Commit b455df4fa471e390f97f7b09e3ab1614b85f42d3
1 parent
2e323b27
Exists in
master
and in
3 other branches
Implementing winldap.
Showing
10 changed files
with
205 additions
and
36 deletions
Show diff stats
configure.ac
| @@ -79,7 +79,7 @@ case "$host" in | @@ -79,7 +79,7 @@ case "$host" in | ||
| 79 | *-mingw32|*-pc-msys) | 79 | *-mingw32|*-pc-msys) |
| 80 | app_cv_osname="windows" | 80 | app_cv_osname="windows" |
| 81 | CFLAGS="$CFLAGS -pthread -D_WIN32_WINNT=0x0600" | 81 | CFLAGS="$CFLAGS -pthread -D_WIN32_WINNT=0x0600" |
| 82 | - LIBS="$LIBS -lws2_32 -lwtsapi32 -lcomdlg32" | 82 | + LIBS="$LIBS -lws2_32 -lwtsapi32 -lcomdlg32 -lwldap32" |
| 83 | LDFLAGS="$LDFLAGS -pthread" | 83 | LDFLAGS="$LDFLAGS -pthread" |
| 84 | DLL_LDFLAGS="-shared -Wl,--output-def,\$(@D)/\$(LIBNAME).def" | 84 | DLL_LDFLAGS="-shared -Wl,--output-def,\$(@D)/\$(LIBNAME).def" |
| 85 | DLLEXT=".dll" | 85 | DLLEXT=".dll" |
lib3270.cbp
| @@ -288,6 +288,9 @@ | @@ -288,6 +288,9 @@ | ||
| 288 | <Unit filename="src/ssl/windows/getcrl.c"> | 288 | <Unit filename="src/ssl/windows/getcrl.c"> |
| 289 | <Option compilerVar="CC" /> | 289 | <Option compilerVar="CC" /> |
| 290 | </Unit> | 290 | </Unit> |
| 291 | + <Unit filename="src/ssl/windows/ldap.c"> | ||
| 292 | + <Option compilerVar="CC" /> | ||
| 293 | + </Unit> | ||
| 291 | <Unit filename="src/ssl/windows/private.h" /> | 294 | <Unit filename="src/ssl/windows/private.h" /> |
| 292 | <Unit filename="src/testprogram/testprogram.c"> | 295 | <Unit filename="src/testprogram/testprogram.c"> |
| 293 | <Option compilerVar="CC" /> | 296 | <Option compilerVar="CC" /> |
src/core/connect.c
| @@ -155,6 +155,19 @@ static int notify_crl_error(H3270 *hSession, int rc, const SSL_ERROR_MESSAGE *me | @@ -155,6 +155,19 @@ static int notify_crl_error(H3270 *hSession, int rc, const SSL_ERROR_MESSAGE *me | ||
| 155 | if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,message->description)) | 155 | if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,message->description)) |
| 156 | return rc; | 156 | return rc; |
| 157 | } | 157 | } |
| 158 | +#ifdef _WIN32 | ||
| 159 | + else if(message->lasterror) | ||
| 160 | + { | ||
| 161 | + lib3270_autoptr(char) windows_error = lib3270_win32_translate_error_code(message->lasterror); | ||
| 162 | + lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "Windows error was \"%s\" (%u)" ), windows_error,(unsigned int) message->lasterror); | ||
| 163 | + | ||
| 164 | + lib3270_write_log(hSession,"SSL-CRL-GET","%s (lasterror=%u - %s)",message->text,(unsigned int) message->lasterror, windows_error); | ||
| 165 | + | ||
| 166 | + if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,formatted_error)) | ||
| 167 | + return rc; | ||
| 168 | + | ||
| 169 | + } | ||
| 170 | +#endif // WIN32 | ||
| 158 | else if(message->error) | 171 | else if(message->error) |
| 159 | { | 172 | { |
| 160 | lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "%s (SSL error %d)" ),ERR_reason_error_string(message->error),message->error); | 173 | lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "%s (SSL error %d)" ),ERR_reason_error_string(message->error),message->error); |
src/core/windows/util.c
| @@ -132,7 +132,7 @@ LIB3270_EXPORT char * lib3270_win32_translate_error_code(int lasterror) | @@ -132,7 +132,7 @@ LIB3270_EXPORT char * lib3270_win32_translate_error_code(int lasterror) | ||
| 132 | 132 | ||
| 133 | #ifdef HAVE_ICONV | 133 | #ifdef HAVE_ICONV |
| 134 | { | 134 | { |
| 135 | - // Convert from windows codepage to UTF-8 pw3270´s default charset | 135 | + // Convert from windows codepage to pw3270´s default charset (UTF-8) |
| 136 | iconv_t hConv = iconv_open("UTF-8",lib3270_win32_local_charset()); | 136 | iconv_t hConv = iconv_open("UTF-8",lib3270_win32_local_charset()); |
| 137 | 137 | ||
| 138 | trace("[%s]",buffer); | 138 | trace("[%s]",buffer); |
src/include/lib3270-internals.h
| @@ -744,6 +744,9 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on); | @@ -744,6 +744,9 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on); | ||
| 744 | const char * title; | 744 | const char * title; |
| 745 | const char * text; | 745 | const char * text; |
| 746 | const char * description; | 746 | const char * description; |
| 747 | +#ifdef _WIN32 | ||
| 748 | + DWORD lasterror; | ||
| 749 | +#endif // _WIN32 | ||
| 747 | } SSL_ERROR_MESSAGE; | 750 | } SSL_ERROR_MESSAGE; |
| 748 | 751 | ||
| 749 | struct ssl_status_msg | 752 | struct ssl_status_msg |
src/ssl/linux/ldap.c
| @@ -89,7 +89,8 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG | @@ -89,7 +89,8 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG | ||
| 89 | message->title = _( "Security error" ); | 89 | message->title = _( "Security error" ); |
| 90 | message->text = _( "No DN of the entry at which to start the search on the URL" ); | 90 | message->text = _( "No DN of the entry at which to start the search on the URL" ); |
| 91 | message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); | 91 | message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); |
| 92 | - return errno = EINVAL; | 92 | + errno = EINVAL; |
| 93 | + return NULL; | ||
| 93 | } | 94 | } |
| 94 | 95 | ||
| 95 | *(base++) = 0; | 96 | *(base++) = 0; |
| @@ -101,7 +102,8 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG | @@ -101,7 +102,8 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG | ||
| 101 | message->title = _( "Security error" ); | 102 | message->title = _( "Security error" ); |
| 102 | message->text = _( "No LDAP attribute on the URL" ); | 103 | message->text = _( "No LDAP attribute on the URL" ); |
| 103 | message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); | 104 | message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); |
| 104 | - return errno = EINVAL; | 105 | + errno = EINVAL; |
| 106 | + return NULL; | ||
| 105 | } | 107 | } |
| 106 | 108 | ||
| 107 | *(attrs[0]++) = 0; | 109 | *(attrs[0]++) = 0; |
| @@ -130,7 +132,7 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG | @@ -130,7 +132,7 @@ LIB3270_INTERNAL X509_CRL * get_crl_using_ldap(H3270 *hSession, SSL_ERROR_MESSAG | ||
| 130 | if(rc != LDAP_SUCCESS) { | 132 | if(rc != LDAP_SUCCESS) { |
| 131 | message->error = hSession->ssl.error = 0; | 133 | message->error = hSession->ssl.error = 0; |
| 132 | message->title = _( "Security error" ); | 134 | message->title = _( "Security error" ); |
| 133 | - message->text = _( "Can't set LDAP version" ); | 135 | + message->text = _( "Can't set LDAP protocol version" ); |
| 134 | message->description = ldap_err2string(rc); | 136 | message->description = ldap_err2string(rc); |
| 135 | lib3270_write_log(hSession,"ssl","%s: %s",url, message->description); | 137 | lib3270_write_log(hSession,"ssl","%s: %s",url, message->description); |
| 136 | return NULL; | 138 | return NULL; |
src/ssl/negotiate.c
| @@ -272,36 +272,6 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) | @@ -272,36 +272,6 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) | ||
| 272 | return 0; | 272 | return 0; |
| 273 | } | 273 | } |
| 274 | 274 | ||
| 275 | -/* | ||
| 276 | -int ssl_negotiate(H3270 *hSession) | ||
| 277 | -{ | ||
| 278 | - int rc; | ||
| 279 | - SSL_ERROR_MESSAGE msg; | ||
| 280 | - | ||
| 281 | - memset(&msg,0,sizeof(msg)); | ||
| 282 | - | ||
| 283 | - set_ssl_state(hSession,LIB3270_SSL_NEGOTIATING); | ||
| 284 | - non_blocking(hSession,False); | ||
| 285 | - | ||
| 286 | - rc = lib3270_run_task(hSession, background_ssl_negotiation, &msg); | ||
| 287 | - else if(rc) | ||
| 288 | - { | ||
| 289 | - // SSL negotiation has failed. | ||
| 290 | - host_disconnect(hSession,1); // Disconnect with "failed" status. | ||
| 291 | - | ||
| 292 | - if(msg.description) | ||
| 293 | - lib3270_popup_dialog(hSession, LIB3270_NOTIFY_ERROR, msg.title, msg.text, "%s", msg.description); | ||
| 294 | - else | ||
| 295 | - lib3270_popup_dialog(hSession, LIB3270_NOTIFY_ERROR, msg.title, msg.text, "%s", ERR_reason_error_string(msg.error)); | ||
| 296 | - | ||
| 297 | - } | ||
| 298 | - | ||
| 299 | - non_blocking(hSession,True); | ||
| 300 | - | ||
| 301 | - return rc; | ||
| 302 | -} | ||
| 303 | -*/ | ||
| 304 | - | ||
| 305 | int ssl_negotiate(H3270 *hSession) | 275 | int ssl_negotiate(H3270 *hSession) |
| 306 | { | 276 | { |
| 307 | int rc; | 277 | int rc; |
src/ssl/windows/getcrl.c
| @@ -98,6 +98,13 @@ LIB3270_INTERNAL X509_CRL * lib3270_get_crl(H3270 *hSession, SSL_ERROR_MESSAGE * | @@ -98,6 +98,13 @@ LIB3270_INTERNAL X509_CRL * lib3270_get_crl(H3270 *hSession, SSL_ERROR_MESSAGE * | ||
| 98 | 98 | ||
| 99 | 99 | ||
| 100 | } | 100 | } |
| 101 | +#ifdef DEBUG | ||
| 102 | + else if(strncasecmp(consturl,"ldap://",7) == 0 && strlen(consturl) > 8) | ||
| 103 | + { | ||
| 104 | + return get_crl_using_winldap(hSession, message, consturl); | ||
| 105 | + | ||
| 106 | + } | ||
| 107 | +#endif // DEBUG | ||
| 101 | else | 108 | else |
| 102 | { | 109 | { |
| 103 | #ifdef HAVE_LIBCURL | 110 | #ifdef HAVE_LIBCURL |
| @@ -0,0 +1,171 @@ | @@ -0,0 +1,171 @@ | ||
| 1 | +/* | ||
| 2 | + * "Software pw3270, desenvolvido com base nos códigos fontes do WC3270 e X3270 | ||
| 3 | + * (Paul Mattes Paul.Mattes@usa.net), de emulação de terminal 3270 para acesso a | ||
| 4 | + * aplicativos mainframe. Registro no INPI sob o nome G3270. | ||
| 5 | + * | ||
| 6 | + * Copyright (C) <2008> <Banco do Brasil S.A.> | ||
| 7 | + * | ||
| 8 | + * Este programa é software livre. Você pode redistribuí-lo e/ou modificá-lo sob | ||
| 9 | + * os termos da GPL v.2 - Licença Pública Geral GNU, conforme publicado pela | ||
| 10 | + * Free Software Foundation. | ||
| 11 | + * | ||
| 12 | + * Este programa é distribuído na expectativa de ser útil, mas SEM QUALQUER | ||
| 13 | + * GARANTIA; sem mesmo a garantia implícita de COMERCIALIZAÇÃO ou de ADEQUAÇÃO | ||
| 14 | + * A QUALQUER PROPÓSITO EM PARTICULAR. Consulte a Licença Pública Geral GNU para | ||
| 15 | + * obter mais detalhes. | ||
| 16 | + * | ||
| 17 | + * Você deve ter recebido uma cópia da Licença Pública Geral GNU junto com este | ||
| 18 | + * programa; se não, escreva para a Free Software Foundation, Inc., 51 Franklin | ||
| 19 | + * St, Fifth Floor, Boston, MA 02110-1301 USA | ||
| 20 | + * | ||
| 21 | + * Este programa está nomeado como - e possui - linhas de código. | ||
| 22 | + * | ||
| 23 | + * Contatos: | ||
| 24 | + * | ||
| 25 | + * perry.werneck@gmail.com (Alexandre Perry de Souza Werneck) | ||
| 26 | + * erico.mendonca@gmail.com (Erico Mascarenhas Mendonça) | ||
| 27 | + * | ||
| 28 | + * References: | ||
| 29 | + * | ||
| 30 | + * https://github.com/curl/curl/blob/curl-7_62_0/lib/ldap.c | ||
| 31 | + * http://forums.codeguru.com/showthread.php?313123-Elementary-problems-using-winldap | ||
| 32 | + * https://stackoverflow.com/questions/21501002/how-to-use-ldap-sasl-bind-in-winldap | ||
| 33 | + * | ||
| 34 | + */ | ||
| 35 | + | ||
| 36 | +#include <config.h> | ||
| 37 | + | ||
| 38 | +#if defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK) | ||
| 39 | + | ||
| 40 | +#include "private.h" | ||
| 41 | +#include <winldap.h> | ||
| 42 | + | ||
| 43 | +# ifndef LDAP_VENDOR_NAME | ||
| 44 | +# error Your Platform SDK is NOT sufficient for LDAP support! \ | ||
| 45 | + Update your Platform SDK, or disable LDAP support! | ||
| 46 | +# else | ||
| 47 | +# include <winber.h> | ||
| 48 | +# endif | ||
| 49 | + | ||
| 50 | +/*--[ Implement ]------------------------------------------------------------------------------------*/ | ||
| 51 | + | ||
| 52 | +static inline void lib3270_autoptr_cleanup_LDAP(LDAP **ptr) | ||
| 53 | +{ | ||
| 54 | + if(*ptr) | ||
| 55 | + { | ||
| 56 | + ldap_unbind(*ptr); | ||
| 57 | + *ptr = NULL; | ||
| 58 | + } | ||
| 59 | + | ||
| 60 | +} | ||
| 61 | + | ||
| 62 | +X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl) | ||
| 63 | +{ | ||
| 64 | + debug("********************************************************* %s",__FUNCTION__); | ||
| 65 | + | ||
| 66 | + X509_CRL * x509_crl = NULL; | ||
| 67 | + int rc = 0; | ||
| 68 | + | ||
| 69 | + // Strip query. | ||
| 70 | + | ||
| 71 | + lib3270_autoptr(char) urldup = strdup(consturl); | ||
| 72 | + | ||
| 73 | + char * url = urldup+7; | ||
| 74 | + char * base = strchr(url,'/'); | ||
| 75 | + char * port; | ||
| 76 | + char * attrs[] = { NULL, NULL }; | ||
| 77 | + | ||
| 78 | + if(!base) | ||
| 79 | + { | ||
| 80 | + message->error = hSession->ssl.error = 0; | ||
| 81 | + message->title = _( "Security error" ); | ||
| 82 | + message->text = _( "No DN of the entry at which to start the search on the URL" ); | ||
| 83 | + message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); | ||
| 84 | + debug("%s",message->text); | ||
| 85 | + errno = EINVAL; | ||
| 86 | + return NULL; | ||
| 87 | + } | ||
| 88 | + | ||
| 89 | + *(base++) = 0; | ||
| 90 | + attrs[0] = strchr(base,'?'); | ||
| 91 | + | ||
| 92 | + if(!base) | ||
| 93 | + { | ||
| 94 | + message->error = hSession->ssl.error = 0; | ||
| 95 | + message->title = _( "Security error" ); | ||
| 96 | + message->text = _( "No LDAP attribute on the URL" ); | ||
| 97 | + message->description = _( "The URL argument should be in the format ldap://[HOST]/[DN]?attribute" ); | ||
| 98 | + debug("%s",message->text); | ||
| 99 | + errno = EINVAL; | ||
| 100 | + return NULL; | ||
| 101 | + } | ||
| 102 | + | ||
| 103 | + *(attrs[0]++) = 0; | ||
| 104 | + | ||
| 105 | + port = strchr(url,':'); | ||
| 106 | + if(port) | ||
| 107 | + { | ||
| 108 | + *(port++) = 0; | ||
| 109 | + } | ||
| 110 | + | ||
| 111 | + debug("host: \"%s\"",url); | ||
| 112 | + debug("port: %d", atoi(port)); | ||
| 113 | + debug("Base: \"%s\"",base); | ||
| 114 | + debug("Attr: \"%s\"",attrs[0]); | ||
| 115 | + | ||
| 116 | + // ldap_set_option(NULL, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); | ||
| 117 | + | ||
| 118 | + // Do LDAP Query | ||
| 119 | + lib3270_autoptr(LDAP) ld = ldap_init(url, (port && *port ? atoi(port) : LDAP_PORT)); | ||
| 120 | + | ||
| 121 | + if(!ld) | ||
| 122 | + { | ||
| 123 | + message->error = hSession->ssl.error = 0; | ||
| 124 | + message->title = _( "Security error" ); | ||
| 125 | + message->text = _( "Can't initialize LDAP" ); | ||
| 126 | + debug("%s",message->text); | ||
| 127 | + message->lasterror = GetLastError(); | ||
| 128 | + message->description = NULL; | ||
| 129 | + errno = EINVAL; | ||
| 130 | + return NULL; | ||
| 131 | + } | ||
| 132 | + | ||
| 133 | + static const int version = LDAP_VERSION3; | ||
| 134 | + rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); | ||
| 135 | + if(rc != LDAP_SUCCESS) | ||
| 136 | + { | ||
| 137 | + message->error = hSession->ssl.error = 0; | ||
| 138 | + message->title = _( "Security error" ); | ||
| 139 | + message->text = _( "Can't set LDAP protocol version" ); | ||
| 140 | + message->lasterror = LdapMapErrorToWin32(rc); | ||
| 141 | + message->description = NULL; | ||
| 142 | + | ||
| 143 | + debug("%s (rc=%u, lasterror=%d)",ldap_err2string(rc),rc,(unsigned int) message->lasterror); | ||
| 144 | + | ||
| 145 | + errno = EINVAL; | ||
| 146 | + return NULL; | ||
| 147 | + } | ||
| 148 | + | ||
| 149 | + rc = ldap_simple_bind(ld, "", ""); | ||
| 150 | + if(rc != LDAP_SUCCESS) | ||
| 151 | + { | ||
| 152 | + message->error = hSession->ssl.error = 0; | ||
| 153 | + message->title = _( "Security error" ); | ||
| 154 | + message->text = _( "Can't bind to LDAP server" ); | ||
| 155 | + message->lasterror = LdapMapErrorToWin32(rc); | ||
| 156 | + message->description = NULL; | ||
| 157 | + | ||
| 158 | + debug("%s (rc=%u, lasterror=%d)",ldap_err2string(rc),rc,(unsigned int) message->lasterror); | ||
| 159 | + | ||
| 160 | + errno = EINVAL; | ||
| 161 | + return NULL; | ||
| 162 | + } | ||
| 163 | + | ||
| 164 | + | ||
| 165 | + debug("********************************************************* %s",__FUNCTION__); | ||
| 166 | + | ||
| 167 | + return x509_crl; | ||
| 168 | + | ||
| 169 | +} | ||
| 170 | + | ||
| 171 | +#endif // defined(HAVE_LIBSSL) && defined(SSL_ENABLE_CRL_CHECK) |
src/ssl/windows/private.h
| @@ -57,7 +57,7 @@ | @@ -57,7 +57,7 @@ | ||
| 57 | 57 | ||
| 58 | #endif // HAVE_LIBCURL | 58 | #endif // HAVE_LIBCURL |
| 59 | 59 | ||
| 60 | - // LIB3270_INTERNAL X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl); | 60 | + LIB3270_INTERNAL X509_CRL * get_crl_using_winldap(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *consturl); |
| 61 | 61 | ||
| 62 | 62 | ||
| 63 | #endif // !LIB3270_WIN32_SSL_PRIVATE_H_INCLUDED | 63 | #endif // !LIB3270_WIN32_SSL_PRIVATE_H_INCLUDED |