Download as
Browse Code »

Commit 8db96878efbfef0d065b130d94c5d04d8d8b3f6e

Authored by Perry Werneck
1 parent 23039bb8
Exists in master and in 3 other branches develop, macos, network_module

CRL download buffer is now dynamic.

Showing 1 changed file with 27 additions and 14 deletions   Show diff stats
src/lib3270/ssl/linux/getcrl.c
  Diff comments   View file @8db9687
@@ -33,7 +33,7 @@ @@ -33,7 +33,7 @@
33 * 33 *
34 */ 34 */
35 35
36 -#define CRL_DATA_LENGTH 16384 36 +#define CRL_DATA_LENGTH 2048
37 37
38 #include <config.h> 38 #include <config.h>
39 39
@@ -117,14 +117,25 @@ typedef struct _curldata @@ -117,14 +117,25 @@ typedef struct _curldata
117 H3270 * hSession; 117 H3270 * hSession;
118 SSL_ERROR_MESSAGE * message; 118 SSL_ERROR_MESSAGE * message;
119 char errbuf[CURL_ERROR_SIZE]; 119 char errbuf[CURL_ERROR_SIZE];
120 - unsigned char contents[CRL_DATA_LENGTH]; 120 + struct {
  121 + size_t length;
  122 + unsigned char * contents;
  123 + } data;
121 } CURLDATA; 124 } CURLDATA;
122 125
123 static inline void lib3270_autoptr_cleanup_CURLDATA(CURLDATA **ptr) 126 static inline void lib3270_autoptr_cleanup_CURLDATA(CURLDATA **ptr)
124 { 127 {
125 debug("%s(%p)",__FUNCTION__,*ptr); 128 debug("%s(%p)",__FUNCTION__,*ptr);
126 if(*ptr) 129 if(*ptr)
127 - lib3270_free(*ptr); 130 + {
  131 + CURLDATA *cdata = *ptr;
  132 +
  133 + if(cdata->data.contents) {
  134 + lib3270_free(cdata->data.contents);
  135 + cdata->data.contents = NULL;
  136 + }
  137 + lib3270_free(cdata);
  138 + }
128 *ptr = NULL; 139 *ptr = NULL;
129 } 140 }
130 141
@@ -146,10 +157,10 @@ static size_t internal_curl_write_callback(void *contents, size_t size, size_t n @@ -146,10 +157,10 @@ static size_t internal_curl_write_callback(void *contents, size_t size, size_t n
146 157
147 debug("%s size=%d data->length=%d crldatalength=%d",__FUNCTION__,(int) size, (int) data->length, CRL_DATA_LENGTH); 158 debug("%s size=%d data->length=%d crldatalength=%d",__FUNCTION__,(int) size, (int) data->length, CRL_DATA_LENGTH);
148 159
149 - if((size + data->length) > CRL_DATA_LENGTH) 160 + if((realsize + data->length) > data->data.length)
150 { 161 {
151 - debug("CRL Data block is bigger than allocated block (%u bytes)",(unsigned int) size);  
152 - return 0; 162 + data->data.length += (CRL_DATA_LENGTH + realsize);
  163 + data->data.contents = lib3270_realloc(data->data.contents,data->data.length);
153 } 164 }
154 165
155 debug("%s",__FUNCTION__); 166 debug("%s",__FUNCTION__);
@@ -166,7 +177,7 @@ static size_t internal_curl_write_callback(void *contents, size_t size, size_t n @@ -166,7 +177,7 @@ static size_t internal_curl_write_callback(void *contents, size_t size, size_t n
166 177
167 debug("%s",__FUNCTION__); 178 debug("%s",__FUNCTION__);
168 179
169 - memcpy(&(data->contents[data->length]),contents,realsize); 180 + memcpy(&(data->data.contents[data->length]),contents,realsize);
170 data->length += realsize; 181 data->length += realsize;
171 182
172 debug("%s",__FUNCTION__); 183 debug("%s",__FUNCTION__);
@@ -413,12 +424,14 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message) @@ -413,12 +424,14 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message)
413 #ifdef HAVE_LIBCURL 424 #ifdef HAVE_LIBCURL
414 425
415 // Use CURL to download the CRL 426 // Use CURL to download the CRL
416 - lib3270_autoptr(CURLDATA) crl_data = lib3270_malloc(sizeof(CURLDATA));  
417 - lib3270_autoptr(CURL) hCurl = curl_easy_init(); 427 + lib3270_autoptr(CURLDATA) crl_data = lib3270_malloc(sizeof(CURLDATA));
  428 + lib3270_autoptr(CURL) hCurl = curl_easy_init();
418 429
419 memset(crl_data,0,sizeof(CURLDATA)); 430 memset(crl_data,0,sizeof(CURLDATA));
420 - crl_data->message = message;  
421 - crl_data->hSession = hSession; 431 + crl_data->message = message;
  432 + crl_data->hSession = hSession;
  433 + crl_data->data.length = CRL_DATA_LENGTH;
  434 + crl_data->data.contents = lib3270_malloc(crl_data->data.length);
422 435
423 if(hCurl) 436 if(hCurl)
424 { 437 {
@@ -478,7 +491,7 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message) @@ -478,7 +491,7 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message)
478 491
479 if(ct) 492 if(ct)
480 { 493 {
481 - const unsigned char * data = crl_data->contents; 494 + const unsigned char * data = crl_data->data.contents;
482 495
483 if(strcasecmp(ct,"application/pkix-crl") == 0) 496 if(strcasecmp(ct,"application/pkix-crl") == 0)
484 { 497 {
@@ -504,13 +517,13 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message) @@ -504,13 +517,13 @@ int lib3270_get_X509_CRL(H3270 *hSession, SSL_ERROR_MESSAGE * message)
504 else if(strncasecmp(consturl,"ldap://",7) == 0) 517 else if(strncasecmp(consturl,"ldap://",7) == 0)
505 { 518 {
506 // It's an LDAP query, assumes a base64 data. 519 // It's an LDAP query, assumes a base64 data.
507 - char * data = strstr((char *) crl_data->contents,":: "); 520 + char * data = strstr((char *) crl_data->data.contents,":: ");
508 if(!data) 521 if(!data)
509 { 522 {
510 message->error = hSession->ssl.error = ERR_get_error(); 523 message->error = hSession->ssl.error = ERR_get_error();
511 message->title = N_( "Security error" ); 524 message->title = N_( "Security error" );
512 message->text = N_( "Got an invalid CRL from LDAP server" ); 525 message->text = N_( "Got an invalid CRL from LDAP server" );
513 - lib3270_write_log(hSession,"ssl","%s: invalid format:\n%s\n",consturl, crl_data->contents); 526 + lib3270_write_log(hSession,"ssl","%s: invalid format:\n%s\n",consturl, crl_data->data.contents);
514 return -1; 527 return -1;
515 } 528 }
516 data += 3; 529 data += 3;