1 line
12 KiB
C
1 line
12 KiB
C
|
/* Copyright (c) 2017, Computer History Museum
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted (subject to
the limitations in the disclaimer below) provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of Computer History Museum nor the names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.
NO EXPRESS OR IMPLIED LICENSES TO ANY PARTY'S PATENT RIGHTS ARE GRANTED BY THIS LICENSE. THIS SOFTWARE IS PROVIDED BY THE
COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE. */
#if 0
#define DEBUGASSERT 0
#define DEBUGERR 0
#define DEBUGMESSAGE 0
#define DEBUGDATA 0
#include "ssl.h"
#define MAXSSLPOINTERS 32000
#endif
#include "OpenSSL.h"
#include "myssl.h"
#if 0
#ifndef _SSLCERTS_H_
#include "sslCerts.h"
#endif
#endif
/* NO MORE "relaxed pointer rules"!!! */
#pragma mpwc_relax off
//#define SSL_MEM_CHECK
OSStatus ESSLInit();
OSErr ESSLConnectTrans(TransStream stream, UPtr serverName, long port,Boolean silently,uLong timeout);
OSErr ESSLSendTrans(TransStream stream, UPtr text,long size, ...);
OSErr ESSLReceiveTrans(TransStream stream, UPtr line,long *size);
OSErr ESSLDisTrans(TransStream stream);
OSErr ESSLDestroyTrans(TransStream stream);
OSErr ESSLTransErr(TransStream stream);
void ESSLSilenceTrans(TransStream stream, Boolean silence);
unsigned char * ESSLWhoAmI(TransStream stream, Uptr who);
int SSLVerifyCert ( int, X509_STORE_CTX * );
pascal long ESSLKCCallback(KCEvent keychainEvent, KCCallbackInfo* eventInfo,void *userContext);
// OSStatus ESSLZapContext(SSLContext **context);
OSStatus ESSLStartSSLLo(TransStream stream);
Boolean gKeychainChanged = false, gKeychainProcInstalled = false;
TransVector ESSLSubTrans;
TransVector ESSLTrans = {ESSLConnectTrans,ESSLSendTrans,ESSLReceiveTrans,ESSLDisTrans,ESSLDestroyTrans,ESSLTransErr,ESSLSilenceTrans,nil,ESSLWhoAmI,NetRecvLine,nil};
TransVector ESSLSetupVector(TransVector theTrans)
{
ESSLSubTrans = theTrans;
return ESSLTrans;
}
/* Handshakes SSL. Disposes of the SSL context if it fails. */
OSStatus ESSLStartSSLLo(TransStream stream)
{
OSStatus err = noErr;
Boolean bContinue = true;
Boolean bSuccess = false;
int hsErr;
// If we've already started the SSL stuff, then we're done
if(stream->ESSLSetting & esslSSLInUse)
return noErr;
// Load the cert for the server
// stream->serverName is what we want.
// (void) OpenSSLReadCerts ( stream->ssl, stream->serverName );
// Do the handhake
while ( !bSuccess && bContinue ) {
hsErr = SSL_do_handshake ( stream->ssl );
if ( hsErr == 1 ) // Handshake succeeded.
bSuccess = true;
else if ( hsErr == 0 ) // Handshake failed but shutdown was clean.
bContinue = false;
else { // Handshake experienced temporary or fatal error.
ASSERT ( hsErr < 0 );
switch ( SSL_get_error ( stream->ssl, hsErr )) {
case SSL_ERROR_NONE:
// Shouldn't happen on iRet < 0.
ASSERT(0);
bContinue = false;
break;
case SSL_ERROR_ZERO_RETURN:
case
|