Commit c81751fa776626ae0c13d991953dbc85a2f324f9
1 parent
a6f48ae7
Exists in
master
Incluindo teste de certificado na versão 4
Showing
7 changed files
with
50 additions
and
45 deletions
Show diff stats
bootstrap.sh
src/gtk2/gui.h
src/gtk2/oia.c
| ... | ... | @@ -100,7 +100,7 @@ |
| 100 | 100 | /*---[ Statics ]------------------------------------------------------------------------------------------------*/ |
| 101 | 101 | |
| 102 | 102 | #ifdef ENABLE_BM_PIXMAPS |
| 103 | - static GdkPixmap * pixmap_oia[OIA_PIXMAP_COUNT] = { NULL, NULL}; | |
| 103 | + static GdkPixmap * pixmap_oia[OIA_PIXMAP_COUNT] = { NULL, NULL, NULL}; | |
| 104 | 104 | #endif // ENABLE_BM_PIXMAPS |
| 105 | 105 | |
| 106 | 106 | #define OIAROW (view.top+4+(terminal_font_info.spacing*view.rows)) |
| ... | ... | @@ -153,12 +153,6 @@ |
| 153 | 153 | |
| 154 | 154 | /*---[ Implement ]----------------------------------------------------------------------------------------------*/ |
| 155 | 155 | |
| 156 | -/* | |
| 157 | - static void dunno(cairo_t *cr, GdkGC *gc, GdkRectangle *r) | |
| 158 | - { | |
| 159 | - } | |
| 160 | -*/ | |
| 161 | - | |
| 162 | 156 | void update_oia(void) |
| 163 | 157 | { |
| 164 | 158 | if(valid_terminal_window()) |
| ... | ... | @@ -481,6 +475,7 @@ |
| 481 | 475 | return ret; |
| 482 | 476 | |
| 483 | 477 | } |
| 478 | + | |
| 484 | 479 | #endif // ENABLE_BM_PIXMAPS |
| 485 | 480 | |
| 486 | 481 | static void oia_draw_ssl_state(cairo_t *cr, GdkGC *gc, GdkRectangle *r) |
| ... | ... | @@ -534,6 +529,7 @@ |
| 534 | 529 | |
| 535 | 530 | #include "locked.bm" |
| 536 | 531 | #include "unlocked.bm" |
| 532 | + #include "warning.bm" | |
| 537 | 533 | |
| 538 | 534 | static const struct _imagedata |
| 539 | 535 | { |
| ... | ... | @@ -544,10 +540,13 @@ |
| 544 | 540 | { |
| 545 | 541 | { locked_bits, locked_width, locked_height }, |
| 546 | 542 | { unlocked_bits, unlocked_width, unlocked_height }, |
| 543 | + { warning_bits, warning_width, warning_height }, | |
| 547 | 544 | |
| 548 | 545 | }; |
| 549 | 546 | |
| 550 | 547 | int idx = query_secure_connection(hSession) ? OIA_PIXMAP_LOCKED : OIA_PIXMAP_UNLOCKED; |
| 548 | + int color = TERMINAL_COLOR_OIA_SSL_STATE; | |
| 549 | + | |
| 551 | 550 | |
| 552 | 551 | r->x = (r->width - (46*terminal_font_info.width))+1; |
| 553 | 552 | r->y++; |
| ... | ... | @@ -556,8 +555,14 @@ |
| 556 | 555 | |
| 557 | 556 | oia_clear_icon(cr,r); |
| 558 | 557 | |
| 558 | + if(!query_ssl_cert_check_status(hSession)) | |
| 559 | + { | |
| 560 | + idx = OIA_PIXMAP_WARNING; | |
| 561 | + color = TERMINAL_COLOR_OIA_STATUS_WARNING; | |
| 562 | + } | |
| 563 | + | |
| 559 | 564 | if(!pixmap_oia[idx]) |
| 560 | - pixmap_oia[idx] = oia_create_scaled_pixmap(r,gc,imagedata[idx].data,imagedata[idx].width,imagedata[idx].height,TERMINAL_COLOR_OIA_SSL_STATE); | |
| 565 | + pixmap_oia[idx] = oia_create_scaled_pixmap(r,gc,imagedata[idx].data,imagedata[idx].width,imagedata[idx].height,color); | |
| 561 | 566 | |
| 562 | 567 | gdk_cairo_set_source_pixmap(cr, pixmap_oia[idx], r->x, r->y); |
| 563 | 568 | gdk_cairo_rectangle(cr,r); |
| ... | ... | @@ -959,7 +964,7 @@ |
| 959 | 964 | #ifdef ENABLE_BM_PIXMAPS |
| 960 | 965 | int f; |
| 961 | 966 | |
| 962 | - for(f=0;f<OIA_PIXMAP_COUNT;f++) | |
| 967 | + for(f=0;f<G_N_ELEMENTS(pixmap_oia);f++) | |
| 963 | 968 | { |
| 964 | 969 | if(pixmap_oia[f]) |
| 965 | 970 | { | ... | ... |
| ... | ... | @@ -0,0 +1,6 @@ |
| 1 | +#define warning_width 16 | |
| 2 | +#define warning_height 14 | |
| 3 | +static unsigned char warning_bits[] = { | |
| 4 | + 0xe0, 0x07, 0x10, 0x08, 0xc8, 0x13, 0x28, 0x14, 0x28, 0x14, 0x28, 0x14, | |
| 5 | + 0xfc, 0x3f, 0x04, 0x20, 0x04, 0x20, 0x04, 0x20, 0x04, 0x20, 0x04, 0x20, | |
| 6 | + 0x04, 0x20, 0xfc, 0x3f }; | ... | ... |
src/include/lib3270.h
src/include/lib3270/api.h
| ... | ... | @@ -194,6 +194,7 @@ |
| 194 | 194 | |
| 195 | 195 | // Connection info |
| 196 | 196 | int secure_connection; |
| 197 | + int valid_certificate; | |
| 197 | 198 | int sock; /**< Network socket */ |
| 198 | 199 | int net_sock; |
| 199 | 200 | LIB3270_CSTATE cstate; /**< Connection state */ |
| ... | ... | @@ -565,6 +566,7 @@ |
| 565 | 566 | LIB3270_EXPORT void screen_size(int *rows, int *cols); |
| 566 | 567 | |
| 567 | 568 | #define query_secure_connection(h) lib3270_get_ssl_state(h) |
| 569 | + #define query_ssl_cert_check_status(h) lib3270_get_ssl_cert_state(h) | |
| 568 | 570 | #define lib3270_paste_string(str) lib3270_set_string(NULL,str) |
| 569 | 571 | #define get_3270_terminal_size(h,r,c) lib3270_get_screen_size(h,r,c) |
| 570 | 572 | ... | ... |
src/lib/telnet.c
| ... | ... | @@ -570,15 +570,6 @@ int net_connect(const char *host, char *portname, Boolean ls, Boolean *resolving |
| 570 | 570 | #endif /*]*/ |
| 571 | 571 | |
| 572 | 572 | /* set the socket to be non-delaying */ |
| 573 | -/* | |
| 574 | -#if defined(_WIN32) | |
| 575 | - if (non_blocking(False) < 0) | |
| 576 | -#else | |
| 577 | - if (non_blocking(True) < 0) | |
| 578 | -#endif | |
| 579 | - close_fail; | |
| 580 | -*/ | |
| 581 | - | |
| 582 | 573 | if (non_blocking(False) < 0) |
| 583 | 574 | close_fail; |
| 584 | 575 | |
| ... | ... | @@ -608,31 +599,6 @@ int net_connect(const char *host, char *portname, Boolean ls, Boolean *resolving |
| 608 | 599 | net_connected(&h3270); |
| 609 | 600 | } |
| 610 | 601 | |
| 611 | -/* | |
| 612 | - if (connect(h3270.sock, &haddr.sa, ha_len) == -1) { | |
| 613 | - | |
| 614 | - Trace("Connect failed: %s (rc=%d)",strerror(socket_errno()),socket_errno()); | |
| 615 | - | |
| 616 | - if (socket_errno() == SE_EWOULDBLOCK | |
| 617 | -#if defined(SE_EINPROGRESS) | |
| 618 | - || socket_errno() == SE_EINPROGRESS | |
| 619 | -#endif | |
| 620 | - ) { | |
| 621 | - trace_dsn("Connection pending.\n"); | |
| 622 | - *pending = True; | |
| 623 | -#if !defined(_WIN32) | |
| 624 | - output_id = AddOutput(h3270.sock, &h3270, output_possible); | |
| 625 | -#endif | |
| 626 | - } else { | |
| 627 | - popup_a_sockerr( N_( "Can't connect to %s:%d" ),h3270.hostname, h3270.current_port); | |
| 628 | - close_fail; | |
| 629 | - } | |
| 630 | - } else { | |
| 631 | - if (non_blocking(False) < 0) | |
| 632 | - close_fail; | |
| 633 | - net_connected(&h3270); | |
| 634 | - } | |
| 635 | -*/ | |
| 636 | 602 | |
| 637 | 603 | /* set up temporary termtype */ |
| 638 | 604 | if (appres.termname == CN && h3270.std_ds_host) { |
| ... | ... | @@ -758,7 +724,18 @@ static void net_connected(H3270 *session) |
| 758 | 724 | return; |
| 759 | 725 | } |
| 760 | 726 | session->secure_connection = True; |
| 761 | - trace_dsn("TLS/SSL tunneled connection complete. Connection is now secure.\n"); | |
| 727 | + | |
| 728 | + if(SSL_get_verify_result(ssl_con)) | |
| 729 | + { | |
| 730 | + trace_dsn("TLS/SSL tunneled connection complete. X509 certificate verification failed.\n"); | |
| 731 | + session->valid_certificate = False; | |
| 732 | + } | |
| 733 | + else | |
| 734 | + { | |
| 735 | + trace_dsn("TLS/SSL tunneled connection complete. Connection is now secure.\n"); | |
| 736 | + session->valid_certificate = True; | |
| 737 | + | |
| 738 | + } | |
| 762 | 739 | |
| 763 | 740 | /* Tell everyone else again. */ |
| 764 | 741 | host_connected(session); |
| ... | ... | @@ -863,6 +840,7 @@ net_disconnect(void) |
| 863 | 840 | ssl_con = NULL; |
| 864 | 841 | } |
| 865 | 842 | h3270.secure_connection = False; |
| 843 | + h3270.valid_certificate = False; | |
| 866 | 844 | #endif /*]*/ |
| 867 | 845 | if (CONNECTED) |
| 868 | 846 | (void) shutdown(h3270.sock, 2); |
| ... | ... | @@ -3406,6 +3384,17 @@ LIB3270_EXPORT int lib3270_get_ssl_state(H3270 *h) |
| 3406 | 3384 | #endif |
| 3407 | 3385 | } |
| 3408 | 3386 | |
| 3387 | +LIB3270_EXPORT int lib3270_get_ssl_cert_state(H3270 *h) | |
| 3388 | +{ | |
| 3389 | + CHECK_SESSION_HANDLE(h); | |
| 3390 | + | |
| 3391 | +#if defined(HAVE_LIBSSL) | |
| 3392 | + return (h->valid_certificate != 0); | |
| 3393 | +#else | |
| 3394 | + return 0; | |
| 3395 | +#endif | |
| 3396 | +} | |
| 3397 | + | |
| 3409 | 3398 | int Get3270Socket(void) |
| 3410 | 3399 | { |
| 3411 | 3400 | return h3270.sock; | ... | ... |