Commit 8db96878efbfef0d065b130d94c5d04d8d8b3f6e
1 parent
23039bb8
Exists in
master
and in
3 other branches
CRL download buffer is now dynamic.
Showing
1 changed file
with
27 additions
and
14 deletions
Show diff stats
src/lib3270/ssl/linux/getcrl.c
| ... | ... | @@ -33,7 +33,7 @@ |
| 33 | 33 | * |
| 34 | 34 | */ |
| 35 | 35 | |
| 36 | -#define CRL_DATA_LENGTH 16384 | |
| 36 | +#define CRL_DATA_LENGTH 2048 | |
| 37 | 37 | |
| 38 | 38 | #include <config.h> |
| 39 | 39 | |
| ... | ... | @@ -117,14 +117,25 @@ typedef struct _curldata |
| 117 | 117 | H3270 * hSession; |
| 118 | 118 | SSL_ERROR_MESSAGE * message; |
| 119 | 119 | char errbuf[CURL_ERROR_SIZE]; |
| 120 | - unsigned char contents[CRL_DATA_LENGTH]; | |
| 120 | + struct { | |
| 121 | + size_t length; | |
| 122 | + unsigned char * contents; | |
| 123 | + } data; | |
| 121 | 124 | } CURLDATA; |
| 122 | 125 | |
| 123 | 126 | static inline void lib3270_autoptr_cleanup_CURLDATA(CURLDATA **ptr) |
| 124 | 127 | { |
| 125 | 128 | debug("%s(%p)",__FUNCTION__,*ptr); |
| 126 | 129 | if(*ptr) |
| 127 | - lib3270_free(*ptr); | |
| 130 | + { | |
| 131 | + CURLDATA *cdata = *ptr; | |
| 132 | + | |
| 133 | + if(cdata->data.contents) { | |
| 134 | + lib3270_free(cdata->data.contents); | |
| 135 | + cdata->data.contents = NULL; | |
| 136 | + } | |
| 137 | + lib3270_free(cdata); | |
| 138 | + } | |
| 128 | 139 | *ptr = NULL; |
| 129 | 140 | } |
| 130 | 141 | |
| ... | ... | @@ -146,10 +157,10 @@ static size_t internal_curl_write_callback(void *contents, size_t size, size_t n |
| 146 | 157 | |
| 147 | 158 | debug("%s size=%d data->length=%d crldatalength=%d",__FUNCTION__,(int) size, (int) data->length, CRL_DATA_LENGTH); |
| 148 | 159 | |
| 149 | - if((size + data->length) > CRL_DATA_LENGTH) | |
| 160 | + if((realsize + data->length) > data->data.length) | |
| 150 | 161 | { |
| 151 | - debug("CRL Data block is bigger than allocated block (%u bytes)",(unsigned int) size); | |
| 152 | - return 0; | |
| 162 | + data->data.length += (CRL_DATA_LENGTH + realsize); | |
| 163 | + data->data.contents = lib3270_realloc(data->data.contents,data->data.length); | |
| 153 | 164 | } |
| 154 | 165 | |
| 155 | 166 | debug("%s",__FUNCTION__); |
| ... | ... | @@ -166,7 +177,7 @@ static size_t internal_curl_write_callback(void *contents, size_t size, size_t n |
| 166 | 177 | |
| 167 | 178 | debug("%s",__FUNCTION__); |
| 168 | 179 | |
| 169 | - memcpy(&(data->contents[data->length]),contents,realsize); | |
| 180 | + memcpy(&(data->data.contents[data->length]),contents,realsize); | |
| 170 | 181 | data->length += realsize; |
| 171 | 182 | |
| 172 | 183 | debug("%s",__FUNCTION__); |
| ... | ... | @@ -413,12 +424,14 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message) |
| 413 | 424 | #ifdef HAVE_LIBCURL |
| 414 | 425 | |
| 415 | 426 | // Use CURL to download the CRL |
| 416 | - lib3270_autoptr(CURLDATA) crl_data = lib3270_malloc(sizeof(CURLDATA)); | |
| 417 | - lib3270_autoptr(CURL) hCurl = curl_easy_init(); | |
| 427 | + lib3270_autoptr(CURLDATA) crl_data = lib3270_malloc(sizeof(CURLDATA)); | |
| 428 | + lib3270_autoptr(CURL) hCurl = curl_easy_init(); | |
| 418 | 429 | |
| 419 | 430 | memset(crl_data,0,sizeof(CURLDATA)); |
| 420 | - crl_data->message = message; | |
| 421 | - crl_data->hSession = hSession; | |
| 431 | + crl_data->message = message; | |
| 432 | + crl_data->hSession = hSession; | |
| 433 | + crl_data->data.length = CRL_DATA_LENGTH; | |
| 434 | + crl_data->data.contents = lib3270_malloc(crl_data->data.length); | |
| 422 | 435 | |
| 423 | 436 | if(hCurl) |
| 424 | 437 | { |
| ... | ... | @@ -478,7 +491,7 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message) |
| 478 | 491 | |
| 479 | 492 | if(ct) |
| 480 | 493 | { |
| 481 | - const unsigned char * data = crl_data->contents; | |
| 494 | + const unsigned char * data = crl_data->data.contents; | |
| 482 | 495 | |
| 483 | 496 | if(strcasecmp(ct,"application/pkix-crl") == 0) |
| 484 | 497 | { |
| ... | ... | @@ -504,13 +517,13 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message) |
| 504 | 517 | else if(strncasecmp(consturl,"ldap://",7) == 0) |
| 505 | 518 | { |
| 506 | 519 | // It's an LDAP query, assumes a base64 data. |
| 507 | - char * data = strstr((char *) crl_data->contents,":: "); | |
| 520 | + char * data = strstr((char *) crl_data->data.contents,":: "); | |
| 508 | 521 | if(!data) |
| 509 | 522 | { |
| 510 | 523 | message->error = hSession->ssl.error = ERR_get_error(); |
| 511 | 524 | message->title = N_( "Security error" ); |
| 512 | 525 | message->text = N_( "Got an invalid CRL from LDAP server" ); |
| 513 | - lib3270_write_log(hSession,"ssl","%s: invalid format:\n%s\n",consturl, crl_data->contents); | |
| 526 | + lib3270_write_log(hSession,"ssl","%s: invalid format:\n%s\n",consturl, crl_data->data.contents); | |
| 514 | 527 | return -1; |
| 515 | 528 | } |
| 516 | 529 | data += 3; | ... | ... |