Commit a6a2963b26b3dd9776944b14e7c12508b7304d46

Authored by Perry Werneck
1 parent ad33d466

The CRL URL is now a writable property.

src/include/lib3270.h
... ... @@ -466,6 +466,17 @@
466 466 LIB3270_EXPORT int lib3270_set_url(H3270 *h, const char *url);
467 467  
468 468 /**
  469 + * @brief Set URL for the certificate revocation list.
  470 + *
  471 + * @param hSession Session handle.
  472 + * @param crl URL for the certificate revocation list.
  473 + *
  474 + * @return 0 on sucess, non zero on error (sets errno).
  475 + *
  476 + */
  477 + LIB3270_EXPORT int lib3270_set_crl(H3270 *hSession, const char *crl);
  478 +
  479 + /**
469 480 * @brief Get hostname for the connect/reconnect operations.
470 481 *
471 482 * @param h Session handle.
... ... @@ -1174,7 +1185,7 @@
1174 1185  
1175 1186 LIB3270_EXPORT void * lib3270_malloc(int len);
1176 1187 LIB3270_EXPORT void * lib3270_realloc(void *p, int len);
1177   - LIB3270_EXPORT void * lib3270_replace(void **p, void *ptr);
  1188 +// LIB3270_EXPORT void * lib3270_replace(void **p, void *ptr);
1178 1189 LIB3270_EXPORT void * lib3270_strdup(const char *str);
1179 1190  
1180 1191 #define LIB3270_AUTOPTR_FUNC_NAME(TypeName) lib3270_autoptr_cleanup_##TypeName
... ...
src/lib3270/properties.c
... ... @@ -285,6 +285,43 @@
285 285 return lib3270_get_revision();
286 286 }
287 287  
  288 + int lib3270_set_crl(H3270 *hSession, const char *crl)
  289 + {
  290 +
  291 + FAIL_IF_ONLINE(hSession);
  292 +
  293 +#ifdef SSL_ENABLE_CRL_CHECK
  294 +
  295 + if(hSession->ssl.crl)
  296 + {
  297 + free(hSession->ssl.crl);
  298 + hSession->ssl.crl = NULL;
  299 + }
  300 +
  301 + if(crl)
  302 + {
  303 + hSession->ssl.crl = strdup(crl);
  304 + }
  305 +
  306 + return 0;
  307 +
  308 +#else
  309 +
  310 + return errno = ENOTSUP;
  311 +
  312 +#endif // SSL_ENABLE_CRL_CHECK
  313 +
  314 + }
  315 +
  316 + static const char * lib3270_get_crl(H3270 *hSession)
  317 + {
  318 +#ifdef SSL_ENABLE_CRL_CHECK
  319 + if(hSession->ssl.crl)
  320 + return hSession->ssl.crl;
  321 +#endif
  322 + return "";
  323 + }
  324 +
288 325 LIB3270_EXPORT const LIB3270_STRING_PROPERTY * lib3270_get_string_properties_list(void)
289 326 {
290 327 static const LIB3270_STRING_PROPERTY properties[] = {
... ... @@ -345,6 +382,14 @@
345 382 NULL // Set value.
346 383 },
347 384  
  385 + {
  386 + "crl", // Property name.
  387 + N_( "URL for the CRL file" ), // Property description.
  388 + lib3270_get_crl, // Get value.
  389 + lib3270_set_crl, // Set value.
  390 + },
  391 +
  392 +
348 393 /*
349 394 {
350 395 "", // Property name.
... ...
src/lib3270/ssl/negotiate.c
... ... @@ -217,7 +217,7 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
217 217 default:
218 218  
219 219 debug("Unexpected or invalid TLS/SSL verify result %d",rv);
220   - trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv);
  220 + trace_ssl(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv);
221 221 }
222 222  
223 223 if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE))
... ... @@ -226,7 +226,7 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
226 226 int alg_bits = 0;
227 227 const SSL_CIPHER * cipher = SSL_get_current_cipher(hSession->ssl.con);
228 228  
229   - trace_dsn(hSession,"TLS/SSL cipher description: %s",SSL_CIPHER_description((SSL_CIPHER *) cipher, buffer, 4095));
  229 + trace_ssl(hSession,"TLS/SSL cipher description: %s",SSL_CIPHER_description((SSL_CIPHER *) cipher, buffer, 4095));
230 230 SSL_CIPHER_get_bits(cipher, &alg_bits);
231 231 trace_ssl(hSession,"%s version %s with %d bits\n",
232 232 SSL_CIPHER_get_name(cipher),
... ... @@ -342,16 +342,16 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
342 342 switch(where)
343 343 {
344 344 case SSL_CB_CONNECT_LOOP:
345   - trace_dsn(hSession,"SSL_connect: %s %s\n",SSL_state_string(s), SSL_state_string_long(s));
  345 + trace_ssl(hSession,"SSL_connect: %s %s\n",SSL_state_string(s), SSL_state_string_long(s));
346 346 break;
347 347  
348 348 case SSL_CB_CONNECT_EXIT:
349 349  
350   - trace_dsn(hSession,"%s: SSL_CB_CONNECT_EXIT\n",__FUNCTION__);
  350 + trace_ssl(hSession,"%s: SSL_CB_CONNECT_EXIT\n",__FUNCTION__);
351 351  
352 352 if (ret == 0)
353 353 {
354   - trace_dsn(hSession,"SSL_connect: failed in %s\n",SSL_state_string_long(s));
  354 + trace_ssl(hSession,"SSL_connect: failed in %s\n",SSL_state_string_long(s));
355 355 }
356 356 else if (ret < 0)
357 357 {
... ... @@ -379,7 +379,7 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
379 379 err_buf[0] = '\0';
380 380 }
381 381  
382   - trace_dsn(hSession,"SSL Connect error %d\nMessage: %s\nState: %s\nAlert: %s\n",
  382 + trace_ssl(hSession,"SSL Connect error %d\nMessage: %s\nState: %s\nAlert: %s\n",
383 383 ret,
384 384 err_buf,
385 385 SSL_state_string_long(s),
... ... @@ -390,7 +390,7 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
390 390 break;
391 391  
392 392 default:
393   - trace_dsn(hSession,"SSL Current state is \"%s\"\n",SSL_state_string_long(s));
  393 + trace_ssl(hSession,"SSL Current state is \"%s\"\n",SSL_state_string_long(s));
394 394 }
395 395  
396 396 #ifdef DEBUG
... ... @@ -401,11 +401,11 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
401 401 #endif
402 402  
403 403 if(where & SSL_CB_ALERT)
404   - trace_dsn(hSession,"SSL ALERT: %s\n",SSL_alert_type_string_long(ret));
  404 + trace_ssl(hSession,"SSL ALERT: %s\n",SSL_alert_type_string_long(ret));
405 405  
406 406 if(where & SSL_CB_HANDSHAKE_DONE)
407 407 {
408   - trace_dsn(hSession,"%s: SSL_CB_HANDSHAKE_DONE state=%04x\n",__FUNCTION__,SSL_get_state(s));
  408 + trace_ssl(hSession,"%s: SSL_CB_HANDSHAKE_DONE state=%04x\n",__FUNCTION__,SSL_get_state(s));
409 409 if(SSL_get_state(s) == SSL_ST_OK)
410 410 set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED);
411 411 else
... ...