Commit 445c656ae56f267c81d1a593cb087a9b7ea6e040
1 parent
f904a1f7
Exists in
master
and in
3 other branches
Disable polling of the socket during SSL negotiation.
Showing
2 changed files
with
61 additions
and
46 deletions
Show diff stats
src/lib3270/iocalls.c
| @@ -578,6 +578,10 @@ int non_blocking(H3270 *hSession, Boolean on) | @@ -578,6 +578,10 @@ int non_blocking(H3270 *hSession, Boolean on) | ||
| 578 | 578 | ||
| 579 | #endif | 579 | #endif |
| 580 | 580 | ||
| 581 | + lib3270_set_poll_state(hSession,hSession->xio.read, on); | ||
| 582 | + lib3270_set_poll_state(hSession,hSession->xio.write, on); | ||
| 583 | + lib3270_set_poll_state(hSession,hSession->xio.except, on); | ||
| 584 | + | ||
| 581 | trace("Socket %d is %s",hSession->sock, on ? "non-blocking" : "blocking"); | 585 | trace("Socket %d is %s",hSession->sock, on ? "non-blocking" : "blocking"); |
| 582 | 586 | ||
| 583 | return 0; | 587 | return 0; |
src/lib3270/ssl/ctx_init.c
| @@ -69,79 +69,90 @@ int ssl_ctx_init(H3270 *hSession) | @@ -69,79 +69,90 @@ int ssl_ctx_init(H3270 *hSession) | ||
| 69 | { | 69 | { |
| 70 | debug("%s ssl_ctx=%p",__FUNCTION__,ssl_ctx); | 70 | debug("%s ssl_ctx=%p",__FUNCTION__,ssl_ctx); |
| 71 | 71 | ||
| 72 | - if(ssl_ctx != NULL) | ||
| 73 | - return 0; | 72 | + if(!ssl_ctx) |
| 73 | + { | ||
| 74 | + trace_dsn(hSession,"Initializing SSL context.\n"); | ||
| 74 | 75 | ||
| 75 | - SSL_load_error_strings(); | ||
| 76 | - SSL_library_init(); | 76 | + SSL_load_error_strings(); |
| 77 | + SSL_library_init(); | ||
| 77 | 78 | ||
| 78 | - ssl_ctx = SSL_CTX_new(SSLv23_method()); | ||
| 79 | - if(ssl_ctx == NULL) | ||
| 80 | - return -1; | 79 | + ssl_ctx = SSL_CTX_new(SSLv23_method()); |
| 80 | + if(ssl_ctx == NULL) | ||
| 81 | + return -1; | ||
| 81 | 82 | ||
| 82 | - SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); | ||
| 83 | - SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); | ||
| 84 | - SSL_CTX_set_default_verify_paths(ssl_ctx); | 83 | + SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); |
| 84 | + SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); | ||
| 85 | + SSL_CTX_set_default_verify_paths(ssl_ctx); | ||
| 85 | 86 | ||
| 86 | #if defined(_WIN32) | 87 | #if defined(_WIN32) |
| 87 | - { | ||
| 88 | - HKEY hKey = 0; | ||
| 89 | - | ||
| 90 | - if(RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\" PACKAGE_NAME,0,KEY_QUERY_VALUE,&hKey) == ERROR_SUCCESS) | ||
| 91 | { | 88 | { |
| 92 | - char data[4096]; | ||
| 93 | - unsigned long datalen = sizeof(data); // data field length(in), data returned length(out) | ||
| 94 | - unsigned long datatype; // #defined in winnt.h (predefined types 0-11) | 89 | + HKEY hKey = 0; |
| 95 | 90 | ||
| 96 | - if(RegQueryValueExA(hKey,"datadir",NULL,&datatype,(LPBYTE) data,&datalen) == ERROR_SUCCESS) | 91 | + if(RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\" PACKAGE_NAME,0,KEY_QUERY_VALUE,&hKey) == ERROR_SUCCESS) |
| 97 | { | 92 | { |
| 98 | - strncat(data,"\\certs",4095); | 93 | + char data[4096]; |
| 94 | + unsigned long datalen = sizeof(data); // data field length(in), data returned length(out) | ||
| 95 | + unsigned long datatype; // #defined in winnt.h (predefined types 0-11) | ||
| 99 | 96 | ||
| 100 | - trace("Loading certs from \"%s\"",data); | ||
| 101 | - if(!SSL_CTX_load_verify_locations(ssl_ctx,NULL,data)) | 97 | + if(RegQueryValueExA(hKey,"datadir",NULL,&datatype,(LPBYTE) data,&datalen) == ERROR_SUCCESS) |
| 102 | { | 98 | { |
| 103 | - hSession->ssl.error = ERR_get_error(); | 99 | + strncat(data,"\\certs",4095); |
| 104 | 100 | ||
| 105 | - lib3270_write_log( | ||
| 106 | - hSession, | ||
| 107 | - "ssl", | ||
| 108 | - "Cant set default locations for trusted CA certificates to %s\n%s", | 101 | + if(!SSL_CTX_load_verify_locations(ssl_ctx,NULL,data)) |
| 102 | + { | ||
| 103 | + hSession->ssl.error = ERR_get_error(); | ||
| 104 | + | ||
| 105 | + trace_dsn( | ||
| 106 | + hSession, | ||
| 107 | + "Cant set default locations for trusted CA certificates to %s\n%s\m" | ||
| 109 | data, | 108 | data, |
| 110 | ERR_lib_error_string(hSession->ssl.error) | 109 | ERR_lib_error_string(hSession->ssl.error) |
| 111 | - ); | 110 | + ); |
| 111 | + | ||
| 112 | + lib3270_write_log( | ||
| 113 | + hSession, | ||
| 114 | + "ssl", | ||
| 115 | + "Cant set default locations for trusted CA certificates to %s\n%s", | ||
| 116 | + data, | ||
| 117 | + ERR_lib_error_string(hSession->ssl.error) | ||
| 118 | + ); | ||
| 112 | 119 | ||
| 120 | + } | ||
| 113 | } | 121 | } |
| 122 | + RegCloseKey(hKey); | ||
| 114 | } | 123 | } |
| 115 | - RegCloseKey(hKey); | ||
| 116 | - } | ||
| 117 | 124 | ||
| 118 | 125 | ||
| 119 | - } | 126 | + } |
| 120 | #else | 127 | #else |
| 121 | - static const char * ssldir[] = | ||
| 122 | - { | 128 | + |
| 129 | + static const char * ssldir[] = | ||
| 130 | + { | ||
| 123 | #ifdef DATAROOTDIR | 131 | #ifdef DATAROOTDIR |
| 124 | - DATAROOTDIR "/" PACKAGE_NAME "/certs", | 132 | + DATAROOTDIR "/" PACKAGE_NAME "/certs", |
| 125 | #endif // DATAROOTDIR | 133 | #endif // DATAROOTDIR |
| 126 | #ifdef SYSCONFDIR | 134 | #ifdef SYSCONFDIR |
| 127 | - SYSCONFDIR "/ssl/certs", | ||
| 128 | - SYSCONFDIR "/certs", | 135 | + SYSCONFDIR "/ssl/certs", |
| 136 | + SYSCONFDIR "/certs", | ||
| 129 | #endif | 137 | #endif |
| 130 | - "/etc/ssl/certs" | ||
| 131 | - }; | 138 | + "/etc/ssl/certs" |
| 139 | + }; | ||
| 132 | 140 | ||
| 133 | - size_t f; | 141 | + size_t f; |
| 134 | 142 | ||
| 135 | - for(f = 0;f < sizeof(ssldir) / sizeof(ssldir[0]);f++) | ||
| 136 | - { | ||
| 137 | - SSL_CTX_load_verify_locations(ssl_ctx,NULL,ssldir[f]); | ||
| 138 | - } | 143 | + for(f = 0;f < sizeof(ssldir) / sizeof(ssldir[0]);f++) |
| 144 | + { | ||
| 145 | + SSL_CTX_load_verify_locations(ssl_ctx,NULL,ssldir[f]); | ||
| 146 | + } | ||
| 147 | + | ||
| 148 | + #endif // _WIN32 | ||
| 139 | 149 | ||
| 140 | -#endif // _WIN32 | 150 | + // |
| 151 | + // Initialize CUSTOM CRL CHECK | ||
| 152 | + // | ||
| 153 | + | ||
| 154 | + } | ||
| 141 | 155 | ||
| 142 | - // | ||
| 143 | - // Initialize CUSTOM CRL CHECK | ||
| 144 | - // | ||
| 145 | 156 | ||
| 146 | 157 | ||
| 147 | /* | 158 | /* |