translate_ssl_error_message(const SSL_ERROR_MESSAGE *msg,
137 139 popup = lib3270_malloc(sizeof(LIB3270_POPUP));
138 140 *popup = *msg->popup;
139 141  
140   - if(msg->popup->body)
141   - popup->body = dgettext(GETTEXT_PACKAGE,msg->popup->body);
  142 + if(body)
  143 + popup->body = dgettext(GETTEXT_PACKAGE,body);
142 144  
143 145 }
144 146  
... ...
src/ssl/windows/http.c
  Diff comments   View file @3b563b0
... ... @@ -59,7 +59,7 @@ X509_CRL * get_crl_using_http(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
59 59 };
60 60  
61 61 popup.body = error_message;
62   - message->popup = error_message;
  62 + message->popup = &popup;
63 63 message->code = hSession->ssl.error = 0;
64 64 trace_ssl(
65 65 hSession,"Can't get %s: %s\n",
... ...
src/ssl/windows/ldap.c
  Diff comments   View file @3b563b0
... ... @@ -104,11 +104,14 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
104 104  
105 105 if(!base)
106 106 {
107   - message->error = hSession->ssl.error = 0;
108   - message->title = _( "Security error" );
109   - message->text = _( "No DN of the entry at which to start the search on the URL" );
110   - message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" );
111   - debug("%s",message->text);
  107 + static const LIB3270_POPUP popup = {
  108 + .summary = N_( "No DN of the entry at which to start the search on the URL" ),
  109 + .body = N_( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" )
  110 + };
  111 +
  112 + message->code = hSession->ssl.error = 0;
  113 + message->popup = &popup;
  114 + debug("%s",message->popup->summary);
112 115 errno = EINVAL;
113 116 return NULL;
114 117 }
... ... @@ -118,11 +121,14 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
118 121  
119 122 if(!base)
120 123 {
121   - message->error = hSession->ssl.error = 0;
122   - message->title = _( "Security error" );
123   - message->text = _( "No LDAP attribute on the URL" );
124   - message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" );
125   - debug("%s",message->text);
  124 + static const LIB3270_POPUP popup = {
  125 + .summary = N_( "No LDAP attribute on the URL" ),
  126 + .body = N_( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" )
  127 + };
  128 +
  129 + message->code = hSession->ssl.error = 0;
  130 + message->popup = &popup;
  131 + debug("%s",message->popup->summary);
126 132 errno = EINVAL;
127 133 return NULL;
128 134 }
... ... @@ -147,12 +153,15 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
147 153  
148 154 if(!ld)
149 155 {
150   - message->error = hSession->ssl.error = 0;
151   - message->title = _( "Security error" );
152   - message->text = _( "Can't initialize LDAP" );
153   - debug("%s",message->text);
  156 + static const LIB3270_POPUP popup = {
  157 + .summary = N_( "Can't initialize LDAP" )
  158 + };
  159 +
  160 + message->code = hSession->ssl.error = 0;
  161 + message->popup = &popup;
  162 +
  163 + debug("%s",message->popup->summary);
154 164 message->lasterror = GetLastError();
155   - message->description = NULL;
156 165 errno = EINVAL;
157 166 return NULL;
158 167 }
... ... @@ -161,11 +170,13 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
161 170 rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);
162 171 if(rc != LDAP_SUCCESS)
163 172 {
164   - message->error = hSession->ssl.error = 0;
165   - message->title = _( "Security error" );
166   - message->text = _( "Can't set LDAP protocol version" );
  173 + static const LIB3270_POPUP popup = {
  174 + .summary = N_( "Can't set LDAP protocol version" )
  175 + };
  176 +
  177 + message->code = hSession->ssl.error = 0;
  178 + message->popup = &popup;
167 179 message->lasterror = LdapMapErrorToWin32(rc);
168   - message->description = NULL;
169 180  
170 181 debug("%s (rc=%u, lasterror=%d)",ldap_err2string(rc),rc,(unsigned int) message->lasterror);
171 182  
... ... @@ -176,11 +187,13 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
176 187 rc = ldap_simple_bind_s(ld, NULL, NULL);
177 188 if(rc != LDAP_SUCCESS)
178 189 {
179   - message->error = hSession->ssl.error = 0;
180   - message->title = _( "Security error" );
181   - message->text = _( "Can't bind to LDAP server" );
  190 + static const LIB3270_POPUP popup = {
  191 + .summary = N_( "Can't bind to LDAP server" )
  192 + };
  193 +
  194 + message->code = hSession->ssl.error = 0;
  195 + message->popup = &popup;
182 196 message->lasterror = LdapMapErrorToWin32(rc);
183   - message->description = NULL;
184 197  
185 198 debug("%s (rc=%u, lasterror=%d)",ldap_err2string(rc),rc,(unsigned int) message->lasterror);
186 199  
... ... @@ -206,11 +219,12 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
206 219  
207 220 if(rc != LDAP_SUCCESS)
208 221 {
209   - message->error = hSession->ssl.error = 0;
210   - message->title = _( "Security error" );
211   - message->text = _( "Can't search LDAP server" );
212   - message->description = ldap_err2string(rc);
213   - lib3270_write_log(hSession,"ssl","%s: %s",url, message->description);
  222 + static const LIB3270_POPUP popup = {
  223 + .summary = N_( "Can't search LDAP server" )
  224 + };
  225 + message->body = ldap_err2string(rc);
  226 + message->popup = &popup;
  227 + lib3270_write_log(hSession,"ssl","%s: %s",url, message->body);
214 228 return NULL;
215 229 }
216 230  
... ... @@ -218,11 +232,14 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
218 232 char __attribute__ ((__cleanup__(lib3270_autoptr_cleanup_LDAPPTR))) *attr = ldap_first_attribute(ld, results, &ber);
219 233 if(!attr)
220 234 {
221   - message->error = hSession->ssl.error = 0;
222   - message->title = _( "Security error" );
223   - message->text = _( "Can't get LDAP attribute" );
224   - message->description = _("Search did not produce any attributes.");
225   - lib3270_write_log(hSession,"ssl","%s: %s",url, message->description);
  235 + static const LIB3270_POPUP popup = {
  236 + .summary = N_( "Can't get LDAP attribute" ),
  237 + .body = N_("Search did not produce any attributes.")
  238 + };
  239 +
  240 + message->code = hSession->ssl.error = 0;
  241 + message->popup = &popup;
  242 + lib3270_write_log(hSession,"ssl","%s: %s",url, message->popup->body);
226 243 errno = ENOENT;
227 244 return NULL;
228 245 }
... ... @@ -230,11 +247,13 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
230 247 struct berval ** value = ldap_get_values_len(ld, results, attr);
231 248 if(!value)
232 249 {
233   - message->error = hSession->ssl.error = 0;
234   - message->title = _( "Security error" );
235   - message->text = _( "Can't get LDAP attribute" );
236   - message->description = _("Search did not produce any values.");
237   - lib3270_write_log(hSession,"ssl","%s: %s",url, message->description);
  250 + static const LIB3270_POPUP popup = {
  251 + .summary = N_( "Can't get LDAP attribute" ),
  252 + .body = N_("Search did not produce any values.")
  253 + };
  254 + message->code = hSession->ssl.error = 0;
  255 + message->popup = &popup;
  256 + lib3270_write_log(hSession,"ssl","%s: %s",url, message->popup->body);
238 257 errno = ENOENT;
239 258 return NULL;
240 259 }
... ... @@ -254,10 +273,14 @@ X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, cons
254 273  
255 274 if(!d2i_X509_CRL(&x509_crl, &crl_data, value[0]->bv_len))
256 275 {
257   - message->error = hSession->ssl.error = ERR_get_error();
258   - message->title = _( "Security error" );
259   - message->text = _( "Can't decode certificate revocation list" );
260   - lib3270_write_log(hSession,"ssl","%s: %s",url, message->text);
  276 + static const LIB3270_POPUP popup = {
  277 + .summary = N_( "Can't decode certificate revocation list" )
  278 + };
  279 +
  280 + message->code = hSession->ssl.error = ERR_get_error();
  281 + message->popup = &popup;
  282 +
  283 + lib3270_write_log(hSession,"ssl","%s: %s",url, message->popup->summary);
261 284 ldap_value_free_len(value);
262 285 return NULL;
263 286 }
... ...