gftp.yaz: lib/sslcommon.c annotate

annotate lib/sslcommon.c @ 760:62222927016c

2006-6-23 Brian Masney <masneyb@gftp.org> * lib/fsplib/fsplib.c (fsp_readdir_native) - fixed possible heap overflow on operating systems that have MAXNAMLEN > 256 (from Joerg Sonnenberger <joerg@netbsd.org>)

author	masneyb
date	Fri, 23 Jun 2006 20:09:28 +0000
parents	5d13fa48c275
children	4ad80d524dda

rev	line source
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	1 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	2 /* sslcommon.c - interface to OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	3 /* Copyright (C) 1998-2003 Brian Masney <masneyb@gftp.org> */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	4 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	5 /* This program is free software; you can redistribute it and/or modify */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	6 /* it under the terms of the GNU General Public License as published by */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	7 /* the Free Software Foundation; either version 2 of the License, or */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	8 /* (at your option) any later version. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	9 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	10 /* This program is distributed in the hope that it will be useful, */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	11 /* but WITHOUT ANY WARRANTY; without even the implied warranty of */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	12 /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	13 /* GNU General Public License for more details. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	14 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	15 /* You should have received a copy of the GNU General Public License */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	16 /* along with this program; if not, write to the Free Software */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	17 /* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111 USA */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	18 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	19
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	20 #include "gftp.h"
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	21
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	22 static const char cvsid[] = "$Id$";
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	23
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	24 /* Some of the functions in here was taken either entirely or partially from
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	25 * the O'Reilly book Network Security with OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	26
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	27 #ifdef USE_SSL
d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	28
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	29 static gftp_config_vars config_vars[] =
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	30 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	31 {"", N_("SSL Engine"), gftp_option_type_notebook, NULL, NULL, 0, NULL,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	32 GFTP_PORT_GTK, NULL},
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	33
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	34 {"entropy_source", N_("SSL Entropy File:"),
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	35 gftp_option_type_text, "/dev/urandom", NULL, 0,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	36 N_("SSL entropy file"), GFTP_PORT_ALL, 0},
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	37 {"entropy_len", N_("Entropy Seed Length:"),
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	38 gftp_option_type_int, GINT_TO_POINTER(1024), NULL, 0,
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	39 N_("The maximum number of bytes to seed the SSL engine with"),
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	40 GFTP_PORT_ALL, 0},
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	41 {"verify_ssl_peer", N_("Verify SSL Peer"),
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	42 gftp_option_type_checkbox, GINT_TO_POINTER(1), NULL, 0,
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	43 N_("Verify SSL Peer"), GFTP_PORT_ALL, NULL},
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	44
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	45 {NULL, NULL, 0, NULL, NULL, 0, NULL, 0, NULL}
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	46 };
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	47
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	48 static GMutex ** gftp_ssl_mutexes = NULL;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	49 static volatile int gftp_ssl_initialized = 0;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	50 static SSL_CTX * ctx = NULL;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	51
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	52 struct CRYPTO_dynlock_value
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	53 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	54 GMutex * mutex;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	55 };
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	56
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	57
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	58 void
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	59 ssl_register_module (void)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	60 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	61 static volatile int module_registered = 0;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	62
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	63 if (!module_registered)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	64 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	65 gftp_register_config_vars (config_vars);
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	66 module_registered = 1;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	67 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	68 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	69
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	70
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	71 static int
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	72 gftp_ssl_get_index (void)
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	73 {
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	74 static volatile int index = -1;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	75
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	76 if (index < 0)
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	77 index = SSL_get_ex_new_index (0, gftp_version, NULL, NULL, NULL);
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	78
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	79 return index;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	80 }
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	81
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	82
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	83 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	84 gftp_ssl_verify_callback (int ok, X509_STORE_CTX *store)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	85 {
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	86 char issuer[256], subject[256];
431 593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	87 intptr_t verify_ssl_peer;
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	88 gftp_request * request;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	89 SSL * ssl;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	90
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	91 ssl = X509_STORE_CTX_get_ex_data (store, SSL_get_ex_data_X509_STORE_CTX_idx ());
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	92 request = SSL_get_ex_data (ssl, gftp_ssl_get_index ());
431 593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	93 gftp_lookup_request_option (request, "verify_ssl_peer", &verify_ssl_peer);
593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	94
593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	95 if (!verify_ssl_peer)
593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	96 ok = 1;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	97
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	98 if (!ok)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	99 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	100 X509 *cert = X509_STORE_CTX_get_current_cert (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	101 int depth = X509_STORE_CTX_get_error_depth (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	102 int err = X509_STORE_CTX_get_error (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	103
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	104 X509_NAME_oneline (X509_get_issuer_name (cert), issuer, sizeof (issuer));
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	105 X509_NAME_oneline (X509_get_subject_name (cert), subject, sizeof (subject));
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	106 request->logging_function (gftp_logging_error, request,
13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	107 _("Error with certificate at depth: %i\nIssuer = %s\nSubject = %s\nError %i:%s\n"),
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	108 depth, issuer, subject, err,
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	109 X509_verify_cert_error_string (err));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	110 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	111
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	112 return ok;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	113 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	114
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	115
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	116 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	117 gftp_ssl_post_connection_check (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	118 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	119 char data[256], *extstr;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	120 int extcount, ok, i, j;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	121 X509_EXTENSION *ext;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	122 X509_NAME *subj;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	123 X509 *cert;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	124
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	125 ok = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	126 if (!(cert = SSL_get_peer_certificate (request->ssl)))
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	127 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	128 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	129 _("Cannot get peer certificate\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	130 return (X509_V_ERR_APPLICATION_VERIFICATION);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	131 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	132
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	133 if ((extcount = X509_get_ext_count (cert)) > 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	134 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	135 for (i = 0; i < extcount; i++)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	136 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	137 ext = X509_get_ext (cert, i);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	138 extstr = (char *) OBJ_nid2sn (OBJ_obj2nid (X509_EXTENSION_get_object (ext)));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	139
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	140 if (strcmp (extstr, "subjectAltName") == 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	141 {
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	142 unsigned char *data;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	143 STACK_OF(CONF_VALUE) *val;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	144 CONF_VALUE *nval;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	145 X509V3_EXT_METHOD *meth;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	146 void *ext_str = NULL;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	147
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	148 if (!(meth = X509V3_EXT_get (ext)))
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	149 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	150
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	151 data = ext->value->data;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	152
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	153 #if (OPENSSL_VERSION_NUMBER > 0x00907000L)
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	154 if (meth->it)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	155 ext_str = ASN1_item_d2i (NULL, &data, ext->value->length,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	156 ASN1_ITEM_ptr (meth->it));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	157 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	158 ext_str = meth->d2i (NULL, &data, ext->value->length);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	159 #else
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	160 ext_str = meth->d2i(NULL, &data, ext->value->length);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	161 #endif
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	162 val = meth->i2v(meth, ext_str, NULL);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	163
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	164 for (j = 0; j < sk_CONF_VALUE_num(val); j++)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	165 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	166 nval = sk_CONF_VALUE_value (val, j);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	167 if (strcmp (nval->name, "DNS") == 0 &&
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	168 strcmp (nval->value, request->hostname) == 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	169 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	170 ok = 1;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	171 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	172 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	173 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	174 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	175
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	176 if (ok)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	177 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	178 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	179 }
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	180
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	181 if (!ok && (subj = X509_get_subject_name (cert)) &&
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	182 X509_NAME_get_text_by_NID (subj, NID_commonName, data, 256) > 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	183 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	184 data[sizeof (data) - 1] = '\0';
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	185 if (strcasecmp (data, request->hostname) != 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	186 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	187 request->logging_function (gftp_logging_error, request,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	188 _("ERROR: The host in the SSL certificate (%s) does not match the host that we connected to (%s). Aborting connection.\n"),
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	189 data, request->hostname);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	190 X509_free (cert);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	191 return (X509_V_ERR_APPLICATION_VERIFICATION);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	192 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	193 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	194
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	195 X509_free (cert);
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	196
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	197 return (SSL_get_verify_result(request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	198 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	199
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	200
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	201 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	202 _gftp_ssl_locking_function (int mode, int n, const char * file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	203 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	204 if (mode & CRYPTO_LOCK)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	205 g_mutex_lock (gftp_ssl_mutexes[n]);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	206 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	207 g_mutex_unlock (gftp_ssl_mutexes[n]);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	208 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	209
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	210
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	211 static unsigned long
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	212 _gftp_ssl_id_function (void)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	213 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	214 #if GLIB_MAJOR_VERSION > 1
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	215 return ((unsigned long) g_thread_self ());
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	216 #else
210 82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	217 /* FIXME _ call pthread version. Once this is done, the #ifdef below can be
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	218 removed */
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	219 return (0);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	220 #endif
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	221 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	222
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	223
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	224 static struct CRYPTO_dynlock_value *
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	225 _gftp_ssl_create_dyn_mutex (const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	226 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	227 struct CRYPTO_dynlock_value *value;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	228
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	229 value = g_malloc (sizeof (*value));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	230 value->mutex = g_mutex_new ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	231 return (value);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	232 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	233
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	234
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	235 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	236 _gftp_ssl_dyn_mutex_lock (int mode, struct CRYPTO_dynlock_value *l,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	237 const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	238 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	239 if (mode & CRYPTO_LOCK)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	240 g_mutex_lock (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	241 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	242 g_mutex_unlock (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	243 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	244
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	245
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	246 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	247 _gftp_ssl_destroy_dyn_mutex (struct CRYPTO_dynlock_value *l,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	248 const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	249 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	250 g_mutex_free (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	251 g_free (l);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	252 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	253
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	254
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	255 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	256 _gftp_ssl_thread_setup (void)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	257 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	258 int i;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	259
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	260 #if G_MAJOR_VERSION == 1
210 82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	261 /* Thread setup isn't supported in glib 1.2 yet */
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	262 return;
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	263 #endif
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	264
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	265 gftp_ssl_mutexes = g_malloc (CRYPTO_num_locks( ) * sizeof (*gftp_ssl_mutexes));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	266
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	267 for (i = 0; i < CRYPTO_num_locks ( ); i++)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	268 gftp_ssl_mutexes[i] = g_mutex_new ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	269
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	270 CRYPTO_set_id_callback (_gftp_ssl_id_function);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	271 CRYPTO_set_locking_callback (_gftp_ssl_locking_function);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	272 CRYPTO_set_dynlock_create_callback (_gftp_ssl_create_dyn_mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	273 CRYPTO_set_dynlock_lock_callback (_gftp_ssl_dyn_mutex_lock);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	274 CRYPTO_set_dynlock_destroy_callback (_gftp_ssl_destroy_dyn_mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	275 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	276
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	277
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	278 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	279 gftp_ssl_startup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	280 {
431 593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	281 intptr_t entropy_len;
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	282 char *entropy_source;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	283
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	284 if (gftp_ssl_initialized)
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	285 return (0);
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	286
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	287 gftp_ssl_initialized = 1;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	288
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	289 if (g_thread_supported ())
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	290 _gftp_ssl_thread_setup ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	291
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	292 if (!SSL_library_init ())
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	293 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	294 request->logging_function (gftp_logging_error, request,
460 075f89b4395c 2004-4-14 Brian Masney <masneyb@gftp.org> masneyb parents: 431 diff changeset	295 _("Cannot initialize the OpenSSL library\n"));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	296 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	297 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	298
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	299 SSL_load_error_strings ();
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	300
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	301 gftp_lookup_request_option (request, "entropy_source", &entropy_source);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	302 gftp_lookup_request_option (request, "entropy_len", &entropy_len);
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	303 RAND_load_file (entropy_source, entropy_len);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	304
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	305 ctx = SSL_CTX_new (SSLv23_method ());
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	306
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	307 if (SSL_CTX_set_default_verify_paths (ctx) != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	308 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	309 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	310 _("Error loading default SSL certificates\n"));
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	311 return (GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	312 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	313
431 593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	314 SSL_CTX_set_verify (ctx, SSL_VERIFY_PEER, gftp_ssl_verify_callback);
593dddb1e59c 2004-3-17 Brian Masney <masneyb@gftp.org> masneyb parents: 416 diff changeset	315 SSL_CTX_set_verify_depth (ctx, 9);
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	316
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	317 SSL_CTX_set_options (ctx, SSL_OP_ALL\|SSL_OP_NO_SSLv2);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	318
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	319 if (SSL_CTX_set_cipher_list (ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH") != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	320 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	321 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	322 _("Error setting cipher list (no valid ciphers)\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	323 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	324 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	325
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	326 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	327 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	328
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	329
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	330 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	331 gftp_ssl_session_setup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	332 {
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	333 intptr_t verify_ssl_peer;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	334 BIO * bio;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	335 long ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	336
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	337 g_return_val_if_fail (request->datafd > 0, GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	338
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	339 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	340 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	341 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	342 _("Error: SSL engine was not initialized\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	343 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	344 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	345 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	346
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	347 /* FIXME - take this out. I need to find out how to do timeouts with the SSL
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	348 functions (a select() or poll() like function) */
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	349
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	350 if (gftp_fd_set_sockblocking (request, request->datafd, 0) < 0)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	351 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	352 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	353 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	354 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	355
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	356 if ((bio = BIO_new (BIO_s_socket ())) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	357 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	358 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	359 _("Error setting up SSL connection (BIO object)\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	360 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	361 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	362 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	363
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	364 BIO_set_fd (bio, request->datafd, BIO_NOCLOSE);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	365
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	366 if ((request->ssl = SSL_new (ctx)) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	367 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	368 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	369 _("Error setting up SSL connection (SSL object)\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	370 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	371 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	372 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	373
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	374 SSL_set_bio (request->ssl, bio, bio);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	375 SSL_set_ex_data (request->ssl, gftp_ssl_get_index (), request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	376
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	377 if (SSL_connect (request->ssl) <= 0)
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	378 {
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	379 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	380 return (GFTP_EFATAL);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	381 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	382
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	383 gftp_lookup_request_option (request, "verify_ssl_peer", &verify_ssl_peer);
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	384
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	385 if (verify_ssl_peer &&
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	386 (ret = gftp_ssl_post_connection_check (request)) != X509_V_OK)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	387 {
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	388 if (ret != X509_V_ERR_APPLICATION_VERIFICATION)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	389 request->logging_function (gftp_logging_error, request,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	390 _("Error with peer certificate: %s\n"),
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	391 X509_verify_cert_error_string (ret));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	392 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	393 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	394 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	395
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	396 request->logging_function (gftp_logging_misc, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	397 "SSL connection established using %s (%s)\n",
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	398 SSL_get_cipher_version (request->ssl),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	399 SSL_get_cipher_name (request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	400
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	401 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	402 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	403
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	404
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	405 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	406 gftp_ssl_read (gftp_request * request, void *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	407 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	408 ssize_t ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	409 int err;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	410
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	411 g_return_val_if_fail (request->ssl != NULL, GFTP_EFATAL);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	412
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	413 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	414 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	415 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	416 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	417 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	418 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	419
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	420 errno = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	421 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	422 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	423 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	424 if ((ret = SSL_read (request->ssl, ptr, size)) < 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	425 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	426 err = SSL_get_error (request->ssl, ret);
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	427 if (errno == EINTR \|\| errno == EAGAIN)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	428 {
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	429 if (request->cancel)
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	430 {
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	431 gftp_disconnect (request);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	432 return (GFTP_ERETRYABLE);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	433 }
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	434
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	435 continue;
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	436 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	437
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	438 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	439 _("Error: Could not read from socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	440 g_strerror (errno));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	441 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	442
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	443 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	444 }
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	445
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	446 break;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	447 }
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	448 while (1);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	449
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	450 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	451 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	452
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	453
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	454 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	455 gftp_ssl_write (gftp_request * request, const char *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	456 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	457 size_t ret, w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	458
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	459 g_return_val_if_fail (request->ssl != NULL, GFTP_EFATAL);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	460
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	461 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	462 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	463 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	464 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	465 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	466 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	467
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	468 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	469 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	470 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	471 w_ret = SSL_write (request->ssl, ptr, size);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	472 if (w_ret <= 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	473 {
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	474 if (errno == EINTR \|\| errno == EAGAIN)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	475 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	476 if (request != NULL && request->cancel)
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	477 {
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	478 gftp_disconnect (request);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	479 return (GFTP_ERETRYABLE);
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	480 }
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	481
5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	482 continue;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	483 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	484
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	485 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	486 _("Error: Could not write to socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	487 g_strerror (errno));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	488 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	489
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	490 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	491 }
546 5d13fa48c275 2004-9-6 Brian Masney <masneyb@gftp.org> masneyb parents: 460 diff changeset	492
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	493 ptr += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	494 size -= w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	495 ret += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	496 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	497 while (size > 0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	498
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	499 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	500 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	501
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	502 #endif

Mercurial > gftp.yaz

annotate lib/sslcommon.c @ 760:62222927016c