gftp.yaz: lib/sslcommon.c annotate

annotate lib/sslcommon.c @ 858:10e2ce91e26c

2006-11-30 Brian Masney <masneyb@gftp.org> * lib/rfc959.c lib/sshv2.c src/uicommon/gftpui.c - don't abort the entire file transfer if there is a permission denied at some point during the file transfer. Give the user an error at the very end if there were any errors. (closes #328550)

author	masneyb
date	Fri, 01 Dec 2006 00:57:50 +0000
parents	4ad80d524dda
children	1808cebed602

rev	line source
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	1 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	2 /* sslcommon.c - interface to OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	3 /* Copyright (C) 1998-2003 Brian Masney <masneyb@gftp.org> */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	4 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	5 /* This program is free software; you can redistribute it and/or modify */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	6 /* it under the terms of the GNU General Public License as published by */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	7 /* the Free Software Foundation; either version 2 of the License, or */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	8 /* (at your option) any later version. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	9 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	10 /* This program is distributed in the hope that it will be useful, */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	11 /* but WITHOUT ANY WARRANTY; without even the implied warranty of */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	12 /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	13 /* GNU General Public License for more details. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	14 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	15 /* You should have received a copy of the GNU General Public License */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	16 /* along with this program; if not, write to the Free Software */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	17 /* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111 USA */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	18 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	19
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	20 #include "gftp.h"
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	21
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	22 static const char cvsid[] = "$Id$";
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	23
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	24 /* Some of the functions in here was taken either entirely or partially from
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	25 * the O'Reilly book Network Security with OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	26
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	27 #ifdef USE_SSL
d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	28
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	29 static gftp_config_vars config_vars[] =
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	30 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	31 {"", N_("SSL Engine"), gftp_option_type_notebook, NULL, NULL, 0, NULL,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	32 GFTP_PORT_GTK, NULL},
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	33
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	34 {"entropy_source", N_("SSL Entropy File:"),
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	35 gftp_option_type_text, "/dev/urandom", NULL, 0,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	36 N_("SSL entropy file"), GFTP_PORT_ALL, 0},
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	37 {"entropy_len", N_("Entropy Seed Length:"),
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	38 gftp_option_type_int, GINT_TO_POINTER(1024), NULL, 0,
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	39 N_("The maximum number of bytes to seed the SSL engine with"),
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	40 GFTP_PORT_ALL, 0},
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	41 {"verify_ssl_peer", N_("Verify SSL Peer"),
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	42 gftp_option_type_checkbox, GINT_TO_POINTER(1), NULL, 0,
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	43 N_("Verify SSL Peer"), GFTP_PORT_ALL, NULL},
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	44
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	45 {NULL, NULL, 0, NULL, NULL, 0, NULL, 0, NULL}
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	46 };
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	47
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	48 static GMutex ** gftp_ssl_mutexes = NULL;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	49 static volatile int gftp_ssl_initialized = 0;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	50 static SSL_CTX * ctx = NULL;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	51
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	52 struct CRYPTO_dynlock_value
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	53 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	54 GMutex * mutex;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	55 };
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	56
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	57
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	58 void
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	59 ssl_register_module (void)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	60 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	61 static volatile int module_registered = 0;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	62
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	63 if (!module_registered)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	64 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	65 gftp_register_config_vars (config_vars);
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	66 module_registered = 1;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	67 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	68 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	69
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	70
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	71 static int
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	72 gftp_ssl_get_index (void)
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	73 {
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	74 static volatile int index = -1;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	75
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	76 if (index < 0)
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	77 index = SSL_get_ex_new_index (0, gftp_version, NULL, NULL, NULL);
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	78
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	79 return index;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	80 }
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	81
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	82
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	83 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	84 gftp_ssl_verify_callback (int ok, X509_STORE_CTX *store)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	85 {
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	86 char issuer[256], subject[256];
431 593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	87 intptr_t verify_ssl_peer;
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	88 gftp_request * request;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	89 SSL * ssl;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	90
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	91 ssl = X509_STORE_CTX_get_ex_data (store, SSL_get_ex_data_X509_STORE_CTX_idx ());
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	92 request = SSL_get_ex_data (ssl, gftp_ssl_get_index ());
431 593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	93 gftp_lookup_request_option (request, "verify_ssl_peer", &verify_ssl_peer);
593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	94
593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	95 if (!verify_ssl_peer)
593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	96 ok = 1;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	97
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	98 if (!ok)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	99 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	100 X509 *cert = X509_STORE_CTX_get_current_cert (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	101 int depth = X509_STORE_CTX_get_error_depth (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	102 int err = X509_STORE_CTX_get_error (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	103
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	104 X509_NAME_oneline (X509_get_issuer_name (cert), issuer, sizeof (issuer));
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	105 X509_NAME_oneline (X509_get_subject_name (cert), subject, sizeof (subject));
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	106 request->logging_function (gftp_logging_error, request,
13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	107 _("Error with certificate at depth: %i\nIssuer = %s\nSubject = %s\nError %i:%s\n"),
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	108 depth, issuer, subject, err,
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	109 X509_verify_cert_error_string (err));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	110 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	111
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	112 return ok;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	113 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	114
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	115
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	116 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	117 gftp_ssl_post_connection_check (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	118 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	119 char data[256], *extstr;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	120 int extcount, ok, i, j;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	121 X509_EXTENSION *ext;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	122 X509_NAME *subj;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	123 X509 *cert;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	124
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	125 ok = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	126 if (!(cert = SSL_get_peer_certificate (request->ssl)))
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	127 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	128 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	129 _("Cannot get peer certificate\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	130 return (X509_V_ERR_APPLICATION_VERIFICATION);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	131 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	132
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	133 if ((extcount = X509_get_ext_count (cert)) > 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	134 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	135 for (i = 0; i < extcount; i++)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	136 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	137 ext = X509_get_ext (cert, i);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	138 extstr = (char *) OBJ_nid2sn (OBJ_obj2nid (X509_EXTENSION_get_object (ext)));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	139
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	140 if (strcmp (extstr, "subjectAltName") == 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	141 {
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	142 unsigned char *data;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	143 STACK_OF(CONF_VALUE) *val;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	144 CONF_VALUE *nval;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	145 X509V3_EXT_METHOD *meth;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	146 void *ext_str = NULL;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	147
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	148 if (!(meth = X509V3_EXT_get (ext)))
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	149 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	150
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	151 data = ext->value->data;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	152
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	153 #if (OPENSSL_VERSION_NUMBER > 0x00907000L)
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	154 if (meth->it)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	155 ext_str = ASN1_item_d2i (NULL, &data, ext->value->length,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	156 ASN1_ITEM_ptr (meth->it));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	157 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	158 ext_str = meth->d2i (NULL, &data, ext->value->length);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	159 #else
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	160 ext_str = meth->d2i(NULL, &data, ext->value->length);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	161 #endif
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	162 val = meth->i2v(meth, ext_str, NULL);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	163
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	164 for (j = 0; j < sk_CONF_VALUE_num(val); j++)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	165 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	166 nval = sk_CONF_VALUE_value (val, j);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	167 if (strcmp (nval->name, "DNS") == 0 &&
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	168 strcmp (nval->value, request->hostname) == 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	169 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	170 ok = 1;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	171 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	172 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	173 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	174 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	175
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	176 if (ok)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	177 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	178 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	179 }
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	180
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	181 if (!ok && (subj = X509_get_subject_name (cert)) &&
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	182 X509_NAME_get_text_by_NID (subj, NID_commonName, data, 256) > 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	183 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	184 data[sizeof (data) - 1] = '\0';
769 4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	185 /* Check for wildcard CN (must begin with .) /
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	186 if (strncmp (data, "*.", 2) == 0)
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	187 {
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	188 size_t hostname_len = strlen (data) - 1;
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	189 if (strlen (request->hostname) > hostname_len &&
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	190 strcasecmp (&(data[1]), &(request->hostname[strlen (request->hostname) - hostname_len])) == 0)
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	191 ok = 1;
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	192 }
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	193 else if (strcasecmp (data, request->hostname) == 0)
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	194 ok = 1;
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	195
4ad80d524dda 2006-7-19 Brian Masney <masneyb@gftp.org> masneyb parents: 546 diff changeset	196 if (!ok)
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	197 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	198 request->logging_function (gftp_logging_error, request,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	199 _("ERROR: The host in the SSL certificate (%s) does not match the host that we connected to (%s). Aborting connection.\n"),
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	200 data, request->hostname);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	201 X509_free (cert);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	202 return (X509_V_ERR_APPLICATION_VERIFICATION);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	203 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	204 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	205
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	206 X509_free (cert);
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	207
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	208 return (SSL_get_verify_result(request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	209 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	210
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	211
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	212 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	213 _gftp_ssl_locking_function (int mode, int n, const char * file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	214 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	215 if (mode & CRYPTO_LOCK)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	216 g_mutex_lock (gftp_ssl_mutexes[n]);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	217 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	218 g_mutex_unlock (gftp_ssl_mutexes[n]);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	219 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	220
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	221
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	222 static unsigned long
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	223 _gftp_ssl_id_function (void)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	224 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	225 #if GLIB_MAJOR_VERSION > 1
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	226 return ((unsigned long) g_thread_self ());
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	227 #else
210 82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	228 /* FIXME _ call pthread version. Once this is done, the #ifdef below can be
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	229 removed */
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	230 return (0);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	231 #endif
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	232 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	233
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	234
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	235 static struct CRYPTO_dynlock_value *
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	236 _gftp_ssl_create_dyn_mutex (const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	237 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	238 struct CRYPTO_dynlock_value *value;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	239
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	240 value = g_malloc (sizeof (*value));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	241 value->mutex = g_mutex_new ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	242 return (value);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	243 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	244
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	245
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	246 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	247 _gftp_ssl_dyn_mutex_lock (int mode, struct CRYPTO_dynlock_value *l,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	248 const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	249 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	250 if (mode & CRYPTO_LOCK)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	251 g_mutex_lock (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	252 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	253 g_mutex_unlock (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	254 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	255
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	256
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	257 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	258 _gftp_ssl_destroy_dyn_mutex (struct CRYPTO_dynlock_value *l,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	259 const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	260 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	261 g_mutex_free (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	262 g_free (l);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	263 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	264
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	265
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	266 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	267 _gftp_ssl_thread_setup (void)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	268 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	269 int i;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	270
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	271 #if G_MAJOR_VERSION == 1
210 82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	272 /* Thread setup isn't supported in glib 1.2 yet */
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	273 return;
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	274 #endif
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	275
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	276 gftp_ssl_mutexes = g_malloc (CRYPTO_num_locks( ) * sizeof (*gftp_ssl_mutexes));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	277
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	278 for (i = 0; i < CRYPTO_num_locks ( ); i++)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	279 gftp_ssl_mutexes[i] = g_mutex_new ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	280
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	281 CRYPTO_set_id_callback (_gftp_ssl_id_function);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	282 CRYPTO_set_locking_callback (_gftp_ssl_locking_function);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	283 CRYPTO_set_dynlock_create_callback (_gftp_ssl_create_dyn_mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	284 CRYPTO_set_dynlock_lock_callback (_gftp_ssl_dyn_mutex_lock);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	285 CRYPTO_set_dynlock_destroy_callback (_gftp_ssl_destroy_dyn_mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	286 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	287
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	288
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	289 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	290 gftp_ssl_startup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	291 {
431 593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	292 intptr_t entropy_len;
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	293 char *entropy_source;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	294
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	295 if (gftp_ssl_initialized)
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	296 return (0);
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	297
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	298 gftp_ssl_initialized = 1;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	299
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	300 if (g_thread_supported ())
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	301 _gftp_ssl_thread_setup ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	302
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	303 if (!SSL_library_init ())
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	304 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	305 request->logging_function (gftp_logging_error, request,
460 075f89b4395c 2004-4-14 Brian Masney <masneyb@gftp.org> masneyb parents: 431 diff changeset	306 _("Cannot initialize the OpenSSL library\n"));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	307 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	308 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	309
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	310 SSL_load_error_strings ();
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	311
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	312 gftp_lookup_request_option (request, "entropy_source", &entropy_source);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	313 gftp_lookup_request_option (request, "entropy_len", &entropy_len);
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	314 RAND_load_file (entropy_source, entropy_len);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	315
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	316 ctx = SSL_CTX_new (SSLv23_method ());
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	317
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	318 if (SSL_CTX_set_default_verify_paths (ctx) != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	319 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	320 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	321 _("Error loading default SSL certificates\n"));
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	322 return (GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	323 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	324
431 593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	325 SSL_CTX_set_verify (ctx, SSL_VERIFY_PEER, gftp_ssl_verify_callback);
593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	326 SSL_CTX_set_verify_depth (ctx, 9);
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	327
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	328 SSL_CTX_set_options (ctx, SSL_OP_ALL\|SSL_OP_NO_SSLv2);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	329
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	330 if (SSL_CTX_set_cipher_list (ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH") != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	331 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	332 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	333 _("Error setting cipher list (no valid ciphers)\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	334 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	335 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	336
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	337 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	338 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	339
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	340
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	341 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	342 gftp_ssl_session_setup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	343 {
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	344 intptr_t verify_ssl_peer;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	345 BIO * bio;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	346 long ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	347
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	348 g_return_val_if_fail (request->datafd > 0, GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	349
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	350 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	351 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	352 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	353 _("Error: SSL engine was not initialized\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	354 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	355 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	356 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	357
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	358 /* FIXME - take this out. I need to find out how to do timeouts with the SSL
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	359 functions (a select() or poll() like function) */
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	360
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	361 if (gftp_fd_set_sockblocking (request, request->datafd, 0) < 0)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	362 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	363 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	364 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	365 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	366
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	367 if ((bio = BIO_new (BIO_s_socket ())) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	368 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	369 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	370 _("Error setting up SSL connection (BIO object)\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	371 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	372 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	373 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	374
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	375 BIO_set_fd (bio, request->datafd, BIO_NOCLOSE);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	376
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	377 if ((request->ssl = SSL_new (ctx)) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	378 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	379 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	380 _("Error setting up SSL connection (SSL object)\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	381 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	382 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	383 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	384
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	385 SSL_set_bio (request->ssl, bio, bio);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	386 SSL_set_ex_data (request->ssl, gftp_ssl_get_index (), request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	387
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	388 if (SSL_connect (request->ssl) <= 0)
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	389 {
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	390 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	391 return (GFTP_EFATAL);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	392 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	393
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	394 gftp_lookup_request_option (request, "verify_ssl_peer", &verify_ssl_peer);
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	395
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	396 if (verify_ssl_peer &&
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	397 (ret = gftp_ssl_post_connection_check (request)) != X509_V_OK)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	398 {
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	399 if (ret != X509_V_ERR_APPLICATION_VERIFICATION)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	400 request->logging_function (gftp_logging_error, request,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	401 _("Error with peer certificate: %s\n"),
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	402 X509_verify_cert_error_string (ret));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	403 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	404 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	405 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	406
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	407 request->logging_function (gftp_logging_misc, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	408 "SSL connection established using %s (%s)\n",
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	409 SSL_get_cipher_version (request->ssl),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	410 SSL_get_cipher_name (request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	411
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	412 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	413 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	414
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	415
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	416 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	417 gftp_ssl_read (gftp_request * request, void *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	418 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	419 ssize_t ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	420 int err;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	421
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	422 g_return_val_if_fail (request->ssl != NULL, GFTP_EFATAL);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	423
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	424 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	425 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	426 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	427 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	428 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	429 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	430
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	431 errno = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	432 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	433 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	434 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	435 if ((ret = SSL_read (request->ssl, ptr, size)) < 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	436 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	437 err = SSL_get_error (request->ssl, ret);
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	438 if (errno == EINTR \|\| errno == EAGAIN)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	439 {
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	440 if (request->cancel)
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	441 {
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	442 gftp_disconnect (request);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	443 return (GFTP_ERETRYABLE);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	444 }
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	445
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	446 continue;
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	447 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	448
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	449 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	450 _("Error: Could not read from socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	451 g_strerror (errno));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	452 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	453
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	454 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	455 }
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	456
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	457 break;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	458 }
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	459 while (1);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	460
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	461 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	462 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	463
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	464
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	465 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	466 gftp_ssl_write (gftp_request * request, const char *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	467 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	468 size_t ret, w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	469
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	470 g_return_val_if_fail (request->ssl != NULL, GFTP_EFATAL);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	471
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	472 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	473 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	474 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	475 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	476 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	477 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	478
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	479 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	480 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	481 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	482 w_ret = SSL_write (request->ssl, ptr, size);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	483 if (w_ret <= 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	484 {
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	485 if (errno == EINTR \|\| errno == EAGAIN)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	486 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	487 if (request != NULL && request->cancel)
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	488 {
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	489 gftp_disconnect (request);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	490 return (GFTP_ERETRYABLE);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	491 }
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	492
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	493 continue;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	494 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	495
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	496 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	497 _("Error: Could not write to socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	498 g_strerror (errno));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	499 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	500
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	501 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	502 }
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	503
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	504 ptr += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	505 size -= w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	506 ret += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	507 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	508 while (size > 0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	509
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	510 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	511 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	512
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	513 #endif

Mercurial > gftp.yaz

annotate lib/sslcommon.c @ 858:10e2ce91e26c