Download as
Browse Code »

Commit ddf48c522b973ee8363e5f3ef56fcb42c62073d5

Authored by Perry Werneck
1 parent 4d11746a
Exists in master and in 3 other branches develop, macos, network_module

Adding property to enable/disable the CRL download.

Showing 3 changed files with 36 additions and 0 deletions   Show diff stats
src/core/properties/boolean.c
  Diff comments   View file @ddf48c5
@@ -52,11 +52,21 @@ @@ -52,11 +52,21 @@
52 hSession->ssl.crl.download = enabled ? 1 : 0; 52 hSession->ssl.crl.download = enabled ? 1 : 0;
53 return 0; 53 return 0;
54 } 54 }
  55 +
  56 +LIB3270_EXPORT int lib3270_ssl_get_crl_download(const H3270 *hSession)
  57 +{
  58 + return hSession->ssl.crl.download;
  59 +}
55 #else 60 #else
56 LIB3270_EXPORT int lib3270_ssl_set_crl_download(H3270 GNUC_UNUSED(*hSession), int GNUC_UNUSED(enabled)) 61 LIB3270_EXPORT int lib3270_ssl_set_crl_download(H3270 GNUC_UNUSED(*hSession), int GNUC_UNUSED(enabled))
57 { 62 {
58 return errno = ENOTSUP; 63 return errno = ENOTSUP;
59 } 64 }
  65 +
  66 + LIB3270_EXPORT int lib3270_ssl_get_crl_download(H3270 GNUC_UNUSED(*hSession))
  67 + {
  68 + return 0;
  69 + }
60 #endif // SSL_ENABLE_CRL_CHECK 70 #endif // SSL_ENABLE_CRL_CHECK
61 71
62 const LIB3270_INT_PROPERTY * lib3270_get_boolean_properties_list(void) 72 const LIB3270_INT_PROPERTY * lib3270_get_boolean_properties_list(void)
@@ -199,6 +209,13 @@ @@ -199,6 +209,13 @@
199 }, 209 },
200 210
201 { 211 {
  212 + .name = "crlget", // Property name.
  213 + .description = N_( "Non zero if the download of CRL is enabled" ), // Property description.
  214 + .get = lib3270_ssl_get_crl_download, // Get value.
  215 + .set = lib3270_ssl_set_crl_download // Set value.
  216 + },
  217 +
  218 + {
202 .name = NULL, 219 .name = NULL,
203 .description = NULL, 220 .description = NULL,
204 .get = NULL, 221 .get = NULL,
src/include/lib3270/properties.h
  Diff comments   View file @ddf48c5
@@ -225,6 +225,8 @@ @@ -225,6 +225,8 @@
225 */ 225 */
226 LIB3270_EXPORT int lib3270_ssl_set_crl_download(H3270 *hSession, int enabled); 226 LIB3270_EXPORT int lib3270_ssl_set_crl_download(H3270 *hSession, int enabled);
227 227
  228 + LIB3270_EXPORT int lib3270_ssl_get_crl_download(const H3270 *hSession);
  229 +
228 /** 230 /**
229 * @brief Get lib3270 version info. 231 * @brief Get lib3270 version info.
230 * 232 *
src/ssl/negotiate.c
  Diff comments   View file @ddf48c5
@@ -57,6 +57,7 @@ @@ -57,6 +57,7 @@
57 #include <lib3270/trace.h> 57 #include <lib3270/trace.h>
58 #include <lib3270/log.h> 58 #include <lib3270/log.h>
59 #include <lib3270/toggle.h> 59 #include <lib3270/toggle.h>
  60 +#include <lib3270/properties.h>
60 #include "hostc.h" // host_disconnect 61 #include "hostc.h" // host_disconnect
61 #include "trace_dsc.h" 62 #include "trace_dsc.h"
62 63
@@ -412,6 +413,22 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) @@ -412,6 +413,22 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
412 break; 413 break;
413 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK 414 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK
414 415
  416 + case X509_V_ERR_UNABLE_TO_GET_CRL:
  417 +
  418 + trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->body);
  419 +
  420 + ((SSL_ERROR_MESSAGE *) message)->popup = (LIB3270_POPUP *) msg;
  421 +
  422 + debug("message: %s",((SSL_ERROR_MESSAGE *) message)->popup->summary);
  423 + debug("description: %s",((SSL_ERROR_MESSAGE *) message)->popup->body);
  424 +
  425 + set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED);
  426 +
  427 + if(msg->type == LIB3270_NOTIFY_ERROR && lib3270_ssl_get_crl_download(hSession))
  428 + return EACCES;
  429 +
  430 + break;
  431 +
415 default: 432 default:
416 trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->body); 433 trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->body);
417 434