Commit 445c656ae56f267c81d1a593cb087a9b7ea6e040
1 parent
f904a1f7
Exists in
master
and in
3 other branches
Disable polling of the socket during SSL negotiation.
Showing
2 changed files
with
61 additions
and
46 deletions
Show diff stats
src/lib3270/iocalls.c
| ... | ... | @@ -578,6 +578,10 @@ int non_blocking(H3270 *hSession, Boolean on) |
| 578 | 578 | |
| 579 | 579 | #endif |
| 580 | 580 | |
| 581 | + lib3270_set_poll_state(hSession,hSession->xio.read, on); | |
| 582 | + lib3270_set_poll_state(hSession,hSession->xio.write, on); | |
| 583 | + lib3270_set_poll_state(hSession,hSession->xio.except, on); | |
| 584 | + | |
| 581 | 585 | trace("Socket %d is %s",hSession->sock, on ? "non-blocking" : "blocking"); |
| 582 | 586 | |
| 583 | 587 | return 0; | ... | ... |
src/lib3270/ssl/ctx_init.c
| ... | ... | @@ -69,79 +69,90 @@ int ssl_ctx_init(H3270 *hSession) |
| 69 | 69 | { |
| 70 | 70 | debug("%s ssl_ctx=%p",__FUNCTION__,ssl_ctx); |
| 71 | 71 | |
| 72 | - if(ssl_ctx != NULL) | |
| 73 | - return 0; | |
| 72 | + if(!ssl_ctx) | |
| 73 | + { | |
| 74 | + trace_dsn(hSession,"Initializing SSL context.\n"); | |
| 74 | 75 | |
| 75 | - SSL_load_error_strings(); | |
| 76 | - SSL_library_init(); | |
| 76 | + SSL_load_error_strings(); | |
| 77 | + SSL_library_init(); | |
| 77 | 78 | |
| 78 | - ssl_ctx = SSL_CTX_new(SSLv23_method()); | |
| 79 | - if(ssl_ctx == NULL) | |
| 80 | - return -1; | |
| 79 | + ssl_ctx = SSL_CTX_new(SSLv23_method()); | |
| 80 | + if(ssl_ctx == NULL) | |
| 81 | + return -1; | |
| 81 | 82 | |
| 82 | - SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); | |
| 83 | - SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); | |
| 84 | - SSL_CTX_set_default_verify_paths(ssl_ctx); | |
| 83 | + SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); | |
| 84 | + SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); | |
| 85 | + SSL_CTX_set_default_verify_paths(ssl_ctx); | |
| 85 | 86 | |
| 86 | 87 | #if defined(_WIN32) |
| 87 | - { | |
| 88 | - HKEY hKey = 0; | |
| 89 | - | |
| 90 | - if(RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\" PACKAGE_NAME,0,KEY_QUERY_VALUE,&hKey) == ERROR_SUCCESS) | |
| 91 | 88 | { |
| 92 | - char data[4096]; | |
| 93 | - unsigned long datalen = sizeof(data); // data field length(in), data returned length(out) | |
| 94 | - unsigned long datatype; // #defined in winnt.h (predefined types 0-11) | |
| 89 | + HKEY hKey = 0; | |
| 95 | 90 | |
| 96 | - if(RegQueryValueExA(hKey,"datadir",NULL,&datatype,(LPBYTE) data,&datalen) == ERROR_SUCCESS) | |
| 91 | + if(RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\" PACKAGE_NAME,0,KEY_QUERY_VALUE,&hKey) == ERROR_SUCCESS) | |
| 97 | 92 | { |
| 98 | - strncat(data,"\\certs",4095); | |
| 93 | + char data[4096]; | |
| 94 | + unsigned long datalen = sizeof(data); // data field length(in), data returned length(out) | |
| 95 | + unsigned long datatype; // #defined in winnt.h (predefined types 0-11) | |
| 99 | 96 | |
| 100 | - trace("Loading certs from \"%s\"",data); | |
| 101 | - if(!SSL_CTX_load_verify_locations(ssl_ctx,NULL,data)) | |
| 97 | + if(RegQueryValueExA(hKey,"datadir",NULL,&datatype,(LPBYTE) data,&datalen) == ERROR_SUCCESS) | |
| 102 | 98 | { |
| 103 | - hSession->ssl.error = ERR_get_error(); | |
| 99 | + strncat(data,"\\certs",4095); | |
| 104 | 100 | |
| 105 | - lib3270_write_log( | |
| 106 | - hSession, | |
| 107 | - "ssl", | |
| 108 | - "Cant set default locations for trusted CA certificates to %s\n%s", | |
| 101 | + if(!SSL_CTX_load_verify_locations(ssl_ctx,NULL,data)) | |
| 102 | + { | |
| 103 | + hSession->ssl.error = ERR_get_error(); | |
| 104 | + | |
| 105 | + trace_dsn( | |
| 106 | + hSession, | |
| 107 | + "Cant set default locations for trusted CA certificates to %s\n%s\m" | |
| 109 | 108 | data, |
| 110 | 109 | ERR_lib_error_string(hSession->ssl.error) |
| 111 | - ); | |
| 110 | + ); | |
| 111 | + | |
| 112 | + lib3270_write_log( | |
| 113 | + hSession, | |
| 114 | + "ssl", | |
| 115 | + "Cant set default locations for trusted CA certificates to %s\n%s", | |
| 116 | + data, | |
| 117 | + ERR_lib_error_string(hSession->ssl.error) | |
| 118 | + ); | |
| 112 | 119 | |
| 120 | + } | |
| 113 | 121 | } |
| 122 | + RegCloseKey(hKey); | |
| 114 | 123 | } |
| 115 | - RegCloseKey(hKey); | |
| 116 | - } | |
| 117 | 124 | |
| 118 | 125 | |
| 119 | - } | |
| 126 | + } | |
| 120 | 127 | #else |
| 121 | - static const char * ssldir[] = | |
| 122 | - { | |
| 128 | + | |
| 129 | + static const char * ssldir[] = | |
| 130 | + { | |
| 123 | 131 | #ifdef DATAROOTDIR |
| 124 | - DATAROOTDIR "/" PACKAGE_NAME "/certs", | |
| 132 | + DATAROOTDIR "/" PACKAGE_NAME "/certs", | |
| 125 | 133 | #endif // DATAROOTDIR |
| 126 | 134 | #ifdef SYSCONFDIR |
| 127 | - SYSCONFDIR "/ssl/certs", | |
| 128 | - SYSCONFDIR "/certs", | |
| 135 | + SYSCONFDIR "/ssl/certs", | |
| 136 | + SYSCONFDIR "/certs", | |
| 129 | 137 | #endif |
| 130 | - "/etc/ssl/certs" | |
| 131 | - }; | |
| 138 | + "/etc/ssl/certs" | |
| 139 | + }; | |
| 132 | 140 | |
| 133 | - size_t f; | |
| 141 | + size_t f; | |
| 134 | 142 | |
| 135 | - for(f = 0;f < sizeof(ssldir) / sizeof(ssldir[0]);f++) | |
| 136 | - { | |
| 137 | - SSL_CTX_load_verify_locations(ssl_ctx,NULL,ssldir[f]); | |
| 138 | - } | |
| 143 | + for(f = 0;f < sizeof(ssldir) / sizeof(ssldir[0]);f++) | |
| 144 | + { | |
| 145 | + SSL_CTX_load_verify_locations(ssl_ctx,NULL,ssldir[f]); | |
| 146 | + } | |
| 147 | + | |
| 148 | + #endif // _WIN32 | |
| 139 | 149 | |
| 140 | -#endif // _WIN32 | |
| 150 | + // | |
| 151 | + // Initialize CUSTOM CRL CHECK | |
| 152 | + // | |
| 153 | + | |
| 154 | + } | |
| 141 | 155 | |
| 142 | - // | |
| 143 | - // Initialize CUSTOM CRL CHECK | |
| 144 | - // | |
| 145 | 156 | |
| 146 | 157 | |
| 147 | 158 | /* | ... | ... |