diff --git a/ttcn/modules/titan.TestPorts.Common_Components.Abstract_Socket/module/src/Abstract_Socket.cc b/ttcn/modules/titan.TestPorts.Common_Components.Abstract_Socket/module/src/Abstract_Socket.cc old mode 100644 new mode 100755 index 910c13e..9d93bed --- a/ttcn/modules/titan.TestPorts.Common_Components.Abstract_Socket/module/src/Abstract_Socket.cc +++ b/ttcn/modules/titan.TestPorts.Common_Components.Abstract_Socket/module/src/Abstract_Socket.cc @@ -1,28 +1,17 @@ /****************************************************************************** -* Copyright (c) 2000-2019 Ericsson Telecom AB -* All rights reserved. This program and the accompanying materials -* are made available under the terms of the Eclipse Public License v2.0 -* which accompanies this distribution, and is available at -* https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.html -* -* Contributors: -* Zoltan Bibo - initial implementation and initial documentation -* Gergely Futo -* Oliver Ferenc Czerman -* Balasko Jeno -* Zoltan Bibo -* Eduard Czimbalmos -* Kulcsár Endre -* Gabor Szalai -* Jozsef Gyurusi -* Csöndes Tibor -* Zoltan Jasz -******************************************************************************/ + * Copyright (c) 2000-2025 Ericsson Telecom AB + * All rights reserved. This program and the accompanying materials + * are made available under the terms of the Eclipse Public License v2.0 + * which accompanies this distribution, and is available at + * https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.html + ******************************************************************************/ // // File: Abstract_Socket.cc // Description: Abstract_Socket implementation file -// Rev: R9B +// Rev: // Prodnr: CNL 113 384 +// Updated: 2012-08-07 +// Contact: http://ttcn.ericsson.se // #include "Abstract_Socket.hh" @@ -254,20 +243,16 @@ bool Abstract_Socket::parameter_set(const char *parameter_name, Free(local_host_name); local_host_name = mcopystr(parameter_value); } else if(strcmp(parameter_name, remote_port_name()) == 0){ - int a; - if (sscanf(parameter_value, "%d", &a)!=1) log_error("Invalid input as port number given: %s", parameter_value); - if (a>65535 || a<0){ log_error("Port number must be between 0 and 65535, %d is given", remote_port_number);} - else {remote_port_number=a;} + if (sscanf(parameter_value, "%d", &remote_port_number)!=1) log_error("Invalid input as port number given: %s", parameter_value); + if (remote_port_number>65535 || remote_port_number<0) log_error("Port number must be between 0 and 65535, %d is given", remote_port_number); } else if(strcmp(parameter_name, ai_family_name()) == 0){ if (strcasecmp(parameter_value,"IPv6")==0 || strcasecmp(parameter_value,"AF_INET6")==0) ai_family = AF_INET6; else if (strcasecmp(parameter_value,"IPv4")==0 || strcasecmp(parameter_value,"AF_INET")==0) ai_family = AF_INET; else if (strcasecmp(parameter_value,"UNSPEC")==0 || strcasecmp(parameter_value,"AF_UNSPEC")==0) ai_family = AF_UNSPEC; else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ai_family_name()); } else if(strcmp(parameter_name, local_port_name()) == 0){ - int a; - if (sscanf(parameter_value, "%d", &a)!=1) log_error("Invalid input as port number given: %s", parameter_value); - if (a>65535 || a<0) {log_error("Port number must be between 0 and 65535, %d is given", local_port_number);} - else {local_port_number=a;} + if (sscanf(parameter_value, "%d", &local_port_number)!=1) log_error("Invalid input as port number given: %s", parameter_value); + if (local_port_number>65535 || local_port_number<0) log_error("Port number must be between 0 and 65535, %d is given", local_port_number); } else if (strcmp(parameter_name, nagling_name()) == 0) { if (strcasecmp(parameter_value,"yes")==0) nagling = true; else if (strcasecmp(parameter_value,"no")==0) nagling = false; @@ -316,14 +301,16 @@ void Abstract_Socket::Handle_Socket_Event(int fd, boolean is_readable, boolean i } else { if(shutdown(fd, SHUT_RD) != 0) { if(errno == ENOTCONN) { + remove_client(fd); + peer_disconnected(fd); errno = 0; - } else { + } else log_error("shutdown(SHUT_RD) system call failed"); - } + } else { + client_data->tcp_state = CLOSE_WAIT; + Remove_Fd_Read_Handler(fd); + peer_half_closed(fd); } - client_data->tcp_state = CLOSE_WAIT; - Remove_Fd_Read_Handler(fd); - peer_half_closed(fd); } } // switch (client_data->reading_state) } else if (messageLength > 0) { @@ -425,7 +412,6 @@ int Abstract_Socket::receive_message_on_fd(int client_id) size_t end_len=AS_TCP_CHUNCK_SIZE; recv_tb->get_end(end_ptr, end_len); int messageLength = recv(client_id, (char *)end_ptr, end_len, 0); - log_debug("========> receive_message_on_fd errno: '%d', '%s'", errno, strerror(errno)); if (messageLength==0) return messageLength; // peer disconnected else if (messageLength < 0) { log_warning("Error when reading the received TCP PDU: %s", strerror(errno)); @@ -464,11 +450,12 @@ int Abstract_Socket::send_message_on_nonblocking_fd(int client_id, log_debug("entering Abstract_Socket::" "send_message_on_nonblocking_fd(id: %d)", client_id); - as_client_struct * client_data = get_peer(client_id); + as_client_struct * client_data; int sent_len = 0; while(sent_len < length){ int ret; log_debug("Abstract_Socket::send_message_on_nonblocking_fd(id: %d): new iteration", client_id); + client_data = get_peer(client_id); if (client_data->reading_state == STATE_DONT_CLOSE){ goto client_closed_connection; } else ret = send(client_id, send_par + sent_len, length - sent_len, 0); @@ -549,7 +536,7 @@ const PacketHeaderDescr* Abstract_Socket::Get_Header_Descriptor() const return NULL; } -void Abstract_Socket::peer_connected(int /*client_id*/, sockaddr_in& /*remote_addr*/) +void Abstract_Socket::peer_connected(int client_id, sockaddr_in& remote_addr) { } @@ -614,8 +601,8 @@ void Abstract_Socket::map_user() char remotePort[6]; char localPort[6]; - sprintf(localPort, "%u", local_port_number); - sprintf(remotePort, "%u", remote_port_number); + sprintf(localPort, "%d", local_port_number); + sprintf(remotePort, "%d", remote_port_number); if(!use_connection_ASPs) { @@ -797,7 +784,6 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc log_warning("Cannot open socket when trying to open the listen port: %s", strerror(errno)); listen_port_opened(-1); errno = 0; - freeaddrinfo(aip); return -1; } else log_error("Cannot open socket"); @@ -815,7 +801,6 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc log_warning("Setsockopt failed when trying to open the listen port: %s", strerror(errno)); listen_port_opened(-1); errno = 0; - freeaddrinfo(aip); return -1; } else log_error("Setsockopt failed"); @@ -828,10 +813,10 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc log_debug("Bind to port..."); if (bind(listen_fd, res->ai_addr, res->ai_addrlen) == -1) { - error = errno; // save it for the warning message close(listen_fd); listen_fd = -1; log_debug("Cannot bind to port when trying to open the listen port: %s", strerror(errno)); + error = errno; // save it for the warning message errno = 0; continue; } @@ -843,8 +828,8 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc { log_warning("Cannot bind to port when trying to open the listen port: %s", strerror(error)); listen_port_opened(-1); + error = errno; // save it for the warning message error = 0; - freeaddrinfo(aip); return -1; } else log_error("Cannot bind to port"); @@ -858,7 +843,6 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc log_warning("Cannot listen at port when trying to open the listen port: %s", strerror(errno)); listen_port_opened(-1); errno = 0; - freeaddrinfo(aip); return -1; } else log_error("Cannot listen at port"); @@ -877,14 +861,13 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc log_warning("getsockname() system call failed on the server socket when trying to open the listen port: %s", strerror(errno)); listen_port_opened(-1); errno = 0; - freeaddrinfo(aip); return -1; } else log_error("getsockname() system call failed on the server socket"); } char hname[NI_MAXHOST]; char sname[NI_MAXSERV]; -/* error = getnameinfo(res->ai_addr, res->ai_addrlen, + error = getnameinfo(res->ai_addr, res->ai_addrlen, hname, sizeof (hname), sname, sizeof (sname), NI_NUMERICSERV); if (error) { close(listen_fd); @@ -893,14 +876,13 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc { log_warning("getnameinfo() system call failed on the server socket when trying to open the listen port: %s", gai_strerror(error)); listen_port_opened(-1); - freeaddrinfo(aip); return -1; } else log_error("getsockname() system call failed on the server socket"); } else { log_debug("Listening on (name): %s/%s\n", hname, sname); - }*/ + } error = getnameinfo(res->ai_addr, res->ai_addrlen, hname, sizeof (hname), sname, sizeof (sname), NI_NUMERICHOST|NI_NUMERICSERV); if (error) { @@ -910,7 +892,6 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc { log_warning("getnameinfo() system call failed on the server socket when trying to open the listen port: %s", gai_strerror(error)); listen_port_opened(-1); - freeaddrinfo(aip); return -1; } else log_error("getsockname() system call failed on the server socket"); @@ -932,12 +913,11 @@ int Abstract_Socket::open_listen_port(const char* localHostname, const char* loc if(use_connection_ASPs) listen_port_opened(listenPort); - freeaddrinfo(aip); return listenPort; #endif } -void Abstract_Socket::listen_port_opened(int /*port_number*/) +void Abstract_Socket::listen_port_opened(int port_number) { // Intentionally blank } @@ -1084,9 +1064,7 @@ int Abstract_Socket::open_client_connection(const struct sockaddr_in & new_remot Add_Fd_Read_Handler(socket_fd); // Done here - as in case of error: remove_client expects the handler as added log_debug("Abstract_Socket::open_client_connection(). Handler set to socket fd %d", socket_fd); client_data->fd_buff = new TTCN_Buffer; -// client_data->clientAddr = *(struct sockaddr_storage*)&new_remote_addr; - memset(&client_data->clientAddr,0,sizeof(client_data->clientAddr)); - memcpy(&client_data->clientAddr,&new_remote_addr,sizeof(new_remote_addr)); + client_data->clientAddr = *(struct sockaddr_storage*)&new_remote_addr; client_data->clientAddrlen = sizeof(new_remote_addr); client_data->tcp_state = ESTABLISHED; client_data->reading_state = STATE_NORMAL; @@ -1259,22 +1237,22 @@ int Abstract_Socket::open_client_connection(const char* remoteHostname, const ch ); if(bind(socket_fd, aip2->ai_addr, aip2->ai_addrlen)<0) { -/* if(use_connection_ASPs) // the if else branches are the same - {*/ + if(use_connection_ASPs) + { log_debug("Cannot bind to port when trying to open client connection: %s", strerror(errno)); //client_connection_opened(-1); //freeaddrinfo(localAddrinfo); errno = 0; continue; //aip2 cycle //return -1; -/* } + } else { //freeaddrinfo(localAddrinfo); //log_error("Cannot bind to port."); log_debug("Cannot bind to port when trying to open client connection: %s", strerror(errno)); errno = 0; continue; //aip2 cycle - }*/ + } } log_debug("Bind successful on client."); freeaddrinfo(localAddrinfo); @@ -1358,7 +1336,7 @@ int Abstract_Socket::open_client_connection(const char* remoteHostname, const ch } char hname[NI_MAXHOST]; char sname[NI_MAXSERV]; -/* error = getnameinfo(aip->ai_addr, aip->ai_addrlen, + error = getnameinfo(aip->ai_addr, aip->ai_addrlen, hname, sizeof (hname), sname, sizeof (sname), NI_NUMERICSERV); if (error) { close(socket_fd); @@ -1373,19 +1351,18 @@ int Abstract_Socket::open_client_connection(const char* remoteHostname, const ch log_debug("Connection established (name): %s/%s -> %s/%s\n", hname, sname, remoteHostname, remoteServicename); - }*/ + } error = getnameinfo(aip->ai_addr, aip->ai_addrlen, hname, sizeof (hname), sname, sizeof (sname), NI_NUMERICHOST|NI_NUMERICSERV); if (error) { -/* close(socket_fd); + close(socket_fd); if(use_connection_ASPs) { log_warning("getnameinfo() system call failed on the client socket when trying to connect to server: %s", gai_strerror(error)); -// client_connection_opened(-1); -// return -1; + client_connection_opened(-1); + return -1; } - else*/ - log_warning("getnameinfo() system call failed on the client socket when trying to connect to server: %s", gai_strerror(error)); + else log_error("getnameinfo() system call failed on the client socket when trying to connect to server: %s", gai_strerror(error)); } else { log_debug("Connection established (addr): %s/%s -> %s/%s\n", hname, sname, @@ -1421,20 +1398,18 @@ int Abstract_Socket::open_client_connection(const char* remoteHostname, const ch return -1; } else log_error("Set blocking mode failed."); - } + } as_client_struct * client_data=peer_list_add_peer(socket_fd); Add_Fd_Read_Handler(socket_fd); // Done here - as in case of error: remove_client expects the handler as added log_debug("Abstract_Socket::open_client_connection(). Handler set to socket fd %d", socket_fd); client_data->fd_buff = new TTCN_Buffer; -// client_data->clientAddr = *(struct sockaddr_storage*)aip->ai_addr; - memset(&client_data->clientAddr,0,sizeof(client_data->clientAddr)); - memcpy(&client_data->clientAddr,aip->ai_addr,sizeof(*aip->ai_addr)); + client_data->clientAddr = *(struct sockaddr_storage*)aip->ai_addr; client_data->clientAddrlen = aip->ai_addrlen; client_data->tcp_state = ESTABLISHED; client_data->reading_state = STATE_NORMAL; - freeaddrinfo(res); + freeaddrinfo(res); if (!add_user_data(socket_fd)) { remove_client(socket_fd); @@ -1449,7 +1424,7 @@ int Abstract_Socket::open_client_connection(const char* remoteHostname, const ch } -void Abstract_Socket::client_connection_opened(int /*client_id*/) +void Abstract_Socket::client_connection_opened(int client_id) { // Intentionally blank } @@ -1463,7 +1438,7 @@ void Abstract_Socket::unmap_user() log_debug("leaving Abstract_Socket::unmap_user()"); } -void Abstract_Socket::peer_disconnected(int /*fd*/) +void Abstract_Socket::peer_disconnected(int fd) { // virtual peer_disconnected() needs to be overriden in test ports! if(!use_connection_ASPs) { @@ -1547,19 +1522,11 @@ void Abstract_Socket::send_outgoing(const unsigned char* send_par, int length, i nrOfBytesSent = use_non_blocking_socket ? send_message_on_nonblocking_fd(dest_fd, send_par, length) : send_message_on_fd(dest_fd, send_par, length); - if (nrOfBytesSent == -1){ - log_debug("Client %d closed connection. Error: %d %s", client_id, errno, strerror(errno)); - report_unsent(dest_fd,length,nrOfBytesSent,send_par,"Client closed the connection"); - - if(client_data->tcp_state == CLOSE_WAIT){ - log_debug("Client %d waiting for close ASP.", client_id); - } else { - errno = 0; - log_debug("Client %d closed connection", client_id); - client_data->tcp_state = CLOSE_WAIT; - Remove_Fd_Read_Handler(dest_fd); - peer_half_closed(dest_fd); - } + if (nrOfBytesSent == -1 && errno == EPIPE){ // means connection was interrupted by peer + errno = 0; + log_debug("Client %d closed connection", client_id); + remove_client(dest_fd); + peer_disconnected(dest_fd); }else if (nrOfBytesSent != length) { char *error_text=mprintf("Send system call failed: %d bytes were sent instead of %d", nrOfBytesSent, length); report_error(client_id,length,nrOfBytesSent,send_par,error_text); @@ -1570,16 +1537,11 @@ void Abstract_Socket::send_outgoing(const unsigned char* send_par, int length, i log_debug("leaving Abstract_Socket::send_outgoing()"); } -void Abstract_Socket::report_error(int /*client_id*/, int /*msg_length*/, int /*sent_length*/, const unsigned char* /*msg*/, const char* error_text) +void Abstract_Socket::report_error(int client_id, int msg_length, int sent_length, const unsigned char* msg, const char* error_text) { log_error("%s",error_text); } -void Abstract_Socket::report_unsent(int /*client_id*/, int /*msg_length*/, int /*sent_length*/, const unsigned char* /*msg*/, const char* error_text) -{ - log_debug("%s",error_text); -} - void Abstract_Socket::all_mandatory_configparameters_present() { if(!use_connection_ASPs) @@ -1813,6 +1775,7 @@ void Abstract_Socket::peer_list_resize_list(int client_id) { new_length++; // index starts from 0 log_debug("Abstract_Socket::peer_list_resize_list: Resizing to %d", new_length); peer_list_root = (as_client_struct **)Realloc(peer_list_root, new_length*sizeof(as_client_struct *)); + log_debug("Abstract_Socket::peer_list_resize_list: After Resizing: %p", peer_list_root); // initialize new entries for (int i = peer_list_length; i < new_length; i++) @@ -1974,13 +1937,6 @@ SSL_Socket::SSL_Socket() ssl_password=NULL; test_port_type=NULL; test_port_name=NULL; - ssl_ctx = NULL; - ssl_current_ssl = NULL; - SSLv2=true; - SSLv3=true; - TLSv1=true; - TLSv1_1=true; - TLSv1_2=true; } SSL_Socket::SSL_Socket(const char *tp_type, const char *tp_name) @@ -1997,13 +1953,6 @@ SSL_Socket::SSL_Socket(const char *tp_type, const char *tp_name) ssl_password=NULL; test_port_type=tp_type; test_port_name=tp_name; - ssl_ctx = NULL; - ssl_current_ssl = NULL; - SSLv2=true; - SSLv3=true; - TLSv1=true; - TLSv1_1=true; - TLSv1_2=true; } SSL_Socket::~SSL_Socket() @@ -2056,26 +2005,6 @@ bool SSL_Socket::parameter_set(const char *parameter_name, if(strcasecmp(parameter_value, "yes") == 0) ssl_verify_certificate = true; else if(strcasecmp(parameter_value, "no") == 0) ssl_verify_certificate = false; else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_verifycertificate_name()); - } else if(strcasecmp(parameter_name, ssl_disable_SSLv2()) == 0) { - if(strcasecmp(parameter_value, "yes") == 0) SSLv2= false; - else if(strcasecmp(parameter_value, "no") == 0) SSLv2 = true; - else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_disable_SSLv2()); - } else if(strcasecmp(parameter_name, ssl_disable_SSLv3()) == 0) { - if(strcasecmp(parameter_value, "yes") == 0) SSLv2 = false; - else if(strcasecmp(parameter_value, "no") == 0) SSLv2 = true; - else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_disable_SSLv3()); - } else if(strcasecmp(parameter_name, ssl_disable_TLSv1()) == 0) { - if(strcasecmp(parameter_value, "yes") == 0) TLSv1= false; - else if(strcasecmp(parameter_value, "no") == 0) TLSv1 = true; - else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_disable_TLSv1()); - } else if(strcasecmp(parameter_name, ssl_disable_TLSv1_1()) == 0) { - if(strcasecmp(parameter_value, "yes") == 0) TLSv1_1 = false; - else if(strcasecmp(parameter_value, "no") == 0) TLSv1_1 = true; - else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_disable_TLSv1_1()); - } else if(strcasecmp(parameter_name, ssl_disable_TLSv1_2()) == 0) { - if(strcasecmp(parameter_value, "yes") == 0) TLSv1_2 = false; - else if(strcasecmp(parameter_value, "no") == 0) TLSv1_2 = true; - else log_error("Parameter value '%s' not recognized for parameter '%s'", parameter_value, ssl_disable_TLSv1_2()); } else { log_debug("leaving SSL_Socket::parameter_set(%s, %s)", parameter_name, parameter_value); return Abstract_Socket::parameter_set(parameter_name, parameter_value); @@ -2102,32 +2031,6 @@ bool SSL_Socket::add_user_data(int client_id) { if (ssl_current_ssl==NULL) log_error("Creation of SSL object failed"); -#ifdef SSL_OP_NO_SSLv2 - if(!SSLv2){ - SSL_set_options(ssl_current_ssl,SSL_OP_NO_SSLv2); - } -#endif -#ifdef SSL_OP_NO_SSLv3 - if(!SSLv3){ - SSL_set_options(ssl_current_ssl,SSL_OP_NO_SSLv3); - } -#endif -#ifdef SSL_OP_NO_TLSv1 - if(!TLSv1){ - SSL_set_options(ssl_current_ssl,SSL_OP_NO_TLSv1); - } -#endif -#ifdef SSL_OP_NO_TLSv1_1 - if(!TLSv1_1){ - SSL_set_options(ssl_current_ssl,SSL_OP_NO_TLSv1_1); - } -#endif -#ifdef SSL_OP_NO_TLSv1_2 - if(!TLSv1_2){ - SSL_set_options(ssl_current_ssl,SSL_OP_NO_TLSv1_2); - } -#endif - set_user_data(client_id, ssl_current_ssl); log_debug("New client added with key '%d'", client_id); log_debug("Binding SSL to the socket"); @@ -2362,10 +2265,9 @@ int SSL_Socket::send_message_on_fd(int client_id, const unsigned char* send_par, log_debug("SSL_ERROR_ZERO_RETURN is received, setting SSL SHUTDOWN mode to QUIET"); ssl_current_client=NULL; log_debug("leaving SSL_Socket::send_message_on_fd()"); - return -1; + return 0; default: - log_debug("SSL error occured"); - return -1; + log_error("SSL error occured"); } } // avoid compiler warnings @@ -2457,8 +2359,7 @@ int SSL_Socket::send_message_on_nonblocking_fd(int client_id, const unsigned cha case SSL_ERROR_ZERO_RETURN: goto client_closed_connection; default: - log_warning("SSL error occured"); - return -1; + log_error("SSL error occured"); } } @@ -2547,11 +2448,6 @@ const char* SSL_Socket::ssl_certificate_file_name() { return "ssl_certific const char* SSL_Socket::ssl_password_name() { return "ssl_private_key_password";} const char* SSL_Socket::ssl_cipher_list_name() { return "ssl_allowed_ciphers_list";} const char* SSL_Socket::ssl_verifycertificate_name() { return "ssl_verify_certificate";} -const char* SSL_Socket::ssl_disable_SSLv2() { return "ssl_disable_SSLv2";} -const char* SSL_Socket::ssl_disable_SSLv3() { return "ssl_disable_SSLv3";} -const char* SSL_Socket::ssl_disable_TLSv1() { return "ssl_disable_TLSv1";} -const char* SSL_Socket::ssl_disable_TLSv1_1() { return "ssl_disable_TLSv1_1";} -const char* SSL_Socket::ssl_disable_TLSv1_2() { return "ssl_disable_TLSv1_2";} void SSL_Socket::ssl_actions_to_seed_PRNG() { @@ -2654,10 +2550,10 @@ void SSL_Socket::ssl_init_SSL() // check the other side's certificates if (ssl_verify_certificate) { - log_debug("Setting verification behaviour: verification required and do not allow to continue on failure.."); + log_debug("Setting verification behaviour: verification required and do not allow to continue on failure"); SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, ssl_verify_callback); } else { - log_debug("Setting verification behaviour: verification not required and do allow to continue on failure.."); + log_debug("Setting verification behaviour: verification not required and do allow to continue on failure"); SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, ssl_verify_callback); } @@ -2757,7 +2653,7 @@ int SSL_Socket::ssl_getresult(int res) return err; } -int SSL_Socket::ssl_verify_certificates_at_handshake(int /*preverify_ok*/, X509_STORE_CTX */*ssl_ctx*/) { +int SSL_Socket::ssl_verify_certificates_at_handshake(int preverify_ok, X509_STORE_CTX *ssl_ctx) { // don't care by default return -1; } @@ -2765,7 +2661,7 @@ int SSL_Socket::ssl_verify_certificates_at_handshake(int /*preverify_ok*/, X50 // Callback function used by OpenSSL. // Called when a password is needed to decrypt the private key file. // NOTE: not thread safe -int SSL_Socket::ssl_password_cb(char *buf, int num, int /*rwflag*/,void */*userdata*/) { +int SSL_Socket::ssl_password_cb(char *buf, int num, int rwflag,void *userdata) { if (ssl_current_client!=NULL) { char *ssl_client_password; @@ -2795,23 +2691,18 @@ int SSL_Socket::ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ssl_ctx) ctx_pointer = SSL_get_SSL_CTX(ssl_pointer); if (ssl_current_client!=NULL) { - // if ssl_verifiycertificate == "no", then always accept connections - if(((SSL_Socket *)ssl_current_client)->ssl_verify_certificate) { - user_result=((SSL_Socket *)ssl_current_client)->ssl_verify_certificates_at_handshake(preverify_ok, ssl_ctx); - if (user_result>=0) return user_result; - } else { - return 1; - } + user_result=((SSL_Socket *)ssl_current_client)->ssl_verify_certificates_at_handshake(preverify_ok, ssl_ctx); + if (user_result>=0) return user_result; } else { // go on with default authentication fprintf(stderr, "Warning: no current SSL object found but ssl_verify_callback is called, programming error\n"); } // if ssl_verifiycertificate == "no", then always accept connections - if (SSL_CTX_get_verify_mode(ctx_pointer) == SSL_VERIFY_NONE) + if (SSL_CTX_get_verify_mode(ctx_pointer) && SSL_VERIFY_NONE) return 1; // if ssl_verifiycertificate == "yes", then accept connections only if the // certificate is valid - else if (SSL_CTX_get_verify_mode(ctx_pointer) & SSL_VERIFY_PEER) { + else if (SSL_CTX_get_verify_mode(ctx_pointer) && SSL_VERIFY_PEER) { return preverify_ok; } // something went wrong