gftp.yaz: lib/sslcommon.c annotate

annotate lib/sslcommon.c @ 416:d66801310c09

2004-3-1 Brian Masney <masneyb@gftp.org> * lib/sslcommon.c - added verify_ssl_peer option

author	masneyb
date	Tue, 02 Mar 2004 02:37:17 +0000
parents	0fcc6468a0af
children	593dddb1e59c

rev	line source
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	1 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	2 /* sslcommon.c - interface to OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	3 /* Copyright (C) 1998-2003 Brian Masney <masneyb@gftp.org> */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	4 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	5 /* This program is free software; you can redistribute it and/or modify */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	6 /* it under the terms of the GNU General Public License as published by */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	7 /* the Free Software Foundation; either version 2 of the License, or */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	8 /* (at your option) any later version. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	9 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	10 /* This program is distributed in the hope that it will be useful, */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	11 /* but WITHOUT ANY WARRANTY; without even the implied warranty of */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	12 /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	13 /* GNU General Public License for more details. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	14 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	15 /* You should have received a copy of the GNU General Public License */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	16 /* along with this program; if not, write to the Free Software */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	17 /* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111 USA */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	18 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	19
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	20 #include "gftp.h"
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	21
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	22 static const char cvsid[] = "$Id$";
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	23
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	24 /* Some of the functions in here was taken either entirely or partially from
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	25 * the O'Reilly book Network Security with OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	26
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	27 #ifdef USE_SSL
d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	28
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	29 static gftp_config_vars config_vars[] =
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	30 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	31 {"", N_("SSL Engine"), gftp_option_type_notebook, NULL, NULL, 0, NULL,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	32 GFTP_PORT_GTK, NULL},
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	33
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	34 {"entropy_source", N_("SSL Entropy File:"),
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	35 gftp_option_type_text, "/dev/urandom", NULL, 0,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	36 N_("SSL entropy file"), GFTP_PORT_ALL, 0},
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	37 {"entropy_len", N_("Entropy Seed Length:"),
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	38 gftp_option_type_int, GINT_TO_POINTER(1024), NULL, 0,
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	39 N_("The maximum number of bytes to seed the SSL engine with"),
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	40 GFTP_PORT_ALL, 0},
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	41 {"verify_ssl_peer", N_("Verify SSL Peer"),
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	42 gftp_option_type_checkbox, GINT_TO_POINTER(1), NULL, 0,
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	43 N_("Verify SSL Peer"), GFTP_PORT_ALL, NULL},
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	44
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	45 {NULL, NULL, 0, NULL, NULL, 0, NULL, 0, NULL}
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	46 };
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	47
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	48 static GMutex ** gftp_ssl_mutexes = NULL;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	49 static volatile int gftp_ssl_initialized = 0;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	50 static SSL_CTX * ctx = NULL;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	51
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	52 struct CRYPTO_dynlock_value
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	53 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	54 GMutex * mutex;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	55 };
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	56
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	57
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	58 void
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	59 ssl_register_module (void)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	60 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	61 static volatile int module_registered = 0;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	62
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	63 if (!module_registered)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	64 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	65 gftp_register_config_vars (config_vars);
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	66 module_registered = 1;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	67 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	68 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	69
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	70
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	71 static int
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	72 gftp_ssl_get_index (void)
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	73 {
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	74 static volatile int index = -1;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	75
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	76 if (index < 0)
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	77 index = SSL_get_ex_new_index (0, gftp_version, NULL, NULL, NULL);
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	78
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	79 return index;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	80 }
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	81
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	82
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	83 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	84 gftp_ssl_verify_callback (int ok, X509_STORE_CTX *store)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	85 {
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	86 char issuer[256], subject[256];
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	87 gftp_request * request;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	88 SSL * ssl;
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	89
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	90 ssl = X509_STORE_CTX_get_ex_data (store, SSL_get_ex_data_X509_STORE_CTX_idx ());
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	91 request = SSL_get_ex_data (ssl, gftp_ssl_get_index ());
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	92
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	93 if (!ok)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	94 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	95 X509 *cert = X509_STORE_CTX_get_current_cert (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	96 int depth = X509_STORE_CTX_get_error_depth (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	97 int err = X509_STORE_CTX_get_error (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	98
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	99 X509_NAME_oneline (X509_get_issuer_name (cert), issuer, sizeof (issuer));
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	100 X509_NAME_oneline (X509_get_subject_name (cert), subject, sizeof (subject));
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	101 request->logging_function (gftp_logging_error, request,
13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	102 _("Error with certificate at depth: %i\nIssuer = %s\nSubject = %s\nError %i:%s\n"),
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	103 depth, issuer, subject, err,
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	104 X509_verify_cert_error_string (err));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	105 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	106
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	107 return ok;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	108 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	109
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	110
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	111 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	112 gftp_ssl_post_connection_check (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	113 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	114 char data[256], *extstr;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	115 int extcount, ok, i, j;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	116 X509_EXTENSION *ext;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	117 X509_NAME *subj;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	118 X509 *cert;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	119
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	120 ok = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	121 if (!(cert = SSL_get_peer_certificate (request->ssl)))
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	122 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	123 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	124 _("Cannot get peer certificate\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	125 return (X509_V_ERR_APPLICATION_VERIFICATION);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	126 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	127
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	128 if ((extcount = X509_get_ext_count (cert)) > 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	129 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	130 for (i = 0; i < extcount; i++)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	131 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	132 ext = X509_get_ext (cert, i);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	133 extstr = (char *) OBJ_nid2sn (OBJ_obj2nid (X509_EXTENSION_get_object (ext)));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	134
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	135 if (strcmp (extstr, "subjectAltName") == 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	136 {
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	137 unsigned char *data;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	138 STACK_OF(CONF_VALUE) *val;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	139 CONF_VALUE *nval;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	140 X509V3_EXT_METHOD *meth;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	141 void *ext_str = NULL;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	142
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	143 if (!(meth = X509V3_EXT_get (ext)))
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	144 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	145
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	146 data = ext->value->data;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	147
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	148 #if (OPENSSL_VERSION_NUMBER > 0x00907000L)
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	149 if (meth->it)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	150 ext_str = ASN1_item_d2i (NULL, &data, ext->value->length,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	151 ASN1_ITEM_ptr (meth->it));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	152 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	153 ext_str = meth->d2i (NULL, &data, ext->value->length);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	154 #else
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	155 ext_str = meth->d2i(NULL, &data, ext->value->length);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	156 #endif
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	157 val = meth->i2v(meth, ext_str, NULL);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	158
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	159 for (j = 0; j < sk_CONF_VALUE_num(val); j++)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	160 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	161 nval = sk_CONF_VALUE_value (val, j);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	162 if (strcmp (nval->name, "DNS") == 0 &&
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	163 strcmp (nval->value, request->hostname) == 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	164 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	165 ok = 1;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	166 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	167 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	168 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	169 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	170
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	171 if (ok)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	172 break;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	173 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	174 }
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	175
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	176 if (!ok && (subj = X509_get_subject_name (cert)) &&
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	177 X509_NAME_get_text_by_NID (subj, NID_commonName, data, 256) > 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	178 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	179 data[sizeof (data) - 1] = '\0';
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	180 if (strcasecmp (data, request->hostname) != 0)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	181 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	182 request->logging_function (gftp_logging_error, request,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	183 _("ERROR: The host in the SSL certificate (%s) does not match the host that we connected to (%s). Aborting connection.\n"),
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	184 data, request->hostname);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	185 X509_free (cert);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	186 return (X509_V_ERR_APPLICATION_VERIFICATION);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	187 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	188 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	189
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	190 X509_free (cert);
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	191
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	192 return (SSL_get_verify_result(request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	193 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	194
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	195
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	196 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	197 _gftp_ssl_locking_function (int mode, int n, const char * file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	198 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	199 if (mode & CRYPTO_LOCK)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	200 g_mutex_lock (gftp_ssl_mutexes[n]);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	201 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	202 g_mutex_unlock (gftp_ssl_mutexes[n]);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	203 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	204
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	205
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	206 static unsigned long
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	207 _gftp_ssl_id_function (void)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	208 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	209 #if GLIB_MAJOR_VERSION > 1
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	210 return ((unsigned long) g_thread_self ());
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	211 #else
210 82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	212 /* FIXME _ call pthread version. Once this is done, the #ifdef below can be
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	213 removed */
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	214 return (0);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	215 #endif
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	216 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	217
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	218
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	219 static struct CRYPTO_dynlock_value *
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	220 _gftp_ssl_create_dyn_mutex (const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	221 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	222 struct CRYPTO_dynlock_value *value;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	223
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	224 value = g_malloc (sizeof (*value));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	225 value->mutex = g_mutex_new ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	226 return (value);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	227 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	228
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	229
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	230 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	231 _gftp_ssl_dyn_mutex_lock (int mode, struct CRYPTO_dynlock_value *l,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	232 const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	233 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	234 if (mode & CRYPTO_LOCK)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	235 g_mutex_lock (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	236 else
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	237 g_mutex_unlock (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	238 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	239
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	240
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	241 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	242 _gftp_ssl_destroy_dyn_mutex (struct CRYPTO_dynlock_value *l,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	243 const char *file, int line)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	244 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	245 g_mutex_free (l->mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	246 g_free (l);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	247 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	248
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	249
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	250 static void
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	251 _gftp_ssl_thread_setup (void)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	252 {
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	253 int i;
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	254
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	255 #if G_MAJOR_VERSION == 1
210 82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	256 /* Thread setup isn't supported in glib 1.2 yet */
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	257 return;
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	258 #endif
82ebd1b05345 2003-7-6 Brian Masney <masneyb@gftp.org> masneyb parents: 199 diff changeset	259
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	260 gftp_ssl_mutexes = g_malloc (CRYPTO_num_locks( ) * sizeof (*gftp_ssl_mutexes));
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	261
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	262 for (i = 0; i < CRYPTO_num_locks ( ); i++)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	263 gftp_ssl_mutexes[i] = g_mutex_new ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	264
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	265 CRYPTO_set_id_callback (_gftp_ssl_id_function);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	266 CRYPTO_set_locking_callback (_gftp_ssl_locking_function);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	267 CRYPTO_set_dynlock_create_callback (_gftp_ssl_create_dyn_mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	268 CRYPTO_set_dynlock_lock_callback (_gftp_ssl_dyn_mutex_lock);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	269 CRYPTO_set_dynlock_destroy_callback (_gftp_ssl_destroy_dyn_mutex);
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	270 }
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	271
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	272
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	273 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	274 gftp_ssl_startup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	275 {
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	276 intptr_t entropy_len, verify_ssl_peer;
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	277 char *entropy_source;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	278
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	279 if (gftp_ssl_initialized)
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	280 return (0);
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	281
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	282 gftp_ssl_initialized = 1;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	283
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	284 if (g_thread_supported ())
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	285 _gftp_ssl_thread_setup ();
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	286
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	287 if (!SSL_library_init ())
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	288 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	289 request->logging_function (gftp_logging_error, request,
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	290 _("Cannot initialized the OpenSSL library\n"));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	291 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	292 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	293
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	294 SSL_load_error_strings ();
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	295
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	296 gftp_lookup_request_option (request, "verify_ssl_peer", &verify_ssl_peer);
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	297 gftp_lookup_request_option (request, "entropy_source", &entropy_source);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	298 gftp_lookup_request_option (request, "entropy_len", &entropy_len);
3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	299 RAND_load_file (entropy_source, entropy_len);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	300
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	301 ctx = SSL_CTX_new (SSLv23_method ());
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	302
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	303 if (SSL_CTX_set_default_verify_paths (ctx) != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	304 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	305 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	306 _("Error loading default SSL certificates\n"));
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	307 return (GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	308 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	309
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	310 if (verify_ssl_peer)
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	311 {
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	312 SSL_CTX_set_verify (ctx, SSL_VERIFY_PEER, gftp_ssl_verify_callback);
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	313 SSL_CTX_set_verify_depth (ctx, 9);
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	314 }
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	315
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	316 SSL_CTX_set_options (ctx, SSL_OP_ALL\|SSL_OP_NO_SSLv2);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	317
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	318 if (SSL_CTX_set_cipher_list (ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH") != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	319 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	320 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	321 _("Error setting cipher list (no valid ciphers)\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	322 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	323 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	324
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	325 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	326 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	327
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	328
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	329 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	330 gftp_ssl_session_setup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	331 {
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	332 intptr_t verify_ssl_peer;
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	333 BIO * bio;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	334 long ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	335
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	336 g_return_val_if_fail (request->datafd > 0, GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	337
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	338 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	339 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	340 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	341 _("Error: SSL engine was not initialized\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	342 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	343 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	344 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	345
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	346 /* FIXME - take this out. I need to find out how to do timeouts with the SSL
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	347 functions (a select() or poll() like function) */
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	348
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	349 if (gftp_fd_set_sockblocking (request, request->datafd, 0) < 0)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	350 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	351 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	352 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	353 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	354
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	355 if ((bio = BIO_new (BIO_s_socket ())) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	356 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	357 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	358 _("Error setting up SSL connection (BIO object)\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	359 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	360 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	361 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	362
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	363 BIO_set_fd (bio, request->datafd, BIO_NOCLOSE);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	364
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	365 if ((request->ssl = SSL_new (ctx)) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	366 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	367 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	368 _("Error setting up SSL connection (SSL object)\n"));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	369 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	370 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	371 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	372
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	373 SSL_set_bio (request->ssl, bio, bio);
175 3b168fed3fde 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 174 diff changeset	374 SSL_set_ex_data (request->ssl, gftp_ssl_get_index (), request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	375
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	376 if (SSL_connect (request->ssl) <= 0)
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	377 {
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	378 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	379 return (GFTP_EFATAL);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	380 }
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	381
416 d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	382 gftp_lookup_request_option (request, "verify_ssl_peer", &verify_ssl_peer);
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	383
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	384 if (verify_ssl_peer &&
d66801310c09 2004-3-1 Brian Masney <masneyb@gftp.org> masneyb parents: 325 diff changeset	385 (ret = gftp_ssl_post_connection_check (request)) != X509_V_OK)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	386 {
199 75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	387 if (ret != X509_V_ERR_APPLICATION_VERIFICATION)
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	388 request->logging_function (gftp_logging_error, request,
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	389 _("Error with peer certificate: %s\n"),
75eebb3b0592 2003-6-24 Brian Masney <masneyb@gftp.org> masneyb parents: 186 diff changeset	390 X509_verify_cert_error_string (ret));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	391 gftp_disconnect (request);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	392 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	393 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	394
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	395 request->logging_function (gftp_logging_misc, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	396 "SSL connection established using %s (%s)\n",
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	397 SSL_get_cipher_version (request->ssl),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	398 SSL_get_cipher_name (request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	399
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	400 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	401 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	402
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	403
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	404 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	405 gftp_ssl_read (gftp_request * request, void *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	406 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	407 ssize_t ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	408 int err;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	409
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	410 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	411 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	412 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	413 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	414 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	415 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	416
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	417 errno = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	418 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	419 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	420 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	421 if ((ret = SSL_read (request->ssl, ptr, size)) < 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	422 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	423 err = SSL_get_error (request->ssl, ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	424 if (errno == EINTR)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	425 {
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	426 if (request->cancel)
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	427 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	428 else
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	429 continue;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	430 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	431
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	432 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	433 _("Error: Could not read from socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	434 g_strerror (errno));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	435 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	436
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	437 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	438 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	439 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	440 while (errno == EINTR && !(request != NULL && request->cancel));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	441
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	442 if (errno == EINTR && request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	443 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	444 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	445 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	446 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	447
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	448 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	449 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	450
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	451
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	452 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	453 gftp_ssl_write (gftp_request * request, const char *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	454 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	455 size_t ret, w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	456
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	457 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	458 {
186 13ca1defdc75 2003-6-16 Brian Masney <masneyb@gftp.org> masneyb parents: 175 diff changeset	459 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	460 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	461 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	462 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	463
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	464 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	465 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	466 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	467 w_ret = SSL_write (request->ssl, ptr, size);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	468 if (w_ret <= 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	469 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	470 if (errno == EINTR)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	471 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	472 if (request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	473 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	474 else
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	475 continue;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	476 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	477
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	478 request->logging_function (gftp_logging_error, request,
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	479 _("Error: Could not write to socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	480 g_strerror (errno));
215 3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	481 gftp_disconnect (request);
3d6e024dbf31 2003-7-7 Brian Masney <masneyb@gftp.org> masneyb parents: 210 diff changeset	482
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	483 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	484 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	485 ptr += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	486 size -= w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	487 ret += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	488 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	489 while (size > 0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	490
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	491 if (errno == EINTR && request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	492 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	493 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	494 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	495 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	496
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	497 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	498 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	499
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	500 #endif

Mercurial > gftp.yaz

annotate lib/sslcommon.c @ 416:d66801310c09