Download as
Browse Code »

Commit a6a2963b26b3dd9776944b14e7c12508b7304d46

Authored by Perry Werneck
1 parent ad33d466
Exists in master and in 3 other branches develop, macos, network_module

The CRL URL is now a writable property.

Showing 3 changed files with 66 additions and 10 deletions   Show diff stats
src/include/lib3270.h
  Diff comments   View file @a6a2963
@@ -466,6 +466,17 @@ @@ -466,6 +466,17 @@
466 LIB3270_EXPORT int lib3270_set_url(H3270 *h, const char *url); 466 LIB3270_EXPORT int lib3270_set_url(H3270 *h, const char *url);
467 467
468 /** 468 /**
  469 + * @brief Set URL for the certificate revocation list.
  470 + *
  471 + * @param hSession Session handle.
  472 + * @param crl URL for the certificate revocation list.
  473 + *
  474 + * @return 0 on sucess, non zero on error (sets errno).
  475 + *
  476 + */
  477 + LIB3270_EXPORT int lib3270_set_crl(H3270 *hSession, const char *crl);
  478 +
  479 + /**
469 * @brief Get hostname for the connect/reconnect operations. 480 * @brief Get hostname for the connect/reconnect operations.
470 * 481 *
471 * @param h Session handle. 482 * @param h Session handle.
@@ -1174,7 +1185,7 @@ @@ -1174,7 +1185,7 @@
1174 1185
1175 LIB3270_EXPORT void * lib3270_malloc(int len); 1186 LIB3270_EXPORT void * lib3270_malloc(int len);
1176 LIB3270_EXPORT void * lib3270_realloc(void *p, int len); 1187 LIB3270_EXPORT void * lib3270_realloc(void *p, int len);
1177 - LIB3270_EXPORT void * lib3270_replace(void **p, void *ptr); 1188 +// LIB3270_EXPORT void * lib3270_replace(void **p, void *ptr);
1178 LIB3270_EXPORT void * lib3270_strdup(const char *str); 1189 LIB3270_EXPORT void * lib3270_strdup(const char *str);
1179 1190
1180 #define LIB3270_AUTOPTR_FUNC_NAME(TypeName) lib3270_autoptr_cleanup_##TypeName 1191 #define LIB3270_AUTOPTR_FUNC_NAME(TypeName) lib3270_autoptr_cleanup_##TypeName
src/lib3270/properties.c
  Diff comments   View file @a6a2963
@@ -285,6 +285,43 @@ @@ -285,6 +285,43 @@
285 return lib3270_get_revision(); 285 return lib3270_get_revision();
286 } 286 }
287 287
  288 + int lib3270_set_crl(H3270 *hSession, const char *crl)
  289 + {
  290 +
  291 + FAIL_IF_ONLINE(hSession);
  292 +
  293 +#ifdef SSL_ENABLE_CRL_CHECK
  294 +
  295 + if(hSession->ssl.crl)
  296 + {
  297 + free(hSession->ssl.crl);
  298 + hSession->ssl.crl = NULL;
  299 + }
  300 +
  301 + if(crl)
  302 + {
  303 + hSession->ssl.crl = strdup(crl);
  304 + }
  305 +
  306 + return 0;
  307 +
  308 +#else
  309 +
  310 + return errno = ENOTSUP;
  311 +
  312 +#endif // SSL_ENABLE_CRL_CHECK
  313 +
  314 + }
  315 +
  316 + static const char * lib3270_get_crl(H3270 *hSession)
  317 + {
  318 +#ifdef SSL_ENABLE_CRL_CHECK
  319 + if(hSession->ssl.crl)
  320 + return hSession->ssl.crl;
  321 +#endif
  322 + return "";
  323 + }
  324 +
288 LIB3270_EXPORT const LIB3270_STRING_PROPERTY * lib3270_get_string_properties_list(void) 325 LIB3270_EXPORT const LIB3270_STRING_PROPERTY * lib3270_get_string_properties_list(void)
289 { 326 {
290 static const LIB3270_STRING_PROPERTY properties[] = { 327 static const LIB3270_STRING_PROPERTY properties[] = {
@@ -345,6 +382,14 @@ @@ -345,6 +382,14 @@
345 NULL // Set value. 382 NULL // Set value.
346 }, 383 },
347 384
  385 + {
  386 + "crl", // Property name.
  387 + N_( "URL for the CRL file" ), // Property description.
  388 + lib3270_get_crl, // Get value.
  389 + lib3270_set_crl, // Set value.
  390 + },
  391 +
  392 +
348 /* 393 /*
349 { 394 {
350 "", // Property name. 395 "", // Property name.
src/lib3270/ssl/negotiate.c
  Diff comments   View file @a6a2963
@@ -217,7 +217,7 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) @@ -217,7 +217,7 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
217 default: 217 default:
218 218
219 debug("Unexpected or invalid TLS/SSL verify result %d",rv); 219 debug("Unexpected or invalid TLS/SSL verify result %d",rv);
220 - trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv); 220 + trace_ssl(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv);
221 } 221 }
222 222
223 if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE)) 223 if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE))
@@ -226,7 +226,7 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) @@ -226,7 +226,7 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
226 int alg_bits = 0; 226 int alg_bits = 0;
227 const SSL_CIPHER * cipher = SSL_get_current_cipher(hSession->ssl.con); 227 const SSL_CIPHER * cipher = SSL_get_current_cipher(hSession->ssl.con);
228 228
229 - trace_dsn(hSession,"TLS/SSL cipher description: %s",SSL_CIPHER_description((SSL_CIPHER *) cipher, buffer, 4095)); 229 + trace_ssl(hSession,"TLS/SSL cipher description: %s",SSL_CIPHER_description((SSL_CIPHER *) cipher, buffer, 4095));
230 SSL_CIPHER_get_bits(cipher, &alg_bits); 230 SSL_CIPHER_get_bits(cipher, &alg_bits);
231 trace_ssl(hSession,"%s version %s with %d bits\n", 231 trace_ssl(hSession,"%s version %s with %d bits\n",
232 SSL_CIPHER_get_name(cipher), 232 SSL_CIPHER_get_name(cipher),
@@ -342,16 +342,16 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret) @@ -342,16 +342,16 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
342 switch(where) 342 switch(where)
343 { 343 {
344 case SSL_CB_CONNECT_LOOP: 344 case SSL_CB_CONNECT_LOOP:
345 - trace_dsn(hSession,"SSL_connect: %s %s\n",SSL_state_string(s), SSL_state_string_long(s)); 345 + trace_ssl(hSession,"SSL_connect: %s %s\n",SSL_state_string(s), SSL_state_string_long(s));
346 break; 346 break;
347 347
348 case SSL_CB_CONNECT_EXIT: 348 case SSL_CB_CONNECT_EXIT:
349 349
350 - trace_dsn(hSession,"%s: SSL_CB_CONNECT_EXIT\n",__FUNCTION__); 350 + trace_ssl(hSession,"%s: SSL_CB_CONNECT_EXIT\n",__FUNCTION__);
351 351
352 if (ret == 0) 352 if (ret == 0)
353 { 353 {
354 - trace_dsn(hSession,"SSL_connect: failed in %s\n",SSL_state_string_long(s)); 354 + trace_ssl(hSession,"SSL_connect: failed in %s\n",SSL_state_string_long(s));
355 } 355 }
356 else if (ret < 0) 356 else if (ret < 0)
357 { 357 {
@@ -379,7 +379,7 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret) @@ -379,7 +379,7 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
379 err_buf[0] = '\0'; 379 err_buf[0] = '\0';
380 } 380 }
381 381
382 - trace_dsn(hSession,"SSL Connect error %d\nMessage: %s\nState: %s\nAlert: %s\n", 382 + trace_ssl(hSession,"SSL Connect error %d\nMessage: %s\nState: %s\nAlert: %s\n",
383 ret, 383 ret,
384 err_buf, 384 err_buf,
385 SSL_state_string_long(s), 385 SSL_state_string_long(s),
@@ -390,7 +390,7 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret) @@ -390,7 +390,7 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
390 break; 390 break;
391 391
392 default: 392 default:
393 - trace_dsn(hSession,"SSL Current state is \"%s\"\n",SSL_state_string_long(s)); 393 + trace_ssl(hSession,"SSL Current state is \"%s\"\n",SSL_state_string_long(s));
394 } 394 }
395 395
396 #ifdef DEBUG 396 #ifdef DEBUG
@@ -401,11 +401,11 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret) @@ -401,11 +401,11 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
401 #endif 401 #endif
402 402
403 if(where & SSL_CB_ALERT) 403 if(where & SSL_CB_ALERT)
404 - trace_dsn(hSession,"SSL ALERT: %s\n",SSL_alert_type_string_long(ret)); 404 + trace_ssl(hSession,"SSL ALERT: %s\n",SSL_alert_type_string_long(ret));
405 405
406 if(where & SSL_CB_HANDSHAKE_DONE) 406 if(where & SSL_CB_HANDSHAKE_DONE)
407 { 407 {
408 - trace_dsn(hSession,"%s: SSL_CB_HANDSHAKE_DONE state=%04x\n",__FUNCTION__,SSL_get_state(s)); 408 + trace_ssl(hSession,"%s: SSL_CB_HANDSHAKE_DONE state=%04x\n",__FUNCTION__,SSL_get_state(s));
409 if(SSL_get_state(s) == SSL_ST_OK) 409 if(SSL_get_state(s) == SSL_ST_OK)
410 set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED); 410 set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED);
411 else 411 else