diff --git a/configure.ac b/configure.ac
index 1e87cd0..9a9a3d1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -79,7 +79,7 @@ case "$host" in
*-mingw32|*-pc-msys)
app_cv_osname="windows"
CFLAGS="$CFLAGS -pthread -D_WIN32_WINNT=0x0600"
- LIBS="$LIBS -lws2_32 -lwtsapi32 -lcomdlg32"
+ LIBS="$LIBS -lws2_32 -lwtsapi32 -lcomdlg32 -lwldap32"
LDFLAGS="$LDFLAGS -pthread"
DLL_LDFLAGS="-shared -Wl,--output-def,\$(@D)/\$(LIBNAME).def"
DLLEXT=".dll"
diff --git a/lib3270.cbp b/lib3270.cbp
index 1dcead6..671c57e 100644
--- a/lib3270.cbp
+++ b/lib3270.cbp
@@ -288,6 +288,9 @@
+
+
+
diff --git a/src/core/connect.c b/src/core/connect.c
index ba83ab1..ff5d762 100644
--- a/src/core/connect.c
+++ b/src/core/connect.c
@@ -155,6 +155,19 @@ static int notify_crl_error(H3270 *hSession, int rc, const SSL_ERROR_MESSAGE *me
if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,message->description))
return rc;
}
+#ifdef _WIN32
+ else if(message->lasterror)
+ {
+ lib3270_autoptr(char) windows_error = lib3270_win32_translate_error_code(message->lasterror);
+ lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "Windows error was \"%s\" (%u)" ), windows_error,(unsigned int) message->lasterror);
+
+ lib3270_write_log(hSession,"SSL-CRL-GET","%s (lasterror=%u - %s)",message->text,(unsigned int) message->lasterror, windows_error);
+
+ if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
+ return rc;
+
+ }
+#endif // WIN32
else if(message->error)
{
lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "%s (SSL error %d)" ),ERR_reason_error_string(message->error),message->error);
diff --git a/src/core/windows/util.c b/src/core/windows/util.c
index 05a6af2..804f198 100644
--- a/src/core/windows/util.c
+++ b/src/core/windows/util.c
@@ -132,7 +132,7 @@ LIB3270_EXPORT char * lib3270_win32_translate_error_code(int lasterror)
#ifdef HAVE_ICONV
{
- // Convert from windows codepage to UTF-8 pw3270´s default charset
+ // Convert from windows codepage to pw3270´s default charset (UTF-8)
iconv_t hConv = iconv_open("UTF-8",lib3270_win32_local_charset());
trace("[%s]",buffer);
diff --git a/src/include/lib3270-internals.h b/src/include/lib3270-internals.h
index b236f11..60ef59b 100644
--- a/src/include/lib3270-internals.h
+++ b/src/include/lib3270-internals.h
@@ -744,6 +744,9 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on);
const char * title;
const char * text;
const char * description;
+#ifdef _WIN32
+ DWORD lasterror;
+#endif // _WIN32
} SSL_ERROR_MESSAGE;
struct ssl_status_msg
diff --git a/src/ssl/linux/ldap.c b/src/ssl/linux/ldap.c
index 3f0683b..ff43872 100644
--- a/src/ssl/linux/ldap.c
+++ b/src/ssl/linux/ldap.c
@@ -89,7 +89,8 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG
message->title = _( "Security error" );
message->text = _( "No DN of the entry at which to start the search on the URL" );
message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" );
- return errno = EINVAL;
+ errno = EINVAL;
+ return NULL;
}
*(base++) = 0;
@@ -101,7 +102,8 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG
message->title = _( "Security error" );
message->text = _( "No LDAP attribute on the URL" );
message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" );
- return errno = EINVAL;
+ errno = EINVAL;
+ return NULL;
}
*(attrs[0]++) = 0;
@@ -130,7 +132,7 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG
if(rc != LDAP_SUCCESS) {
message->error = hSession->ssl.error = 0;
message->title = _( "Security error" );
- message->text = _( "Can't set LDAP version" );
+ message->text = _( "Can't set LDAP protocol version" );
message->description = ldap_err2string(rc);
lib3270_write_log(hSession,"ssl","%s: %s",url, message->description);
return NULL;
diff --git a/src/ssl/negotiate.c b/src/ssl/negotiate.c
index df22ae6..9444c71 100644
--- a/src/ssl/negotiate.c
+++ b/src/ssl/negotiate.c
@@ -272,36 +272,6 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
return 0;
}
-/*
-int ssl_negotiate(H3270 *hSession)
-{
- int rc;
- SSL_ERROR_MESSAGE msg;
-
- memset(&msg,0,sizeof(msg));
-
- set_ssl_state(hSession,LIB3270_SSL_NEGOTIATING);
- non_blocking(hSession,False);
-
- rc = lib3270_run_task(hSession, background_ssl_negotiation, &msg);
- else if(rc)
- {
- // SSL negotiation has failed.
- host_disconnect(hSession,1); // Disconnect with "failed" status.
-
- if(msg.description)
- lib3270_popup_dialog(hSession, LIB3270_NOTIFY_ERROR, msg.title, msg.text, "%s", msg.description);
- else
- lib3270_popup_dialog(hSession, LIB3270_NOTIFY_ERROR, msg.title, msg.text, "%s", ERR_reason_error_string(msg.error));
-
- }
-
- non_blocking(hSession,True);
-
- return rc;
-}
-*/
-
int ssl_negotiate(H3270 *hSession)
{
int rc;
diff --git a/src/ssl/windows/getcrl.c b/src/ssl/windows/getcrl.c
index c98b3e7..292c837 100644
--- a/src/ssl/windows/getcrl.c
+++ b/src/ssl/windows/getcrl.c
@@ -98,6 +98,13 @@ LIB3270_INTERNAL X509_CRL * lib3270_get_crl(H3270 *hSession, SSL_ERROR_MESSAGE *
}
+#ifdef DEBUG
+ else if(strncasecmp(consturl,"ldap://",7) == 0 && strlen(consturl) > 8)
+ {
+ return get_crl_using_winldap(hSession, message, consturl);
+
+ }
+#endif // DEBUG
else
{
#ifdef HAVE_LIBCURL
diff --git a/src/ssl/windows/ldap.c b/src/ssl/windows/ldap.c
new file mode 100644
index 0000000..4de6a00
--- /dev/null
+++ b/src/ssl/windows/ldap.c
@@ -0,0 +1,171 @@
+/*
+ * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270 e X3270
+ * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a
+ * aplicativos mainframe. Registro no INPI sob o nome G3270.
+ *
+ * Copyright (C) <2008>
+ *
+ * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob
+ * os termos da GPL v.2 - Licença Pública Geral GNU, conforme publicado pela
+ * Free Software Foundation.
+ *
+ * Este programa é distribuído na expectativa de ser útil, mas SEM QUALQUER
+ * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou de ADEQUAÇÃO
+ * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para
+ * obter mais detalhes.
+ *
+ * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este
+ * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin
+ * St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * Este programa está nomeado como - e possui - linhas de código.
+ *
+ * Contatos:
+ *
+ * perry.werneck@gmail.com (Alexandre Perry de Souza Werneck)
+ * erico.mendonca@gmail.com (Erico Mascarenhas Mendonça)
+ *
+ * References:
+ *
+ * https://github.com/curl/curl/blob/curl-7_62_0/lib/ldap.c
+ * http://forums.codeguru.com/showthread.php?313123-Elementary-problems-using-winldap
+ * https://stackoverflow.com/questions/21501002/how-to-use-ldap-sasl-bind-in-winldap
+ *
+ */
+
+#include
+
+#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK)
+
+#include "private.h"
+#include
+
+# ifndef LDAP_VENDOR_NAME
+# error Your Platform SDK is NOT sufficient for LDAP support! \
+ Update your Platform SDK, or disable LDAP support!
+# else
+# include
+# endif
+
+/*--[ Implement ]------------------------------------------------------------------------------------*/
+
+static inline void lib3270_autoptr_cleanup_LDAP(LDAP **ptr)
+{
+ if(*ptr)
+ {
+ ldap_unbind(*ptr);
+ *ptr = NULL;
+ }
+
+}
+
+X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl)
+{
+ debug("********************************************************* %s",__FUNCTION__);
+
+ X509_CRL * x509_crl = NULL;
+ int rc = 0;
+
+ // Strip query.
+
+ lib3270_autoptr(char) urldup = strdup(consturl);
+
+ char * url = urldup+7;
+ char * base = strchr(url,'/');
+ char * port;
+ char * attrs[] = { NULL, NULL };
+
+ if(!base)
+ {
+ message->error = hSession->ssl.error = 0;
+ message->title = _( "Security error" );
+ message->text = _( "No DN of the entry at which to start the search on the URL" );
+ message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" );
+ debug("%s",message->text);
+ errno = EINVAL;
+ return NULL;
+ }
+
+ *(base++) = 0;
+ attrs[0] = strchr(base,'?');
+
+ if(!base)
+ {
+ message->error = hSession->ssl.error = 0;
+ message->title = _( "Security error" );
+ message->text = _( "No LDAP attribute on the URL" );
+ message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" );
+ debug("%s",message->text);
+ errno = EINVAL;
+ return NULL;
+ }
+
+ *(attrs[0]++) = 0;
+
+ port = strchr(url,':');
+ if(port)
+ {
+ *(port++) = 0;
+ }
+
+ debug("host: \"%s\"",url);
+ debug("port: %d", atoi(port));
+ debug("Base: \"%s\"",base);
+ debug("Attr: \"%s\"",attrs[0]);
+
+ // ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto);
+
+ // Do LDAP Query
+ lib3270_autoptr(LDAP) ld = ldap_init(url, (port && *port ? atoi(port) : LDAP_PORT));
+
+ if(!ld)
+ {
+ message->error = hSession->ssl.error = 0;
+ message->title = _( "Security error" );
+ message->text = _( "Can't initialize LDAP" );
+ debug("%s",message->text);
+ message->lasterror = GetLastError();
+ message->description = NULL;
+ errno = EINVAL;
+ return NULL;
+ }
+
+ static const int version = LDAP_VERSION3;
+ rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);
+ if(rc != LDAP_SUCCESS)
+ {
+ message->error = hSession->ssl.error = 0;
+ message->title = _( "Security error" );
+ message->text = _( "Can't set LDAP protocol version" );
+ message->lasterror = LdapMapErrorToWin32(rc);
+ message->description = NULL;
+
+ debug("%s (rc=%u, lasterror=%d)",ldap_err2string(rc),rc,(unsigned int) message->lasterror);
+
+ errno = EINVAL;
+ return NULL;
+ }
+
+ rc = ldap_simple_bind(ld, "", "");
+ if(rc != LDAP_SUCCESS)
+ {
+ message->error = hSession->ssl.error = 0;
+ message->title = _( "Security error" );
+ message->text = _( "Can't bind to LDAP server" );
+ message->lasterror = LdapMapErrorToWin32(rc);
+ message->description = NULL;
+
+ debug("%s (rc=%u, lasterror=%d)",ldap_err2string(rc),rc,(unsigned int) message->lasterror);
+
+ errno = EINVAL;
+ return NULL;
+ }
+
+
+ debug("********************************************************* %s",__FUNCTION__);
+
+ return x509_crl;
+
+}
+
+#endif // defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK)
diff --git a/src/ssl/windows/private.h b/src/ssl/windows/private.h
index abc9d71..000fe5a 100644
--- a/src/ssl/windows/private.h
+++ b/src/ssl/windows/private.h
@@ -57,7 +57,7 @@
#endif // HAVE_LIBCURL
- // LIB3270_INTERNAL X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl);
+ LIB3270_INTERNAL X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl);
#endif // !LIB3270_WIN32_SSL_PRIVATE_H_INCLUDED
--
libgit2 0.21.2