📄 pgpskep.c
字号:
if (IsntPGPError(err))
{
skep->socketOut = socket;
sockAddr.sin_family = kPGPAddressFamilyInternet;
sockAddr.sin_port = PGPHostToNetShort(kPGPskep_Port);
sockAddr.sin_addr.s_addr = kPGPInternetAddressAny;
result = PGPBindSocket(socket, (PGPSocketAddress *) &sockAddr,
sizeof(sockAddr));
if (result == kPGPSockets_Error)
{
err = PGPGetLastSocketsError();
pgpAssertNoErr(err);
}
}
if (IsntPGPError(err))
{
result = PGPListen(socket, 4);
if (result == kPGPSockets_Error)
{
err = PGPGetLastSocketsError();
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
}
while (IsntPGPError(err))
{
socketIn = NULL;
tlsSession = NULL;
progressData.bytesSoFar = 0;
progressData.bytesTotal = 0;
remoteKey = NULL;
shareData = NULL;
hostEntry = NULL;
shares = NULL;
weConfirmed = TRUE;
theyConfirmed = TRUE;
skepEvent.type = kPGPskepEvent_ListenEvent;
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
result = sizeof(sockAddr);
socketIn = PGPAccept(socket, (PGPSocketAddress *) &sockAddr,
&result);
if (IsNull(socketIn) || ((int) socketIn == kPGPSockets_Error))
{
err = PGPGetLastSocketsError();
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
skep->socketIn = socketIn;
skepEvent.type = kPGPskepEvent_ConnectEvent;
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
}
if (IsntPGPError(err))
{
#if PGP_WIN32
err = PGPStartAsyncGetHostByAddress(sockAddr.sin_addr.s_addr,
&skep->asyncHostEntryRef);
if (IsntPGPError(err)) {
PGPWaitForGetHostByAddress(skep->asyncHostEntryRef,
h_name, 256);
skep->asyncHostEntryRef = kPGPInvalidAsyncHostEntryRef;
}
#else
hostEntry = PGPGetHostByAddress((char *) &sockAddr.sin_addr,
sizeof(PGPInternetAddress),
kPGPProtocolFamilyInternet);
#endif
}
if (IsntPGPError(err))
{
err = PGPNewTLSSession(skep->tlsContext, &tlsSession);
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
err = PGPtlsSetProtocolOptions(tlsSession,
kPGPtlsFlags_ServerSide | kPGPtlsFlags_RequestClientCert);
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
err = PGPtlsSetLocalPrivateKey(tlsSession, authKey,
kInvalidPGPSigRef, kInvalidPGPKeySetRef,
PGPOPassphrase( skep->context, passphrase ),
PGPOLastOption( skep->context ) );
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
err = PGPSocketsEstablishTLSSession(socketIn, tlsSession);
if (IsPGPError(err))
err = PGPGetLastSocketsError();
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
err = PGPtlsGetRemoteAuthenticatedKey(tlsSession, &remoteKey, NULL);
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
if (IsntPGPError(err))
{
skepEvent.type = kPGPskepEvent_AuthenticateEvent;
skepEvent.data.ad.remoteKey = remoteKey;
skepEvent.data.ad.remoteIPAddress =
PGPInternetAddressToDottedString(sockAddr.sin_addr);
PGPtlsGetNegotiatedCipherSuite( tlsSession,
&skepEvent.data.ad.tlsCipher );
/* If the hostname doesn't exist, set it to the ip address */
if (IsntNull(hostEntry))
{
#if PGP_WIN32
skepEvent.data.ad.remoteHostname = h_name;
#else
skepEvent.data.ad.remoteHostname = hostEntry->h_name;
#endif
}
else
{
skepEvent.data.ad.remoteHostname =
skepEvent.data.ad.remoteIPAddress;
}
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
if (IsntPGPError(err))
weConfirmed = TRUE;
else
weConfirmed = FALSE;
err = kPGPError_NoErr;
}
if (IsntPGPError(err))
err = sSocketReceive(skep, socketIn, &version, 1, FALSE,
&progressData);
else
remoteKey = NULL;
if (IsntPGPError(err))
{
if (version != kPGPskepMajor)
err = kPGPClientError_IncorrectSKEPVersion;
}
if (IsntPGPError(err))
err = sSocketReceive(skep, socketIn, &version, 1, FALSE,
&progressData);
if (IsntPGPError(err))
err = sSocketReceive(skep, socketIn, &theyConfirmed, 1, FALSE,
&progressData);
if (IsntPGPError(err))
{
err = sSocketSend(skep, socketIn, &weConfirmed, 1, FALSE,
&progressData);
if (!theyConfirmed)
err = kPGPClientError_RejectedSKEPAuthentication;
if (!weConfirmed)
err = kPGPError_UserAbort;
}
if (IsntPGPError(err))
{
err = sSocketReceive(skep, socketIn, &shareDataSize,
sizeof(shareDataSize), TRUE, &progressData);
progressData.bytesTotal = sizeof(shareDataSize) + shareDataSize +
sizeof(PGPKeyID) + sizeof(PGPShareID) +
sizeof(threshold) + sizeof(numShares) +
sizeof(totalShares) + 4;
}
if (IsntPGPError(err))
{
shareData = (PGPByte *)
PGPNewSecureData(PGPGetContextMemoryMgr(skep->context),
shareDataSize, kPGPMemoryMgrFlags_Clear);
if (shareData == NULL)
{
err = kPGPError_OutOfMemory;;
pgpAssertNoErr(err);
}
}
if (IsntPGPError(err))
{
err = sSocketReceive(skep, socketIn, &keyID, sizeof(PGPKeyID),
FALSE, &progressData);
}
if (IsntPGPError(err))
{
err = sSocketReceive(skep, socketIn, &shareID, sizeof(PGPShareID),
FALSE, &progressData);
}
if (IsntPGPError(err))
{
err = sSocketReceive(skep, socketIn, &threshold, sizeof(threshold),
TRUE, &progressData);
}
if (IsntPGPError(err))
{
err = sSocketReceive(skep, socketIn, &numShares, sizeof(numShares),
TRUE, &progressData);
}
if (IsntPGPError(err))
{
err = sSocketReceive(skep, socketIn, &totalShares,
sizeof(totalShares), TRUE, &progressData);
}
if (IsntPGPError(err))
{
err = sSocketReceive(skep, socketIn, shareData,
(PGPInt32) shareDataSize, FALSE, &progressData);
}
if (IsntPGPError(err))
{
skepEvent.type = kPGPskepEvent_CloseEvent;
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
}
if (IsntPGPError(err))
{
progressData.bytesTotal = 0;
err = sSocketSend(skep, socketIn, &closing, sizeof(closing), TRUE,
&progressData);
}
if (IsntNull(tlsSession))
{
if (IsntNull(remoteKey))
PGPtlsClose(tlsSession, FALSE);
else
PGPtlsClose(tlsSession, TRUE);
PGPFreeTLSSession(tlsSession);
}
if (IsntNull(socketIn))
{
PGPCloseSocket(socketIn);
skep->socketIn = NULL;
}
if (IsntPGPError(err) && IsntNull(shareData))
{
err = pgpCreateShares(skep->context, keyID, shareID, threshold,
numShares, totalShares, shareDataSize, shareData, &shares);
pgpAssertNoErr(err);
}
if (IsntNull(shareData))
PGPFreeData(shareData);
if (IsntPGPError(err))
{
skepEvent.type = kPGPskepEvent_ShareEvent;
skepEvent.data.sd.shares = shares;
if (skep->eventHandler != NULL)
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
}
if (!weConfirmed)
err = kPGPError_NoErr;
}
if (IsntNull(socket))
{
PGPCloseSocket(socket);
skep->socketOut = NULL;
}
if (IsntNull(skep->eventHandler))
PGPSetSocketsIdleEventHandler(oldCallback, oldUserValue);
PGPSocketsDisposeThreadStorage(previousStorage);
PGPSocketsCleanup();
if (skep->cancel == TRUE)
err = kPGPError_NoErr;
return err;
}
PGPError PGPskepCancel(PGPskepRef skep)
{
PGPValidateSKEP(skep);
pgpAssertMsg(skep->magic == kPGPskepMagic, "Invalid SKEP object");
if (IsntNull(skep->socketIn))
{
PGPCloseSocket(skep->socketIn);
skep->socketIn = NULL;
}
if (IsntNull(skep->socketOut))
{
PGPCloseSocket(skep->socketOut);
skep->socketOut = NULL;
}
#if PGP_WIN32
if (PGPAsyncHostEntryRefIsValid(skep->asyncHostEntryRef)) {
PGPCancelAsyncHostEntryRef(skep->asyncHostEntryRef);
skep->asyncHostEntryRef = kPGPInvalidAsyncHostEntryRef;
}
#endif
skep->cancel = TRUE;
return kPGPError_NoErr;
}
PGPError PGPFreeSKEP(PGPskepRef skep)
{
PGPValidateSKEP(skep);
pgpAssertMsg(skep->magic == kPGPskepMagic, "Invalid SKEP object");
if (IsntNull(skep->socketIn) || IsntNull(skep->socketOut))
PGPskepCancel(skep);
if (skep->freeTLSContext)
PGPFreeTLSContext(skep->tlsContext);
PGPFreeData(skep);
return kPGPError_NoErr;
}
PGPContextRef PGPGetSKEPContext(PGPskepRef skep)
{
PGPContextRef context;
if( PGPskepRefIsValid( skep ) )
{
if (skep->magic == kPGPskepMagic)
context = skep->context;
else
context = kInvalidPGPContextRef;
}
else
{
context = kInvalidPGPContextRef;
}
return context;
}
static PGPError sSocketSend(PGPskepRef skep, PGPSocketRef socket,
void *data, PGPInt32 dataSize, PGPBoolean crossPlatform,
PGPskepEventProgressData *progressData)
{
PGPByte tempData16[sizeof(PGPUInt16)];
PGPByte tempData32[sizeof(PGPUInt32)];
PGPUInt16 data16;
PGPUInt32 data32;
PGPInt32 result = 0;
if (crossPlatform)
{
if (dataSize == sizeof(PGPUInt16))
{
pgpCopyMemory(data, &data16, sizeof(PGPUInt16));
PGPUInt16ToEndian(data16, kPGPskepEndian, tempData16);
result = PGPSend(socket, tempData16, dataSize, kPGPSendFlagNone);
}
else
{
pgpCopyMemory(data, &data32, sizeof(PGPUInt32));
PGPUInt32ToEndian(data32, kPGPskepEndian, tempData32);
result = PGPSend(socket, tempData32, dataSize, kPGPSendFlagNone);
}
}
else
result = PGPSend(socket, data, dataSize, kPGPSendFlagNone);
return sProcessResult(skep, result, progressData);
}
static PGPError sSocketReceive(PGPskepRef skep, PGPSocketRef socket,
void *data, PGPInt32 dataSize, PGPBoolean crossPlatform,
PGPskepEventProgressData *progressData)
{
PGPByte tempData16[sizeof(PGPUInt16)];
PGPByte tempData32[sizeof(PGPUInt32)];
PGPUInt16 data16;
PGPUInt32 data32;
PGPInt32 result = 0;
if (crossPlatform)
{
if (dataSize == sizeof(PGPUInt16))
result = PGPReceive(socket, tempData16, dataSize,
kPGPReceiveFlagNone);
else
result = PGPReceive(socket, tempData32, dataSize,
kPGPReceiveFlagNone);
if (result > 0)
{
if (dataSize == sizeof(PGPUInt16))
{
data16 = PGPEndianToUInt16(kPGPskepEndian, tempData16);
pgpCopyMemory(&data16, data, sizeof(PGPUInt16));
}
else
{
data32 = PGPEndianToUInt32(kPGPskepEndian, tempData32);
pgpCopyMemory(&data32, data, sizeof(PGPUInt32));
}
}
}
else
result = PGPReceive(socket, data, dataSize, kPGPReceiveFlagNone);
return sProcessResult(skep, result, progressData);
}
static PGPError sProcessResult(PGPskepRef skep, PGPInt32 result,
PGPskepEventProgressData *progressData)
{
PGPskepEvent skepEvent;
PGPError err = kPGPError_NoErr;
if (result == 0)
err = kPGPError_UserAbort;
else if (result == kPGPSockets_Error)
{
err = PGPGetLastSocketsError();
if (skep->cancel == TRUE)
err = kPGPError_UserAbort;
pgpAssertNoErr(err);
}
else
{
progressData->bytesSoFar += result;
skepEvent.type = kPGPskepEvent_ProgressEvent;
skepEvent.data.pd.bytesSoFar = progressData->bytesSoFar;
skepEvent.data.pd.bytesTotal = progressData->bytesTotal;
if ((skep->eventHandler != NULL) && (progressData->bytesTotal > 0))
err = skep->eventHandler(skep, &skepEvent,
skep->userValue);
}
return err;
}
static PGPError sSocketCallback(PGPContextRef context,
struct PGPEvent *event, PGPUserValue userValue)
{
PGPError err = kPGPError_NoErr;
PGPskepRef skep;
PGPskepEvent skepEvent;
pgpAssert(event != NULL);
(void) context;
(void) event;
skep = (PGPskepRef) userValue;
if (skep->eventHandler != NULL)
{
skepEvent.type = kPGPskepEvent_NullEvent;
err = skep->eventHandler(skep, &skepEvent, skep->userValue);
}
return err;
}
/*__Editor_settings____
Local Variables:
tab-width: 4
End:
vi: ts=4 sw=4
vim: si
_____________________*/
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -