gftp.yaz: lib/sslcommon.c annotate

annotate lib/sslcommon.c @ 360:c2554d363c7e

2004-01-08 Gustavo Noronha Silva <kov@debian.org> * pt_BR.po: updated translation, by Jo蘨炕犦 Paulo Gomes Vanzuita <joaopaulo99@terra.com.br>

author	gns
date	Thu, 08 Jan 2004 04:04:20 +0000
parents	0fcc6468a0af
children	d66801310c09

rev	line source
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	1 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	2 /* sslcommon.c - interface to OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	3 /* Copyright (C) 1998-2003 Brian Masney <masneyb@gftp.org> */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	4 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	5 /* This program is free software; you can redistribute it and/or modify */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	6 /* it under the terms of the GNU General Public License as published by */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	7 /* the Free Software Foundation; either version 2 of the License, or */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	8 /* (at your option) any later version. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	9 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	10 /* This program is distributed in the hope that it will be useful, */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	11 /* but WITHOUT ANY WARRANTY; without even the implied warranty of */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	12 /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	13 /* GNU General Public License for more details. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	14 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	15 /* You should have received a copy of the GNU General Public License */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	16 /* along with this program; if not, write to the Free Software */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	17 /* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111 USA */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	18 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	19
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	20 #include "gftp.h"
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	21
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	22 static const char cvsid[] = "$Id$";
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	23
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	24 /* Some of the functions in here was taken either entirely or partially from
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	25 * the O'Reilly book Network Security with OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	26
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	27 #ifdef USE_SSL
d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	28
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	29 static gftp_config_vars config_vars[] =
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	30 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	31 {"", N_("SSL Engine"), gftp_option_type_notebook, NULL, NULL, 0, NULL,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	32 GFTP_PORT_GTK, NULL},
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	33
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	34 {"entropy_source", N_("SSL Entropy File:"),
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	35 gftp_option_type_text, "/dev/urandom", NULL, 0,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	36 N_("SSL entropy file"), GFTP_PORT_ALL, 0},
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	37 {"entropy_len", N_("Entropy Seed Length:"),
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	38 gftp_option_type_int, GINT_TO_POINTER(1024), NULL, 0,
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	39 N_("The maximum number of bytes to seed the SSL engine with"),
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	40 GFTP_PORT_ALL, 0},
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	41
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	42 {NULL, NULL, 0, NULL, NULL, 0, NULL, 0, NULL}
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	43 };
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	44
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	45 static GMutex ** gftp_ssl_mutexes = NULL;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	46 static volatile int gftp_ssl_initialized = 0;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	47 static SSL_CTX * ctx = NULL;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	48
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	49 struct CRYPTO_dynlock_value
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	50 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	51 GMutex * mutex;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	52 };
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	53
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	54
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	55 void
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	56 ssl_register_module (void)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	57 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	58 static volatile int module_registered = 0;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	59
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	60 if (!module_registered)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	61 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	62 gftp_register_config_vars (config_vars);
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	63 module_registered = 1;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	64 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	65 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	66
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	67
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	68 static int
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	69 gftp_ssl_get_index (void)
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	70 {
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	71 static volatile int index = -1;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	72
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	73 if (index < 0)
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	74 index = SSL_get_ex_new_index (0, gftp_version, NULL, NULL, NULL);
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	75
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	76 return index;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	77 }
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	78
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	79
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	80 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	81 gftp_ssl_verify_callback (int ok, X509_STORE_CTX *store)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	82 {
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	83 char issuer[256], subject[256];
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	84 gftp_request * request;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	85 SSL * ssl;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	86
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	87 ssl = X509_STORE_CTX_get_ex_data (store, SSL_get_ex_data_X509_STORE_CTX_idx ());
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	88 request = SSL_get_ex_data (ssl, gftp_ssl_get_index ());
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	89
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	90 if (!ok)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	91 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	92 X509 *cert = X509_STORE_CTX_get_current_cert (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	93 int depth = X509_STORE_CTX_get_error_depth (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	94 int err = X509_STORE_CTX_get_error (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	95
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	96 X509_NAME_oneline (X509_get_issuer_name (cert), issuer, sizeof (issuer));
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	97 X509_NAME_oneline (X509_get_subject_name (cert), subject, sizeof (subject));
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	98 request->logging_function (gftp_logging_error, request,
13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	99 _("Error with certificate at depth: %i\nIssuer = %s\nSubject = %s\nError %i:%s\n"),
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	100 depth, issuer, subject, err,
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	101 X509_verify_cert_error_string (err));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	102 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	103
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	104 return ok;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	105 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	106
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	107
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	108 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	109 gftp_ssl_post_connection_check (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	110 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	111 char data[256], *extstr;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	112 int extcount, ok, i, j;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	113 X509_EXTENSION *ext;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	114 X509_NAME *subj;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	115 X509 *cert;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	116
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	117 ok = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	118 if (!(cert = SSL_get_peer_certificate (request->ssl)))
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	119 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	120 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	121 _("Cannot get peer certificate\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	122 return (X509_V_ERR_APPLICATION_VERIFICATION);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	123 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	124
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	125 if ((extcount = X509_get_ext_count (cert)) > 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	126 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	127 for (i = 0; i < extcount; i++)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	128 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	129 ext = X509_get_ext (cert, i);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	130 extstr = (char *) OBJ_nid2sn (OBJ_obj2nid (X509_EXTENSION_get_object (ext)));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	131
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	132 if (strcmp (extstr, "subjectAltName") == 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	133 {
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	134 unsigned char *data;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	135 STACK_OF(CONF_VALUE) *val;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	136 CONF_VALUE *nval;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	137 X509V3_EXT_METHOD *meth;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	138 void *ext_str = NULL;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	139
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	140 if (!(meth = X509V3_EXT_get (ext)))
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	141 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	142
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	143 data = ext->value->data;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	144
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	145 #if (OPENSSL_VERSION_NUMBER > 0x00907000L)
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	146 if (meth->it)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	147 ext_str = ASN1_item_d2i (NULL, &data, ext->value->length,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	148 ASN1_ITEM_ptr (meth->it));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	149 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	150 ext_str = meth->d2i (NULL, &data, ext->value->length);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	151 #else
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	152 ext_str = meth->d2i(NULL, &data, ext->value->length);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	153 #endif
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	154 val = meth->i2v(meth, ext_str, NULL);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	155
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	156 for (j = 0; j < sk_CONF_VALUE_num(val); j++)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	157 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	158 nval = sk_CONF_VALUE_value (val, j);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	159 if (strcmp (nval->name, "DNS") == 0 &&
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	160 strcmp (nval->value, request->hostname) == 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	161 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	162 ok = 1;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	163 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	164 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	165 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	166 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	167
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	168 if (ok)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	169 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	170 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	171 }
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	172
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	173 if (!ok && (subj = X509_get_subject_name (cert)) &&
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	174 X509_NAME_get_text_by_NID (subj, NID_commonName, data, 256) > 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	175 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	176 data[sizeof (data) - 1] = '\0';
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	177 if (strcasecmp (data, request->hostname) != 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	178 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	179 request->logging_function (gftp_logging_error, request,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	180 _("ERROR: The host in the SSL certificate (%s) does not match the host that we connected to (%s). Aborting connection.\n"),
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	181 data, request->hostname);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	182 X509_free (cert);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	183 return (X509_V_ERR_APPLICATION_VERIFICATION);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	184 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	185 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	186
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	187 X509_free (cert);
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	188
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	189 return (SSL_get_verify_result(request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	190 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	191
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	192
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	193 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	194 _gftp_ssl_locking_function (int mode, int n, const char * file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	195 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	196 if (mode & CRYPTO_LOCK)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	197 g_mutex_lock (gftp_ssl_mutexes[n]);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	198 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	199 g_mutex_unlock (gftp_ssl_mutexes[n]);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	200 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	201
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	202
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	203 static unsigned long
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	204 _gftp_ssl_id_function (void)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	205 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	206 #if GLIB_MAJOR_VERSION > 1
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	207 return ((unsigned long) g_thread_self ());
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	208 #else
210 82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	209 /* FIXME _ call pthread version. Once this is done, the #ifdef below can be
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	210 removed */
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	211 return (0);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	212 #endif
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	213 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	214
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	215
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	216 static struct CRYPTO_dynlock_value *
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	217 _gftp_ssl_create_dyn_mutex (const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	218 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	219 struct CRYPTO_dynlock_value *value;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	220
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	221 value = g_malloc (sizeof (*value));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	222 value->mutex = g_mutex_new ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	223 return (value);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	224 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	225
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	226
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	227 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	228 _gftp_ssl_dyn_mutex_lock (int mode, struct CRYPTO_dynlock_value *l,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	229 const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	230 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	231 if (mode & CRYPTO_LOCK)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	232 g_mutex_lock (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	233 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	234 g_mutex_unlock (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	235 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	236
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	237
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	238 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	239 _gftp_ssl_destroy_dyn_mutex (struct CRYPTO_dynlock_value *l,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	240 const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	241 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	242 g_mutex_free (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	243 g_free (l);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	244 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	245
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	246
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	247 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	248 _gftp_ssl_thread_setup (void)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	249 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	250 int i;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	251
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	252 #if G_MAJOR_VERSION == 1
210 82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	253 /* Thread setup isn't supported in glib 1.2 yet */
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	254 return;
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	255 #endif
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	256
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	257 gftp_ssl_mutexes = g_malloc (CRYPTO_num_locks( ) * sizeof (*gftp_ssl_mutexes));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	258
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	259 for (i = 0; i < CRYPTO_num_locks ( ); i++)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	260 gftp_ssl_mutexes[i] = g_mutex_new ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	261
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	262 CRYPTO_set_id_callback (_gftp_ssl_id_function);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	263 CRYPTO_set_locking_callback (_gftp_ssl_locking_function);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	264 CRYPTO_set_dynlock_create_callback (_gftp_ssl_create_dyn_mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	265 CRYPTO_set_dynlock_lock_callback (_gftp_ssl_dyn_mutex_lock);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	266 CRYPTO_set_dynlock_destroy_callback (_gftp_ssl_destroy_dyn_mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	267 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	268
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	269
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	270 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	271 gftp_ssl_startup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	272 {
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	273 char *entropy_source;
325 0fcc6468a0af 2003-12-4 Brian Masney <masneyb@gftp.org> masneyb parents: 215 diff changeset	274 intptr_t entropy_len;
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	275
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	276 if (gftp_ssl_initialized)
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	277 return (0);
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	278
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	279 gftp_ssl_initialized = 1;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	280
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	281 if (g_thread_supported ())
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	282 _gftp_ssl_thread_setup ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	283
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	284 if (!SSL_library_init ())
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	285 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	286 request->logging_function (gftp_logging_error, request,
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	287 _("Cannot initialized the OpenSSL library\n"));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	288 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	289 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	290
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	291 SSL_load_error_strings ();
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	292
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	293 gftp_lookup_request_option (request, "entropy_source", &entropy_source);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	294 gftp_lookup_request_option (request, "entropy_len", &entropy_len);
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	295 RAND_load_file (entropy_source, entropy_len);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	296
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	297 ctx = SSL_CTX_new (SSLv23_method ());
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	298
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	299 if (SSL_CTX_set_default_verify_paths (ctx) != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	300 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	301 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	302 _("Error loading default SSL certificates\n"));
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	303 return (GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	304 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	305
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	306 SSL_CTX_set_verify (ctx, SSL_VERIFY_PEER, gftp_ssl_verify_callback);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	307 SSL_CTX_set_verify_depth (ctx, 9);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	308 SSL_CTX_set_options (ctx, SSL_OP_ALL\|SSL_OP_NO_SSLv2);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	309
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	310 if (SSL_CTX_set_cipher_list (ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH") != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	311 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	312 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	313 _("Error setting cipher list (no valid ciphers)\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	314 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	315 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	316
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	317 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	318 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	319
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	320
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	321 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	322 gftp_ssl_session_setup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	323 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	324 BIO * bio;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	325 long ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	326
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	327 g_return_val_if_fail (request->datafd > 0, GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	328
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	329 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	330 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	331 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	332 _("Error: SSL engine was not initialized\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	333 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	334 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	335 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	336
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	337 /* FIXME - take this out. I need to find out how to do timeouts with the SSL
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	338 functions (a select() or poll() like function) */
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	339
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	340 if (gftp_fd_set_sockblocking (request, request->datafd, 0) < 0)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	341 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	342 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	343 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	344 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	345
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	346 if ((bio = BIO_new (BIO_s_socket ())) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	347 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	348 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	349 _("Error setting up SSL connection (BIO object)\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	350 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	351 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	352 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	353
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	354 BIO_set_fd (bio, request->datafd, BIO_NOCLOSE);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	355
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	356 if ((request->ssl = SSL_new (ctx)) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	357 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	358 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	359 _("Error setting up SSL connection (SSL object)\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	360 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	361 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	362 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	363
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	364 SSL_set_bio (request->ssl, bio, bio);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	365 SSL_set_ex_data (request->ssl, gftp_ssl_get_index (), request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	366
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	367 if (SSL_connect (request->ssl) <= 0)
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	368 {
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	369 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	370 return (GFTP_EFATAL);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	371 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	372
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	373 if ((ret = gftp_ssl_post_connection_check (request)) != X509_V_OK)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	374 {
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	375 if (ret != X509_V_ERR_APPLICATION_VERIFICATION)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	376 request->logging_function (gftp_logging_error, request,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	377 _("Error with peer certificate: %s\n"),
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	378 X509_verify_cert_error_string (ret));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	379 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	380 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	381 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	382
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	383 request->logging_function (gftp_logging_misc, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	384 "SSL connection established using %s (%s)\n",
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	385 SSL_get_cipher_version (request->ssl),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	386 SSL_get_cipher_name (request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	387
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	388 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	389 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	390
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	391
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	392 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	393 gftp_ssl_read (gftp_request * request, void *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	394 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	395 ssize_t ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	396 int err;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	397
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	398 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	399 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	400 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	401 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	402 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	403 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	404
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	405 errno = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	406 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	407 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	408 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	409 if ((ret = SSL_read (request->ssl, ptr, size)) < 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	410 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	411 err = SSL_get_error (request->ssl, ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	412 if (errno == EINTR)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	413 {
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	414 if (request->cancel)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	415 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	416 else
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	417 continue;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	418 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	419
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	420 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	421 _("Error: Could not read from socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	422 g_strerror (errno));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	423 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	424
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	425 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	426 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	427 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	428 while (errno == EINTR && !(request != NULL && request->cancel));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	429
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	430 if (errno == EINTR && request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	431 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	432 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	433 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	434 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	435
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	436 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	437 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	438
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	439
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	440 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	441 gftp_ssl_write (gftp_request * request, const char *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	442 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	443 size_t ret, w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	444
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	445 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	446 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	447 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	448 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	449 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	450 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	451
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	452 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	453 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	454 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	455 w_ret = SSL_write (request->ssl, ptr, size);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	456 if (w_ret <= 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	457 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	458 if (errno == EINTR)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	459 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	460 if (request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	461 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	462 else
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	463 continue;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	464 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	465
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	466 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	467 _("Error: Could not write to socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	468 g_strerror (errno));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	469 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	470
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	471 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	472 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	473 ptr += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	474 size -= w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	475 ret += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	476 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	477 while (size > 0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	478
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	479 if (errno == EINTR && request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	480 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	481 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	482 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	483 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	484
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	485 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	486 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	487
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	488 #endif

Mercurial > gftp.yaz

annotate lib/sslcommon.c @ 360:c2554d363c7e