diff --git a/lib3270.cbp b/lib3270.cbp
index 7a75759..3a6ab60 100644
--- a/lib3270.cbp
+++ b/lib3270.cbp
@@ -122,6 +122,9 @@
+
+
+
@@ -308,9 +311,6 @@
-
-
-
@@ -321,6 +321,9 @@
+
+
+
@@ -333,9 +336,6 @@
-
-
-
diff --git a/src/core/linux/curl.c b/src/core/linux/curl.c
new file mode 100644
index 0000000..3bdf597
--- /dev/null
+++ b/src/core/linux/curl.c
@@ -0,0 +1,231 @@
+/*
+ * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270 e X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral GNU, conforme publicado pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de ser útil, mas SEM QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou de ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * Este programa está nomeado como - e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com (Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com (Erico Mascarenhas Mendonça)
+ *
+ */
+
+#include
+
+#if defined(HAVE_LIBCURL)
+
+#include
+#include
+#include
+#include
+#include
+
+#define CRL_DATA_LENGTH 2048
+
+/*--[ Implement ]------------------------------------------------------------------------------------*/
+
+static inline void lib3270_autoptr_cleanup_CURL(CURL **ptr)
+{
+ debug("%s(%p)",__FUNCTION__,*ptr);
+ if(*ptr)
+ curl_easy_cleanup(*ptr);
+ *ptr = NULL;
+}
+
+typedef struct _curldata
+{
+ size_t length;
+ H3270 * hSession;
+ char errbuf[CURL_ERROR_SIZE];
+ struct {
+ size_t length;
+ unsigned char * contents;
+ } data;
+} CURLDATA;
+
+static inline void lib3270_autoptr_cleanup_CURLDATA(CURLDATA **ptr)
+{
+ debug("%s(%p)",__FUNCTION__,*ptr);
+ if(*ptr)
+ {
+ CURLDATA *cdata = *ptr;
+
+ if(cdata->data.contents) {
+ lib3270_free(cdata->data.contents);
+ cdata->data.contents = NULL;
+ }
+ lib3270_free(cdata);
+ }
+ *ptr = NULL;
+}
+
+static size_t internal_curl_write_callback(void *contents, size_t size, size_t nmemb, void *userp)
+{
+ CURLDATA * data = (CURLDATA *) userp;
+
+ debug("%s",__FUNCTION__);
+
+ size_t realsize = size * nmemb;
+
+ debug("%s size=%d data->length=%d crldatalength=%d",__FUNCTION__,(int) size, (int) data->length, CRL_DATA_LENGTH);
+
+ if((realsize + data->length) > data->data.length)
+ {
+ data->data.length += (CRL_DATA_LENGTH + realsize);
+ data->data.contents = lib3270_realloc(data->data.contents,data->data.length);
+ memset(&(data->data.contents[data->length]),0,data->data.length-data->length);
+ }
+
+ debug("%s",__FUNCTION__);
+
+ if(lib3270_get_toggle(data->hSession,LIB3270_TOGGLE_SSL_TRACE))
+ {
+ lib3270_trace_data(
+ data->hSession,
+ "Received",
+ (const unsigned char *) contents,
+ realsize
+ );
+ }
+
+ debug("%s",__FUNCTION__);
+
+ memcpy(&(data->data.contents[data->length]),contents,realsize);
+ data->length += realsize;
+
+ debug("%s",__FUNCTION__);
+
+ return realsize;
+}
+
+static int internal_curl_trace_callback(CURL GNUC_UNUSED(*handle), curl_infotype type, char *data, size_t size, void *userp)
+{
+ const char * text = NULL;
+
+ switch (type) {
+ case CURLINFO_TEXT:
+ lib3270_write_log(((CURLDATA *) userp)->hSession,"curl","%s",data);
+ return 0;
+
+ case CURLINFO_HEADER_OUT:
+ text = "=> Send header";
+ break;
+
+ case CURLINFO_DATA_OUT:
+ text = "=> Send data";
+ break;
+
+ case CURLINFO_SSL_DATA_OUT:
+ text = "=> Send SSL data";
+ break;
+
+ case CURLINFO_HEADER_IN:
+ text = "<= Recv header";
+ break;
+
+ case CURLINFO_DATA_IN:
+ text = "<= Recv data";
+ break;
+
+ case CURLINFO_SSL_DATA_IN:
+ text = "<= Recv SSL data";
+ break;
+
+ default:
+ return 0;
+
+ }
+
+ lib3270_trace_data(
+ ((CURLDATA *) userp)->hSession,
+ text,
+ (const unsigned char *) data,
+ size
+ );
+
+ return 0;
+}
+
+char * lib3270_get_from_url(H3270 *hSession, const char *url, size_t *length, const char **error_message)
+{
+ lib3270_trace_event(hSession,"Getting data from %s",url);
+
+ // Use CURL to download the CRL
+ lib3270_autoptr(CURLDATA) crl_data = lib3270_malloc(sizeof(CURLDATA));
+ lib3270_autoptr(CURL) hCurl = curl_easy_init();
+
+ memset(crl_data,0,sizeof(CURLDATA));
+ crl_data->hSession = hSession;
+ crl_data->data.length = CRL_DATA_LENGTH;
+ crl_data->data.contents = lib3270_malloc(crl_data->data.length);
+
+ if(!hCurl)
+ {
+ *error_message= _( "Can't initialize curl operation" );
+ errno = EINVAL;
+ return NULL;
+ }
+
+ CURLcode res;
+
+ curl_easy_setopt(hCurl, CURLOPT_URL, url);
+ curl_easy_setopt(hCurl, CURLOPT_FOLLOWLOCATION, 1L);
+
+ curl_easy_setopt(hCurl, CURLOPT_ERRORBUFFER, crl_data->errbuf);
+
+ curl_easy_setopt(hCurl, CURLOPT_WRITEFUNCTION, internal_curl_write_callback);
+ curl_easy_setopt(hCurl, CURLOPT_WRITEDATA, (void *) crl_data);
+
+ curl_easy_setopt(hCurl, CURLOPT_USERNAME, "");
+
+ if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE))
+ {
+ curl_easy_setopt(hCurl, CURLOPT_VERBOSE, 1L);
+ curl_easy_setopt(hCurl, CURLOPT_DEBUGFUNCTION, internal_curl_trace_callback);
+ curl_easy_setopt(hCurl, CURLOPT_DEBUGDATA, (void *) crl_data);
+ }
+
+ res = curl_easy_perform(hCurl);
+
+ if(res != CURLE_OK)
+ {
+ if(crl_data->errbuf[0])
+ lib3270_write_log(hSession,"curl","%s: %s",url, crl_data->errbuf);
+
+ *error_message = curl_easy_strerror(res);
+
+ lib3270_write_log(hSession,"curl","%s: %s",url, *error_message);
+ errno = EINVAL;
+ return NULL;
+
+ }
+
+ if(length)
+ *length = (size_t) crl_data->length;
+
+ char * httpText = lib3270_malloc(crl_data->length+1);
+ memset(httpText,0,crl_data->length+1);
+ memcpy(httpText,crl_data->data.contents,crl_data->length);
+
+ return httpText;
+
+}
+
+#endif // HAVE_LIBCURL
diff --git a/src/ssl/linux/curl.c b/src/ssl/linux/curl.c
deleted file mode 100644
index 505e26f..0000000
--- a/src/ssl/linux/curl.c
+++ /dev/null
@@ -1,325 +0,0 @@
-/*
- * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270 e X3270
- * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
- * aplicativos mainframe. Registro no INPI sob o nome G3270.
- *
- * Copyright (C) <2008>
- *
- * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
- * os termos da GPL v.2 - Licença Pública Geral GNU, conforme publicado pela
- * Free Software Foundation.
- *
- * Este programa é distribuído na expectativa de ser útil, mas SEM QUALQUER
- * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou de ADEQUAÇÃO
- * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
- * obter mais detalhes.
- *
- * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
- * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
- * St, Fifth Floor, Boston, MA 02110-1301 USA
- *
- * Este programa está nomeado como - e possui - linhas de código.
- *
- * Contatos:
- *
- * perry.werneck@gmail.com (Alexandre Perry de Souza Werneck)
- * erico.mendonca@gmail.com (Erico Mascarenhas Mendonça)
- *
- *
- * References:
- *
- * http://www.openssl.org/docs/ssl/
- * https://stackoverflow.com/questions/4389954/does-openssl-automatically-handle-crls-certificate-revocation-lists-now
- *
- */
-
-#include
-
-#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBCURL)
-
-#include "private.h"
-#include
-#include
-
-#define CRL_DATA_LENGTH 2048
-
-/*--[ Implement ]------------------------------------------------------------------------------------*/
-
-static inline void lib3270_autoptr_cleanup_CURL(CURL **ptr)
-{
- debug("%s(%p)",__FUNCTION__,*ptr);
- if(*ptr)
- curl_easy_cleanup(*ptr);
- *ptr = NULL;
-}
-
-typedef struct _curldata
-{
- size_t length;
- H3270 * hSession;
- SSL_ERROR_MESSAGE * message;
- char errbuf[CURL_ERROR_SIZE];
- struct {
- size_t length;
- unsigned char * contents;
- } data;
-} CURLDATA;
-
-static inline void lib3270_autoptr_cleanup_CURLDATA(CURLDATA **ptr)
-{
- debug("%s(%p)",__FUNCTION__,*ptr);
- if(*ptr)
- {
- CURLDATA *cdata = *ptr;
-
- if(cdata->data.contents) {
- lib3270_free(cdata->data.contents);
- cdata->data.contents = NULL;
- }
- lib3270_free(cdata);
- }
- *ptr = NULL;
-}
-
-static inline void lib3270_autoptr_cleanup_BIO(BIO **ptr)
-{
- debug("%s(%p)",__FUNCTION__,*ptr);
- if(*ptr)
- BIO_free_all(*ptr);
- *ptr = NULL;
-}
-
-static size_t internal_curl_write_callback(void *contents, size_t size, size_t nmemb, void *userp)
-{
- CURLDATA * data = (CURLDATA *) userp;
-
- debug("%s",__FUNCTION__);
-
- size_t realsize = size * nmemb;
-
- debug("%s size=%d data->length=%d crldatalength=%d",__FUNCTION__,(int) size, (int) data->length, CRL_DATA_LENGTH);
-
- if((realsize + data->length) > data->data.length)
- {
- data->data.length += (CRL_DATA_LENGTH + realsize);
- data->data.contents = lib3270_realloc(data->data.contents,data->data.length);
- memset(&(data->data.contents[data->length]),0,data->data.length-data->length);
- }
-
- debug("%s",__FUNCTION__);
-
- if(lib3270_get_toggle(data->hSession,LIB3270_TOGGLE_SSL_TRACE))
- {
- lib3270_trace_data(
- data->hSession,
- "Received",
- (const char *) contents,
- realsize
- );
- }
-
- debug("%s",__FUNCTION__);
-
- memcpy(&(data->data.contents[data->length]),contents,realsize);
- data->length += realsize;
-
- debug("%s",__FUNCTION__);
-
- return realsize;
-}
-
-static int internal_curl_trace_callback(CURL GNUC_UNUSED(*handle), curl_infotype type, char *data, size_t size, void *userp)
-{
- const char * text = NULL;
-
- switch (type) {
- case CURLINFO_TEXT:
- lib3270_write_log(((CURLDATA *) userp)->hSession,"curl","%s",data);
- return 0;
-
- case CURLINFO_HEADER_OUT:
- text = "=> Send header";
- break;
-
- case CURLINFO_DATA_OUT:
- text = "=> Send data";
- break;
-
- case CURLINFO_SSL_DATA_OUT:
- text = "=> Send SSL data";
- break;
-
- case CURLINFO_HEADER_IN:
- text = "<= Recv header";
- break;
-
- case CURLINFO_DATA_IN:
- text = "<= Recv data";
- break;
-
- case CURLINFO_SSL_DATA_IN:
- text = "<= Recv SSL data";
- break;
-
- default:
- return 0;
-
- }
-
- lib3270_trace_data(
- ((CURLDATA *) userp)->hSession,
- text,
- data,
- size
- );
-
- return 0;
-}
-
-LIB3270_INTERNAL X509_CRL * get_crl_using_curl(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl)
-{
- X509_CRL * x509_crl = NULL;
-
- // Use CURL to download the CRL
- lib3270_autoptr(CURLDATA) crl_data = lib3270_malloc(sizeof(CURLDATA));
- lib3270_autoptr(CURL) hCurl = curl_easy_init();
-
- memset(crl_data,0,sizeof(CURLDATA));
- crl_data->message = message;
- crl_data->hSession = hSession;
- crl_data->data.length = CRL_DATA_LENGTH;
- crl_data->data.contents = lib3270_malloc(crl_data->data.length);
-
- if(!hCurl)
- {
- message->title = _( "Security error" );
- message->text = _( "Error loading certificate revocation list" );
- message->description = _( "Can't initialize curl operation" );
- return NULL;
- }
-
- CURLcode res;
-
- curl_easy_setopt(hCurl, CURLOPT_URL, consturl);
- curl_easy_setopt(hCurl, CURLOPT_FOLLOWLOCATION, 1L);
-
- curl_easy_setopt(hCurl, CURLOPT_ERRORBUFFER, crl_data->errbuf);
-
- curl_easy_setopt(hCurl, CURLOPT_WRITEFUNCTION, internal_curl_write_callback);
- curl_easy_setopt(hCurl, CURLOPT_WRITEDATA, (void *) crl_data);
-
- curl_easy_setopt(hCurl, CURLOPT_USERNAME, "");
-
- if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE))
- {
- curl_easy_setopt(hCurl, CURLOPT_VERBOSE, 1L);
- curl_easy_setopt(hCurl, CURLOPT_DEBUGFUNCTION, internal_curl_trace_callback);
- curl_easy_setopt(hCurl, CURLOPT_DEBUGDATA, (void *) crl_data);
- }
-
- res = curl_easy_perform(hCurl);
-
- if(res != CURLE_OK)
- {
- message->error = hSession->ssl.error = 0;
- message->title = _( "Security error" );
-
- if(crl_data->errbuf[0])
- {
- message->text = curl_easy_strerror(res);
- message->description = crl_data->errbuf;
- }
- else
- {
- message->text = _( "Error loading certificate revocation list" );
- message->description = curl_easy_strerror(res);
- }
-
- lib3270_write_log(hSession,"ssl","%s: %s",consturl, message->description);
- errno = EINVAL;
- return NULL;
-
- }
-
- char *ct = NULL;
- res = curl_easy_getinfo(hCurl, CURLINFO_CONTENT_TYPE, &ct);
- if(res != CURLE_OK)
- {
- message->error = hSession->ssl.error = 0;
- message->title = _( "Security error" );
- message->text = _( "Error loading certificate revocation list" );
- message->description = curl_easy_strerror(res);
- lib3270_write_log(hSession,"ssl","%s: %s",consturl, message->description);
- errno = EINVAL;
- return NULL;
- }
-
- if(lib3270_get_toggle(crl_data->hSession,LIB3270_TOGGLE_SSL_TRACE))
- lib3270_trace_data(crl_data->hSession,"CRL Data",(const char *) crl_data->data.contents, (unsigned int) crl_data->length);
-
- if(ct)
- {
- const unsigned char * data = crl_data->data.contents;
-
-
- if(strcasecmp(ct,"application/pkix-crl") == 0)
- {
- // CRL File, convert it
- if(!d2i_X509_CRL(&x509_crl, &data, crl_data->length))
- {
- message->error = hSession->ssl.error = ERR_get_error();
- message->title = _( "Security error" );
- message->text = _( "Can't decode certificate revocation list" );
- lib3270_write_log(hSession,"ssl","%s: %s",consturl, message->text);
- return NULL;
- }
- }
- else
- {
- message->error = hSession->ssl.error = ERR_get_error();
- message->title = _( "Security error" );
- message->text = _( "Got an invalid certificate revocation list from server" );
- lib3270_write_log(hSession,"ssl","%s: content-type unexpected: \"%s\"",consturl, ct);
- errno = EINVAL;
- return NULL;
- }
- }
- else if(strncasecmp(consturl,"ldap://",7) == 0)
- {
- // It's an LDAP query, assumes a base64 data.
- char * data = strstr((char *) crl_data->data.contents,":: ");
- if(!data)
- {
- message->error = hSession->ssl.error = ERR_get_error();
- message->title = _( "Security error" );
- message->text = _( "Got a bad formatted certificate revocation list from LDAP server" );
- lib3270_write_log(hSession,"ssl","%s: invalid format:\n%s\n",consturl, crl_data->data.contents);
- errno = EINVAL;
- return NULL;
- }
- data += 3;
-
- lib3270_autoptr(BIO) bio = BIO_new_mem_buf(data,-1);
-
- BIO * b64 = BIO_new(BIO_f_base64());
- bio = BIO_push(b64, bio);
-
- BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
-
- if(!d2i_X509_CRL_bio(bio, &x509_crl))
- {
- message->error = hSession->ssl.error = ERR_get_error();
- message->title = _( "Security error" );
- message->text = _( "Can't decode certificate revocation list got from LDAP server" );
- lib3270_write_log(hSession,"ssl","%s: %s",consturl, message->text);
- errno = EINVAL;
- return NULL;
- }
-
- }
-
- return x509_crl;
-
-}
-
-#endif // HAVE_LIBSSL && SSL_ENABLE_CRL_CHECK && HAVE_LIBCURL
diff --git a/src/ssl/linux/getcrl.c b/src/ssl/linux/getcrl.c
index cd4fd69..b9dd85a 100644
--- a/src/ssl/linux/getcrl.c
+++ b/src/ssl/linux/getcrl.c
@@ -101,7 +101,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co
{
#ifdef HAVE_LIBCURL
- return get_crl_using_curl(hSession, message, consturl);
+ return get_crl_using_url(hSession, message, consturl);
#else
// Can't get CRL.
diff --git a/src/ssl/linux/private.h b/src/ssl/linux/private.h
index 3f1726b..d2e98d7 100644
--- a/src/ssl/linux/private.h
+++ b/src/ssl/linux/private.h
@@ -55,7 +55,7 @@
#ifdef HAVE_LIBCURL
/// @brief Use libcurl to get CRL.
- LIB3270_INTERNAL X509_CRL * get_crl_using_curl(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl);
+ LIB3270_INTERNAL X509_CRL * get_crl_using_url(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl);
#endif // HAVE_LIBCURL
diff --git a/src/ssl/linux/url.c b/src/ssl/linux/url.c
new file mode 100644
index 0000000..76e6724
--- /dev/null
+++ b/src/ssl/linux/url.c
@@ -0,0 +1,127 @@
+/*
+ * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270 e X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral GNU, conforme publicado pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de ser útil, mas SEM QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou de ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * Este programa está nomeado como - e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com (Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com (Erico Mascarenhas Mendonça)
+ *
+ *
+ * References:
+ *
+ * http://www.openssl.org/docs/ssl/
+ * https://stackoverflow.com/questions/4389954/does-openssl-automatically-handle-crls-certificate-revocation-lists-now
+ *
+ */
+
+#include
+
+#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBCURL)
+
+#include "private.h"
+#include
+#include
+
+#define CRL_DATA_LENGTH 2048
+
+/*--[ Implement ]------------------------------------------------------------------------------------*/
+
+static inline void lib3270_autoptr_cleanup_BIO(BIO **ptr)
+{
+ debug("%s(%p)",__FUNCTION__,*ptr);
+ if(*ptr)
+ BIO_free_all(*ptr);
+ *ptr = NULL;
+}
+
+LIB3270_INTERNAL X509_CRL * get_crl_using_url(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl)
+{
+ X509_CRL * x509_crl = NULL;
+
+ size_t szText = 0;
+ lib3270_autoptr(char) httpText = lib3270_get_from_url(hSession, consturl, &szText, &message->description);
+
+ if(!httpText)
+ {
+ message->title = _( "Security error" );
+ message->text = _( "Error loading certificate revocation list" );
+ return NULL;
+ }
+
+ if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE))
+ lib3270_trace_data(hSession,"CRL Data",(const unsigned char *) httpText, (unsigned int) szText);
+
+ if(strncasecmp(consturl,"ldap://",7) == 0)
+ {
+ // It's an LDAP query, assumes a base64 data.
+ char * data = strstr((char *) httpText,":: ");
+ if(!data)
+ {
+ message->error = hSession->ssl.error = ERR_get_error();
+ message->title = _( "Security error" );
+ message->text = _( "Got a bad formatted certificate revocation list from LDAP server" );
+ lib3270_write_log(hSession,"ssl","%s: invalid format:\n%s\n", consturl, httpText);
+ errno = EINVAL;
+ return NULL;
+ }
+ data += 3;
+
+ lib3270_autoptr(BIO) bio = BIO_new_mem_buf(httpText,-1);
+
+ BIO * b64 = BIO_new(BIO_f_base64());
+ bio = BIO_push(b64, bio);
+
+ BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
+
+ if(!d2i_X509_CRL_bio(bio, &x509_crl))
+ {
+ message->error = hSession->ssl.error = ERR_get_error();
+ message->title = _( "Security error" );
+ message->text = _( "Can't decode certificate revocation list got from LDAP server" );
+ lib3270_write_log(hSession,"ssl","%s: %s",consturl, message->text);
+ errno = EINVAL;
+ return NULL;
+ }
+
+ }
+ else
+ {
+ // CRL File, convert it
+ // Copy the pointer because d2i_X509_CRL changes the value!!!
+ const unsigned char *crl_data = (const unsigned char *) httpText;
+
+ if(!d2i_X509_CRL(&x509_crl, &crl_data, szText))
+ {
+ message->error = hSession->ssl.error = ERR_get_error();
+ message->title = _( "Security error" );
+ message->text = _( "Can't decode certificate revocation list" );
+ lib3270_write_log(hSession,"ssl","%s: %s",consturl, message->text);
+ return NULL;
+ }
+
+ }
+
+ return x509_crl;
+
+}
+
+#endif // HAVE_LIBSSL && SSL_ENABLE_CRL_CHECK && HAVE_LIBCURL
diff --git a/src/ssl/windows/getcrl.c b/src/ssl/windows/getcrl.c
index 7360cdf..2c9cb4c 100644
--- a/src/ssl/windows/getcrl.c
+++ b/src/ssl/windows/getcrl.c
@@ -107,7 +107,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co
{
#ifdef HAVE_LIBCURL
- return get_crl_using_curl(hSession, message, consturl);
+ return get_crl_using_url(hSession, message, consturl);
#else
// Can't get CRL.
diff --git a/src/ssl/windows/private.h b/src/ssl/windows/private.h
index 3e889d0..53a5ecd 100644
--- a/src/ssl/windows/private.h
+++ b/src/ssl/windows/private.h
@@ -53,7 +53,7 @@
#include
/// @brief Use libcurl to get CRL.
- LIB3270_INTERNAL X509_CRL * get_crl_using_curl(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl);
+ LIB3270_INTERNAL X509_CRL * get_crl_using_url(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl);
#endif // HAVE_LIBCURL
--
libgit2 0.21.2