Commit b455df4fa471e390f97f7b09e3ab1614b85f42d3
1 parent
2e323b27
Exists in
master
and in
3 other branches
Implementing winldap.
Showing
10 changed files
with
205 additions
and
36 deletions
Show diff stats
configure.ac
| ... | ... | @@ -79,7 +79,7 @@ case "$host" in |
| 79 | 79 | *-mingw32|*-pc-msys) |
| 80 | 80 | app_cv_osname="windows" |
| 81 | 81 | CFLAGS="$CFLAGS -pthread -D_WIN32_WINNT=0x0600" |
| 82 | - LIBS="$LIBS -lws2_32 -lwtsapi32 -lcomdlg32" | |
| 82 | + LIBS="$LIBS -lws2_32 -lwtsapi32 -lcomdlg32 -lwldap32" | |
| 83 | 83 | LDFLAGS="$LDFLAGS -pthread" |
| 84 | 84 | DLL_LDFLAGS="-shared -Wl,--output-def,\$(@D)/\$(LIBNAME).def" |
| 85 | 85 | DLLEXT=".dll" | ... | ... |
lib3270.cbp
| ... | ... | @@ -288,6 +288,9 @@ |
| 288 | 288 | <Unit filename="src/ssl/windows/getcrl.c"> |
| 289 | 289 | <Option compilerVar="CC" /> |
| 290 | 290 | </Unit> |
| 291 | + <Unit filename="src/ssl/windows/ldap.c"> | |
| 292 | + <Option compilerVar="CC" /> | |
| 293 | + </Unit> | |
| 291 | 294 | <Unit filename="src/ssl/windows/private.h" /> |
| 292 | 295 | <Unit filename="src/testprogram/testprogram.c"> |
| 293 | 296 | <Option compilerVar="CC" /> | ... | ... |
src/core/connect.c
| ... | ... | @@ -155,6 +155,19 @@ static int notify_crl_error(H3270 *hSession, int rc, const SSL_ERROR_MESSAGE *me |
| 155 | 155 | if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,message->description)) |
| 156 | 156 | return rc; |
| 157 | 157 | } |
| 158 | +#ifdef _WIN32 | |
| 159 | + else if(message->lasterror) | |
| 160 | + { | |
| 161 | + lib3270_autoptr(char) windows_error = lib3270_win32_translate_error_code(message->lasterror); | |
| 162 | + lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "Windows error was \"%s\" (%u)" ), windows_error,(unsigned int) message->lasterror); | |
| 163 | + | |
| 164 | + lib3270_write_log(hSession,"SSL-CRL-GET","%s (lasterror=%u - %s)",message->text,(unsigned int) message->lasterror, windows_error); | |
| 165 | + | |
| 166 | + if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,formatted_error)) | |
| 167 | + return rc; | |
| 168 | + | |
| 169 | + } | |
| 170 | +#endif // WIN32 | |
| 158 | 171 | else if(message->error) |
| 159 | 172 | { |
| 160 | 173 | lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "%s (SSL error %d)" ),ERR_reason_error_string(message->error),message->error); | ... | ... |
src/core/windows/util.c
| ... | ... | @@ -132,7 +132,7 @@ LIB3270_EXPORT char * lib3270_win32_translate_error_code(int lasterror) |
| 132 | 132 | |
| 133 | 133 | #ifdef HAVE_ICONV |
| 134 | 134 | { |
| 135 | - // Convert from windows codepage to UTF-8 pw3270´s default charset | |
| 135 | + // Convert from windows codepage to pw3270´s default charset (UTF-8) | |
| 136 | 136 | iconv_t hConv = iconv_open("UTF-8",lib3270_win32_local_charset()); |
| 137 | 137 | |
| 138 | 138 | trace("[%s]",buffer); | ... | ... |
src/include/lib3270-internals.h
| ... | ... | @@ -744,6 +744,9 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on); |
| 744 | 744 | const char * title; |
| 745 | 745 | const char * text; |
| 746 | 746 | const char * description; |
| 747 | +#ifdef _WIN32 | |
| 748 | + DWORD lasterror; | |
| 749 | +#endif // _WIN32 | |
| 747 | 750 | } SSL_ERROR_MESSAGE; |
| 748 | 751 | |
| 749 | 752 | struct ssl_status_msg | ... | ... |
src/ssl/linux/ldap.c
| ... | ... | @@ -89,7 +89,8 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG |
| 89 | 89 | message->title = _( "Security error" ); |
| 90 | 90 | message->text = _( "No DN of the entry at which to start the search on the URL" ); |
| 91 | 91 | message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); |
| 92 | - return errno = EINVAL; | |
| 92 | + errno = EINVAL; | |
| 93 | + return NULL; | |
| 93 | 94 | } |
| 94 | 95 | |
| 95 | 96 | *(base++) = 0; |
| ... | ... | @@ -101,7 +102,8 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG |
| 101 | 102 | message->title = _( "Security error" ); |
| 102 | 103 | message->text = _( "No LDAP attribute on the URL" ); |
| 103 | 104 | message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); |
| 104 | - return errno = EINVAL; | |
| 105 | + errno = EINVAL; | |
| 106 | + return NULL; | |
| 105 | 107 | } |
| 106 | 108 | |
| 107 | 109 | *(attrs[0]++) = 0; |
| ... | ... | @@ -130,7 +132,7 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG |
| 130 | 132 | if(rc != LDAP_SUCCESS) { |
| 131 | 133 | message->error = hSession->ssl.error = 0; |
| 132 | 134 | message->title = _( "Security error" ); |
| 133 | - message->text = _( "Can't set LDAP version" ); | |
| 135 | + message->text = _( "Can't set LDAP protocol version" ); | |
| 134 | 136 | message->description = ldap_err2string(rc); |
| 135 | 137 | lib3270_write_log(hSession,"ssl","%s: %s",url, message->description); |
| 136 | 138 | return NULL; | ... | ... |
src/ssl/negotiate.c
| ... | ... | @@ -272,36 +272,6 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) |
| 272 | 272 | return 0; |
| 273 | 273 | } |
| 274 | 274 | |
| 275 | -/* | |
| 276 | -int ssl_negotiate(H3270 *hSession) | |
| 277 | -{ | |
| 278 | - int rc; | |
| 279 | - SSL_ERROR_MESSAGE msg; | |
| 280 | - | |
| 281 | - memset(&msg,0,sizeof(msg)); | |
| 282 | - | |
| 283 | - set_ssl_state(hSession,LIB3270_SSL_NEGOTIATING); | |
| 284 | - non_blocking(hSession,False); | |
| 285 | - | |
| 286 | - rc = lib3270_run_task(hSession, background_ssl_negotiation, &msg); | |
| 287 | - else if(rc) | |
| 288 | - { | |
| 289 | - // SSL negotiation has failed. | |
| 290 | - host_disconnect(hSession,1); // Disconnect with "failed" status. | |
| 291 | - | |
| 292 | - if(msg.description) | |
| 293 | - lib3270_popup_dialog(hSession, LIB3270_NOTIFY_ERROR, msg.title, msg.text, "%s", msg.description); | |
| 294 | - else | |
| 295 | - lib3270_popup_dialog(hSession, LIB3270_NOTIFY_ERROR, msg.title, msg.text, "%s", ERR_reason_error_string(msg.error)); | |
| 296 | - | |
| 297 | - } | |
| 298 | - | |
| 299 | - non_blocking(hSession,True); | |
| 300 | - | |
| 301 | - return rc; | |
| 302 | -} | |
| 303 | -*/ | |
| 304 | - | |
| 305 | 275 | int ssl_negotiate(H3270 *hSession) |
| 306 | 276 | { |
| 307 | 277 | int rc; | ... | ... |
src/ssl/windows/getcrl.c
| ... | ... | @@ -98,6 +98,13 @@ LIB3270_INTERNAL X509_CRL * lib3270_get_crl(H3270 *hSession, SSL_ERROR_MESSAGE * |
| 98 | 98 | |
| 99 | 99 | |
| 100 | 100 | } |
| 101 | +#ifdef DEBUG | |
| 102 | + else if(strncasecmp(consturl,"ldap://",7) == 0 && strlen(consturl) > 8) | |
| 103 | + { | |
| 104 | + return get_crl_using_winldap(hSession, message, consturl); | |
| 105 | + | |
| 106 | + } | |
| 107 | +#endif // DEBUG | |
| 101 | 108 | else |
| 102 | 109 | { |
| 103 | 110 | #ifdef HAVE_LIBCURL | ... | ... |
| ... | ... | @@ -0,0 +1,171 @@ |
| 1 | +/* | |
| 2 | + * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270 e X3270 | |
| 3 | + * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a | |
| 4 | + * aplicativos mainframe. Registro no INPI sob o nome G3270. | |
| 5 | + * | |
| 6 | + * Copyright (C) <2008> <Banco do Brasil S.A.> | |
| 7 | + * | |
| 8 | + * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob | |
| 9 | + * os termos da GPL v.2 - Licença Pública Geral GNU, conforme publicado pela | |
| 10 | + * Free Software Foundation. | |
| 11 | + * | |
| 12 | + * Este programa é distribuído na expectativa de ser útil, mas SEM QUALQUER | |
| 13 | + * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou de ADEQUAÇÃO | |
| 14 | + * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para | |
| 15 | + * obter mais detalhes. | |
| 16 | + * | |
| 17 | + * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este | |
| 18 | + * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin | |
| 19 | + * St, Fifth Floor, Boston, MA 02110-1301 USA | |
| 20 | + * | |
| 21 | + * Este programa está nomeado como - e possui - linhas de código. | |
| 22 | + * | |
| 23 | + * Contatos: | |
| 24 | + * | |
| 25 | + * perry.werneck@gmail.com (Alexandre Perry de Souza Werneck) | |
| 26 | + * erico.mendonca@gmail.com (Erico Mascarenhas Mendonça) | |
| 27 | + * | |
| 28 | + * References: | |
| 29 | + * | |
| 30 | + * https://github.com/curl/curl/blob/curl-7_62_0/lib/ldap.c | |
| 31 | + * http://forums.codeguru.com/showthread.php?313123-Elementary-problems-using-winldap | |
| 32 | + * https://stackoverflow.com/questions/21501002/how-to-use-ldap-sasl-bind-in-winldap | |
| 33 | + * | |
| 34 | + */ | |
| 35 | + | |
| 36 | +#include <config.h> | |
| 37 | + | |
| 38 | +#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK) | |
| 39 | + | |
| 40 | +#include "private.h" | |
| 41 | +#include <winldap.h> | |
| 42 | + | |
| 43 | +# ifndef LDAP_VENDOR_NAME | |
| 44 | +# error Your Platform SDK is NOT sufficient for LDAP support! \ | |
| 45 | + Update your Platform SDK, or disable LDAP support! | |
| 46 | +# else | |
| 47 | +# include <winber.h> | |
| 48 | +# endif | |
| 49 | + | |
| 50 | +/*--[ Implement ]------------------------------------------------------------------------------------*/ | |
| 51 | + | |
| 52 | +static inline void lib3270_autoptr_cleanup_LDAP(LDAP **ptr) | |
| 53 | +{ | |
| 54 | + if(*ptr) | |
| 55 | + { | |
| 56 | + ldap_unbind(*ptr); | |
| 57 | + *ptr = NULL; | |
| 58 | + } | |
| 59 | + | |
| 60 | +} | |
| 61 | + | |
| 62 | +X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl) | |
| 63 | +{ | |
| 64 | + debug("********************************************************* %s",__FUNCTION__); | |
| 65 | + | |
| 66 | + X509_CRL * x509_crl = NULL; | |
| 67 | + int rc = 0; | |
| 68 | + | |
| 69 | + // Strip query. | |
| 70 | + | |
| 71 | + lib3270_autoptr(char) urldup = strdup(consturl); | |
| 72 | + | |
| 73 | + char * url = urldup+7; | |
| 74 | + char * base = strchr(url,'/'); | |
| 75 | + char * port; | |
| 76 | + char * attrs[] = { NULL, NULL }; | |
| 77 | + | |
| 78 | + if(!base) | |
| 79 | + { | |
| 80 | + message->error = hSession->ssl.error = 0; | |
| 81 | + message->title = _( "Security error" ); | |
| 82 | + message->text = _( "No DN of the entry at which to start the search on the URL" ); | |
| 83 | + message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); | |
| 84 | + debug("%s",message->text); | |
| 85 | + errno = EINVAL; | |
| 86 | + return NULL; | |
| 87 | + } | |
| 88 | + | |
| 89 | + *(base++) = 0; | |
| 90 | + attrs[0] = strchr(base,'?'); | |
| 91 | + | |
| 92 | + if(!base) | |
| 93 | + { | |
| 94 | + message->error = hSession->ssl.error = 0; | |
| 95 | + message->title = _( "Security error" ); | |
| 96 | + message->text = _( "No LDAP attribute on the URL" ); | |
| 97 | + message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); | |
| 98 | + debug("%s",message->text); | |
| 99 | + errno = EINVAL; | |
| 100 | + return NULL; | |
| 101 | + } | |
| 102 | + | |
| 103 | + *(attrs[0]++) = 0; | |
| 104 | + | |
| 105 | + port = strchr(url,':'); | |
| 106 | + if(port) | |
| 107 | + { | |
| 108 | + *(port++) = 0; | |
| 109 | + } | |
| 110 | + | |
| 111 | + debug("host: \"%s\"",url); | |
| 112 | + debug("port: %d", atoi(port)); | |
| 113 | + debug("Base: \"%s\"",base); | |
| 114 | + debug("Attr: \"%s\"",attrs[0]); | |
| 115 | + | |
| 116 | + // ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); | |
| 117 | + | |
| 118 | + // Do LDAP Query | |
| 119 | + lib3270_autoptr(LDAP) ld = ldap_init(url, (port && *port ? atoi(port) : LDAP_PORT)); | |
| 120 | + | |
| 121 | + if(!ld) | |
| 122 | + { | |
| 123 | + message->error = hSession->ssl.error = 0; | |
| 124 | + message->title = _( "Security error" ); | |
| 125 | + message->text = _( "Can't initialize LDAP" ); | |
| 126 | + debug("%s",message->text); | |
| 127 | + message->lasterror = GetLastError(); | |
| 128 | + message->description = NULL; | |
| 129 | + errno = EINVAL; | |
| 130 | + return NULL; | |
| 131 | + } | |
| 132 | + | |
| 133 | + static const int version = LDAP_VERSION3; | |
| 134 | + rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); | |
| 135 | + if(rc != LDAP_SUCCESS) | |
| 136 | + { | |
| 137 | + message->error = hSession->ssl.error = 0; | |
| 138 | + message->title = _( "Security error" ); | |
| 139 | + message->text = _( "Can't set LDAP protocol version" ); | |
| 140 | + message->lasterror = LdapMapErrorToWin32(rc); | |
| 141 | + message->description = NULL; | |
| 142 | + | |
| 143 | + debug("%s (rc=%u, lasterror=%d)",ldap_err2string(rc),rc,(unsigned int) message->lasterror); | |
| 144 | + | |
| 145 | + errno = EINVAL; | |
| 146 | + return NULL; | |
| 147 | + } | |
| 148 | + | |
| 149 | + rc = ldap_simple_bind(ld, "", ""); | |
| 150 | + if(rc != LDAP_SUCCESS) | |
| 151 | + { | |
| 152 | + message->error = hSession->ssl.error = 0; | |
| 153 | + message->title = _( "Security error" ); | |
| 154 | + message->text = _( "Can't bind to LDAP server" ); | |
| 155 | + message->lasterror = LdapMapErrorToWin32(rc); | |
| 156 | + message->description = NULL; | |
| 157 | + | |
| 158 | + debug("%s (rc=%u, lasterror=%d)",ldap_err2string(rc),rc,(unsigned int) message->lasterror); | |
| 159 | + | |
| 160 | + errno = EINVAL; | |
| 161 | + return NULL; | |
| 162 | + } | |
| 163 | + | |
| 164 | + | |
| 165 | + debug("********************************************************* %s",__FUNCTION__); | |
| 166 | + | |
| 167 | + return x509_crl; | |
| 168 | + | |
| 169 | +} | |
| 170 | + | |
| 171 | +#endif // defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK) | ... | ... |
src/ssl/windows/private.h
| ... | ... | @@ -57,7 +57,7 @@ |
| 57 | 57 | |
| 58 | 58 | #endif // HAVE_LIBCURL |
| 59 | 59 | |
| 60 | - // LIB3270_INTERNAL X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl); | |
| 60 | + LIB3270_INTERNAL X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl); | |
| 61 | 61 | |
| 62 | 62 | |
| 63 | 63 | #endif // !LIB3270_WIN32_SSL_PRIVATE_H_INCLUDED | ... | ... |