Adding build option to disable SSL erro notifications.

Perry Werneck
1 parent 7a080aaa
Showing 5 changed files with 59 additions and 10 deletions Show diff stats
configure.ac
src/core/connect.c
src/include/config.h.in
src/include/lib3270-internals.h
src/ssl/negotiate.c
@@ -398,6 +398,20 @@ AC_ARG_WITH([default-crl-url],
 	AC_MSG_NOTICE(No default crl url)
 ])
  
+AC_ARG_ENABLE([ssl-error-notification],
+	[AS_HELP_STRING([--disable-ssl-error-notification], [Disable notifications when the security negotiation fails])],
+[
+	app_cv_enable_ssl_notification="$enableval"
+],[
+	app_cv_enable_ssl_notification="yes"
+])
+
+if test "$app_cv_enable_ssl_notification" == "yes"; then
+	AC_DEFINE(SSL_ENABLE_NOTIFICATION_WHEN_FAILED)
+else
+	AC_MSG_NOTICE(No notifications when SSL negotiation fails)
+fi
+
 dnl ---------------------------------------------------------------------------
 dnl Check for pic
 dnl ---------------------------------------------------------------------------
@@ -151,9 +151,7 @@ static int notify_crl_error(H3270 *hSession, int rc, const SSL_ERROR_MESSAGE *me
  
 	if(message->description)
 	{
-		lib3270_write_log(hSession,"SSL-CRL-GET","%s",message->description);
-
-		if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,message->description))
+		if(popup_ssl_error(hSession,rc,message->title,message->text,message->description))
 			return rc;
 	}
 #ifdef _WIN32
@@ -162,9 +160,7 @@ static int notify_crl_error(H3270 *hSession, int rc, const SSL_ERROR_MESSAGE *me
 		lib3270_autoptr(char) windows_error = lib3270_win32_translate_error_code(message->lasterror);
 		lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "Windows error was \"%s\" (%u)" ), windows_error,(unsigned int) message->lasterror);
  
-		lib3270_write_log(hSession,"SSL-CRL-GET","%s (lasterror=%u - %s)",message->text,(unsigned int) message->lasterror, windows_error);
-
-		if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
+		if(popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
 			return rc;
  
 	}
@@ -174,12 +170,12 @@ static int notify_crl_error(H3270 *hSession, int rc, const SSL_ERROR_MESSAGE *me
 		lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "%s (SSL error %d)" ),ERR_reason_error_string(message->error),message->error);
 		lib3270_write_log(hSession,"SSL-CRL-GET","%s",formatted_error);
  
-		if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
+		if(popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
 			return rc;
 	}
 	else
 	{
-		if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,""))
+		if(popup_ssl_error(hSession,rc,message->title,message->text,""))
 			return rc;
 	}
  
@@ -69,6 +69,7 @@
 	#undef SSL_ENABLE_CRL_CHECK
 	#undef SSL_ENABLE_CRL_EXPIRATION_CHECK
 	#undef SSL_DEFAULT_CRL_URL
+	#undef SSL_ENABLE_NOTIFICATION_WHEN_FAILED
  
 	/* Optional parts. */
 	#undef X3270_DBCS
@@ -809,6 +809,12 @@ LIB3270_INTERNAL int	non_blocking(H3270 *session, Boolean on);
 	 */
 	LIB3270_INTERNAL int ssl_3270_ex_index;
  
+	/**
+	 * @brief Emit popup on ssl error.
+	 *
+	 */
+	LIB3270_INTERNAL int popup_ssl_error(H3270 *session, int rc, const char *title, const char *summary, const char *body);
+
 	#ifdef SSL_ENABLE_CRL_CHECK
 		LIB3270_INTERNAL X509_CRL * lib3270_get_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, const char *url);
 	#endif // SSL_ENABLE_CRL_CHECK
@@ -292,9 +292,9 @@ int ssl_negotiate(H3270 *hSession)
 		int abort = -1;
  
 		if(msg.description)
-			abort = hSession->cbk.popup_ssl_error(hSession,rc,msg.title,msg.text,msg.description);
+			abort = popup_ssl_error(hSession,rc,msg.title,msg.text,msg.description);
 		else
-			abort = hSession->cbk.popup_ssl_error(hSession,rc,msg.title,msg.text,ERR_reason_error_string(msg.error));
+			abort = popup_ssl_error(hSession,rc,msg.title,msg.text,ERR_reason_error_string(msg.error));
  
 		if(abort)
 		{
@@ -434,3 +434,35 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
  
 #endif /*]*/
  
+int popup_ssl_error(H3270 *hSession, int rc, const char *title, const char *summary, const char *body)
+{
+#ifdef SSL_ENABLE_NOTIFICATION_WHEN_FAILED
+
+	lib3270_write_log(hSession, "SSL", "%s", summary );
+	return hSession->cbk.popup_ssl_error(hSession,rc,title,summary,body);
+
+#else
+
+	lib3270_autoptr(char) message = NULL;
+
+	if(body && *body)
+		message = lib3270_strdup_printf("%s - rc=%d",body,rc);
+	else if(rc)
+		message = lib3270_strdup_printf("%s (rc=%d)",strerror(rc),rc);
+	else
+		message = lib3270_strdup_printf("rc=%d",rc);
+
+	lib3270_write_log(
+		hSession,
+		"SSL",
+		"%s - %s - %s",
+			title,
+			summary,
+			message
+	);
+
+
+	return 0;
+#endif // SSL_ENABLE_NOTIFICATION_WHEN_FAILED
+
+}
...	...	@@ -398,6 +398,20 @@ AC_ARG_WITH([default-crl-url],
398	398	AC_MSG_NOTICE(No default crl url)
399	399	])
400	400
	401	+AC_ARG_ENABLE([ssl-error-notification],
	402	+ [AS_HELP_STRING([--disable-ssl-error-notification], [Disable notifications when the security negotiation fails])],
	403	+[
	404	+ app_cv_enable_ssl_notification="$enableval"
	405	+],[
	406	+ app_cv_enable_ssl_notification="yes"
	407	+])
	408	+
	409	+if test "$app_cv_enable_ssl_notification" == "yes"; then
	410	+ AC_DEFINE(SSL_ENABLE_NOTIFICATION_WHEN_FAILED)
	411	+else
	412	+ AC_MSG_NOTICE(No notifications when SSL negotiation fails)
	413	+fi
	414	+
401	415	dnl ---------------------------------------------------------------------------
402	416	dnl Check for pic
403	417	dnl ---------------------------------------------------------------------------
...	...
...	...	@@ -151,9 +151,7 @@ static int notify_crl_error(H3270 hSession, int rc, const SSL_ERROR_MESSAGE me
151	151
152	152	if(message->description)
153	153	{
154		- lib3270_write_log(hSession,"SSL-CRL-GET","%s",message->description);
155		-
156		- if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,message->description))
	154	+ if(popup_ssl_error(hSession,rc,message->title,message->text,message->description))
157	155	return rc;
158	156	}
159	157	#ifdef _WIN32
...	...	@@ -162,9 +160,7 @@ static int notify_crl_error(H3270 hSession, int rc, const SSL_ERROR_MESSAGE me
162	160	lib3270_autoptr(char) windows_error = lib3270_win32_translate_error_code(message->lasterror);
163	161	lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "Windows error was \"%s\" (%u)" ), windows_error,(unsigned int) message->lasterror);
164	162
165		- lib3270_write_log(hSession,"SSL-CRL-GET","%s (lasterror=%u - %s)",message->text,(unsigned int) message->lasterror, windows_error);
166		-
167		- if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
	163	+ if(popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
168	164	return rc;
169	165
170	166	}
...	...	@@ -174,12 +170,12 @@ static int notify_crl_error(H3270 hSession, int rc, const SSL_ERROR_MESSAGE me
174	170	lib3270_autoptr(char) formatted_error = lib3270_strdup_printf(_( "%s (SSL error %d)" ),ERR_reason_error_string(message->error),message->error);
175	171	lib3270_write_log(hSession,"SSL-CRL-GET","%s",formatted_error);
176	172
177		- if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
	173	+ if(popup_ssl_error(hSession,rc,message->title,message->text,formatted_error))
178	174	return rc;
179	175	}
180	176	else
181	177	{
182		- if(hSession->cbk.popup_ssl_error(hSession,rc,message->title,message->text,""))
	178	+ if(popup_ssl_error(hSession,rc,message->title,message->text,""))
183	179	return rc;
184	180	}
185	181
...	...
...	...	@@ -69,6 +69,7 @@
69	69	#undef SSL_ENABLE_CRL_CHECK
70	70	#undef SSL_ENABLE_CRL_EXPIRATION_CHECK
71	71	#undef SSL_DEFAULT_CRL_URL
	72	+ #undef SSL_ENABLE_NOTIFICATION_WHEN_FAILED
72	73
73	74	/* Optional parts. */
74	75	#undef X3270_DBCS
...	...
...	...	@@ -809,6 +809,12 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on);
809	809	*/
810	810	LIB3270_INTERNAL int ssl_3270_ex_index;
811	811
	812	+ /**
	813	+ * @brief Emit popup on ssl error.
	814	+ *
	815	+ */
	816	+ LIB3270_INTERNAL int popup_ssl_error(H3270 session, int rc, const char title, const char summary, const char body);
	817	+
812	818	#ifdef SSL_ENABLE_CRL_CHECK
813	819	LIB3270_INTERNAL X509_CRL * lib3270_get_crl(H3270 hSession, SSL_ERROR_MESSAGE message, const char *url);
814	820	#endif // SSL_ENABLE_CRL_CHECK
...	...
...	...	@@ -292,9 +292,9 @@ int ssl_negotiate(H3270 *hSession)
292	292	int abort = -1;
293	293
294	294	if(msg.description)
295		- abort = hSession->cbk.popup_ssl_error(hSession,rc,msg.title,msg.text,msg.description);
	295	+ abort = popup_ssl_error(hSession,rc,msg.title,msg.text,msg.description);
296	296	else
297		- abort = hSession->cbk.popup_ssl_error(hSession,rc,msg.title,msg.text,ERR_reason_error_string(msg.error));
	297	+ abort = popup_ssl_error(hSession,rc,msg.title,msg.text,ERR_reason_error_string(msg.error));
298	298
299	299	if(abort)
300	300	{
...	...	@@ -434,3 +434,35 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
434	434
435	435	#endif /]/
436	436
	437	+int popup_ssl_error(H3270 hSession, int rc, const char title, const char summary, const char body)
	438	+{
	439	+#ifdef SSL_ENABLE_NOTIFICATION_WHEN_FAILED
	440	+
	441	+ lib3270_write_log(hSession, "SSL", "%s", summary );
	442	+ return hSession->cbk.popup_ssl_error(hSession,rc,title,summary,body);
	443	+
	444	+#else
	445	+
	446	+ lib3270_autoptr(char) message = NULL;
	447	+
	448	+ if(body && *body)
	449	+ message = lib3270_strdup_printf("%s - rc=%d",body,rc);
	450	+ else if(rc)
	451	+ message = lib3270_strdup_printf("%s (rc=%d)",strerror(rc),rc);
	452	+ else
	453	+ message = lib3270_strdup_printf("rc=%d",rc);
	454	+
	455	+ lib3270_write_log(
	456	+ hSession,
	457	+ "SSL",
	458	+ "%s - %s - %s",
	459	+ title,
	460	+ summary,
	461	+ message
	462	+ );
	463	+
	464	+
	465	+ return 0;
	466	+#endif // SSL_ENABLE_NOTIFICATION_WHEN_FAILED
	467	+
	468	+}
...	...