Fixing start tls messages.

Perry Werneck
1 parent 0f98ce19
Showing 8 changed files with 79 additions and 15 deletions Show diff stats
src/core/connect.c
src/core/linux/connect.c
src/core/properties/string.c
src/core/telnet.c
src/core/toggles/init.c
src/network_modules/openssl/main.c
src/network_modules/openssl/messages.c
src/network_modules/state.c
@@ -149,8 +149,6 @@
 			NULL
 		);
-	non_blocking(hSession,True);
-
 	if(rc == ENOTSUP) {
 		// No support for TLS/SSL in the active network module, the connection is insecure
@@ -198,13 +196,17 @@
 		set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED);
 		// Ask user what I can do!
+		debug("********************* [%s]",hSession->ssl.message->name);
+		debug("********************* [%s]",hSession->ssl.message->label);
+
 		if(lib3270_popup_translated(hSession,(const LIB3270_POPUP *) hSession->ssl.message,1) == ECANCELED) {
-			lib3270_disconnect(hSession);
 			return ECANCELED;
 		}
 	}
+	non_blocking(hSession,True);
+
 	return 0;
  }
@@ -147,13 +147,14 @@
 	if(hSession->network.module->getsockopt(hSession, SOL_SOCKET, SO_ERROR, (char *) &err, &len) < 0)
 	{
+		int err = errno;
 		lib3270_disconnect(hSession);
 		lib3270_popup_dialog(
 			hSession,
 			LIB3270_NOTIFY_ERROR,
 			_( "Network error" ),
 			_( "Unable to get connection state." ),
-			_( "%s" ), strerror(errno)
+			_( "The system error was %s" ), strerror(err)
 		);
 		return;
 	}
@@ -180,12 +181,14 @@
 		return;
 	}
+	if(lib3270_start_tls(hSession)) {
+		lib3270_disconnect(hSession);
+		return;
+	}
+
 	hSession->xio.except = hSession->network.module->add_poll(hSession,LIB3270_IO_FLAG_EXCEPTION,net_exception,0);
 	hSession->xio.read = hSession->network.module->add_poll(hSession,LIB3270_IO_FLAG_READ,net_input,0);
-	if(lib3270_start_tls(hSession))
-		return;
-
 	lib3270_setup_session(hSession);
 	lib3270_set_connected_initial(hSession);
@@ -164,7 +164,6 @@
 			.set = NULL															// Set value.
 		},
-		/*
 		{
 			.name = "sslmessage",												//  Property name.
 			.description = N_( "The security state" ),							//  Property description.
@@ -178,7 +177,6 @@
 			.get = lib3270_get_ssl_state_description,							//  Get value.
 			.set = NULL															//  Set value.
 		},
-		*/
 		{
 			.name = "oversize",														//  Property name.
@@ -569,6 +569,8 @@ void net_input(H3270 *hSession, int GNUC_UNUSED(fd), LIB3270_IO_FLAG GNUC_UNUSED
 		nr = hSession->network.module->recv(hSession, buffer, BUFSZ);
+		debug("%s: recv=%d",__FUNCTION__,nr);
+
 		if (nr < 0)
 		{
 			if (nr == -EWOULDBLOCK)
@@ -578,6 +580,7 @@ void net_input(H3270 *hSession, int GNUC_UNUSED(fd), LIB3270_IO_FLAG GNUC_UNUSED
 			if(HALF_CONNECTED && nr == -EAGAIN)
 			{
+				debug("%s: Received a -EAGAIN with half-connect",__FUNCTION__);
 				connection_complete(hSession);
 				return;
 			}
@@ -598,6 +601,7 @@ void net_input(H3270 *hSession, int GNUC_UNUSED(fd), LIB3270_IO_FLAG GNUC_UNUSED
 		// Process the data.
 		if (HALF_CONNECTED)
 		{
+			debug("%s: Received a %d with half-connect",__FUNCTION__,nr);
 			if (non_blocking(hSession,False) < 0)
 			{
 				host_disconnect(hSession,True);
@@ -79,15 +79,14 @@ static void toggle_nop(H3270 GNUC_UNUSED(*session), const struct lib3270_toggle 
 static void toggle_keepalive(H3270 *hSession, const struct lib3270_toggle GNUC_UNUSED(*t), LIB3270_TOGGLE_TYPE GNUC_UNUSED(tt))
 {
-	if(hSession->network.context)
+	if(hSession->network.module->is_connected(hSession))
 	{
-		// Has network context, update keep-alive option
+		// Has network connection, update keep-alive option
 		int optval = t->value ? 1 : 0;
 		if(hSession->network.module->setsockopt(hSession, SOL_SOCKET, SO_KEEPALIVE, &optval, sizeof(optval)) < 0)
 		{
-			if(errno != ENOTCONN)
-				popup_a_sockerr(hSession, _( "Can't %s network keep-alive" ), optval ? _( "enable" ) : _( "disable" ));
+			popup_a_sockerr(hSession, _( "Can't %s network keep-alive" ), optval ? _( "enable" ) : _( "disable" ));
 		}
 		else
 		{
@@ -194,10 +194,12 @@ static int openssl_network_is_connected(const H3270 *hSession) {
 }
 static int openssl_network_setsockopt(H3270 *hSession, int level, int optname, const void *optval, size_t optlen) {
+	debug("%s(%d)",__FUNCTION__,hSession->network.context->sock);
 	return setsockopt(hSession->network.context->sock, level, optname, optval, optlen);
 }
 static int openssl_network_getsockopt(H3270 *hSession, int level, int optname, void *optval, socklen_t *optlen) {
+	debug("%s(%d)",__FUNCTION__,hSession->network.context->sock);
 	return getsockopt(hSession->network.context->sock, level, optname, optval, optlen);
 }
@@ -66,10 +66,12 @@ const LIB3270_SSL_MESSAGE * lib3270_openssl_message_from_id(long id) {
 		{
 			.id = X509_V_ERR_UNABLE_TO_GET_CRL,
 			.message = {
+				.name = "X509UnableToGetCRL",
 				.type = LIB3270_NOTIFY_ERROR,
-				.icon = "dialog-error",
+				.icon = "security-low",
 				.summary = N_( "Unable to get certificate CRL." ),
-				.body = N_( "The Certificate revocation list (CRL) of a certificate could not be found." )
+				.body = N_( "The Certificate revocation list (CRL) of a certificate could not be found." ),
+				.label = N_( "Continue" )
 			}
 		},
@@ -75,3 +75,57 @@ void set_ssl_state(H3270 *hSession, LIB3270_SSL_STATE state)
 	hSession->cbk.update_ssl(hSession,hSession->ssl.state);
 }
+
+LIB3270_EXPORT const char * lib3270_get_ssl_state_message(const H3270 *hSession) {
+
+	if(hSession->ssl.message) {
+
+		if(hSession->ssl.message->summary)
+			return dgettext(GETTEXT_PACKAGE,hSession->ssl.message->summary);
+
+		return "";
+	}
+
+	return _( "The connection is insecure" );
+
+}
+
+LIB3270_EXPORT const char * lib3270_get_ssl_state_icon_name(const H3270 *hSession) {
+
+	if(hSession->ssl.message && hSession->ssl.message->icon)
+		return hSession->ssl.message->icon;
+
+	return "dialog-error";
+}
+
+LIB3270_EXPORT const char * lib3270_get_ssl_state_description(const H3270 *hSession) {
+
+	if(hSession->ssl.message) {
+
+		if(hSession->ssl.message->body)
+			return dgettext(GETTEXT_PACKAGE,hSession->ssl.message->body);
+
+		return "";
+	}
+
+	return "";
+
+}
+
+LIB3270_EXPORT char * lib3270_get_ssl_crl_text(const H3270 *hSession) {
+
+#ifndef DEBUG
+	#error Implementar!
+#endif // DEBUG
+
+	return NULL;
+}
+
+LIB3270_EXPORT char * lib3270_get_ssl_peer_certificate_text(const H3270 *hSession) {
+
+#ifndef DEBUG
+	#error Implementar!
+#endif // DEBUG
+
+	return NULL;
+}
	@@ -75,3 +75,57 @@ void set_ssl_state(H3270 *hSession, LIB3270_SSL_STATE state)		@@ -75,3 +75,57 @@ void set_ssl_state(H3270 *hSession, LIB3270_SSL_STATE state)
75		75
76	hSession->cbk.update_ssl(hSession,hSession->ssl.state);	76	hSession->cbk.update_ssl(hSession,hSession->ssl.state);
77	}	77	}
		78	+
		79	+LIB3270_EXPORT const char * lib3270_get_ssl_state_message(const H3270 *hSession) {
		80	+
		81	+ if(hSession->ssl.message) {
		82	+
		83	+ if(hSession->ssl.message->summary)
		84	+ return dgettext(GETTEXT_PACKAGE,hSession->ssl.message->summary);
		85	+
		86	+ return "";
		87	+ }
		88	+
		89	+ return _( "The connection is insecure" );
		90	+
		91	+}
		92	+
		93	+LIB3270_EXPORT const char * lib3270_get_ssl_state_icon_name(const H3270 *hSession) {
		94	+
		95	+ if(hSession->ssl.message && hSession->ssl.message->icon)
		96	+ return hSession->ssl.message->icon;
		97	+
		98	+ return "dialog-error";
		99	+}
		100	+
		101	+LIB3270_EXPORT const char * lib3270_get_ssl_state_description(const H3270 *hSession) {
		102	+
		103	+ if(hSession->ssl.message) {
		104	+
		105	+ if(hSession->ssl.message->body)
		106	+ return dgettext(GETTEXT_PACKAGE,hSession->ssl.message->body);
		107	+
		108	+ return "";
		109	+ }
		110	+
		111	+ return "";
		112	+
		113	+}
		114	+
		115	+LIB3270_EXPORT char * lib3270_get_ssl_crl_text(const H3270 *hSession) {
		116	+
		117	+#ifndef DEBUG
		118	+ #error Implementar!
		119	+#endif // DEBUG
		120	+
		121	+ return NULL;
		122	+}
		123	+
		124	+LIB3270_EXPORT char * lib3270_get_ssl_peer_certificate_text(const H3270 *hSession) {
		125	+
		126	+#ifndef DEBUG
		127	+ #error Implementar!
		128	+#endif // DEBUG
		129	+
		130	+ return NULL;
		131	+}