gftp.yaz: lib/sslcommon.c annotate

annotate lib/sslcommon.c @ 174:e643d287fe32

2003-6-8 Brian Masney <masneyb@gftp.org> * lib/gftp.h lib/sslcommon.c - added ssl_register_module(). This function registers the configuration variables for the SSL engine. Right now, the only variable is the entropy source * lib/https.c (https_register_module) - call ssl_register_module(). Multiple protocols will be able to call this function, it will only be initialized once

author	masneyb
date	Mon, 09 Jun 2003 01:07:33 +0000
parents	4c288d05b26a
children	3b168fed3fde

rev	line source
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	1 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	2 /* sslcommon.c - interface to OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	3 /* Copyright (C) 1998-2003 Brian Masney <masneyb@gftp.org> */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	4 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	5 /* This program is free software; you can redistribute it and/or modify */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	6 /* it under the terms of the GNU General Public License as published by */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	7 /* the Free Software Foundation; either version 2 of the License, or */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	8 /* (at your option) any later version. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	9 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	10 /* This program is distributed in the hope that it will be useful, */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	11 /* but WITHOUT ANY WARRANTY; without even the implied warranty of */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	12 /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	13 /* GNU General Public License for more details. */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	14 /* */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	15 /* You should have received a copy of the GNU General Public License */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	16 /* along with this program; if not, write to the Free Software */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	17 /* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111 USA */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	18 /*****************************************************************************/
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	19
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	20 #include "gftp.h"
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	21
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	22 static const char cvsid[] = "$Id$";
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	23
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	24 /* Some of the functions in here was taken either entirely or partially from
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	25 * the O'Reilly book Network Security with OpenSSL */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	26
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	27 #ifdef USE_SSL
d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	28
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	29 static gftp_config_vars config_vars[] =
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	30 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	31 {"", N_("SSL Engine"), gftp_option_type_notebook, NULL, NULL, 0, NULL,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	32 GFTP_PORT_GTK, NULL},
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	33
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	34 {"entropy_source", N_("SSL Entropy File:"),
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	35 gftp_option_type_text, "/dev/urandom", NULL, 0,
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	36 N_("SSL entropy file"), GFTP_PORT_ALL, 0},
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	37 {NULL, NULL, 0, NULL, NULL, 0, NULL, 0, NULL}
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	38 };
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	39
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	40 static SSL_CTX * ctx = NULL;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	41
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	42 static volatile int gftp_ssl_initialized = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	43
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	44 void
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	45 ssl_register_module (void)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	46 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	47 static volatile int module_registered = 0;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	48
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	49 if (!module_registered)
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	50 {
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	51 gftp_register_config_vars (config_vars);
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	52 module_registered = 1;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	53 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	54 }
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	55
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	56
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	57 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	58 gftp_ssl_verify_callback (int ok, X509_STORE_CTX *store)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	59 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	60 char data[256];
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	61
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	62 if (!ok)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	63 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	64 X509 *cert = X509_STORE_CTX_get_current_cert (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	65 int depth = X509_STORE_CTX_get_error_depth (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	66 int err = X509_STORE_CTX_get_error (store);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	67
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	68 fprintf (stderr, "-Error with certificate at depth: %i\n", depth);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	69 X509_NAME_oneline (X509_get_issuer_name (cert), data, sizeof (data));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	70 fprintf (stderr, " issuer = %s\n", data);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	71 X509_NAME_oneline (X509_get_subject_name (cert), data, sizeof (data));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	72 fprintf (stderr, " subject = %s\n", data);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	73 fprintf (stderr, " err %i:%s\n", err, X509_verify_cert_error_string (err));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	74 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	75
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	76 return ok;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	77 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	78
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	79
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	80 static int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	81 gftp_ssl_post_connection_check (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	82 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	83 char data[256], *extstr;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	84 int extcount, ok, i, j;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	85 X509_EXTENSION *ext;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	86 X509_NAME *subj;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	87 X509 *cert;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	88
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	89 ok = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	90 if (!(cert = SSL_get_peer_certificate (request->ssl)))
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	91 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	92 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	93 _("Cannot get peer certificate\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	94 return (X509_V_ERR_APPLICATION_VERIFICATION);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	95 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	96
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	97 if ((extcount = X509_get_ext_count (cert)) > 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	98 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	99 for (i = 0; i < extcount; i++)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	100 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	101 ext = X509_get_ext (cert, i);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	102 extstr = (char *) OBJ_nid2sn (OBJ_obj2nid (X509_EXTENSION_get_object (ext)));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	103
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	104 if (strcmp (extstr, "subjectAltName") == 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	105 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	106 unsigned char *data;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	107 STACK_OF(CONF_VALUE) *val;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	108 CONF_VALUE *nval;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	109 X509V3_EXT_METHOD *meth;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	110 void *ext_str = NULL;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	111
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	112 if (!(meth = X509V3_EXT_get(ext)))
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	113 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	114 data = ext->value->data;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	115
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	116 #if (OPENSSL_VERSION_NUMBER > 0x00907000L)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	117 if (meth->it)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	118 ext_str = ASN1_item_d2i(NULL, &data, ext->value->length,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	119 ASN1_ITEM_ptr(meth->it));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	120 else
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	121 ext_str = meth->d2i(NULL, &data, ext->value->length);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	122 #else
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	123 ext_str = meth->d2i(NULL, &data, ext->value->length);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	124 #endif
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	125 val = meth->i2v(meth, ext_str, NULL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	126 for (j = 0; j < sk_CONF_VALUE_num(val); j++)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	127 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	128 nval = sk_CONF_VALUE_value(val, j);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	129 if (strcmp(nval->name, "DNS") == 0 && strcmp(nval->value, request->hostname) == 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	130 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	131 ok = 1;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	132 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	133 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	134 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	135 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	136 if (ok)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	137 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	138 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	139 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	140
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	141 /* FIXME
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	142 if (!ok && (subj = X509_get_subject_name (cert)) &&
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	143 X509_NAME_get_text_by_NID (subj, NID_commonName, data, 256) > 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	144 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	145 data[sizeof (data) - 1] = '\0';
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	146 if (strcasecmp (data, request->hostname) != 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	147 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	148 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	149 _("The SSL certificate's host %s does not match the host %s that we connected to\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	150 data, request->hostname);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	151 X509_free (cert);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	152 return (X509_V_ERR_APPLICATION_VERIFICATION);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	153 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	154 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	155 */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	156
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	157 X509_free (cert);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	158 return (SSL_get_verify_result(request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	159 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	160
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	161
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	162 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	163 gftp_ssl_startup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	164 {
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	165 char *entropy_source;
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	166
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	167 if (gftp_ssl_initialized)
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	168 return (0);
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	169
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	170 gftp_ssl_initialized = 1;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	171
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	172 /* FIXME _ thread setup */
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	173 if (!SSL_library_init ())
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	174 {
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	175 request->logging_function (gftp_logging_error, request->user_data,
4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	176 _("Cannot initialized the OpenSSL library\n"));
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	177 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	178 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	179
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	180 SSL_load_error_strings ();
174 e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	181
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	182 gftp_lookup_request_option (request, "entropy_source", &entropy_source);
e643d287fe32 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 173 diff changeset	183 RAND_load_file (entropy_source, 1024);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	184
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	185 ctx = SSL_CTX_new (SSLv23_method ());
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	186
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	187 if (SSL_CTX_set_default_verify_paths (ctx) != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	188 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	189 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	190 _("Error loading default SSL certificates\n"));
173 4c288d05b26a 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 169 diff changeset	191 return (GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	192 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	193
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	194 SSL_CTX_set_verify (ctx, SSL_VERIFY_PEER, gftp_ssl_verify_callback);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	195 SSL_CTX_set_verify_depth (ctx, 4);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	196 SSL_CTX_set_options (ctx, SSL_OP_ALL\|SSL_OP_NO_SSLv2);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	197
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	198 if (SSL_CTX_set_cipher_list (ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH") != 1)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	199 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	200 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	201 _("Error setting cipher list (no valid ciphers)\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	202 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	203 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	204
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	205 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	206 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	207
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	208
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	209 int
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	210 gftp_ssl_session_setup (gftp_request * request)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	211 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	212 BIO * bio;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	213 long ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	214
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	215 g_return_val_if_fail (request->datafd > 0, GFTP_EFATAL);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	216
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	217 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	218 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	219 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	220 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	221 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	222 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	223
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	224 if (gftp_fd_set_sockblocking (request, request->datafd, 0) < 0) /* FIXME */
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	225 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	226 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	227 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	228 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	229
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	230 if ((bio = BIO_new (BIO_s_socket ())) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	231 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	232 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	233 _("Error setting up SSL connection (BIO object)\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	234 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	235 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	236
169 d40f9db52cdf 2003-6-8 Brian Masney <masneyb@gftp.org> masneyb parents: 168 diff changeset	237 BIO_set_fd (bio, request->datafd, BIO_NOCLOSE);
168 c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	238
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	239 if ((request->ssl = SSL_new (ctx)) == NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	240 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	241 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	242 _("Error setting up SSL connection (SSL object)\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	243 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	244 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	245
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	246 SSL_set_bio (request->ssl, bio, bio);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	247
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	248 if (SSL_connect (request->ssl) <= 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	249 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	250 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	251 _("Error connecting to SSL object\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	252 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	253 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	254
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	255 if ((ret = gftp_ssl_post_connection_check (request)) != X509_V_OK)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	256 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	257 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	258 _("Error with peer certificate: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	259 X509_verify_cert_error_string (ret));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	260 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	261 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	262
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	263 request->logging_function (gftp_logging_misc, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	264 "SSL connection established using %s (%s)\n",
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	265 SSL_get_cipher_version (request->ssl),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	266 SSL_get_cipher_name (request->ssl));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	267
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	268 return (0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	269 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	270
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	271
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	272 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	273 gftp_ssl_read (gftp_request * request, void *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	274 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	275 ssize_t ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	276 int err;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	277
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	278 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	279 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	280 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	281 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	282 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	283 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	284
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	285 errno = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	286 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	287 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	288 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	289 if ((ret = SSL_read (request->ssl, ptr, size)) < 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	290 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	291 err = SSL_get_error (request->ssl, ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	292 printf ("error is %d\n", err);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	293 if (errno == EINTR)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	294 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	295 if (request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	296 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	297 else
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	298 continue;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	299 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	300
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	301 if (request != NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	302 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	303 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	304 _("Error: Could not read from socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	305 g_strerror (errno));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	306 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	307 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	308 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	309 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	310 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	311 while (errno == EINTR && !(request != NULL && request->cancel));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	312
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	313 if (errno == EINTR && request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	314 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	315 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	316 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	317 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	318
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	319 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	320 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	321
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	322
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	323 ssize_t
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	324 gftp_ssl_write (gftp_request * request, const char *ptr, size_t size, int fd)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	325 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	326 size_t ret, w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	327
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	328 if (!gftp_ssl_initialized)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	329 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	330 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	331 _("Error: SSL engine was not initialized\n"));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	332 return (GFTP_EFATAL);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	333 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	334
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	335 ret = 0;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	336 do
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	337 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	338 w_ret = SSL_write (request->ssl, ptr, size);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	339 if (w_ret <= 0)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	340 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	341 if (errno == EINTR)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	342 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	343 if (request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	344 break;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	345 else
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	346 continue;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	347 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	348
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	349 if (request != NULL)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	350 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	351 request->logging_function (gftp_logging_error, request->user_data,
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	352 _("Error: Could not write to socket: %s\n"),
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	353 g_strerror (errno));
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	354 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	355 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	356 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	357 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	358 ptr += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	359 size -= w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	360 ret += w_ret;
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	361 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	362 while (size > 0);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	363
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	364 if (errno == EINTR && request != NULL && request->cancel)
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	365 {
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	366 gftp_disconnect (request);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	367 return (GFTP_ERETRYABLE);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	368 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	369
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	370 return (ret);
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	371 }
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	372
c505d9ba9d53 2003-6-6 Brian Masney <masneyb@gftp.org> masneyb parents: diff changeset	373 #endif

Mercurial > gftp.yaz

annotate lib/sslcommon.c @ 174:e643d287fe32