Adjusting network modules source paths.

Perry Werneck
1 parent 6cc9e2d4
Showing 25 changed files with 1326 additions and 1265 deletions Show diff stats
Makefile.in
lib3270.cbp
src/core/connect.c
src/core/host.c
src/core/linux/connect.c
src/core/properties/boolean.c
src/core/properties/signed.c
src/core/properties/string.c
src/core/session.c
src/core/telnet.c
src/include/networking.h
src/network_modules/default/main.c
src/network_modules/default/private.h
src/network_modules/linux/connect.c
src/network_modules/openssl.c
src/network_modules/openssl/main.c
src/network_modules/openssl/private.h
src/network_modules/openssl/states.c
src/network_modules/private.h
src/network_modules/select.c
@@ -32,6 +32,8 @@ LIBNAME=lib@LIB3270_NAME@
 PRODUCT_NAME=@PRODUCT_NAME@
 INSTALL_PACKAGES=@INSTALL_PACKAGES@
  
+NETWORK_MODULES=default
+
 SOURCES= \
 	$(wildcard src/core/*.c) \
 	$(wildcard src/core/keyboard/*.c) \
@@ -43,11 +45,9 @@ SOURCES= \
 	$(wildcard src/core/@OSNAME@/*.c) \
 	$(wildcard src/core/properties/*.c) \
 	$(wildcard src/selection/*.c) \
-	$(wildcard src/ssl/*.c) \
-	$(wildcard src/ssl/@OSNAME@/*.c) \
 	$(wildcard src/network_modules/*.c) \
-	$(wildcard src/network_modules/@OSNAME@/*.c) \
-	$(BASEDIR)/.tmp/$(LIBNAME)/fallbacks.c
+	$(BASEDIR)/.tmp/$(LIBNAME)/fallbacks.c \
+	$(foreach MODULE, $(NETWORK_MODULES), $(wildcard src/network_modules/$(MODULE)/*.c))
  
 TEST_SOURCES= \
 	$(wildcard src/testprogram/*.c)
@@ -307,14 +307,21 @@
 		<Unit filename="src/mkfb/mkfb.c">
 			<Option compilerVar="CC" />
 		</Unit>
-		<Unit filename="src/network_modules/linux/connect.c">
+		<Unit filename="src/network_modules/default/main.c">
 			<Option compilerVar="CC" />
 		</Unit>
-		<Unit filename="src/network_modules/openssl.c">
+		<Unit filename="src/network_modules/default/private.h" />
+		<Unit filename="src/network_modules/openssl/main.c">
 			<Option compilerVar="CC" />
 		</Unit>
-		<Unit filename="src/network_modules/private.h" />
-		<Unit filename="src/network_modules/unsecure.c">
+		<Unit filename="src/network_modules/openssl/private.h" />
+		<Unit filename="src/network_modules/openssl/states.c">
+			<Option compilerVar="CC" />
+		</Unit>
+		<Unit filename="src/network_modules/select.c">
+			<Option compilerVar="CC" />
+		</Unit>
+		<Unit filename="src/network_modules/state.c">
 			<Option compilerVar="CC" />
 		</Unit>
 		<Unit filename="src/selection/actions.c">
@@ -352,9 +359,6 @@
 		<Unit filename="src/ssl/properties.c">
 			<Option compilerVar="CC" />
 		</Unit>
-		<Unit filename="src/ssl/state.c">
-			<Option compilerVar="CC" />
-		</Unit>
 		<Unit filename="src/ssl/windows/getcrl.c">
 			<Option compilerVar="CC" />
 		</Unit>
@@ -35,8 +35,6 @@
 #include <lib3270/trace.h>
 #include <lib3270/toggle.h>
 #include <trace_dsc.h>
-
-#include "../ssl/crl.h"
 #include "utilc.h"
  
 /*---[ Implement ]-------------------------------------------------------------------------------*/
@@ -257,12 +257,8 @@ static void update_url(H3270 *hSession)
 {
 	char * url =
 			lib3270_strdup_printf(
-				"%s%s:%s",
-#ifdef HAVE_LIBSSL
-					(hSession->ssl.enabled ? "tn3270s://" : "tn3270://"),
-#else
-					"tn3270://",
-#endif // HAVE_LIBSSL
+				"%s//%s:%s",
+					hSession->network.module->name,
 					hSession->host.current,
 					hSession->host.srvc
 	);
@@ -280,7 +276,7 @@ static void update_url(H3270 *hSession)
 	lib3270_free(hSession->host.url);
 	hSession->host.url = url;
  
-#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK)
+#if defined(HAVE_LIBSSLx) && defined(SSL_ENABLE_CRL_CHECK)
 	lib3270_crl_free(hSession);
 #endif // SSL_ENABLE_CRL_CHECK
  
@@ -377,7 +373,7 @@ LIB3270_EXPORT int lib3270_set_url(H3270 *h, const char *n)
 		const char		* srvc;
 	} sch[] =
 	{
-#ifdef HAVE_LIBSSL
+#ifdef HAVE_LIBSSLx
 		{ 1, "tn3270s://",	"telnets"	},
 		{ 1, "telnets://",	"telnets"	},
 		{ 1, "L://",		"telnets"	},
@@ -398,7 +394,7 @@ LIB3270_EXPORT int lib3270_set_url(H3270 *h, const char *n)
  
 	trace("%s(%s)",__FUNCTION__,str);
  
-#ifdef HAVE_LIBSSL
+#ifdef HAVE_LIBSSLx
 	h->ssl.enabled = 0;
 #endif // HAVE_LIBSSL
  
@@ -407,7 +403,7 @@ LIB3270_EXPORT int lib3270_set_url(H3270 *h, const char *n)
 		size_t sz = strlen(sch[f].text);
 		if(!strncasecmp(hostname,sch[f].text,sz))
 		{
-#ifdef HAVE_LIBSSL
+#ifdef HAVE_LIBSSLx
 			h->ssl.enabled	= sch[f].ssl;
 #endif // HAVE_LIBSSL
 			srvc			= sch[f].srvc;
@@ -53,9 +53,84 @@
 #include <lib3270/internals.h>
 #include <lib3270/log.h>
 #include <lib3270/trace.h>
+#include <networking.h>
  
 /*---[ Implement ]-------------------------------------------------------------------------------*/
  
+ int lib3270_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
+
+	//
+	// Resolve hostname
+	//
+	struct addrinfo	  hints;
+ 	struct addrinfo * result	= NULL;
+	memset(&hints,0,sizeof(hints));
+	hints.ai_family 	= AF_UNSPEC;	// Allow IPv4 or IPv6
+	hints.ai_socktype	= SOCK_STREAM;	// Stream socket
+	hints.ai_flags		= AI_PASSIVE;	// For wildcard IP address
+	hints.ai_protocol	= 0;			// Any protocol
+
+	status_resolving(hSession);
+
+ 	int rc = getaddrinfo(hSession->host.current, hSession->host.srvc, &hints, &result);
+ 	if(rc)
+	{
+		state->error_message = gai_strerror(rc);
+		return -1;
+	}
+
+	//
+	// Try connecting to hosts.
+	//
+	int sock = -1;
+	struct addrinfo * rp = NULL;
+
+	status_connecting(hSession);
+
+	for(rp = result; sock < 0 && rp != NULL; rp = rp->ai_next)
+	{
+		// Got socket from host definition.
+		sock = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol);
+		if(sock < 0)
+		{
+			// Can't get socket.
+			state->syserror = errno;
+			continue;
+		}
+
+		// Try connect.
+		if(connect(sock, rp->ai_addr, rp->ai_addrlen))
+		{
+			// Can't connect to host
+			state->syserror = errno;
+			close(sock);
+			sock = -1;
+			continue;
+		}
+
+	}
+
+	freeaddrinfo(result);
+
+	if(sock < 0)
+	{
+		static const LIB3270_POPUP popup = {
+			.name = "CantConnect",
+			.type = LIB3270_NOTIFY_ERROR,
+			.summary = N_("Can't connect to host"),
+			.label = N_("Try again")
+		};
+
+		state->popup = &popup;
+		return sock;
+	}
+
+	// don't share the socket with our children
+	(void) fcntl(sock, F_SETFD, 1);
+
+	return sock;
+ }
+
  static void net_connected(H3270 *hSession, int GNUC_UNUSED(fd), LIB3270_IO_FLAG GNUC_UNUSED(flag), void GNUC_UNUSED(*dunno))
  {
 	int 		err;
@@ -171,7 +246,7 @@
 	//
 	hSession->ever_3270 = False;
  
-#if defined(HAVE_LIBSSL)
+#if defined(HAVE_LIBSSLx)
 	if(hSession->ssl.enabled)
 	{
 		hSession->ssl.host = 1;
@@ -47,7 +47,7 @@
  
  void lib3270_disable_crl_download(H3270 *hSession)
  {
-#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK)
+#if defined(HAVE_LIBSSLx) && defined(SSL_ENABLE_CRL_CHECK)
 	hSession->ssl.crl.download = 0;
 #endif // SSL_ENABLE_CRL_CHECK
  }
@@ -51,7 +51,7 @@
  
  static int lib3270_set_ssl_minimum_protocol_version(H3270 *hSession, int value)
  {
-#ifdef HAVE_LIBSSL
+#ifdef HAVE_LIBSSLx
 	FAIL_IF_ONLINE(hSession);
 	hSession->ssl.protocol.min_version = value;
 	return 0;
@@ -62,7 +62,7 @@
  
  static int lib3270_set_ssl_maximum_protocol_version(H3270 *hSession, int value)
  {
-#ifdef HAVE_LIBSSL
+#ifdef HAVE_LIBSSLx
 	FAIL_IF_ONLINE(hSession);
 	hSession->ssl.protocol.max_version = value;
 	return 0;
@@ -73,7 +73,7 @@
  
  static int lib3270_get_ssl_minimum_protocol_version(const H3270 *hSession)
  {
-#ifdef HAVE_LIBSSL
+#ifdef HAVE_LIBSSLx
 	return hSession->ssl.protocol.min_version;
 #else
 	errno = ENOTSUP;
@@ -83,7 +83,7 @@
  
  static int lib3270_get_ssl_maximum_protocol_version(const H3270 *hSession)
  {
-#ifdef HAVE_LIBSSL
+#ifdef HAVE_LIBSSLx
 	return hSession->ssl.protocol.max_version;
 #else
 	errno = ENOTSUP;
@@ -139,6 +139,7 @@
 			.set = NULL															// Set value.
 		},
  
+		/*
 		{
 			.name = "crl_url",													// Property name.
 			.group = LIB3270_ACTION_GROUP_OFFLINE,								// Property group.
@@ -154,6 +155,7 @@
 			.get = lib3270_crl_get_preferred_protocol,							// Get value.
 			.set = lib3270_crl_set_preferred_protocol,							// Set value.
 		},
+		*/
  
 		{
 			.name = "default_host",												// Property name.
@@ -162,6 +164,7 @@
 			.set = NULL															// Set value.
 		},
  
+		/*
 		{
 			.name = "sslmessage",												//  Property name.
 			.description = N_( "The security state" ),							//  Property description.
@@ -175,6 +178,7 @@
 			.get = lib3270_get_ssl_state_description,							//  Get value.
 			.set = NULL															//  Set value.
 		},
+		*/
  
 		{
 			.name = "oversize",														//  Property name.
@@ -74,7 +74,7 @@ void lib3270_session_free(H3270 *h)
  
 	shutdown_toggles(h);
  
-#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSL)
+#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSLx)
 	if(h->ssl.crl.prefer)
 	{
 		free(h->ssl.crl.prefer);
@@ -324,7 +324,7 @@ static void lib3270_session_init(H3270 *hSession, const char *model, const char 
 	memset(hSession,0,sizeof(H3270));
 	lib3270_set_default_network_module(hSession);
  
-#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSL)
+#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSLx)
 	hSession->ssl.crl.download = 1;
 #endif // SSL_ENABLE_CRL_CHECK
  
@@ -1520,37 +1520,12 @@ void net_exception(H3270 *session, int GNUC_UNUSED(fd), LIB3270_IO_FLAG GNUC_UNU
  
 LIB3270_INTERNAL int lib3270_sock_send(H3270 *hSession, unsigned const char *buf, int len)
 {
-	int rc;
-
-#if defined(HAVE_LIBSSL)
-	if(hSession->ssl.con != NULL)
-		rc = SSL_write(hSession->ssl.con, (const char *) buf, len);
-	else
-		rc = send(hSession->connection.sock, (const char *) buf, len, 0);
-#else
-		rc = hSession->network.module->send(hSession, buf, len);
-#endif // HAVE_LIBSSL
+	int rc = hSession->network.module->send(hSession, buf, len);
  
 	if(rc > 0)
 		return rc;
  
 	// Send error, notify
-
-#if defined(HAVE_LIBSSL)
-	#error TODO - The send method should emit popup messages.
-	if(hSession->ssl.con != NULL)
-	{
-		unsigned long e;
-		char err_buf[120];
-
-		e = ERR_get_error();
-		(void) ERR_error_string(e, err_buf);
-		trace_dsn(hSession,"RCVD SSL_write error %ld (%s)\n", e,err_buf);
-		popup_an_error(hSession,_( "SSL_write:\n%s" ), err_buf);
-		return -1;
-	}
-#endif // HAVE_LIBSSL
-
 	trace_dsn(hSession,"RCVD socket error %d\n", -rc);
  
 	return -1;
@@ -51,9 +51,21 @@
  
 	typedef struct lib3270_net_module {
  
+		/// @brief Protocol name for URL.
+		const char *name;
+
+		/// @brief Default service name.
+		const char *service;
+
+		/// @brief Prepare to connect.
+		///
+		/// @param hSession	TN3270 session.
+		/// @param state	Pointer to state message.
+		///
+		int (*init)(H3270 *hSession, LIB3270_NETWORK_STATE *state);
+
 		/// @brief Deinitialize network module.
 		///
-		/// @param context	Network context.
 		/// @param hSession	TN3270 session.
 		/// @param state	Pointer to state message.
 		///
@@ -61,7 +73,6 @@
  
 		/// @brief Connect to host.
 		///
-		/// @param context	Network context.
 		/// @param hSession	TN3270 session.
 		/// @param seconds	Seconds for timeout.
 		/// @param state	Pointer to state message.
@@ -70,7 +81,6 @@
  
 		/// @brief Disconnect from host.
 		///
-		/// @param context	Network context.
 		/// @param hSession	TN3270 session.
 		/// @param state	Pointer to state message.
 		///
@@ -131,14 +141,21 @@
 	/**
 	 * @brief Connect to host, returns a connected socket.
 	 *
+	 * @param hSession	Disconnected TN3270 session.
+	 * @param state		Pointer to network state context.
+	 *
 	 * @return The Socket number or -1 in case of failure.
 	 *
 	 */
-	LIB3270_INTERNAL int lib3270_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state);
-
+	LIB3270_INTERNAL int	  lib3270_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state);
  
-	LIB3270_INTERNAL void	* lib3270_openssl_get_context(H3270 *hSession, LIB3270_NETWORK_STATE *state);
-	LIB3270_INTERNAL int	  lib3270_openssl_get_ex_index(H3270 *hSession);
+	/**
+	 * @brief Select the default (unsecure) network context.
+	 *
+	 * @param hSession	TN3270 Session handle.
+	 *
+	 */
+	LIB3270_INTERNAL void	  lib3270_set_default_network_module(H3270 *hSession);
  
 #endif // LIB3270_NETWORKING_H_INCLUDED
  
@@ -0,0 +1,303 @@
+/*
+ * "Software PW3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008> <Banco do Brasil S.A.>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * Este programa está nomeado como unsecure.c e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
+ *
+ */
+
+ /**
+  * @brief Default networking methods.
+  *
+  */
+
+ #include "private.h"
+ #include <fcntl.h>
+
+ static void unsecure_network_finalize(H3270 *hSession) {
+
+	debug("%s",__FUNCTION__);
+
+	if(hSession->network.context) {
+		lib3270_free(hSession->network.context);
+		hSession->network.context = NULL;
+	}
+
+ }
+
+ static int unsecure_network_disconnect(H3270 *hSession) {
+
+	debug("%s",__FUNCTION__);
+
+	if(hSession->network.context->sock >= 0) {
+		shutdown(hSession->network.context->sock, 2);
+		close(hSession->network.context->sock);
+		hSession->network.context->sock = -1;
+	}
+
+	return 0;
+ }
+
+ ssize_t unsecure_network_send(H3270 *hSession, const void *buffer, size_t length) {
+
+	if(hSession->network.context->sock < 0) {
+		return -(errno = ENOTCONN);
+	}
+
+	ssize_t bytes = send(hSession->network.context->sock,buffer,length,0);
+
+	debug("%s bytes=%d",__FUNCTION__,(int) bytes);
+
+	if(bytes >= 0)
+		return bytes;
+
+	int rc = errno;
+
+	debug("%s: %s",__FUNCTION__,strerror(rc));
+
+	switch(rc)
+	{
+	case EPIPE:
+		lib3270_popup_dialog(
+			hSession,
+			LIB3270_NOTIFY_ERROR,
+			NULL,
+			_("Broken pipe"),
+			_("The system error code was %d"),
+			rc
+		);
+		break;
+
+	case ECONNRESET:
+		lib3270_popup_dialog(
+			hSession,
+			LIB3270_NOTIFY_ERROR,
+			NULL,
+			_("Connection reset by peer"),
+			_("The system error code was %d"),
+			rc
+		);
+		break;
+
+	case EINTR:
+		return 0;
+
+	default:
+		lib3270_popup_dialog(
+			hSession,
+			LIB3270_NOTIFY_ERROR,
+			NULL,
+			_("Unexpected error writing to network socket"),
+			_("The system error code was %d (%s)"),
+			rc, strerror(rc)
+		);
+
+	}
+
+	return -rc;
+ }
+
+ static ssize_t unsecure_network_recv(H3270 *hSession, void *buf, size_t len) {
+
+ 	debug("%s",__FUNCTION__);
+
+	if(hSession->network.context->sock < 0) {
+		return -(errno = ENOTCONN);
+	}
+
+	ssize_t bytes = recv(hSession->network.context->sock, (char *) buf, len, 0);
+
+	debug("%s bytes=%d",__FUNCTION__,(int) bytes);
+
+	if(bytes < 0) {
+		return -errno;
+	}
+
+	return bytes;
+}
+
+static int unsecure_network_getsockname(const H3270 *hSession, struct sockaddr *addr, socklen_t *addrlen) {
+	if(hSession->network.context->sock < 0)
+		return -(errno = ENOTCONN);
+	return getsockname(hSession->network.context->sock, addr, addrlen);
+}
+
+static void * unsecure_network_add_poll(H3270 *hSession, LIB3270_IO_FLAG flag, void(*call)(H3270 *, int, LIB3270_IO_FLAG, void *), void *userdata) {
+	return lib3270_add_poll_fd(hSession,hSession->network.context->sock,flag,call,userdata);
+}
+
+static int unsecure_network_non_blocking(H3270 *hSession, const unsigned char on) {
+
+	if(hSession->network.context->sock < 0)
+		return 0;
+
+#ifdef WIN32
+
+		WSASetLastError(0);
+		u_long iMode= on ? 1 : 0;
+
+		if(ioctlsocket(hSession->network.context->sock,FIONBIO,&iMode))
+		{
+			lib3270_popup_dialog(	hSession,
+									LIB3270_NOTIFY_ERROR,
+									_( "Connection error" ),
+									_( "ioctlsocket(FIONBIO) failed." ),
+									"%s", lib3270_win32_strerror(GetLastError()));
+			return -1;
+		}
+
+#else
+
+	int f;
+
+	if ((f = fcntl(hSession->network.context->sock, F_GETFL, 0)) == -1)
+	{
+		lib3270_popup_dialog(	hSession,
+								LIB3270_NOTIFY_ERROR,
+								_( "Socket error" ),
+								_( "fcntl() error when getting socket state." ),
+								_( "%s" ), strerror(errno)
+							);
+
+		return -1;
+	}
+
+	if (on)
+		f |= O_NDELAY;
+	else
+		f &= ~O_NDELAY;
+
+	if (fcntl(hSession->network.context->sock, F_SETFL, f) < 0)
+	{
+		lib3270_popup_dialog(	hSession,
+								LIB3270_NOTIFY_ERROR,
+								_( "Socket error" ),
+								on ? _( "Can't set socket to blocking mode." ) : _( "Can't set socket to non blocking mode" ),
+								_( "%s" ), strerror(errno)
+							);
+		return -1;
+	}
+
+#endif
+
+	debug("Socket %d is now %s",hSession->network.context->sock,(on ? "Non Blocking" : "Blocking"));
+
+	return 0;
+}
+
+static int unsecure_network_is_connected(const H3270 *hSession) {
+	return hSession->network.context->sock > 0;
+}
+
+static int unsecure_network_setsockopt(H3270 *hSession, int level, int optname, const void *optval, size_t optlen) {
+
+	if(hSession->network.context->sock < 0) {
+		errno = ENOTCONN;
+		return -1;
+	}
+
+	return setsockopt(hSession->network.context->sock, level, optname, optval, optlen);
+
+}
+
+static int unsecure_network_getsockopt(H3270 *hSession, int level, int optname, void *optval, socklen_t *optlen) {
+
+	if(hSession->network.context->sock < 0) {
+		errno = ENOTCONN;
+		return -1;
+	}
+
+	return getsockopt(hSession->network.context->sock, level, optname, optval, optlen);
+}
+
+static int unsecure_network_init(H3270 GNUC_UNUSED(*hSession), LIB3270_NETWORK_STATE GNUC_UNUSED(*state)) {
+	return 0;
+}
+
+static int unsecure_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
+
+	hSession->network.context->sock = lib3270_network_connect(hSession, state);
+	if(hSession->network.context->sock < 0)
+		return hSession->network.context->sock;
+
+	return 0;
+}
+
+static int unsecure_network_start_tls(H3270 GNUC_UNUSED(*hSession), LIB3270_NETWORK_STATE *msg) {
+
+	if(hSession->ssl.host) {
+
+		// TODO: Replace network module with the openssl version, initialize and execute start_tls on it.
+
+		static const LIB3270_POPUP popup = {
+			.type = LIB3270_NOTIFY_ERROR,
+			.summary = N_("Can't activate SSL/TLS"),
+			.body = N_("The protocol library was build without SSL/TLS support")
+		};
+
+		msg->popup = &popup;
+
+		return ENOTSUP;
+
+	}
+
+	return 0;
+}
+
+void lib3270_set_default_network_module(H3270 *hSession) {
+
+	static const LIB3270_NET_MODULE module = {
+		.name = "tn3270",
+		.service = "tn3270",
+		.init = unsecure_network_init,
+		.finalize = unsecure_network_finalize,
+		.connect = unsecure_network_connect,
+		.disconnect = unsecure_network_disconnect,
+		.start_tls = unsecure_network_start_tls,
+		.send = unsecure_network_send,
+		.recv = unsecure_network_recv,
+		.add_poll = unsecure_network_add_poll,
+		.non_blocking = unsecure_network_non_blocking,
+		.is_connected = unsecure_network_is_connected,
+		.getsockname = unsecure_network_getsockname,
+		.setsockopt = unsecure_network_setsockopt,
+		.getsockopt = unsecure_network_getsockopt
+	};
+
+ 	debug("%s",__FUNCTION__);
+
+	if(hSession->network.context) {
+		// Has context, finalize it.
+		hSession->network.module->finalize(hSession);
+	}
+
+	hSession->ssl.host = 0;
+	hSession->network.context = lib3270_malloc(sizeof(LIB3270_NET_CONTEXT));
+	memset(hSession->network.context,0,sizeof(LIB3270_NET_CONTEXT));
+	hSession->network.context->sock = -1;
+
+	hSession->network.module = &module;
+
+}
+
@@ -0,0 +1,44 @@
+/*
+ * "Software G3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008> <Banco do Brasil S.A.>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * Este programa está nomeado como private.h e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
+ *
+ */
+
+#ifndef LIB3270_DEFAULT_MODULE_PRIVATE_H_INCLUDED
+
+	#define LIB3270_DEFAULT_MODULE_PRIVATE_H_INCLUDED
+
+	#include <config.h>
+	#include <lib3270.h>
+ 	#include <lib3270/log.h>
+ 	#include <internals.h>
+
+	struct _lib3270_net_context {
+		int sock;
+	};
+
+
+#endif // !LIB3270_OPENSSL_MODULE_PRIVATE_H_INCLUDED
@@ -1,118 +0,0 @@
-/*
- * "Software PW3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
- * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
- * aplicativos mainframe. Registro no INPI sob o nome G3270.
- *
- * Copyright (C) <2008> <Banco do Brasil S.A.>
- *
- * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
- * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
- * Free Software Foundation.
- *
- * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
- * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
- * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
- * obter mais detalhes.
- *
- * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
- * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
- * St, Fifth Floor, Boston, MA  02110-1301  USA
- *
- * Este programa está nomeado como networking.h e possui - linhas de código.
- *
- * Contatos:
- *
- * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
- * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
- *
- */
-
- /**
-  * @brief Default networking methods.
-  *
-  */
-
- #include <config.h>
- #include <internals.h>
- #include <networking.h>
- #include <screen.h>
- #include <unistd.h>
- #include <fcntl.h>
-
- #include <sys/types.h>
- #include <sys/socket.h>
- #include <netdb.h>
-
-int lib3270_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
-
-	//
-	// Resolve hostname
-	//
-	struct addrinfo	  hints;
- 	struct addrinfo * result	= NULL;
-	memset(&hints,0,sizeof(hints));
-	hints.ai_family 	= AF_UNSPEC;	// Allow IPv4 or IPv6
-	hints.ai_socktype	= SOCK_STREAM;	// Stream socket
-	hints.ai_flags		= AI_PASSIVE;	// For wildcard IP address
-	hints.ai_protocol	= 0;			// Any protocol
-
-	status_resolving(hSession);
-
- 	int rc = getaddrinfo(hSession->host.current, hSession->host.srvc, &hints, &result);
- 	if(rc)
-	{
-		state->error_message = gai_strerror(rc);
-		return -1;
-	}
-
-	//
-	// Try connecting to hosts.
-	//
-	int sock = -1;
-	struct addrinfo * rp = NULL;
-
-	status_connecting(hSession);
-
-	for(rp = result; sock < 0 && rp != NULL; rp = rp->ai_next)
-	{
-		// Got socket from host definition.
-		sock = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol);
-		if(sock < 0)
-		{
-			// Can't get socket.
-			state->syserror = errno;
-			continue;
-		}
-
-		// Try connect.
-		if(connect(sock, rp->ai_addr, rp->ai_addrlen))
-		{
-			// Can't connect to host
-			state->syserror = errno;
-			close(sock);
-			sock = -1;
-			continue;
-		}
-
-	}
-
-	freeaddrinfo(result);
-
-	if(sock < 0)
-	{
-		static const LIB3270_POPUP popup = {
-			.name = "CantConnect",
-			.type = LIB3270_NOTIFY_ERROR,
-			.summary = N_("Can't connect to host"),
-			.label = N_("Try again")
-		};
-
-		state->popup = &popup;
-		return sock;
-	}
-
-	// don't share the socket with our children
-	(void) fcntl(sock, F_SETFD, 1);
-
-	return sock;
-}
@@ -1,277 +0,0 @@
-/*
- * "Software PW3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
- * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
- * aplicativos mainframe. Registro no INPI sob o nome G3270.
- *
- * Copyright (C) <2008> <Banco do Brasil S.A.>
- *
- * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
- * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
- * Free Software Foundation.
- *
- * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
- * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
- * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
- * obter mais detalhes.
- *
- * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
- * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
- * St, Fifth Floor, Boston, MA  02110-1301  USA
- *
- * Este programa está nomeado como openssl.c e possui - linhas de código.
- *
- * Contatos:
- *
- * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
- * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
- *
- */
-
- /**
-  * @brief OpenSSL based networking methods.
-  *
-  */
-
- #include "private.h"
-
- #include <sys/types.h>
- #include <sys/socket.h>
- #include <netdb.h>
- #include <openssl/ssl.h>
- #include <openssl/x509.h>
-
- struct _lib3270_net_context {
-
-	int sock;						///< @brief Session socket.
-
-	SSL * con;						///< @brief SSL Connection handle.
-
-	struct {
-		char			  download;	///< @brief Non zero to download CRL.
-		char			* prefer;	///< @brief Prefered protocol for CRL.
-		char			* url;		///< @brief URL for CRL download.
-		X509_CRL 		* cert;		///< @brief Loaded CRL (can be null).
-	} crl;
-
-  };
-
-static void crl_free(LIB3270_NET_CONTEXT *context) {
-	if(context->crl.cert) {
-		X509_CRL_free(context->crl.cert);
-		context->crl.cert = NULL;
-	}
-}
-
-static void openssl_network_finalize(H3270 *hSession) {
-
-	debug("%s",__FUNCTION__);
-
-
-	if(hSession->network.context) {
-
-		// Cleanupp
-		LIB3270_NET_CONTEXT *context = hSession->network.context;
-
-		crl_free(context);
-
-		// Release network context.
-		lib3270_free(hSession->network.context);
-		hSession->network.context = NULL;
-	}
-
-}
-
-static int openssl_network_disconnect(H3270 *hSession) {
-
-
-}
-
-ssize_t openssl_network_send(H3270 *hSession, const void *buffer, size_t length) {
-
-}
-
-static ssize_t openssl_network_recv(H3270 *hSession, void *buf, size_t len) {
-
-}
-
-static int openssl_network_getsockname(const H3270 *hSession, struct sockaddr *addr, socklen_t *addrlen) {
-
-}
-
-static void * openssl_network_add_poll(H3270 *hSession, LIB3270_IO_FLAG flag, void(*call)(H3270 *, int, LIB3270_IO_FLAG, void *), void *userdata) {
-
-}
-
-static int openssl_network_non_blocking(H3270 *hSession, const unsigned char on) {
-
-}
-
-static int openssl_network_is_connected(H3270 *hSession) {
-
-}
-
-static int openssl_network_setsockopt(H3270 *hSession, int level, int optname, const void *optval, size_t optlen) {
-
-}
-
-static int openssl_network_getsockopt(H3270 *hSession, int level, int optname, void *optval, socklen_t *optlen) {
-}
-
-static int openssl_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
-
-	set_ssl_state(hSession,LIB3270_SSL_UNDEFINED);
-
-	SSL_CTX * ctx_context = (SSL_CTX *) lib3270_openssl_get_context(state,state);
-	if(!ctx_context)
-		return -1;
-
-	//
-	// Prepare for connection
-	//
-	LIB3270_NET_CONTEXT *context = hSession->network.context;
-
-	if(context->crl.cert) {
-
-		// Release CRL if expired.
-		// https://stackoverflow.com/questions/23407376/testing-x509-certificate-expiry-date-with-c
-		// X509_CRL_get_nextUpdate is deprecated in openssl 1.1.0
-
-		#if OPENSSL_VERSION_NUMBER < 0x10100000L
-			const ASN1_TIME * next_update = X509_CRL_get_nextUpdate(context->crl.cert);
-		#else
-			const ASN1_TIME * next_update = X509_CRL_get0_nextUpdate(context->crl.cert);
-		#endif
-
-		if(X509_cmp_current_time(next_update) == 1)
-		{
-			int day, sec;
-			if(ASN1_TIME_diff(&day, &sec, NULL, next_update))
-			{
-				trace_ssl(hSession,"CRL is valid for %d day(s) and %d second(s)\n",day,sec);
-			}
-			else
-			{
-				trace_ssl(hSession,"Can't get CRL next update, discarding it\n");
-				crl_free(context);
-			}
-
-		}
-		else
-		{
-			trace_ssl(hSession,"CRL is no longer valid\n");
-			crl_free(context);
-		}
-
-	}
-
-	//
-	// Enable SSL & Connect to host.
-	//
-	hSession->ssl.host = 1;
-	context->sock = lib3270_network_connect(hSession, state);
-
-	return (context->sock < 0 ? -1 : 0);
-
-}
-
-static int openssl_network_start_tls(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
-
-	SSL_CTX * ctx_context = (SSL_CTX *) lib3270_openssl_get_context(state,state);
-	if(!ctx_context)
-		return -1;
-
-	LIB3270_NET_CONTEXT * context = hSession->network.context;
-
-	debug("%s",__FUNCTION__);
-
-	set_ssl_state(hSession,LIB3270_SSL_NEGOTIATING);
-	context->con = SSL_new(ctx_context);
-	if(context->con == NULL)
-	{
-		static const LIB3270_POPUP popup = {
-			.type = LIB3270_NOTIFY_SECURE,
-			.summary = N_( "Cant create a new SSL structure for current connection." )
-		};
-
-		state->popup = &popup;
-		return -1;
-	}
-
-	SSL_set_ex_data(context->con,lib3270_openssl_get_ex_index(hSession),(char *) hSession);
-//	SSL_set_verify(context->con, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
-	SSL_set_verify(context->con, 0, NULL);
-
-	if(SSL_set_fd(context->con, context->sock) != 1)
-	{
-		trace_ssl(hSession,"%s","SSL_set_fd failed!\n");
-
-		static const LIB3270_POPUP popup = {
-			.summary = N_( "SSL negotiation failed" ),
-			.body = N_( "Cant set the file descriptor for the input/output facility for the TLS/SSL (encrypted) side of ssl." )
-		};
-
-		state->popup = &popup;
-		return -1;
-
-	}
-
-	trace_ssl(hSession, "%s","Running SSL_connect\n");
-	int rv = SSL_connect(context->con);
-	trace_ssl(hSession, "SSL_connect exits with rc=%d\n",rv);
-
-	if (rv != 1)
-	{
-		int code = SSL_get_error(context->con,rv);
-
-		if(code == SSL_ERROR_SYSCALL && hSession->ssl.error)
-			code = hSession->ssl.error;
-
-		state->error_message = ERR_lib_error_string(code);
-
-		trace_ssl(hSession,"SSL_connect failed: %s\n",ERR_reason_error_string(code));
-
-		static const LIB3270_POPUP popup = {
-			.type = LIB3270_NOTIFY_ERROR,
-			.summary = N_( "SSL Connect failed" ),
-		};
-
-		state->popup = &popup;
-		return -1;
-
-	}
-
-	return 0;
-}
-
-void lib3270_set_openssl_network_module(H3270 *hSession) {
-
-	static const LIB3270_NET_MODULE module = {
-		.finalize = openssl_network_finalize,
-		.connect = openssl_network_connect,
-		.disconnect = openssl_network_disconnect,
-		.start_tls = openssl_network_start_tls,
-		.send = openssl_network_send,
-		.recv = openssl_network_recv,
-		.add_poll = openssl_network_add_poll,
-		.non_blocking = openssl_network_non_blocking,
-		.is_connected = openssl_network_is_connected,
-		.getsockname = openssl_network_getsockname,
-		.setsockopt = openssl_network_setsockopt,
-		.getsockopt = openssl_network_getsockopt
-	};
-
- 	debug("%s",__FUNCTION__);
-
-	if(hSession->network.context) {
-		// Has context, finalize it.
-		hSession->network.module->finalize(hSession);
-	}
-
-	hSession->ssl.host = 1;
-	hSession->network.context = lib3270_malloc(sizeof(LIB3270_NET_CONTEXT));
-	memset(hSession->network.context,0,sizeof(LIB3270_NET_CONTEXT));
-
-
-
-	hSession->network.module = &module;
-}
@@ -0,0 +1,260 @@
+/*
+ * "Software PW3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008> <Banco do Brasil S.A.>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * Este programa está nomeado como openssl.c e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
+ *
+ */
+
+ /**
+  * @brief OpenSSL based networking methods.
+  *
+  */
+
+ #include "private.h"
+
+
+static void crl_free(LIB3270_NET_CONTEXT *context) {
+	if(context->crl.cert) {
+		X509_CRL_free(context->crl.cert);
+		context->crl.cert = NULL;
+	}
+}
+
+static void openssl_network_finalize(H3270 *hSession) {
+
+	debug("%s",__FUNCTION__);
+
+
+	if(hSession->network.context) {
+
+		// Cleanupp
+		LIB3270_NET_CONTEXT *context = hSession->network.context;
+
+		crl_free(context);
+
+		// Release network context.
+		lib3270_free(hSession->network.context);
+		hSession->network.context = NULL;
+	}
+
+}
+
+static int openssl_network_disconnect(H3270 *hSession) {
+
+
+}
+
+ssize_t openssl_network_send(H3270 *hSession, const void *buffer, size_t length) {
+
+}
+
+static ssize_t openssl_network_recv(H3270 *hSession, void *buf, size_t len) {
+
+}
+
+static int openssl_network_getsockname(const H3270 *hSession, struct sockaddr *addr, socklen_t *addrlen) {
+
+}
+
+static void * openssl_network_add_poll(H3270 *hSession, LIB3270_IO_FLAG flag, void(*call)(H3270 *, int, LIB3270_IO_FLAG, void *), void *userdata) {
+
+}
+
+static int openssl_network_non_blocking(H3270 *hSession, const unsigned char on) {
+
+}
+
+static int openssl_network_is_connected(H3270 *hSession) {
+
+}
+
+static int openssl_network_setsockopt(H3270 *hSession, int level, int optname, const void *optval, size_t optlen) {
+
+}
+
+static int openssl_network_getsockopt(H3270 *hSession, int level, int optname, void *optval, socklen_t *optlen) {
+}
+
+static int openssl_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
+
+	set_ssl_state(hSession,LIB3270_SSL_UNDEFINED);
+
+	SSL_CTX * ctx_context = (SSL_CTX *) lib3270_openssl_get_context(state,state);
+	if(!ctx_context)
+		return -1;
+
+	//
+	// Prepare for connection
+	//
+	LIB3270_NET_CONTEXT *context = hSession->network.context;
+
+	if(context->crl.cert) {
+
+		// Release CRL if expired.
+		// https://stackoverflow.com/questions/23407376/testing-x509-certificate-expiry-date-with-c
+		// X509_CRL_get_nextUpdate is deprecated in openssl 1.1.0
+
+		#if OPENSSL_VERSION_NUMBER < 0x10100000L
+			const ASN1_TIME * next_update = X509_CRL_get_nextUpdate(context->crl.cert);
+		#else
+			const ASN1_TIME * next_update = X509_CRL_get0_nextUpdate(context->crl.cert);
+		#endif
+
+		if(X509_cmp_current_time(next_update) == 1)
+		{
+			int day, sec;
+			if(ASN1_TIME_diff(&day, &sec, NULL, next_update))
+			{
+				trace_ssl(hSession,"CRL is valid for %d day(s) and %d second(s)\n",day,sec);
+			}
+			else
+			{
+				trace_ssl(hSession,"Can't get CRL next update, discarding it\n");
+				crl_free(context);
+			}
+
+		}
+		else
+		{
+			trace_ssl(hSession,"CRL is no longer valid\n");
+			crl_free(context);
+		}
+
+	}
+
+	//
+	// Enable SSL & Connect to host.
+	//
+	hSession->ssl.host = 1;
+	context->sock = lib3270_network_connect(hSession, state);
+
+	return (context->sock < 0 ? -1 : 0);
+
+}
+
+static int openssl_network_start_tls(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
+
+	SSL_CTX * ctx_context = (SSL_CTX *) lib3270_openssl_get_context(state,state);
+	if(!ctx_context)
+		return -1;
+
+	LIB3270_NET_CONTEXT * context = hSession->network.context;
+
+	debug("%s",__FUNCTION__);
+
+	set_ssl_state(hSession,LIB3270_SSL_NEGOTIATING);
+	context->con = SSL_new(ctx_context);
+	if(context->con == NULL)
+	{
+		static const LIB3270_POPUP popup = {
+			.type = LIB3270_NOTIFY_SECURE,
+			.summary = N_( "Cant create a new SSL structure for current connection." )
+		};
+
+		state->popup = &popup;
+		return -1;
+	}
+
+	SSL_set_ex_data(context->con,lib3270_openssl_get_ex_index(hSession),(char *) hSession);
+//	SSL_set_verify(context->con, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
+	SSL_set_verify(context->con, 0, NULL);
+
+	if(SSL_set_fd(context->con, context->sock) != 1)
+	{
+		trace_ssl(hSession,"%s","SSL_set_fd failed!\n");
+
+		static const LIB3270_POPUP popup = {
+			.summary = N_( "SSL negotiation failed" ),
+			.body = N_( "Cant set the file descriptor for the input/output facility for the TLS/SSL (encrypted) side of ssl." )
+		};
+
+		state->popup = &popup;
+		return -1;
+
+	}
+
+	trace_ssl(hSession, "%s","Running SSL_connect\n");
+	int rv = SSL_connect(context->con);
+	trace_ssl(hSession, "SSL_connect exits with rc=%d\n",rv);
+
+	if (rv != 1)
+	{
+		int code = SSL_get_error(context->con,rv);
+
+		if(code == SSL_ERROR_SYSCALL && hSession->ssl.error)
+			code = hSession->ssl.error;
+
+		state->error_message = ERR_lib_error_string(code);
+
+		trace_ssl(hSession,"SSL_connect failed: %s\n",ERR_reason_error_string(code));
+
+		static const LIB3270_POPUP popup = {
+			.type = LIB3270_NOTIFY_ERROR,
+			.summary = N_( "SSL Connect failed" ),
+		};
+
+		state->popup = &popup;
+		return -1;
+
+	}
+
+	return 0;
+}
+
+void lib3270_set_openssl_network_module(H3270 *hSession) {
+
+	static const LIB3270_NET_MODULE module = {
+		.name = "tn3270s",
+		.service = "tn3270s",
+		.init = openssl_network_init,
+		.finalize = openssl_network_finalize,
+		.connect = openssl_network_connect,
+		.disconnect = openssl_network_disconnect,
+		.start_tls = openssl_network_start_tls,
+		.send = openssl_network_send,
+		.recv = openssl_network_recv,
+		.add_poll = openssl_network_add_poll,
+		.non_blocking = openssl_network_non_blocking,
+		.is_connected = openssl_network_is_connected,
+		.getsockname = openssl_network_getsockname,
+		.setsockopt = openssl_network_setsockopt,
+		.getsockopt = openssl_network_getsockopt
+	};
+
+ 	debug("%s",__FUNCTION__);
+
+	if(hSession->network.context) {
+		// Has context, finalize it.
+		hSession->network.module->finalize(hSession);
+	}
+
+	hSession->ssl.host = 1;
+	hSession->network.context = lib3270_malloc(sizeof(LIB3270_NET_CONTEXT));
+	memset(hSession->network.context,0,sizeof(LIB3270_NET_CONTEXT));
+
+
+
+	hSession->network.module = &module;
+}
@@ -0,0 +1,69 @@
+/*
+ * "Software G3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008> <Banco do Brasil S.A.>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * Este programa está nomeado como private.h e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
+ *
+ */
+
+#ifndef LIB3270_OPENSSL_MODULE_PRIVATE_H_INCLUDED
+
+	#define LIB3270_OPENSSL_MODULE_PRIVATE_H_INCLUDED
+
+	#include <config.h>
+
+	#ifdef _WIN32
+		#include <winsock.h>
+		#include <windows.h>
+	#else
+		#include <unistd.h>
+		#include <fcntl.h>
+	#endif // _WIN32
+
+	#include <lib3270.h>
+ 	#include <lib3270/log.h>
+ 	#include <internals.h>
+
+	#include <openssl/ssl.h>
+	#include <openssl/x509.h>
+
+	struct _lib3270_net_context {
+
+		int sock;						///< @brief Session socket.
+
+		SSL * con;						///< @brief SSL Connection handle.
+
+		struct {
+			char			  download;	///< @brief Non zero to download CRL.
+			char			* prefer;	///< @brief Prefered protocol for CRL.
+			char			* url;		///< @brief URL for CRL download.
+			X509_CRL 		* cert;		///< @brief Loaded CRL (can be null).
+		} crl;
+
+	};
+
+	LIB3270_INTERNAL void	* lib3270_openssl_get_context(H3270 *hSession, LIB3270_NETWORK_STATE *state);
+	LIB3270_INTERNAL int	  lib3270_openssl_get_ex_index(H3270 *hSession);
+
+#endif // !LIB3270_OPENSSL_MODULE_PRIVATE_H_INCLUDED
@@ -0,0 +1,396 @@
+/*
+ * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270  e X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008> <Banco do Brasil S.A.>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral  GNU,  conforme  publicado  pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * Este programa está nomeado como - e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com	(Erico Mascarenhas Mendonça)
+ *
+ */
+
+#include <config.h>
+#include <lib3270.h>
+#include <lib3270/log.h>
+#include <lib3270/trace.h>
+
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+/*--[ Implement ]------------------------------------------------------------------------------------*/
+
+static const struct ssl_status_msg status_msg[] =
+{
+	// http://www.openssl.org/docs/apps/verify.html
+	{
+		.id = X509_V_OK,
+		.type = LIB3270_NOTIFY_SECURE,
+		.iconName = "security-high",
+		.summary = N_( "Secure connection was successful." ),
+		.body = N_( "The connection is secure and the host identity was confirmed." )
+	},
+
+	{
+		.id = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Unable to get issuer certificate" ),
+		.body = N_( "The issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete." )
+	},
+
+	{
+		.id = X509_V_ERR_UNABLE_TO_GET_CRL,
+		.name = "X509_V_ERR_UNABLE_TO_GET_CRL",
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Unable to get certificate CRL." ),
+		.body = N_( "The Certificate revocation list (CRL) of a certificate could not be found." )
+	},
+
+	{
+		.id = X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Unable to decrypt certificate's signature" ),
+		.body = N_( "The certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys." )
+	},
+
+	{
+		.id = X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Unable to decrypt CRL's signature" ),
+		.body = N_( "The CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused." )
+	},
+
+	{
+		.id = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Unable to decode issuer public key" ),
+		.body = N_( "The public key in the certificate SubjectPublicKeyInfo could not be read." )
+	},
+
+	{
+		.id = X509_V_ERR_CERT_SIGNATURE_FAILURE,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Certificate signature failure" ),
+		.body = N_( "The signature of the certificate is invalid." )
+	},
+
+	{
+		.id = X509_V_ERR_CRL_SIGNATURE_FAILURE,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "CRL signature failure" ),
+		.body = N_( "The signature of the certificate is invalid." )
+	},
+
+	{
+		.id = X509_V_ERR_CERT_NOT_YET_VALID,
+		.type = LIB3270_NOTIFY_WARNING,
+		.iconName = "dialog-warning",
+		.summary = N_( "Certificate is not yet valid" ),
+		.body = N_( "The certificate is not yet valid: the notBefore date is after the current time." )
+	},
+
+	{
+		.id = X509_V_ERR_CERT_HAS_EXPIRED,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Certificate has expired" ),
+		.body = N_( "The certificate has expired: that is the notAfter date is before the current time." )
+	},
+
+	{
+		.id = X509_V_ERR_CRL_NOT_YET_VALID,
+		.type = LIB3270_NOTIFY_WARNING,
+		.iconName = "dialog-error",
+		.summary = N_( "The CRL is not yet valid." ),
+		.body = N_( "The Certificate revocation list (CRL) is not yet valid." )
+	},
+
+	{
+		.id = X509_V_ERR_CRL_HAS_EXPIRED,
+#ifdef SSL_ENABLE_CRL_EXPIRATION_CHECK
+		.type = LIB3270_NOTIFY_ERROR,
+#else
+		.type = LIB3270_NOTIFY_WARNING,
+#endif // SSL_ENABLE_CRL_EXPIRATION_CHECK
+		.iconName = "security-medium",
+		.summary = N_( "The CRL has expired." ),
+		.body = N_( "The Certificate revocation list (CRL) has expired.")
+	},
+
+	{
+		.id = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Format error in certificate's notBefore field" ),
+		.body = N_( "The certificate notBefore field contains an invalid time." )
+	},
+
+	{
+		.id = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Format error in certificate's notAfter field" ),
+		.body = N_( "The certificate notAfter field contains an invalid time." )
+	},
+
+	{
+		.id = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Format error in CRL's lastUpdate field" ),
+		.body = N_( "The CRL lastUpdate field contains an invalid time." )
+	},
+
+	{
+		.id = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Format error in CRL's nextUpdate field" ),
+		.body = N_( "The CRL nextUpdate field contains an invalid time." )
+	},
+
+	{
+		.id = X509_V_ERR_OUT_OF_MEM,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Out of memory" ),
+		.body = N_( "An error occurred trying to allocate memory. This should never happen." )
+	},
+
+	{
+		.id = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
+		.type = LIB3270_NOTIFY_WARNING,
+		.iconName = "security-medium",
+		.summary = N_( "Self signed certificate" ),
+		.body = N_( "The passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates." )
+	},
+
+	{
+		.id = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN,
+#ifdef SSL_ENABLE_SELF_SIGNED_CERT_CHECK
+		.type = LIB3270_NOTIFY_ERROR,
+#else
+		.type = LIB3270_NOTIFY_WARNING,
+#endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK
+		.iconName = "security-medium",
+		.summary = N_( "Self signed certificate in certificate chain" ),
+		.body = N_( "The certificate chain could be built up using the untrusted certificates but the root could not be found locally." )
+	},
+
+	{
+		.id = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
+		.type = LIB3270_NOTIFY_WARNING,
+		.iconName = "security-low",
+		.summary = N_( "Unable to get local issuer certificate" ),
+		.body = N_( "The issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found." )
+	},
+
+	{
+		.id = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "security-low",
+		.summary = N_( "Unable to verify the first certificate" ),
+		.body = N_( "No signatures could be verified because the chain contains only one certificate and it is not self signed." )
+	},
+
+	{
+		.id = X509_V_ERR_CERT_REVOKED,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "security-low",
+		.summary = N_( "Certificate revoked" ),
+		.body = N_( "The certificate has been revoked." )
+	},
+
+	{
+		.id = X509_V_ERR_INVALID_CA,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "security-low",
+		.summary = N_( "Invalid CA certificate" ),
+		.body = N_( "A CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose." )
+	},
+
+	{
+		.id = X509_V_ERR_PATH_LENGTH_EXCEEDED,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Path length constraint exceeded" ),
+		.body = N_( "The basicConstraints pathlength parameter has been exceeded." ),
+	},
+
+	{
+		.id = X509_V_ERR_INVALID_PURPOSE,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Unsupported certificate purpose" ),
+		.body = N_( "The supplied certificate cannot be used for the specified purpose." )
+	},
+
+	{
+		.id = X509_V_ERR_CERT_UNTRUSTED,
+		.type = LIB3270_NOTIFY_WARNING,
+		.iconName = "security-low",
+		.summary = N_( "Certificate not trusted" ),
+		.body = N_( "The root CA is not marked as trusted for the specified purpose." )
+	},
+
+	{
+		.id = X509_V_ERR_CERT_REJECTED,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "security-low",
+		.summary = N_( "Certificate rejected" ),
+		.body = N_( "The root CA is marked to reject the specified purpose." )
+	},
+
+	{
+		.id = X509_V_ERR_SUBJECT_ISSUER_MISMATCH,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "security-low",
+		.summary = N_( "Subject issuer mismatch" ),
+		.body = N_( "The current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. Only displayed when the -issuer_checks option is set." )
+	},
+
+	{
+		.id = X509_V_ERR_AKID_SKID_MISMATCH,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Authority and subject key identifier mismatch" ),
+		.body = N_( "The current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. Only displayed when the -issuer_checks option is set." )
+	},
+
+	{
+		.id = X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Authority and issuer serial number mismatch" ),
+		.body = N_( "The current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. Only displayed when the -issuer_checks option is set." )
+	},
+
+	{
+		.id = X509_V_ERR_KEYUSAGE_NO_CERTSIGN,
+		.type = LIB3270_NOTIFY_ERROR,
+		.iconName = "dialog-error",
+		.summary = N_( "Key usage does not include certificate signing" ),
+		.body = N_( "The current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing." )
+	}
+
+ };
+
+ const struct ssl_status_msg * ssl_get_status_from_error_code(long id)
+ {
+ 	size_t f;
+
+	for(f=0;f < (sizeof(status_msg)/sizeof(status_msg[0]));f++)
+	{
+		if(status_msg[f].id == id)
+			return status_msg+f;
+	}
+	return NULL;
+ }
+
+ static const struct ssl_status_msg * get_ssl_status_msg(const H3270 *hSession)
+ {
+ 	return ssl_get_status_from_error_code(lib3270_get_SSL_verify_result(hSession));
+ }
+
+ const char	* lib3270_get_ssl_state_message(const H3270 *hSession)
+ {
+	if(lib3270_get_ssl_state(hSession) != LIB3270_SSL_UNSECURE)
+	{
+		const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
+		if(info)
+			return gettext(info->summary);
+	}
+
+	return _( "The connection is insecure" );
+
+ }
+
+ const char	* lib3270_get_ssl_state_icon_name(const H3270 *hSession)
+ {
+	if(lib3270_get_ssl_state(hSession) != LIB3270_SSL_UNSECURE)
+	{
+		const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
+		if(info)
+			return info->iconName;
+	}
+
+	return "dialog-error";
+
+ }
+
+
+ const char * lib3270_get_ssl_state_description(const H3270 *hSession)
+ {
+	if(lib3270_get_ssl_state(hSession) != LIB3270_SSL_UNSECURE)
+	{
+		const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
+		if(info)
+			return gettext(info->body);
+	}
+	else
+	{
+		return _( "The connection is insecure" );
+	}
+
+	return _( "Unexpected or unknown security status");
+ }
+
+ LIB3270_NOTIFY lib3270_get_ssl_state_icon(const H3270 *hSession)
+ {
+	if(lib3270_get_ssl_state(hSession) != LIB3270_SSL_UNSECURE)
+	{
+		const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
+		if(info)
+			return info->type;
+	}
+
+ 	return LIB3270_NOTIFY_ERROR;
+ }
+
+#else
+
+ const char	* lib3270_get_ssl_state_message(const H3270 *hSession)
+ {
+	return lib3270_get_hostname(hSession);
+ }
+
+ const char * lib3270_get_ssl_state_description(const H3270 *hSession)
+ {
+	return _( "The connection is insecure" );
+ }
+
+ LIB3270_NOTIFY lib3270_get_ssl_state_icon(const H3270 *hSession)
+ {
+ 	return LIB3270_NOTIFY_ERROR;
+ }
+
+ const char	* lib3270_get_ssl_state_icon_name(const H3270 *hSession)
+ {
+ 	return "dialog-error";
+ }
+
+
@@ -1,52 +0,0 @@
-/*
- * "Software G3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
- * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
- * aplicativos mainframe. Registro no INPI sob o nome G3270.
- *
- * Copyright (C) <2008> <Banco do Brasil S.A.>
- *
- * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
- * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
- * Free Software Foundation.
- *
- * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
- * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
- * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
- * obter mais detalhes.
- *
- * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
- * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
- * St, Fifth Floor, Boston, MA  02110-1301  USA
- *
- * Este programa está nomeado como private.h e possui - linhas de código.
- *
- * Contatos:
- *
- * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
- * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
- *
- */
-
-#ifndef LIB3270_NETWORK_MODULES_PRIVATE_H_INCLUDED
-
-	#define LIB3270_NETWORK_MODULES_PRIVATE_H_INCLUDED
-
-	#include <config.h>
-
-	#ifdef _WIN32
-		#include <winsock.h>
-		#include <windows.h>
-	#else
-		#include <unistd.h>
-		#include <fcntl.h>
-	#endif // _WIN32
-
-	#include <internals.h>
-	#include <networking.h>
-
-	#include <lib3270.h>
- 	#include <lib3270/log.h>
-
-	LIB3270_INTERNAL ssize_t unsecure_network_send(H3270 *hSession, const void *buffer, size_t length);
-
-#endif // !LIB3270_NETWORK_MODULES_PRIVATE_H_INCLUDED
@@ -0,0 +1,38 @@
+/*
+ * "Software PW3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008> <Banco do Brasil S.A.>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * Este programa está nomeado como unsecure.c e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
+ *
+ */
+
+ /**
+  * @brief Select network methods.
+  *
+  */
+
+ #include <config.h>
+ #include <lib3270.h>
+ #include <lib3270/log.h>
+ #include <networking.h>
@@ -0,0 +1,77 @@
+/*
+ * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270  e X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008> <Banco do Brasil S.A.>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral  GNU,  conforme  publicado  pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * Este programa está nomeado como - e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com	(Erico Mascarenhas Mendonça)
+ *
+ */
+
+#include <config.h>
+#include <internals.h>
+#include <errno.h>
+#include <lib3270.h>
+#include <lib3270/internals.h>
+#include <lib3270/popup.h>
+#include <lib3270/trace.h>
+#include <trace_dsc.h>
+#include <lib3270/log.h>
+#include <lib3270/trace.h>
+
+#ifdef HAVE_LIBSSL
+	#include <openssl/ssl.h>
+	#include <openssl/err.h>
+#endif // HAVE_LIBSSL
+
+/*--[ Implement ]------------------------------------------------------------------------------------*/
+
+LIB3270_EXPORT int lib3270_is_secure(const H3270 *hSession)
+{
+	return lib3270_get_ssl_state(hSession) == LIB3270_SSL_SECURE;
+}
+
+#if defined(HAVE_LIBSSLx)
+LIB3270_EXPORT long lib3270_get_SSL_verify_result(const H3270 *hSession)
+{
+	if(hSession->ssl.con)
+		return SSL_get_verify_result(hSession->ssl.con);
+	return -1;
+}
+#endif // HAVE_LIBSSL
+
+LIB3270_EXPORT LIB3270_SSL_STATE lib3270_get_ssl_state(const H3270 *hSession)
+{
+	return hSession->ssl.state;
+}
+
+void set_ssl_state(H3270 *hSession, LIB3270_SSL_STATE state)
+{
+	if(state == hSession->ssl.state)
+		return;
+
+	hSession->ssl.state = state;
+	trace_dsn(hSession,"SSL state changes to %d\n",(int) state);
+	debug("SSL state changes to %d\n",(int) state);
+
+	hSession->cbk.update_ssl(hSession,hSession->ssl.state);
+}
@@ -1,303 +0,0 @@
-/*
- * "Software PW3270, desenvolvido com base nos códigos fontes do WC3270  e  X3270
- * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
- * aplicativos mainframe. Registro no INPI sob o nome G3270.
- *
- * Copyright (C) <2008> <Banco do Brasil S.A.>
- *
- * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
- * os termos da GPL v.2 - Licença Pública Geral  ',  conforme  publicado  pela
- * Free Software Foundation.
- *
- * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
- * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
- * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
- * obter mais detalhes.
- *
- * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
- * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
- * St, Fifth Floor, Boston, MA  02110-1301  USA
- *
- * Este programa está nomeado como unsecure.c e possui - linhas de código.
- *
- * Contatos:
- *
- * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
- * erico.mendonca@gmail.com	(Erico Mascarenhas de Mendonça)
- *
- */
-
- /**
-  * @brief Default networking methods.
-  *
-  */
-
- #include "private.h"
-
- #include <sys/types.h>
- #include <sys/socket.h>
- #include <netdb.h>
-
- struct _lib3270_net_context {
-	int sock;
- };
-
- static void unsecure_network_finalize(H3270 *hSession) {
-
-	debug("%s",__FUNCTION__);
-
-	if(hSession->network.context) {
-		lib3270_free(hSession->network.context);
-		hSession->network.context = NULL;
-	}
-
- }
-
- static int unsecure_network_disconnect(H3270 *hSession) {
-
-	debug("%s",__FUNCTION__);
-
-	if(hSession->network.context->sock >= 0) {
-		shutdown(hSession->network.context->sock, 2);
-		close(hSession->network.context->sock);
-		hSession->network.context->sock = -1;
-	}
-
-	return 0;
- }
-
- ssize_t unsecure_network_send(H3270 *hSession, const void *buffer, size_t length) {
-
-	if(hSession->network.context->sock < 0) {
-		return -(errno = ENOTCONN);
-	}
-
-	ssize_t bytes = send(hSession->network.context->sock,buffer,length,0);
-
-	debug("%s bytes=%d",__FUNCTION__,(int) bytes);
-
-	if(bytes >= 0)
-		return bytes;
-
-	int rc = errno;
-
-	debug("%s: %s",__FUNCTION__,strerror(rc));
-
-	switch(rc)
-	{
-	case EPIPE:
-		lib3270_popup_dialog(
-			hSession,
-			LIB3270_NOTIFY_ERROR,
-			NULL,
-			_("Broken pipe"),
-			_("The system error code was %d"),
-			rc
-		);
-		break;
-
-	case ECONNRESET:
-		lib3270_popup_dialog(
-			hSession,
-			LIB3270_NOTIFY_ERROR,
-			NULL,
-			_("Connection reset by peer"),
-			_("The system error code was %d"),
-			rc
-		);
-		break;
-
-	case EINTR:
-		return 0;
-
-	default:
-		lib3270_popup_dialog(
-			hSession,
-			LIB3270_NOTIFY_ERROR,
-			NULL,
-			_("Unexpected error writing to network socket"),
-			_("The system error code was %d (%s)"),
-			rc, strerror(rc)
-		);
-
-	}
-
-	return -rc;
- }
-
- static ssize_t unsecure_network_recv(H3270 *hSession, void *buf, size_t len) {
-
- 	debug("%s",__FUNCTION__);
-
-	if(hSession->network.context->sock < 0) {
-		return -(errno = ENOTCONN);
-	}
-
-	ssize_t bytes = recv(hSession->network.context->sock, (char *) buf, len, 0);
-
-	debug("%s bytes=%d",__FUNCTION__,(int) bytes);
-
-	if(bytes < 0) {
-		return -errno;
-	}
-
-	return bytes;
-}
-
-static int unsecure_network_getsockname(const H3270 *hSession, struct sockaddr *addr, socklen_t *addrlen) {
-	if(hSession->network.context->sock < 0)
-		return -(errno = ENOTCONN);
-	return getsockname(hSession->network.context->sock, addr, addrlen);
-}
-
-static void * unsecure_network_add_poll(H3270 *hSession, LIB3270_IO_FLAG flag, void(*call)(H3270 *, int, LIB3270_IO_FLAG, void *), void *userdata) {
-	return lib3270_add_poll_fd(hSession,hSession->network.context->sock,flag,call,userdata);
-}
-
-static int unsecure_network_non_blocking(H3270 *hSession, const unsigned char on) {
-
-	if(hSession->network.context->sock < 0)
-		return 0;
-
-#ifdef WIN32
-
-		WSASetLastError(0);
-		u_long iMode= on ? 1 : 0;
-
-		if(ioctlsocket(hSession->network.context->sock,FIONBIO,&iMode))
-		{
-			lib3270_popup_dialog(	hSession,
-									LIB3270_NOTIFY_ERROR,
-									_( "Connection error" ),
-									_( "ioctlsocket(FIONBIO) failed." ),
-									"%s", lib3270_win32_strerror(GetLastError()));
-			return -1;
-		}
-
-#else
-
-	int f;
-
-	if ((f = fcntl(hSession->network.context->sock, F_GETFL, 0)) == -1)
-	{
-		lib3270_popup_dialog(	hSession,
-								LIB3270_NOTIFY_ERROR,
-								_( "Socket error" ),
-								_( "fcntl() error when getting socket state." ),
-								_( "%s" ), strerror(errno)
-							);
-
-		return -1;
-	}
-
-	if (on)
-		f |= O_NDELAY;
-	else
-		f &= ~O_NDELAY;
-
-	if (fcntl(hSession->network.context->sock, F_SETFL, f) < 0)
-	{
-		lib3270_popup_dialog(	hSession,
-								LIB3270_NOTIFY_ERROR,
-								_( "Socket error" ),
-								on ? _( "Can't set socket to blocking mode." ) : _( "Can't set socket to non blocking mode" ),
-								_( "%s" ), strerror(errno)
-							);
-		return -1;
-	}
-
-#endif
-
-	debug("Socket %d is now %s",hSession->network.context->sock,(on ? "Non Blocking" : "Blocking"));
-
-	return 0;
-}
-
-static int unsecure_network_is_connected(const H3270 *hSession) {
-	return hSession->network.context->sock > 0;
-}
-
-static int unsecure_network_setsockopt(H3270 *hSession, int level, int optname, const void *optval, size_t optlen) {
-
-	if(hSession->network.context->sock < 0) {
-		errno = ENOTCONN;
-		return -1;
-	}
-
-	return setsockopt(hSession->network.context->sock, level, optname, optval, optlen);
-
-}
-
-static int unsecure_network_getsockopt(H3270 *hSession, int level, int optname, void *optval, socklen_t *optlen) {
-
-	if(hSession->network.context->sock < 0) {
-		errno = ENOTCONN;
-		return -1;
-	}
-
-	return getsockopt(hSession->network.context->sock, level, optname, optval, optlen);
-}
-
-static int unsecure_network_connect(H3270 *hSession, LIB3270_NETWORK_STATE *state) {
-
-	hSession->network.context->sock = lib3270_network_connect(hSession, state);
-	if(hSession->network.context->sock < 0)
-		return hSession->network.context->sock;
-
-	return 0;
-}
-
-static int unsecure_network_start_tls(H3270 GNUC_UNUSED(*hSession), LIB3270_NETWORK_STATE *msg) {
-
-	if(hSession->ssl.host) {
-
-		// TODO: Replace network module with the openssl version, initialize and execute start_tls on it.
-
-		static const LIB3270_POPUP popup = {
-			.type = LIB3270_NOTIFY_ERROR,
-			.summary = N_("Can't activate SSL/TLS"),
-			.body = N_("The protocol library was build without SSL/TLS support")
-		};
-
-		msg->popup = &popup;
-
-		return ENOTSUP;
-
-	}
-
-	return 0;
-}
-
-void lib3270_set_default_network_module(H3270 *hSession) {
-
-	static const LIB3270_NET_MODULE module = {
-		.finalize = unsecure_network_finalize,
-		.connect = unsecure_network_connect,
-		.disconnect = unsecure_network_disconnect,
-		.start_tls = unsecure_network_start_tls,
-		.send = unsecure_network_send,
-		.recv = unsecure_network_recv,
-		.add_poll = unsecure_network_add_poll,
-		.non_blocking = unsecure_network_non_blocking,
-		.is_connected = unsecure_network_is_connected,
-		.getsockname = unsecure_network_getsockname,
-		.setsockopt = unsecure_network_setsockopt,
-		.getsockopt = unsecure_network_getsockopt
-	};
-
- 	debug("%s",__FUNCTION__);
-
-	if(hSession->network.context) {
-		// Has context, finalize it.
-		hSession->network.module->finalize(hSession);
-	}
-
-	hSession->ssl.host = 0;
-	hSession->network.context = lib3270_malloc(sizeof(LIB3270_NET_CONTEXT));
-	memset(hSession->network.context,0,sizeof(LIB3270_NET_CONTEXT));
-	hSession->network.context->sock = -1;
-
-	hSession->network.module = &module;
-
-}
-
@@ -35,7 +35,7 @@
 #include <config.h>				/* autoconf settings */
 #include <lib3270.h>			/* lib3270 API calls and defs */
  
-#if defined(HAVE_LIBSSL)
+#if defined(HAVE_LIBSSLx)
  
 	#include <openssl/ssl.h>
 	#include <openssl/err.h>
@@ -61,7 +61,7 @@
  
 #endif // HAVE_LIBSSL
  
-#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSL)
+#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSLx)
  
 	/// @brief Unconditional release of the session CRL.
 	LIB3270_INTERNAL void lib3270_crl_free(H3270 *hSession);
@@ -1,445 +0,0 @@
-/*
- * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270  e X3270
- * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
- * aplicativos mainframe. Registro no INPI sob o nome G3270.
- *
- * Copyright (C) <2008> <Banco do Brasil S.A.>
- *
- * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
- * os termos da GPL v.2 - Licença Pública Geral  GNU,  conforme  publicado  pela
- * Free Software Foundation.
- *
- * Este programa é distribuído na expectativa de  ser  útil,  mas  SEM  QUALQUER
- * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou  de  ADEQUAÇÃO
- * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
- * obter mais detalhes.
- *
- * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
- * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
- * St, Fifth Floor, Boston, MA  02110-1301  USA
- *
- * Este programa está nomeado como - e possui - linhas de código.
- *
- * Contatos:
- *
- * perry.werneck@gmail.com	(Alexandre Perry de Souza Werneck)
- * erico.mendonca@gmail.com	(Erico Mascarenhas Mendonça)
- *
- */
-
-#include <config.h>
-#include <internals.h>
-#include <errno.h>
-#include <lib3270.h>
-#include <lib3270/internals.h>
-#include <lib3270/popup.h>
-#include <lib3270/trace.h>
-#include <trace_dsc.h>
-#include <lib3270/log.h>
-#include <lib3270/trace.h>
-
-#ifdef HAVE_LIBSSL
-	#include <openssl/ssl.h>
-	#include <openssl/err.h>
-#endif // HAVE_LIBSSL
-
-/*--[ Implement ]------------------------------------------------------------------------------------*/
-
-LIB3270_EXPORT int lib3270_is_secure(const H3270 *hSession)
-{
-	return lib3270_get_ssl_state(hSession) == LIB3270_SSL_SECURE;
-}
-
-LIB3270_EXPORT long lib3270_get_SSL_verify_result(const H3270 *hSession)
-{
-#if defined(HAVE_LIBSSL)
-	if(hSession->ssl.con)
-		return SSL_get_verify_result(hSession->ssl.con);
-#else
-	errno = ENOTSUP;
-#endif // HAVE_LIBSSL
-	return -1;
-}
-
-LIB3270_EXPORT LIB3270_SSL_STATE lib3270_get_ssl_state(const H3270 *hSession)
-{
-#if defined(HAVE_LIBSSL)
-	return hSession->ssl.state;
-#else
-	return LIB3270_SSL_UNDEFINED;
-#endif // HAVE_LIBSSL
-}
-
-void set_ssl_state(H3270 *hSession, LIB3270_SSL_STATE state)
-{
-	if(state == hSession->ssl.state)
-		return;
-
-	hSession->ssl.state = state;
-	trace_dsn(hSession,"SSL state changes to %d\n",(int) state);
-	debug("SSL state changes to %d\n",(int) state);
-
-	hSession->cbk.update_ssl(hSession,hSession->ssl.state);
-}
-
-
-#if defined(HAVE_LIBSSL)
-
-static const struct ssl_status_msg status_msg[] =
-{
-	// http://www.openssl.org/docs/apps/verify.html
-	{
-		.id = X509_V_OK,
-		.type = LIB3270_NOTIFY_SECURE,
-		.iconName = "security-high",
-		.summary = N_( "Secure connection was successful." ),
-		.body = N_( "The connection is secure and the host identity was confirmed." )
-	},
-
-	{
-		.id = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Unable to get issuer certificate" ),
-		.body = N_( "The issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete." )
-	},
-
-	{
-		.id = X509_V_ERR_UNABLE_TO_GET_CRL,
-		.name = "X509_V_ERR_UNABLE_TO_GET_CRL",
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Unable to get certificate CRL." ),
-		.body = N_( "The Certificate revocation list (CRL) of a certificate could not be found." )
-	},
-
-	{
-		.id = X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Unable to decrypt certificate's signature" ),
-		.body = N_( "The certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys." )
-	},
-
-	{
-		.id = X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Unable to decrypt CRL's signature" ),
-		.body = N_( "The CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused." )
-	},
-
-	{
-		.id = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Unable to decode issuer public key" ),
-		.body = N_( "The public key in the certificate SubjectPublicKeyInfo could not be read." )
-	},
-
-	{
-		.id = X509_V_ERR_CERT_SIGNATURE_FAILURE,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Certificate signature failure" ),
-		.body = N_( "The signature of the certificate is invalid." )
-	},
-
-	{
-		.id = X509_V_ERR_CRL_SIGNATURE_FAILURE,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "CRL signature failure" ),
-		.body = N_( "The signature of the certificate is invalid." )
-	},
-
-	{
-		.id = X509_V_ERR_CERT_NOT_YET_VALID,
-		.type = LIB3270_NOTIFY_WARNING,
-		.iconName = "dialog-warning",
-		.summary = N_( "Certificate is not yet valid" ),
-		.body = N_( "The certificate is not yet valid: the notBefore date is after the current time." )
-	},
-
-	{
-		.id = X509_V_ERR_CERT_HAS_EXPIRED,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Certificate has expired" ),
-		.body = N_( "The certificate has expired: that is the notAfter date is before the current time." )
-	},
-
-	{
-		.id = X509_V_ERR_CRL_NOT_YET_VALID,
-		.type = LIB3270_NOTIFY_WARNING,
-		.iconName = "dialog-error",
-		.summary = N_( "The CRL is not yet valid." ),
-		.body = N_( "The Certificate revocation list (CRL) is not yet valid." )
-	},
-
-	{
-		.id = X509_V_ERR_CRL_HAS_EXPIRED,
-#ifdef SSL_ENABLE_CRL_EXPIRATION_CHECK
-		.type = LIB3270_NOTIFY_ERROR,
-#else
-		.type = LIB3270_NOTIFY_WARNING,
-#endif // SSL_ENABLE_CRL_EXPIRATION_CHECK
-		.iconName = "security-medium",
-		.summary = N_( "The CRL has expired." ),
-		.body = N_( "The Certificate revocation list (CRL) has expired.")
-	},
-
-	{
-		.id = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Format error in certificate's notBefore field" ),
-		.body = N_( "The certificate notBefore field contains an invalid time." )
-	},
-
-	{
-		.id = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Format error in certificate's notAfter field" ),
-		.body = N_( "The certificate notAfter field contains an invalid time." )
-	},
-
-	{
-		.id = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Format error in CRL's lastUpdate field" ),
-		.body = N_( "The CRL lastUpdate field contains an invalid time." )
-	},
-
-	{
-		.id = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Format error in CRL's nextUpdate field" ),
-		.body = N_( "The CRL nextUpdate field contains an invalid time." )
-	},
-
-	{
-		.id = X509_V_ERR_OUT_OF_MEM,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Out of memory" ),
-		.body = N_( "An error occurred trying to allocate memory. This should never happen." )
-	},
-
-	{
-		.id = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
-		.type = LIB3270_NOTIFY_WARNING,
-		.iconName = "security-medium",
-		.summary = N_( "Self signed certificate" ),
-		.body = N_( "The passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates." )
-	},
-
-	{
-		.id = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN,
-#ifdef SSL_ENABLE_SELF_SIGNED_CERT_CHECK
-		.type = LIB3270_NOTIFY_ERROR,
-#else
-		.type = LIB3270_NOTIFY_WARNING,
-#endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK
-		.iconName = "security-medium",
-		.summary = N_( "Self signed certificate in certificate chain" ),
-		.body = N_( "The certificate chain could be built up using the untrusted certificates but the root could not be found locally." )
-	},
-
-	{
-		.id = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
-		.type = LIB3270_NOTIFY_WARNING,
-		.iconName = "security-low",
-		.summary = N_( "Unable to get local issuer certificate" ),
-		.body = N_( "The issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found." )
-	},
-
-	{
-		.id = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "security-low",
-		.summary = N_( "Unable to verify the first certificate" ),
-		.body = N_( "No signatures could be verified because the chain contains only one certificate and it is not self signed." )
-	},
-
-	{
-		.id = X509_V_ERR_CERT_REVOKED,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "security-low",
-		.summary = N_( "Certificate revoked" ),
-		.body = N_( "The certificate has been revoked." )
-	},
-
-	{
-		.id = X509_V_ERR_INVALID_CA,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "security-low",
-		.summary = N_( "Invalid CA certificate" ),
-		.body = N_( "A CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose." )
-	},
-
-	{
-		.id = X509_V_ERR_PATH_LENGTH_EXCEEDED,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Path length constraint exceeded" ),
-		.body = N_( "The basicConstraints pathlength parameter has been exceeded." ),
-	},
-
-	{
-		.id = X509_V_ERR_INVALID_PURPOSE,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Unsupported certificate purpose" ),
-		.body = N_( "The supplied certificate cannot be used for the specified purpose." )
-	},
-
-	{
-		.id = X509_V_ERR_CERT_UNTRUSTED,
-		.type = LIB3270_NOTIFY_WARNING,
-		.iconName = "security-low",
-		.summary = N_( "Certificate not trusted" ),
-		.body = N_( "The root CA is not marked as trusted for the specified purpose." )
-	},
-
-	{
-		.id = X509_V_ERR_CERT_REJECTED,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "security-low",
-		.summary = N_( "Certificate rejected" ),
-		.body = N_( "The root CA is marked to reject the specified purpose." )
-	},
-
-	{
-		.id = X509_V_ERR_SUBJECT_ISSUER_MISMATCH,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "security-low",
-		.summary = N_( "Subject issuer mismatch" ),
-		.body = N_( "The current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. Only displayed when the -issuer_checks option is set." )
-	},
-
-	{
-		.id = X509_V_ERR_AKID_SKID_MISMATCH,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Authority and subject key identifier mismatch" ),
-		.body = N_( "The current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. Only displayed when the -issuer_checks option is set." )
-	},
-
-	{
-		.id = X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Authority and issuer serial number mismatch" ),
-		.body = N_( "The current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. Only displayed when the -issuer_checks option is set." )
-	},
-
-	{
-		.id = X509_V_ERR_KEYUSAGE_NO_CERTSIGN,
-		.type = LIB3270_NOTIFY_ERROR,
-		.iconName = "dialog-error",
-		.summary = N_( "Key usage does not include certificate signing" ),
-		.body = N_( "The current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing." )
-	}
-
- };
-
- const struct ssl_status_msg * ssl_get_status_from_error_code(long id)
- {
- 	size_t f;
-
-	for(f=0;f < (sizeof(status_msg)/sizeof(status_msg[0]));f++)
-	{
-		if(status_msg[f].id == id)
-			return status_msg+f;
-	}
-	return NULL;
- }
-
- static const struct ssl_status_msg * get_ssl_status_msg(const H3270 *hSession)
- {
- 	return ssl_get_status_from_error_code(lib3270_get_SSL_verify_result(hSession));
- }
-
- const char	* lib3270_get_ssl_state_message(const H3270 *hSession)
- {
-	if(lib3270_get_ssl_state(hSession) != LIB3270_SSL_UNSECURE)
-	{
-		const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
-		if(info)
-			return gettext(info->summary);
-	}
-
-	return _( "The connection is insecure" );
-
- }
-
- const char	* lib3270_get_ssl_state_icon_name(const H3270 *hSession)
- {
-	if(lib3270_get_ssl_state(hSession) != LIB3270_SSL_UNSECURE)
-	{
-		const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
-		if(info)
-			return info->iconName;
-	}
-
-	return "dialog-error";
-
- }
-
-
- const char * lib3270_get_ssl_state_description(const H3270 *hSession)
- {
-	if(lib3270_get_ssl_state(hSession) != LIB3270_SSL_UNSECURE)
-	{
-		const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
-		if(info)
-			return gettext(info->body);
-	}
-	else
-	{
-		return _( "The connection is insecure" );
-	}
-
-	return _( "Unexpected or unknown security status");
- }
-
- LIB3270_NOTIFY lib3270_get_ssl_state_icon(const H3270 *hSession)
- {
-	if(lib3270_get_ssl_state(hSession) != LIB3270_SSL_UNSECURE)
-	{
-		const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
-		if(info)
-			return info->type;
-	}
-
- 	return LIB3270_NOTIFY_ERROR;
- }
-
-#else
-
- const char	* lib3270_get_ssl_state_message(const H3270 *hSession)
- {
-	return lib3270_get_hostname(hSession);
- }
-
- const char * lib3270_get_ssl_state_description(const H3270 *hSession)
- {
-	return _( "The connection is insecure" );
- }
-
- LIB3270_NOTIFY lib3270_get_ssl_state_icon(const H3270 *hSession)
- {
- 	return LIB3270_NOTIFY_ERROR;
- }
-
- const char	* lib3270_get_ssl_state_icon_name(const H3270 *hSession)
- {
- 	return "dialog-error";
- }
-
-#endif // HAVE_LIBSSL
-
@@ -109,9 +109,9 @@ int main(int argc, char *argv[])
 			lib3270_set_url(h,optarg);
 			break;
  
-		case 'C':
-			lib3270_crl_set_url(h,optarg);
-			break;
+//		case 'C':
+//			lib3270_crl_set_url(h,optarg);
+//			break;
  
 		case 't':
 			trace_file = optarg;
@@ -122,7 +122,7 @@ int main(int argc, char *argv[])
  
 	}
  
-	printf("HOST URL: %s\tHOST CRL: %s\n",lib3270_get_url(h),lib3270_crl_get_url(h));
+//	printf("HOST URL: %s\tHOST CRL: %s\n",lib3270_get_url(h),lib3270_crl_get_url(h));
  
 #ifdef _WIN32
 	{
...	...	@@ -32,6 +32,8 @@ LIBNAME=lib@LIB3270_NAME@
32	32	PRODUCT_NAME=@PRODUCT_NAME@
33	33	INSTALL_PACKAGES=@INSTALL_PACKAGES@
34	34
	35	+NETWORK_MODULES=default
	36	+
35	37	SOURCES= \
36	38	$(wildcard src/core/*.c) \
37	39	$(wildcard src/core/keyboard/*.c) \
...	...	@@ -43,11 +45,9 @@ SOURCES= \
43	45	$(wildcard src/core/@OSNAME@/*.c) \
44	46	$(wildcard src/core/properties/*.c) \
45	47	$(wildcard src/selection/*.c) \
46		- $(wildcard src/ssl/*.c) \
47		- $(wildcard src/ssl/@OSNAME@/*.c) \
48	48	$(wildcard src/network_modules/*.c) \
49		- $(wildcard src/network_modules/@OSNAME@/*.c) \
50		- $(BASEDIR)/.tmp/$(LIBNAME)/fallbacks.c
	49	+ $(BASEDIR)/.tmp/$(LIBNAME)/fallbacks.c \
	50	+ $(foreach MODULE, $(NETWORK_MODULES), $(wildcard src/network_modules/$(MODULE)/*.c))
51	51
52	52	TEST_SOURCES= \
53	53	$(wildcard src/testprogram/*.c)
...	...
...	...	@@ -307,14 +307,21 @@
307	307	<Unit filename="src/mkfb/mkfb.c">
308	308	<Option compilerVar="CC" />
309	309	</Unit>
310		- <Unit filename="src/network_modules/linux/connect.c">
	310	+ <Unit filename="src/network_modules/default/main.c">
311	311	<Option compilerVar="CC" />
312	312	</Unit>
313		- <Unit filename="src/network_modules/openssl.c">
	313	+ <Unit filename="src/network_modules/default/private.h" />
	314	+ <Unit filename="src/network_modules/openssl/main.c">
314	315	<Option compilerVar="CC" />
315	316	</Unit>
316		- <Unit filename="src/network_modules/private.h" />
317		- <Unit filename="src/network_modules/unsecure.c">
	317	+ <Unit filename="src/network_modules/openssl/private.h" />
	318	+ <Unit filename="src/network_modules/openssl/states.c">
	319	+ <Option compilerVar="CC" />
	320	+ </Unit>
	321	+ <Unit filename="src/network_modules/select.c">
	322	+ <Option compilerVar="CC" />
	323	+ </Unit>
	324	+ <Unit filename="src/network_modules/state.c">
318	325	<Option compilerVar="CC" />
319	326	</Unit>
320	327	<Unit filename="src/selection/actions.c">
...	...	@@ -352,9 +359,6 @@
352	359	<Unit filename="src/ssl/properties.c">
353	360	<Option compilerVar="CC" />
354	361	</Unit>
355		- <Unit filename="src/ssl/state.c">
356		- <Option compilerVar="CC" />
357		- </Unit>
358	362	<Unit filename="src/ssl/windows/getcrl.c">
359	363	<Option compilerVar="CC" />
360	364	</Unit>
...	...
...	...	@@ -35,8 +35,6 @@
35	35	#include <lib3270/trace.h>
36	36	#include <lib3270/toggle.h>
37	37	#include <trace_dsc.h>
38		-
39		-#include "../ssl/crl.h"
40	38	#include "utilc.h"
41	39
42	40	/---[ Implement ]-------------------------------------------------------------------------------/
...	...
...	...	@@ -257,12 +257,8 @@ static void update_url(H3270 *hSession)
257	257	{
258	258	char * url =
259	259	lib3270_strdup_printf(
260		- "%s%s:%s",
261		-#ifdef HAVE_LIBSSL
262		- (hSession->ssl.enabled ? "tn3270s://" : "tn3270://"),
263		-#else
264		- "tn3270://",
265		-#endif // HAVE_LIBSSL
	260	+ "%s//%s:%s",
	261	+ hSession->network.module->name,
266	262	hSession->host.current,
267	263	hSession->host.srvc
268	264	);
...	...	@@ -280,7 +276,7 @@ static void update_url(H3270 *hSession)
280	276	lib3270_free(hSession->host.url);
281	277	hSession->host.url = url;
282	278
283		-#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK)
	279	+#if defined(HAVE_LIBSSLx) && defined(SSL_ENABLE_CRL_CHECK)
284	280	lib3270_crl_free(hSession);
285	281	#endif // SSL_ENABLE_CRL_CHECK
286	282
...	...	@@ -377,7 +373,7 @@ LIB3270_EXPORT int lib3270_set_url(H3270 h, const char n)
377	373	const char * srvc;
378	374	} sch[] =
379	375	{
380		-#ifdef HAVE_LIBSSL
	376	+#ifdef HAVE_LIBSSLx
381	377	{ 1, "tn3270s://", "telnets" },
382	378	{ 1, "telnets://", "telnets" },
383	379	{ 1, "L://", "telnets" },
...	...	@@ -398,7 +394,7 @@ LIB3270_EXPORT int lib3270_set_url(H3270 h, const char n)
398	394
399	395	trace("%s(%s)",__FUNCTION__,str);
400	396
401		-#ifdef HAVE_LIBSSL
	397	+#ifdef HAVE_LIBSSLx
402	398	h->ssl.enabled = 0;
403	399	#endif // HAVE_LIBSSL
404	400
...	...	@@ -407,7 +403,7 @@ LIB3270_EXPORT int lib3270_set_url(H3270 h, const char n)
407	403	size_t sz = strlen(sch[f].text);
408	404	if(!strncasecmp(hostname,sch[f].text,sz))
409	405	{
410		-#ifdef HAVE_LIBSSL
	406	+#ifdef HAVE_LIBSSLx
411	407	h->ssl.enabled = sch[f].ssl;
412	408	#endif // HAVE_LIBSSL
413	409	srvc = sch[f].srvc;
...	...
...	...	@@ -53,9 +53,84 @@
53	53	#include <lib3270/internals.h>
54	54	#include <lib3270/log.h>
55	55	#include <lib3270/trace.h>
	56	+#include <networking.h>
56	57
57	58	/---[ Implement ]-------------------------------------------------------------------------------/
58	59
	60	+ int lib3270_network_connect(H3270 hSession, LIB3270_NETWORK_STATE state) {
	61	+
	62	+ //
	63	+ // Resolve hostname
	64	+ //
	65	+ struct addrinfo hints;
	66	+ struct addrinfo * result = NULL;
	67	+ memset(&hints,0,sizeof(hints));
	68	+ hints.ai_family = AF_UNSPEC; // Allow IPv4 or IPv6
	69	+ hints.ai_socktype = SOCK_STREAM; // Stream socket
	70	+ hints.ai_flags = AI_PASSIVE; // For wildcard IP address
	71	+ hints.ai_protocol = 0; // Any protocol
	72	+
	73	+ status_resolving(hSession);
	74	+
	75	+ int rc = getaddrinfo(hSession->host.current, hSession->host.srvc, &hints, &result);
	76	+ if(rc)
	77	+ {
	78	+ state->error_message = gai_strerror(rc);
	79	+ return -1;
	80	+ }
	81	+
	82	+ //
	83	+ // Try connecting to hosts.
	84	+ //
	85	+ int sock = -1;
	86	+ struct addrinfo * rp = NULL;
	87	+
	88	+ status_connecting(hSession);
	89	+
	90	+ for(rp = result; sock < 0 && rp != NULL; rp = rp->ai_next)
	91	+ {
	92	+ // Got socket from host definition.
	93	+ sock = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol);
	94	+ if(sock < 0)
	95	+ {
	96	+ // Can't get socket.
	97	+ state->syserror = errno;
	98	+ continue;
	99	+ }
	100	+
	101	+ // Try connect.
	102	+ if(connect(sock, rp->ai_addr, rp->ai_addrlen))
	103	+ {
	104	+ // Can't connect to host
	105	+ state->syserror = errno;
	106	+ close(sock);
	107	+ sock = -1;
	108	+ continue;
	109	+ }
	110	+
	111	+ }
	112	+
	113	+ freeaddrinfo(result);
	114	+
	115	+ if(sock < 0)
	116	+ {
	117	+ static const LIB3270_POPUP popup = {
	118	+ .name = "CantConnect",
	119	+ .type = LIB3270_NOTIFY_ERROR,
	120	+ .summary = N_("Can't connect to host"),
	121	+ .label = N_("Try again")
	122	+ };
	123	+
	124	+ state->popup = &popup;
	125	+ return sock;
	126	+ }
	127	+
	128	+ // don't share the socket with our children
	129	+ (void) fcntl(sock, F_SETFD, 1);
	130	+
	131	+ return sock;
	132	+ }
	133	+
59	134	static void net_connected(H3270 hSession, int GNUC_UNUSED(fd), LIB3270_IO_FLAG GNUC_UNUSED(flag), void GNUC_UNUSED(dunno))
60	135	{
61	136	int err;
...	...	@@ -171,7 +246,7 @@
171	246	//
172	247	hSession->ever_3270 = False;
173	248
174		-#if defined(HAVE_LIBSSL)
	249	+#if defined(HAVE_LIBSSLx)
175	250	if(hSession->ssl.enabled)
176	251	{
177	252	hSession->ssl.host = 1;
...	...
...	...	@@ -47,7 +47,7 @@
47	47
48	48	void lib3270_disable_crl_download(H3270 *hSession)
49	49	{
50		-#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK)
	50	+#if defined(HAVE_LIBSSLx) && defined(SSL_ENABLE_CRL_CHECK)
51	51	hSession->ssl.crl.download = 0;
52	52	#endif // SSL_ENABLE_CRL_CHECK
53	53	}
...	...
...	...	@@ -51,7 +51,7 @@
51	51
52	52	static int lib3270_set_ssl_minimum_protocol_version(H3270 *hSession, int value)
53	53	{
54		-#ifdef HAVE_LIBSSL
	54	+#ifdef HAVE_LIBSSLx
55	55	FAIL_IF_ONLINE(hSession);
56	56	hSession->ssl.protocol.min_version = value;
57	57	return 0;
...	...	@@ -62,7 +62,7 @@
62	62
63	63	static int lib3270_set_ssl_maximum_protocol_version(H3270 *hSession, int value)
64	64	{
65		-#ifdef HAVE_LIBSSL
	65	+#ifdef HAVE_LIBSSLx
66	66	FAIL_IF_ONLINE(hSession);
67	67	hSession->ssl.protocol.max_version = value;
68	68	return 0;
...	...	@@ -73,7 +73,7 @@
73	73
74	74	static int lib3270_get_ssl_minimum_protocol_version(const H3270 *hSession)
75	75	{
76		-#ifdef HAVE_LIBSSL
	76	+#ifdef HAVE_LIBSSLx
77	77	return hSession->ssl.protocol.min_version;
78	78	#else
79	79	errno = ENOTSUP;
...	...	@@ -83,7 +83,7 @@
83	83
84	84	static int lib3270_get_ssl_maximum_protocol_version(const H3270 *hSession)
85	85	{
86		-#ifdef HAVE_LIBSSL
	86	+#ifdef HAVE_LIBSSLx
87	87	return hSession->ssl.protocol.max_version;
88	88	#else
89	89	errno = ENOTSUP;
...	...
...	...	@@ -139,6 +139,7 @@
139	139	.set = NULL // Set value.
140	140	},
141	141
	142	+ /*
142	143	{
143	144	.name = "crl_url", // Property name.
144	145	.group = LIB3270_ACTION_GROUP_OFFLINE, // Property group.
...	...	@@ -154,6 +155,7 @@
154	155	.get = lib3270_crl_get_preferred_protocol, // Get value.
155	156	.set = lib3270_crl_set_preferred_protocol, // Set value.
156	157	},
	158	+ */
157	159
158	160	{
159	161	.name = "default_host", // Property name.
...	...	@@ -162,6 +164,7 @@
162	164	.set = NULL // Set value.
163	165	},
164	166
	167	+ /*
165	168	{
166	169	.name = "sslmessage", // Property name.
167	170	.description = N_( "The security state" ), // Property description.
...	...	@@ -175,6 +178,7 @@
175	178	.get = lib3270_get_ssl_state_description, // Get value.
176	179	.set = NULL // Set value.
177	180	},
	181	+ */
178	182
179	183	{
180	184	.name = "oversize", // Property name.
...	...
...	...	@@ -74,7 +74,7 @@ void lib3270_session_free(H3270 *h)
74	74
75	75	shutdown_toggles(h);
76	76
77		-#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSL)
	77	+#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSLx)
78	78	if(h->ssl.crl.prefer)
79	79	{
80	80	free(h->ssl.crl.prefer);
...	...	@@ -324,7 +324,7 @@ static void lib3270_session_init(H3270 hSession, const char model, const char
324	324	memset(hSession,0,sizeof(H3270));
325	325	lib3270_set_default_network_module(hSession);
326	326
327		-#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSL)
	327	+#if defined(SSL_ENABLE_CRL_CHECK) && defined(HAVE_LIBSSLx)
328	328	hSession->ssl.crl.download = 1;
329	329	#endif // SSL_ENABLE_CRL_CHECK
330	330
...	...
...	...	@@ -1520,37 +1520,12 @@ void net_exception(H3270 *session, int GNUC_UNUSED(fd), LIB3270_IO_FLAG GNUC_UNU
1520	1520
1521	1521	LIB3270_INTERNAL int lib3270_sock_send(H3270 hSession, unsigned const char buf, int len)
1522	1522	{
1523		- int rc;
1524		-
1525		-#if defined(HAVE_LIBSSL)
1526		- if(hSession->ssl.con != NULL)
1527		- rc = SSL_write(hSession->ssl.con, (const char *) buf, len);
1528		- else
1529		- rc = send(hSession->connection.sock, (const char *) buf, len, 0);
1530		-#else
1531		- rc = hSession->network.module->send(hSession, buf, len);
1532		-#endif // HAVE_LIBSSL
	1523	+ int rc = hSession->network.module->send(hSession, buf, len);
1533	1524
1534	1525	if(rc > 0)
1535	1526	return rc;
1536	1527
1537	1528	// Send error, notify
1538		-
1539		-#if defined(HAVE_LIBSSL)
1540		- #error TODO - The send method should emit popup messages.
1541		- if(hSession->ssl.con != NULL)
1542		- {
1543		- unsigned long e;
1544		- char err_buf[120];
1545		-
1546		- e = ERR_get_error();
1547		- (void) ERR_error_string(e, err_buf);
1548		- trace_dsn(hSession,"RCVD SSL_write error %ld (%s)\n", e,err_buf);
1549		- popup_an_error(hSession,_( "SSL_write:\n%s" ), err_buf);
1550		- return -1;
1551		- }
1552		-#endif // HAVE_LIBSSL
1553		-
1554	1529	trace_dsn(hSession,"RCVD socket error %d\n", -rc);
1555	1530
1556	1531	return -1;
...	...