📄 cryptses.c
字号:
}
static int processSetAttributeS( SESSION_INFO *sessionInfoPtr,
void *messageDataPtr, const int messageValue )
{
RESOURCE_DATA *msgData = ( RESOURCE_DATA * ) messageDataPtr;
/* Handle the various information types */
switch( messageValue )
{
case CRYPT_OPTION_NET_SOCKS_SERVER:
case CRYPT_OPTION_NET_SOCKS_USERNAME:
case CRYPT_OPTION_NET_HTTP_PROXY:
/* These aren't implemented on a per-session level yet since
they're almost never user */
return( CRYPT_ARGERROR_VALUE );
case CRYPT_SESSINFO_USERNAME:
assert( msgData->length <= CRYPT_MAX_TEXTSIZE );
if( sessionInfoPtr->userNameLength > 0 && \
!( sessionInfoPtr->type == CRYPT_SESSION_SSL && \
sessionInfoPtr->flags & SESSION_ISSERVER ) )
return( exitErrorInited( sessionInfoPtr,
CRYPT_SESSINFO_USERNAME ) );
if( isPKIUserValue( msgData->data, msgData->length ) )
{
/* It's an encoded user value, make sure that it's in order.
We store the encoded form at this stage in case the user
tries to read it back */
const int status = decodePKIUserValue( NULL, msgData->data,
msgData->length );
if( cryptStatusError( status ) )
return( status );
sessionInfoPtr->flags |= SESSION_ISENCODEDUSERID;
}
memcpy( sessionInfoPtr->userName, msgData->data,
msgData->length );
sessionInfoPtr->userNameLength = msgData->length;
if( sessionInfoPtr->flags & SESSION_CHANGENOTIFY_USERID )
{
assert( sessionInfoPtr->setAttributeFunction != NULL );
/* Reflect the change down to the protocol-specific code */
return( sessionInfoPtr->setAttributeFunction( sessionInfoPtr,
messageDataPtr, CRYPT_SESSINFO_USERNAME ) );
}
return( CRYPT_OK );
case CRYPT_SESSINFO_PASSWORD:
assert( msgData->length <= CRYPT_MAX_TEXTSIZE );
if( sessionInfoPtr->passwordLength > 0 && \
!( sessionInfoPtr->type == CRYPT_SESSION_SSL && \
sessionInfoPtr->flags & SESSION_ISSERVER ) )
return( exitErrorInited( sessionInfoPtr,
CRYPT_SESSINFO_PASSWORD ) );
if( isPKIUserValue( msgData->data, msgData->length ) )
{
BYTE decodedPassword[ CRYPT_MAX_TEXTSIZE ];
int status;
/* It's an encoded user value, make sure that it's in order */
status = decodePKIUserValue( decodedPassword, msgData->data,
msgData->length );
zeroise( decodedPassword, CRYPT_MAX_TEXTSIZE );
if( cryptStatusError( status ) )
return( status );
sessionInfoPtr->flags |= SESSION_ISENCODEDPW;
}
memcpy( sessionInfoPtr->password, msgData->data,
msgData->length );
sessionInfoPtr->passwordLength = msgData->length;
if( sessionInfoPtr->flags & SESSION_CHANGENOTIFY_PASSWD )
{
assert( sessionInfoPtr->setAttributeFunction != NULL );
/* Reflect the change down to the protocol-specific code */
return( sessionInfoPtr->setAttributeFunction( sessionInfoPtr,
messageDataPtr, CRYPT_SESSINFO_PASSWORD ) );
}
return( CRYPT_OK );
case CRYPT_SESSINFO_SERVER_NAME:
{
const PROTOCOL_INFO *protocolInfoPtr = \
sessionInfoPtr->protocolInfo;
URL_INFO urlInfo;
int status;
assert( msgData->length < MAX_URL_SIZE );
if( sessionInfoPtr->serverName[ 0 ] )
return( exitErrorInited( sessionInfoPtr,
CRYPT_SESSINFO_SERVER_NAME ) );
/* If there's already a transport session or network socket
specified, we can't set a server name as well */
if( sessionInfoPtr->transportSession != CRYPT_ERROR )
return( exitErrorInited( sessionInfoPtr,
CRYPT_SESSINFO_SESSION ) );
if( sessionInfoPtr->networkSocket != CRYPT_ERROR )
return( exitErrorInited( sessionInfoPtr,
CRYPT_SESSINFO_NETWORKSOCKET ) );
/* Parse the server name */
status = sNetParseURL( &urlInfo, msgData->data,
msgData->length );
if( cryptStatusError( status ) )
return( exitError( sessionInfoPtr, CRYPT_SESSINFO_SERVER_NAME,
CRYPT_ERRTYPE_ATTR_VALUE,
CRYPT_ARGERROR_STR1 ) );
/* We can only use autodetection with PKI services */
if( !strCompare( msgData->data, "[Autodetect]",
msgData->length ) && \
!protocolInfoPtr->isReqResp )
return( exitError( sessionInfoPtr, CRYPT_SESSINFO_SERVER_NAME,
CRYPT_ERRTYPE_ATTR_VALUE,
CRYPT_ARGERROR_STR1 ) );
/* If there's a port or user name specified in the URL, set the
appropriate attributes */
if( urlInfo.userInfoLen > 0 )
{
RESOURCE_DATA userInfoMsgData;
krnlSendMessage( sessionInfoPtr->objectHandle,
IMESSAGE_DELETEATTRIBUTE, NULL,
CRYPT_SESSINFO_USERNAME );
setMessageData( &userInfoMsgData, ( void * ) urlInfo.userInfo,
urlInfo.userInfoLen );
status = krnlSendMessage( sessionInfoPtr->objectHandle,
IMESSAGE_SETATTRIBUTE_S,
&userInfoMsgData,
CRYPT_SESSINFO_USERNAME );
}
if( cryptStatusOK( status ) && urlInfo.port > 0 )
{
krnlSendMessage( sessionInfoPtr->objectHandle,
IMESSAGE_DELETEATTRIBUTE, NULL,
CRYPT_SESSINFO_SERVER_PORT );
status = krnlSendMessage( sessionInfoPtr->objectHandle,
IMESSAGE_SETATTRIBUTE, &urlInfo.port,
CRYPT_SESSINFO_SERVER_PORT );
}
if( cryptStatusError( status ) )
return( exitError( sessionInfoPtr, CRYPT_SESSINFO_SERVER_NAME,
CRYPT_ERRTYPE_ATTR_VALUE,
CRYPT_ARGERROR_STR1 ) );
/* Remember the server name and transport type */
memcpy( sessionInfoPtr->serverName, urlInfo.host, urlInfo.hostLen );
sessionInfoPtr->serverName[ urlInfo.hostLen ] = 0;
if( urlInfo.locationLen > 0 )
{
memcpy( sessionInfoPtr->serverName + urlInfo.hostLen,
urlInfo.location, urlInfo.locationLen );
sessionInfoPtr->serverName[ urlInfo.hostLen + \
urlInfo.locationLen ] = 0;
}
if( protocolInfoPtr->altProtocolInfo != NULL && \
urlInfo.schemaLen == \
strlen( protocolInfoPtr->altProtocolInfo->uriType ) && \
!strCompare( sessionInfoPtr->serverName,
protocolInfoPtr->altProtocolInfo->uriType,
strlen( protocolInfoPtr->altProtocolInfo->uriType ) ) )
{
/* The caller has specified the use of the altnernate
transport protocol type, switch to that instead of HTTP */
sessionInfoPtr->flags &= ~SESSION_ISHTTPTRANSPORT;
sessionInfoPtr->flags |= SESSION_USEALTTRANSPORT;
}
else
if( sessionInfoPtr->protocolInfo->flags & SESSION_ISHTTPTRANSPORT )
{
sessionInfoPtr->flags &= ~SESSION_USEALTTRANSPORT;
sessionInfoPtr->flags |= SESSION_ISHTTPTRANSPORT;
}
return( CRYPT_OK );
}
case CRYPT_SESSINFO_SERVER_FINGERPRINT:
/* If there's already a fingerprint set, we can't set another
one */
if( sessionInfoPtr->keyFingerprintSize > 0 )
return( exitErrorInited( sessionInfoPtr,
CRYPT_SESSINFO_SERVER_FINGERPRINT ) );
/* Remember the server key fingerprint */
memcpy( sessionInfoPtr->keyFingerprint, msgData->data,
msgData->length );
sessionInfoPtr->keyFingerprintSize = msgData->length;
return( CRYPT_OK );
}
assert( NOTREACHED );
return( CRYPT_ERROR ); /* Get rid of compiler warning */
}
static int processDeleteAttribute( SESSION_INFO *sessionInfoPtr,
const int messageValue )
{
/* Handle the various information types */
switch( messageValue )
{
case CRYPT_OPTION_NET_TIMEOUT:
if( sessionInfoPtr->timeout == CRYPT_ERROR )
return( exitErrorNotFound( sessionInfoPtr,
CRYPT_ERROR_NOTINITED ) );
sessionInfoPtr->timeout = CRYPT_ERROR;
return( CRYPT_OK );
case CRYPT_OPTION_NET_CONNECTTIMEOUT:
if( sessionInfoPtr->connectTimeout == CRYPT_ERROR )
return( exitErrorNotFound( sessionInfoPtr,
CRYPT_ERROR_NOTINITED ) );
sessionInfoPtr->connectTimeout = CRYPT_ERROR;
return( CRYPT_OK );
case CRYPT_SESSINFO_USERNAME:
{
int status = CRYPT_OK;
if( sessionInfoPtr->userNameLength <= 0 )
return( exitErrorNotFound( sessionInfoPtr,
CRYPT_SESSINFO_USERNAME ) );
if( sessionInfoPtr->flags & SESSION_CHANGENOTIFY_USERID )
/* Reflect the deletion down to the protocol-specific code,
handled by setting a null attribute value */
status = sessionInfoPtr->setAttributeFunction( sessionInfoPtr,
NULL, CRYPT_SESSINFO_USERNAME );
memset( sessionInfoPtr->userName, 0, CRYPT_MAX_TEXTSIZE );
sessionInfoPtr->userNameLength = 0;
sessionInfoPtr->flags &= ~SESSION_ISENCODEDUSERID;
return( status );
}
case CRYPT_SESSINFO_PASSWORD:
{
int status = CRYPT_OK;
if( sessionInfoPtr->passwordLength <= 0 )
return( exitErrorNotFound( sessionInfoPtr,
CRYPT_SESSINFO_PASSWORD ) );
if( sessionInfoPtr->flags & SESSION_CHANGENOTIFY_PASSWD )
/* Reflect the deletion down to the protocol-specific code,
handled by setting a null attribute value */
status = sessionInfoPtr->setAttributeFunction( sessionInfoPtr,
NULL, CRYPT_SESSINFO_PASSWORD );
zeroise( sessionInfoPtr->password, CRYPT_MAX_TEXTSIZE );
sessionInfoPtr->passwordLength = 0;
sessionInfoPtr->flags &= ~SESSION_ISENCODEDPW;
return( status );
}
case CRYPT_SESSINFO_SERVER_NAME:
if( !strlen( sessionInfoPtr->serverName ) )
return( exitErrorNotFound( sessionInfoPtr,
CRYPT_SESSINFO_SERVER_NAME ) );
memset( sessionInfoPtr->serverName, 0, MAX_URL_SIZE + 1 );
return( CRYPT_OK );
case CRYPT_SESSINFO_REQUEST:
if( sessionInfoPtr->iCertRequest == CRYPT_ERROR )
return( exitErrorNotFound( sessionInfoPtr,
CRYPT_SESSINFO_REQUEST ) );
krnlSendNotifier( sessionInfoPtr->iCertRequest,
IMESSAGE_DECREFCOUNT );
sessionInfoPtr->iCertRequest = CRYPT_ERROR;
return( CRYPT_OK );
case CRYPT_SESSINFO_TSP_MSGIMPRINT:
if( sessionInfoPtr->tspImprintAlgo == CRYPT_ALGO_NONE || \
sessionInfoPtr->tspImprintSize <= 0 )
return( exitErrorNotFound( sessionInfoPtr,
CRYPT_SESSINFO_TSP_MSGIMPRINT ) );
sessionInfoPtr->tspImprintAlgo = CRYPT_ALGO_NONE;
sessionInfoPtr->tspImprintSize = 0;
return( CRYPT_OK );
}
assert( NOTREACHED );
return( CRYPT_ERROR ); /* Get rid of compiler warning */
}
/****************************************************************************
* *
* Session Message Handler *
* *
****************************************************************************/
/* Handle a message sent to a session object */
static int sessionMessageFunction( const void *objectInfoPtr,
const MESSAGE_TYPE message,
void *messageDataPtr,
const int messageValue )
{
SESSION_INFO *sessionInfoPtr = ( SESSION_INFO * ) objectInfoPtr;
/* Process destroy object messages */
if( message == MESSAGE_DESTROY )
{
/* Shut down the session if required. Nemo nisi mors */
if( sessionInfoPtr->flags & SESSION_ISOPEN )
sessionInfoPtr->shutdownFunction( sessionInfoPtr );
/* Clear and free session state information if necessary */
if( sessionInfoPtr->sendBuffer != NULL )
{
zeroise( sessionInfoPtr->sendBuffer,
sessionInfoPtr->sendBufSize );
clFree( "sessionMessageFunction", sessionInfoPtr->sendBuffer );
}
if( sessionInfoPtr->receiveBuffer != NULL )
{
zeroise( sessionInfoPtr->receiveBuffer,
sessionInfoPtr->receiveBufSize );
clFree( "sessionMessageFunction", sessionInfoPtr->receiveBuffer );
}
/* Clean up any session-related objects if necessary */
if( sessionInfoPtr->iKeyexCryptContext != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->iKeyexCryptContext,
IMESSAGE_DECREFCOUNT );
if( sessionInfoPtr->iKeyexAuthContext != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->iKeyexAuthContext,
IMESSAGE_DECREFCOUNT );
if( sessionInfoPtr->iCryptInContext != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->iCryptInContext,
IMESSAGE_DECREFCOUNT );
if( sessionInfoPtr->iCryptOutContext != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->iCryptOutContext,
IMESSAGE_DECREFCOUNT );
if( sessionInfoPtr->iAuthInContext != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->iAuthInContext,
IMESSAGE_DECREFCOUNT );
if( sessionInfoPtr->iAuthOutContext != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->iAuthOutContext,
IMESSAGE_DECREFCOUNT );
if( sessionInfoPtr->iCertRequest != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->iCertRequest,
IMESSAGE_DECREFCOUNT );
if( sessionInfoPtr->iCertResponse != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->iCertResponse,
IMESSAGE_DECREFCOUNT );
if( sessionInfoPtr->privateKey != CRYPT_ERROR )
krnlSendNotifier( sessionInfoPtr->privateKey,
IMESSAGE_DECREFCOUNT );
i⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -