doom3-gpl
Doom 3 GPL source release
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
lib509.c
Go to the documentation of this file.
1 #include "test.h"
2 
3 #ifdef USE_SSLEAY
4 
5 #include <sys/time.h>
6 #include <sys/types.h>
7 
8 #include <openssl/opensslv.h>
9 #include <openssl/x509v3.h>
10 #include <openssl/x509_vfy.h>
11 #include <openssl/crypto.h>
12 #include <openssl/lhash.h>
13 #include <openssl/objects.h>
14 #include <openssl/err.h>
15 #include <openssl/evp.h>
16 #include <openssl/x509.h>
17 #include <openssl/pkcs12.h>
18 #include <openssl/bio.h>
19 #include <openssl/ssl.h>
20 
21 
22 typedef struct sslctxparm_st {
23  CURL* curl;
24  int accesstype ;
25  unsigned char * accessinfoURL ;
26 
27 } sslctxparm;
28 
29 
30 static unsigned char *i2s_ASN1_IA5STRING( ASN1_IA5STRING *ia5)
31 {
32  unsigned char *tmp;
33  if(!ia5 || !ia5->length) return NULL;
34  tmp = OPENSSL_malloc(ia5->length + 1);
35  memcpy(tmp, ia5->data, ia5->length);
36  tmp[ia5->length] = 0;
37  return tmp;
38 }
39 
40 /* A conveniance routine to get an access URI. */
41 
42 static unsigned char *my_get_ext(X509 * cert, const int type,
43  int extensiontype)
44 {
45  int i;
46  STACK_OF(ACCESS_DESCRIPTION) * accessinfo ;
47  accessinfo = X509_get_ext_d2i(cert, extensiontype, NULL, NULL) ;
48 
49  if (!sk_ACCESS_DESCRIPTION_num(accessinfo))
50  return NULL;
51 
52  for (i = 0; i < sk_ACCESS_DESCRIPTION_num(accessinfo); i++) {
53  ACCESS_DESCRIPTION * ad = sk_ACCESS_DESCRIPTION_value(accessinfo, i);
54  if (OBJ_obj2nid(ad->method) == type) {
55  if (ad->location->type == GEN_URI) {
56  return i2s_ASN1_IA5STRING(ad->location->d.ia5);
57  }
58  return NULL;
59  }
60  }
61  return NULL;
62 }
63 
64 void * globalparm = NULL;
65 
66 static int ssl_app_verify_callback(X509_STORE_CTX *ctx, void *arg)
67 {
68  sslctxparm * p = (sslctxparm *) arg;
69  int ok, err;
70 
71  fprintf(stderr,"ssl_app_verify_callback sslctxparm=%p ctx=%p\n",
72  (void *)p, (void*)ctx);
73 
74 #if OPENSSL_VERSION_NUMBER<0x00907000L
75 /* not necessary in openssl 0.9.7 or later */
76 
77  fprintf(stderr,"This version %s of openssl does not support a parm (%p)"
78  ", getting a global static %p \n",
79  OPENSSL_VERSION_TEXT, (void *)p, (void *)globalparm);
80 
81  p = globalparm;
82 #endif
83 
84 /* The following error should not occur. We test this to avoid segfault. */
85  if (!p || !ctx) {
86  fprintf(stderr,"Internal error in ssl_app_verify_callback "
87  "sslctxparm=%p ctx=%p\n",(void *)p,(void*)ctx);
88  return 0;
89  }
90 
91  ok= X509_verify_cert(ctx);
92  err=X509_STORE_CTX_get_error(ctx);
93 
94 /* The following seems to be a problem in 0.9.7/8 openssl versions */
95 
96 #if 1
97  if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
98  err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) {
99  fprintf(stderr,"X509_verify_cert: repairing self signed\n") ;
100  X509_STORE_CTX_set_error(ctx,X509_V_OK);
101  ok = 1;
102  }
103 #endif
104 
105  if (ok && ctx->cert) {
106  unsigned char * accessinfoURL ;
107 
108  accessinfoURL = my_get_ext(ctx->cert,p->accesstype ,NID_info_access);
109  if (accessinfoURL) {
110 
111  if (strcmp((char *)p->accessinfoURL, (char *)accessinfoURL)) {
112  fprintf(stderr, "Setting URL <%s>, was <%s>\n",
113  accessinfoURL,p->accessinfoURL);
114  OPENSSL_free(p->accessinfoURL);
115  p->accessinfoURL = accessinfoURL;
116  curl_easy_setopt(p->curl, CURLOPT_URL,p->accessinfoURL);
117  }
118  else
119  OPENSSL_free(accessinfoURL);
120  }
121  }
122  return(ok);
123 }
124 
125 
126 static CURLcode sslctxfun(CURL * curl, void * sslctx, void * parm)
127 {
128  sslctxparm * p = (sslctxparm *) parm;
129 
130  SSL_CTX * ctx = (SSL_CTX *) sslctx ;
131  fprintf(stderr,"sslctxfun start curl=%p ctx=%p parm=%p\n",
132  (void *)curl,(void *)ctx,(void *)p);
133 
134  SSL_CTX_set_quiet_shutdown(ctx,1);
135  SSL_CTX_set_cipher_list(ctx,"RC4-MD5");
136  SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
137 
138 /* one might assume that the cert validaton would not fail when setting this,
139  but it still does, see the error handling in the call back */
140 
141  SSL_CTX_set_verify_depth(ctx,0);
142  SSL_CTX_set_verify(ctx,SSL_VERIFY_NONE,NULL);
143 
144 #if OPENSSL_VERSION_NUMBER<0x00907000L
145 /* in newer openssl versions we can set a parameter for the call back. */
146  fprintf(stderr,"This version %s of openssl does not support a parm,"
147  " setting global one\n", OPENSSL_VERSION_TEXT);
148  /* this is only done to support 0.9.6 version */
149  globalparm = parm;
150 
151 /* in 0.9.6 the parm is not taken */
152 #endif
153  SSL_CTX_set_cert_verify_callback(ctx, ssl_app_verify_callback, parm);
154  fprintf(stderr,"sslctxfun end\n");
155 
156  return CURLE_OK ;
157 }
158 
159 int test(char *URL)
160 {
161  CURLM* multi;
162  sslctxparm p;
163 
164  int i;
165  CURLMsg *msg;
166 
167  curl_global_init(CURL_GLOBAL_ALL);
168 
169  p.curl = curl_easy_init();
170 
171  p.accessinfoURL = (unsigned char *) strdup(URL);
172  p.accesstype = OBJ_obj2nid(OBJ_txt2obj("AD_DVCS",0)) ;
173 
174  curl_easy_setopt(p.curl, CURLOPT_URL, p.accessinfoURL);
175 
176  curl_easy_setopt(p.curl, CURLOPT_SSL_CTX_FUNCTION, sslctxfun) ;
177  curl_easy_setopt(p.curl, CURLOPT_SSL_CTX_DATA, &p);
178 
179  curl_easy_setopt(p.curl, CURLOPT_SSL_VERIFYPEER, FALSE);
180  curl_easy_setopt(p.curl, CURLOPT_SSL_VERIFYHOST, 1);
181 
182  fprintf(stderr,"Going to perform %s\n",p.accessinfoURL);
183 
184  {
185  CURLMcode res;
186  int running;
187  char done=FALSE;
188 
189  multi = curl_multi_init();
190 
191  res = curl_multi_add_handle(multi, p.curl);
192 
193  while(!done) {
194  fd_set rd, wr, exc;
195  int max_fd;
196  struct timeval interval;
197 
198  interval.tv_sec = 1;
199  interval.tv_usec = 0;
200 
201  while (res == CURLM_CALL_MULTI_PERFORM) {
202  res = curl_multi_perform(multi, &running);
203  fprintf(stderr, "running=%d res=%d\n",running,res);
204  if (running <= 0) {
205  done = TRUE;
206  break;
207  }
208  }
209  if(done)
210  break;
211 
212  if (res != CURLM_OK) {
213  fprintf(stderr, "not okay???\n");
214  return 80;
215  }
216 
217  FD_ZERO(&rd);
218  FD_ZERO(&wr);
219  FD_ZERO(&exc);
220  max_fd = 0;
221 
222  if (curl_multi_fdset(multi, &rd, &wr, &exc, &max_fd) != CURLM_OK) {
223  fprintf(stderr, "unexpected failured of fdset.\n");
224  return 89;
225  }
226 
227  if (select(max_fd+1, &rd, &wr, &exc, &interval) == -1) {
228  fprintf(stderr, "bad select??\n");
229  return 95;
230  }
231 
232  res = CURLM_CALL_MULTI_PERFORM;
233  }
234  msg = curl_multi_info_read(multi, &running);
235  /* this should now contain a result code from the easy handle, get it */
236  i = msg->data.result;
237  }
238 
239  fprintf(stderr, "all done\n");
240 
241  curl_multi_remove_handle(multi, p.curl);
242  curl_easy_cleanup(p.curl);
243  curl_multi_cleanup(multi);
244 
245  curl_global_cleanup();
246  free(p.accessinfoURL);
247 
248  return i;
249 }
250 #else /* USE_SSLEAY */
251 int test(char *URL)
252 {
253  (void)URL;
254  return CURLE_FAILED_INIT;
255 }
256 #endif /* USE_SSLEAY */
curl_global_init
CURLcode curl_global_init(long flags)
Globally initializes cURL given a bitwise set of the different features to initialize.
Definition: easy.c:147
strcmp
#define strcmp
Definition: Str.h:41
curl_multi_fdset
CURLMcode curl_multi_fdset(CURLM *multi_handle, fd_set *read_fd_set, fd_set *write_fd_set, fd_set *exc_fd_set, int *max_fd)
Definition: multi.c:231
CURLMsg::data
union CURLMsg::@3 data
timeval::tv_sec
long tv_sec
Definition: timeval.h:37
CURLcode
CURLcode
Definition: curl.h:209
CURLMsg::result
CURLcode result
Definition: multi.h:100
type
GLuint GLuint GLsizei GLenum type
Definition: glext.h:2845
curl_easy_setopt
CURLcode curl_easy_setopt(CURL *curl, CURLoption option,...)
Definition: easy.c:217
process.i
int i
Definition: process.py:33
sslctxparm_st
Definition: curlx.c:119
curl_global_cleanup
void curl_global_cleanup(void)
Globally cleanup cURL, uses the value of "init_flags" to determine what needs to be cleaned up and ...
Definition: easy.c:174
curl_multi_remove_handle
CURLMcode curl_multi_remove_handle(CURLM *multi_handle, CURL *curl_handle)
Definition: multi.c:182
NULL
#define NULL
Definition: Lib.h:88
select
#define select(args...)
Definition: amigaos.h:39
curl_multi_init
CURLM * curl_multi_init(void)
Definition: multi.c:114
curl_multi_cleanup
CURLMcode curl_multi_cleanup(CURLM *multi_handle)
Definition: multi.c:583
CURLE_OK
Definition: curl.h:210
strdup
char * strdup(char *s1)
Definition: main.c:183
CURLMcode
CURLMcode
Definition: multi.h:78
err
static WindowRef ValidModeCallbackProc inCallback OSStatus err
Definition: PreferencesDialog.cpp:708
curl_multi_perform
CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
Definition: multi.c:306
test
int test(char *URL)
Definition: lib509.c:251
CURLM
void CURLM
Definition: multi.h:76
void
typedef void(APIENTRYP PFNGLBLENDCOLORPROC)(GLclampf red
FALSE
#define FALSE
Definition: mprintf.c:70
CURLM_OK
Definition: multi.h:80
CURL
void CURL
Definition: types.h:25
res
GLuint res
Definition: glext.h:5385
TRUE
#define TRUE
Definition: mprintf.c:69
curl_multi_add_handle
CURLMcode curl_multi_add_handle(CURLM *multi_handle, CURL *curl_handle)
Definition: multi.c:134
CURLMsg
Definition: multi.h:95
CURL_GLOBAL_ALL
#define CURL_GLOBAL_ALL
Definition: curl.h:1153
p
GLfloat GLfloat p
Definition: glext.h:4674
curl_easy_cleanup
void curl_easy_cleanup(CURL *curl)
Definition: easy.c:288
curl_easy_init
CURL * curl_easy_init(void)
Definition: easy.c:195
curl_multi_info_read
CURLMsg * curl_multi_info_read(CURLM *multi_handle, int *msgs_in_queue)
Definition: multi.c:614
sslctxparm
struct sslctxparm_st sslctxparm
This page is maintained by Wladimir van der Laan. Generated on Mon Nov 17 2014 12:23:15 for doom3-gpl by doxygen 1.8.6.