// Copyright (C) 2011 Suguru Kawamoto\r
// ソケットラッパー\r
// socket関連関数をOpenSSL用に置換\r
+// socket関連関数のIPv6対応\r
// コンパイルにはOpenSSLのヘッダーファイルが必要\r
// 実行にはOpenSSLのDLLが必要\r
\r
+#include <ws2tcpip.h>\r
#include <windows.h>\r
#include <mmsystem.h>\r
#include <openssl/ssl.h>\r
\r
#include "socketwrapper.h"\r
#include "protectprocess.h"\r
+#include "mbswrapper.h"\r
+#include "punycode.h"\r
+\r
+// FTPS対応\r
\r
typedef void (__cdecl* _SSL_load_error_strings)();\r
typedef int (__cdecl* _SSL_library_init)();\r
typedef SSL_METHOD* (__cdecl* _SSLv23_method)();\r
-typedef SSL_CTX* (__cdecl* _SSL_CTX_new)(SSL_METHOD*);\r
-typedef void (__cdecl* _SSL_CTX_free)(SSL_CTX*);\r
typedef SSL* (__cdecl* _SSL_new)(SSL_CTX*);\r
typedef void (__cdecl* _SSL_free)(SSL*);\r
+typedef long (__cdecl* _SSL_ctrl)(SSL*, int, long, void*);\r
typedef int (__cdecl* _SSL_shutdown)(SSL*);\r
typedef int (__cdecl* _SSL_get_fd)(SSL*);\r
typedef int (__cdecl* _SSL_set_fd)(SSL*, int);\r
typedef long (__cdecl* _SSL_get_verify_result)(const SSL*);\r
typedef SSL_SESSION* (__cdecl* _SSL_get_session)(SSL*);\r
typedef int (__cdecl* _SSL_set_session)(SSL*, SSL_SESSION*);\r
+typedef int (__cdecl* _SSL_set_cipher_list)(SSL*, const char*);\r
+typedef SSL_CTX* (__cdecl* _SSL_CTX_new)(SSL_METHOD*);\r
+typedef void (__cdecl* _SSL_CTX_free)(SSL_CTX*);\r
+typedef X509_STORE* (__cdecl* _SSL_CTX_get_cert_store)(const SSL_CTX*);\r
+typedef long (__cdecl* _SSL_CTX_ctrl)(SSL_CTX*, int, long, void*);\r
typedef BIO_METHOD* (__cdecl* _BIO_s_mem)();\r
typedef BIO* (__cdecl* _BIO_new)(BIO_METHOD*);\r
typedef int (__cdecl* _BIO_free)(BIO*);\r
+typedef BIO* (__cdecl* _BIO_new_mem_buf)(void*, int);\r
typedef long (__cdecl* _BIO_ctrl)(BIO*, int, long, void*);\r
typedef void (__cdecl* _X509_free)(X509*);\r
typedef int (__cdecl* _X509_print_ex)(BIO*, X509*, unsigned long, unsigned long);\r
typedef X509_NAME* (__cdecl* _X509_get_subject_name)(X509*);\r
typedef int (__cdecl* _X509_NAME_print_ex)(BIO*, X509_NAME*, int, unsigned long);\r
+typedef void (__cdecl* _X509_CRL_free)(X509_CRL*);\r
+typedef EVP_PKEY* (__cdecl* _PEM_read_bio_PrivateKey)(BIO*, EVP_PKEY**, pem_password_cb*, void*);\r
+typedef EVP_PKEY* (__cdecl* _PEM_read_bio_PUBKEY)(BIO*, EVP_PKEY**, pem_password_cb*, void*);\r
+typedef X509* (__cdecl* _PEM_read_bio_X509)(BIO*, X509**, pem_password_cb*, void*);\r
+typedef X509_CRL* (__cdecl* _PEM_read_bio_X509_CRL)(BIO*, X509_CRL**, pem_password_cb*, void*);\r
+typedef int (__cdecl* _X509_STORE_add_cert)(X509_STORE*, X509*);\r
+typedef int (__cdecl* _X509_STORE_add_crl)(X509_STORE*, X509_CRL*);\r
+typedef void (__cdecl* _EVP_PKEY_free)(EVP_PKEY*);\r
+typedef RSA* (__cdecl* _EVP_PKEY_get1_RSA)(EVP_PKEY*);\r
+typedef void (__cdecl* _RSA_free)(RSA*);\r
+typedef int (__cdecl* _RSA_size)(const RSA*);\r
+typedef int (__cdecl* _RSA_private_encrypt)(int, const unsigned char*, unsigned char*, RSA*, int);\r
+typedef int (__cdecl* _RSA_public_decrypt)(int, const unsigned char*, unsigned char*, RSA*, int);\r
+typedef unsigned char* (__cdecl* _SHA1)(const unsigned char*, size_t, unsigned char*);\r
+typedef unsigned char* (__cdecl* _SHA224)(const unsigned char*, size_t, unsigned char*);\r
+typedef unsigned char* (__cdecl* _SHA256)(const unsigned char*, size_t, unsigned char*);\r
+typedef unsigned char* (__cdecl* _SHA384)(const unsigned char*, size_t, unsigned char*);\r
+typedef unsigned char* (__cdecl* _SHA512)(const unsigned char*, size_t, unsigned char*);\r
\r
_SSL_load_error_strings p_SSL_load_error_strings;\r
_SSL_library_init p_SSL_library_init;\r
_SSLv23_method p_SSLv23_method;\r
-_SSL_CTX_new p_SSL_CTX_new;\r
-_SSL_CTX_free p_SSL_CTX_free;\r
_SSL_new p_SSL_new;\r
_SSL_free p_SSL_free;\r
+_SSL_ctrl p_SSL_ctrl;\r
_SSL_shutdown p_SSL_shutdown;\r
_SSL_get_fd p_SSL_get_fd;\r
_SSL_set_fd p_SSL_set_fd;\r
_SSL_get_verify_result p_SSL_get_verify_result;\r
_SSL_get_session p_SSL_get_session;\r
_SSL_set_session p_SSL_set_session;\r
+_SSL_set_cipher_list p_SSL_set_cipher_list;\r
+_SSL_CTX_new p_SSL_CTX_new;\r
+_SSL_CTX_free p_SSL_CTX_free;\r
+_SSL_CTX_get_cert_store p_SSL_CTX_get_cert_store;\r
+_SSL_CTX_ctrl p_SSL_CTX_ctrl;\r
_BIO_s_mem p_BIO_s_mem;\r
_BIO_new p_BIO_new;\r
_BIO_free p_BIO_free;\r
+_BIO_new_mem_buf p_BIO_new_mem_buf;\r
_BIO_ctrl p_BIO_ctrl;\r
_X509_free p_X509_free;\r
_X509_print_ex p_X509_print_ex;\r
_X509_get_subject_name p_X509_get_subject_name;\r
_X509_NAME_print_ex p_X509_NAME_print_ex;\r
+_X509_CRL_free p_X509_CRL_free;\r
+_PEM_read_bio_PrivateKey p_PEM_read_bio_PrivateKey;\r
+_PEM_read_bio_PUBKEY p_PEM_read_bio_PUBKEY;\r
+_PEM_read_bio_X509 p_PEM_read_bio_X509;\r
+_PEM_read_bio_X509_CRL p_PEM_read_bio_X509_CRL;\r
+_X509_STORE_add_cert p_X509_STORE_add_cert;\r
+_X509_STORE_add_crl p_X509_STORE_add_crl;\r
+_EVP_PKEY_free p_EVP_PKEY_free;\r
+_EVP_PKEY_get1_RSA p_EVP_PKEY_get1_RSA;\r
+_RSA_free p_RSA_free;\r
+_RSA_size p_RSA_size;\r
+_RSA_private_encrypt p_RSA_private_encrypt;\r
+_RSA_public_decrypt p_RSA_public_decrypt;\r
+_SHA1 p_SHA1;\r
+_SHA224 p_SHA224;\r
+_SHA256 p_SHA256;\r
+_SHA384 p_SHA384;\r
+_SHA512 p_SHA512;\r
\r
-#define MAX_SSL_SOCKET 64\r
+#define MAX_SSL_SOCKET 16\r
\r
BOOL g_bOpenSSLLoaded;\r
HMODULE g_hOpenSSL;\r
SSL_CTX* g_pOpenSSLCTX;\r
SSL* g_pOpenSSLHandle[MAX_SSL_SOCKET];\r
\r
-BOOL __stdcall DefaultSSLTimeoutCallback()\r
+BOOL __stdcall DefaultSSLTimeoutCallback(BOOL* pbAborted)\r
{\r
Sleep(100);\r
- return FALSE;\r
+ return *pbAborted;\r
}\r
\r
-BOOL __stdcall DefaultSSLConfirmCallback(BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName)\r
+BOOL __stdcall DefaultSSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName)\r
{\r
return bVerified;\r
}\r
\r
+// OpenSSLを初期化\r
BOOL LoadOpenSSL()\r
{\r
if(g_bOpenSSLLoaded)\r
return FALSE;\r
#ifdef ENABLE_PROCESS_PROTECTION\r
// 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること\r
- // ssleay32.dll 1.0.0e\r
- // libssl32.dll 1.0.0e\r
- RegisterTrustedModuleSHA1Hash("\x4E\xB7\xA0\x22\x14\x4B\x58\x6D\xBC\xF5\x21\x0D\x96\x78\x0D\x79\x7D\x66\xB2\xB0");\r
- // libeay32.dll 1.0.0e\r
- RegisterTrustedModuleSHA1Hash("\x01\x32\x7A\xAE\x69\x26\xE6\x58\xC7\x63\x22\x1E\x53\x5A\x78\xBC\x61\xC7\xB5\xC1");\r
+#if defined(_M_IX86)\r
+ // ssleay32.dll 1.0.1j\r
+ RegisterTrustedModuleSHA1Hash("\x57\x83\x70\x2D\x44\x8F\x1F\xB3\x83\xC2\xC1\x93\xB5\x92\xC8\x14\xFE\x2B\x31\x59");\r
+ // libeay32.dll 1.0.1j\r
+ RegisterTrustedModuleSHA1Hash("\x66\x15\x03\xCA\xFB\x5C\x08\x96\x4B\x80\x9A\x55\x14\xDB\x1F\x12\x4A\x9C\x53\x52");\r
+#elif defined(_M_AMD64)\r
+ // ssleay32.dll 1.0.1j\r
+ RegisterTrustedModuleSHA1Hash("\x4C\xBD\xC5\x05\xB5\xB2\x48\xA8\xC2\x0B\xE4\xB3\x17\x02\x9C\x32\xE2\x84\x87\xA9");\r
+ // libeay32.dll 1.0.1j\r
+ RegisterTrustedModuleSHA1Hash("\xF7\x31\xBF\xF6\x2C\x51\xBA\x00\x38\x7E\x76\x2F\x8B\xB3\xF9\x52\x5D\xED\xA4\xE6");\r
+#endif\r
#endif\r
g_hOpenSSL = LoadLibrary("ssleay32.dll");\r
- if(!g_hOpenSSL)\r
- g_hOpenSSL = LoadLibrary("libssl32.dll");\r
+ // バージョン固定のためlibssl32.dllの読み込みは脆弱性の原因になり得るので廃止\r
+// if(!g_hOpenSSL)\r
+// g_hOpenSSL = LoadLibrary("libssl32.dll");\r
if(!g_hOpenSSL\r
|| !(p_SSL_load_error_strings = (_SSL_load_error_strings)GetProcAddress(g_hOpenSSL, "SSL_load_error_strings"))\r
|| !(p_SSL_library_init = (_SSL_library_init)GetProcAddress(g_hOpenSSL, "SSL_library_init"))\r
|| !(p_SSLv23_method = (_SSLv23_method)GetProcAddress(g_hOpenSSL, "SSLv23_method"))\r
- || !(p_SSL_CTX_new = (_SSL_CTX_new)GetProcAddress(g_hOpenSSL, "SSL_CTX_new"))\r
- || !(p_SSL_CTX_free = (_SSL_CTX_free)GetProcAddress(g_hOpenSSL, "SSL_CTX_free"))\r
|| !(p_SSL_new = (_SSL_new)GetProcAddress(g_hOpenSSL, "SSL_new"))\r
|| !(p_SSL_free = (_SSL_free)GetProcAddress(g_hOpenSSL, "SSL_free"))\r
+ || !(p_SSL_ctrl = (_SSL_ctrl)GetProcAddress(g_hOpenSSL, "SSL_ctrl"))\r
|| !(p_SSL_shutdown = (_SSL_shutdown)GetProcAddress(g_hOpenSSL, "SSL_shutdown"))\r
|| !(p_SSL_get_fd = (_SSL_get_fd)GetProcAddress(g_hOpenSSL, "SSL_get_fd"))\r
|| !(p_SSL_set_fd = (_SSL_set_fd)GetProcAddress(g_hOpenSSL, "SSL_set_fd"))\r
|| !(p_SSL_get_peer_certificate = (_SSL_get_peer_certificate)GetProcAddress(g_hOpenSSL, "SSL_get_peer_certificate"))\r
|| !(p_SSL_get_verify_result = (_SSL_get_verify_result)GetProcAddress(g_hOpenSSL, "SSL_get_verify_result"))\r
|| !(p_SSL_get_session = (_SSL_get_session)GetProcAddress(g_hOpenSSL, "SSL_get_session"))\r
- || !(p_SSL_set_session = (_SSL_set_session)GetProcAddress(g_hOpenSSL, "SSL_set_session")))\r
+ || !(p_SSL_set_session = (_SSL_set_session)GetProcAddress(g_hOpenSSL, "SSL_set_session"))\r
+ || !(p_SSL_set_cipher_list = (_SSL_set_cipher_list)GetProcAddress(g_hOpenSSL, "SSL_set_cipher_list"))\r
+ || !(p_SSL_CTX_new = (_SSL_CTX_new)GetProcAddress(g_hOpenSSL, "SSL_CTX_new"))\r
+ || !(p_SSL_CTX_free = (_SSL_CTX_free)GetProcAddress(g_hOpenSSL, "SSL_CTX_free"))\r
+ || !(p_SSL_CTX_get_cert_store = (_SSL_CTX_get_cert_store)GetProcAddress(g_hOpenSSL, "SSL_CTX_get_cert_store"))\r
+ || !(p_SSL_CTX_ctrl = (_SSL_CTX_ctrl)GetProcAddress(g_hOpenSSL, "SSL_CTX_ctrl")))\r
{\r
if(g_hOpenSSL)\r
FreeLibrary(g_hOpenSSL);\r
|| !(p_BIO_s_mem = (_BIO_s_mem)GetProcAddress(g_hOpenSSLCommon, "BIO_s_mem"))\r
|| !(p_BIO_new = (_BIO_new)GetProcAddress(g_hOpenSSLCommon, "BIO_new"))\r
|| !(p_BIO_free = (_BIO_free)GetProcAddress(g_hOpenSSLCommon, "BIO_free"))\r
+ || !(p_BIO_new_mem_buf = (_BIO_new_mem_buf)GetProcAddress(g_hOpenSSLCommon, "BIO_new_mem_buf"))\r
|| !(p_BIO_ctrl = (_BIO_ctrl)GetProcAddress(g_hOpenSSLCommon, "BIO_ctrl"))\r
|| !(p_X509_free = (_X509_free)GetProcAddress(g_hOpenSSLCommon, "X509_free"))\r
|| !(p_X509_print_ex = (_X509_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_print_ex"))\r
|| !(p_X509_get_subject_name = (_X509_get_subject_name)GetProcAddress(g_hOpenSSLCommon, "X509_get_subject_name"))\r
- || !(p_X509_NAME_print_ex = (_X509_NAME_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_NAME_print_ex")))\r
+ || !(p_X509_NAME_print_ex = (_X509_NAME_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_NAME_print_ex"))\r
+ || !(p_X509_CRL_free = (_X509_CRL_free)GetProcAddress(g_hOpenSSLCommon, "X509_CRL_free"))\r
+ || !(p_PEM_read_bio_PrivateKey = (_PEM_read_bio_PrivateKey)GetProcAddress(g_hOpenSSLCommon, "PEM_read_bio_PrivateKey"))\r
+ || !(p_PEM_read_bio_PUBKEY = (_PEM_read_bio_PUBKEY)GetProcAddress(g_hOpenSSLCommon, "PEM_read_bio_PUBKEY"))\r
+ || !(p_PEM_read_bio_X509 = (_PEM_read_bio_X509)GetProcAddress(g_hOpenSSLCommon, "PEM_read_bio_X509"))\r
+ || !(p_PEM_read_bio_X509_CRL = (_PEM_read_bio_X509_CRL)GetProcAddress(g_hOpenSSLCommon, "PEM_read_bio_X509_CRL"))\r
+ || !(p_X509_STORE_add_cert = (_X509_STORE_add_cert)GetProcAddress(g_hOpenSSLCommon, "X509_STORE_add_cert"))\r
+ || !(p_X509_STORE_add_crl = (_X509_STORE_add_crl)GetProcAddress(g_hOpenSSLCommon, "X509_STORE_add_crl"))\r
+ || !(p_EVP_PKEY_free = (_EVP_PKEY_free)GetProcAddress(g_hOpenSSLCommon, "EVP_PKEY_free"))\r
+ || !(p_EVP_PKEY_get1_RSA = (_EVP_PKEY_get1_RSA)GetProcAddress(g_hOpenSSLCommon, "EVP_PKEY_get1_RSA"))\r
+ || !(p_RSA_free = (_RSA_free)GetProcAddress(g_hOpenSSLCommon, "RSA_free"))\r
+ || !(p_RSA_size = (_RSA_size)GetProcAddress(g_hOpenSSLCommon, "RSA_size"))\r
+ || !(p_RSA_private_encrypt = (_RSA_private_encrypt)GetProcAddress(g_hOpenSSLCommon, "RSA_private_encrypt"))\r
+ || !(p_RSA_public_decrypt = (_RSA_public_decrypt)GetProcAddress(g_hOpenSSLCommon, "RSA_public_decrypt"))\r
+ || !(p_SHA1 = (_SHA1)GetProcAddress(g_hOpenSSLCommon, "SHA1"))\r
+ || !(p_SHA224 = (_SHA224)GetProcAddress(g_hOpenSSLCommon, "SHA224"))\r
+ || !(p_SHA256 = (_SHA256)GetProcAddress(g_hOpenSSLCommon, "SHA256"))\r
+ || !(p_SHA384 = (_SHA384)GetProcAddress(g_hOpenSSLCommon, "SHA384"))\r
+ || !(p_SHA512 = (_SHA512)GetProcAddress(g_hOpenSSLCommon, "SHA512")))\r
{\r
if(g_hOpenSSL)\r
FreeLibrary(g_hOpenSSL);\r
return TRUE;\r
}\r
\r
+// OpenSSLを解放\r
void FreeOpenSSL()\r
{\r
int i;\r
g_bOpenSSLLoaded = FALSE;\r
}\r
\r
+// OpenSSLが使用可能かどうか確認\r
BOOL IsOpenSSLLoaded()\r
{\r
return g_bOpenSSLLoaded;\r
return NULL;\r
}\r
\r
-BOOL ConfirmSSLCertificate(SSL* pSSL)\r
+BOOL ConfirmSSLCertificate(SSL* pSSL, BOOL* pbAborted)\r
{\r
BOOL bResult;\r
BOOL bVerified;\r
}\r
p_X509_free(pX509);\r
}\r
- if(p_SSL_get_verify_result(pSSL) == X509_V_OK)\r
+ if(pX509 && p_SSL_get_verify_result(pSSL) == X509_V_OK)\r
bVerified = TRUE;\r
pCN = pSubject;\r
while(pCN)\r
if(pCN = strchr(pCN, ','))\r
pCN++;\r
}\r
- bResult = g_pOpenSSLConfirmCallback(bVerified, pData, pCN);\r
+ bResult = g_pOpenSSLConfirmCallback(pbAborted, bVerified, pData, pCN);\r
if(pData)\r
free(pData);\r
if(pSubject)\r
LeaveCriticalSection(&g_OpenSSLLock);\r
}\r
\r
+// SSLルート証明書を設定\r
+// PEM形式のみ指定可能\r
+BOOL SetSSLRootCertificate(const void* pData, DWORD Length)\r
+{\r
+ BOOL r;\r
+ X509_STORE* pStore;\r
+ BYTE* p;\r
+ BYTE* pBegin;\r
+ BYTE* pEnd;\r
+ DWORD Left;\r
+ BIO* pBIO;\r
+ X509* pX509;\r
+ X509_CRL* pX509_CRL;\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ r = FALSE;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ if(!g_pOpenSSLCTX)\r
+ {\r
+ g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+ p_SSL_CTX_ctrl(g_pOpenSSLCTX, SSL_CTRL_MODE, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY, NULL);\r
+ }\r
+ if(g_pOpenSSLCTX)\r
+ {\r
+ if(pStore = p_SSL_CTX_get_cert_store(g_pOpenSSLCTX))\r
+ {\r
+ p = (BYTE*)pData;\r
+ pBegin = NULL;\r
+ pEnd = NULL;\r
+ Left = Length;\r
+ while(Left > 0)\r
+ {\r
+ if(!pBegin)\r
+ {\r
+ if(Left < 27)\r
+ break;\r
+ if(memcmp(p, "-----BEGIN CERTIFICATE-----", 27) == 0)\r
+ pBegin = p;\r
+ }\r
+ else if(!pEnd)\r
+ {\r
+ if(Left < 25)\r
+ break;\r
+ if(memcmp(p, "-----END CERTIFICATE-----", 25) == 0)\r
+ pEnd = p + 25;\r
+ }\r
+ if(pBegin && pEnd)\r
+ {\r
+ if(pBIO = p_BIO_new_mem_buf(pBegin, (int)((size_t)pEnd - (size_t)pBegin)))\r
+ {\r
+ if(pX509 = p_PEM_read_bio_X509(pBIO, NULL, NULL, NULL))\r
+ {\r
+ if(p_X509_STORE_add_cert(pStore, pX509) == 1)\r
+ r = TRUE;\r
+ p_X509_free(pX509);\r
+ }\r
+ p_BIO_free(pBIO);\r
+ }\r
+ pBegin = NULL;\r
+ pEnd = NULL;\r
+ }\r
+ p++;\r
+ Left--;\r
+ }\r
+ p = (BYTE*)pData;\r
+ pBegin = NULL;\r
+ pEnd = NULL;\r
+ Left = Length;\r
+ while(Left > 0)\r
+ {\r
+ if(!pBegin)\r
+ {\r
+ if(Left < 24)\r
+ break;\r
+ if(memcmp(p, "-----BEGIN X509 CRL-----", 24) == 0)\r
+ pBegin = p;\r
+ }\r
+ else if(!pEnd)\r
+ {\r
+ if(Left < 22)\r
+ break;\r
+ if(memcmp(p, "-----END X509 CRL-----", 22) == 0)\r
+ pEnd = p + 22;\r
+ }\r
+ if(pBegin && pEnd)\r
+ {\r
+ if(pBIO = p_BIO_new_mem_buf(pBegin, (int)((size_t)pEnd - (size_t)pBegin)))\r
+ {\r
+ if(pX509_CRL = p_PEM_read_bio_X509_CRL(pBIO, NULL, NULL, NULL))\r
+ {\r
+ if(p_X509_STORE_add_crl(pStore, pX509_CRL) == 1)\r
+ r = TRUE;\r
+ p_X509_CRL_free(pX509_CRL);\r
+ }\r
+ p_BIO_free(pBIO);\r
+ }\r
+ pBegin = NULL;\r
+ pEnd = NULL;\r
+ }\r
+ p++;\r
+ Left--;\r
+ }\r
+ }\r
+ }\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ return r;\r
+}\r
+\r
+// ワイルドカードの比較\r
+// 主にSSL証明書のCN確認用\r
BOOL IsHostNameMatched(LPCSTR HostName, LPCSTR CommonName)\r
{\r
BOOL bResult;\r
- char* pAsterisk;\r
+ const char* pAsterisk;\r
+ size_t BeforeAsterisk;\r
+ const char* pBeginAsterisk;\r
+ const char* pEndAsterisk;\r
+ const char* pDot;\r
bResult = FALSE;\r
if(HostName && CommonName)\r
{\r
if(pAsterisk = strchr(CommonName, '*'))\r
{\r
- if(_strnicmp(HostName, CommonName, ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char)) == 0)\r
+ BeforeAsterisk = ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char);\r
+ pBeginAsterisk = HostName + BeforeAsterisk;\r
+ while(*pAsterisk == '*')\r
+ {\r
+ pAsterisk++;\r
+ }\r
+ pEndAsterisk = HostName + strlen(HostName) - strlen(pAsterisk);\r
+ // "*"より前は大文字小文字を無視して完全一致\r
+ if(_strnicmp(HostName, CommonName, BeforeAsterisk) == 0)\r
{\r
- while(*pAsterisk == '*')\r
+ // "*"より後は大文字小文字を無視して完全一致\r
+ if(_stricmp(pEndAsterisk, pAsterisk) == 0)\r
{\r
- pAsterisk++;\r
+ // "*"と一致する範囲に"."が含まれてはならない\r
+ pDot = strchr(pBeginAsterisk, '.');\r
+ if(!pDot || pDot >= pEndAsterisk)\r
+ bResult = TRUE;\r
}\r
- if(_stricmp(HostName + strlen(HostName) - strlen(pAsterisk), pAsterisk) == 0)\r
- bResult = TRUE;\r
}\r
}\r
else if(_stricmp(HostName, CommonName) == 0)\r
return bResult;\r
}\r
\r
-BOOL AttachSSL(SOCKET s, SOCKET parent)\r
+#pragma warning(push)\r
+#pragma warning(disable:4090)\r
+\r
+// RSA暗号化\r
+BOOL EncryptSignature(const char* PrivateKey, const char* Password, const void* pIn, DWORD InLength, void* pOut, DWORD OutLength, DWORD* pOutLength)\r
+{\r
+ BOOL bResult;\r
+ BIO* pBIO;\r
+ EVP_PKEY* pPKEY;\r
+ RSA* pRSA;\r
+ int i;\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ bResult = FALSE;\r
+ if(pBIO = p_BIO_new_mem_buf((void*)PrivateKey, sizeof(char) * strlen(PrivateKey)))\r
+ {\r
+ if(pPKEY = p_PEM_read_bio_PrivateKey(pBIO, NULL, NULL, (void*)Password))\r
+ {\r
+ if(pRSA = p_EVP_PKEY_get1_RSA(pPKEY))\r
+ {\r
+ if(p_RSA_size(pRSA) <= (int)OutLength)\r
+ {\r
+ i = p_RSA_private_encrypt((int)InLength, (const unsigned char*)pIn, (unsigned char*)pOut, pRSA, RSA_PKCS1_PADDING);\r
+ if(i >= 0)\r
+ {\r
+ *pOutLength = (DWORD)i;\r
+ bResult = TRUE;\r
+ }\r
+ }\r
+ p_RSA_free(pRSA);\r
+ }\r
+ p_EVP_PKEY_free(pPKEY);\r
+ }\r
+ p_BIO_free(pBIO);\r
+ }\r
+ return bResult;\r
+}\r
+\r
+// RSA復号化\r
+// 主に自動更新ファイルのハッシュの改竄確認\r
+BOOL DecryptSignature(const char* PublicKey, const char* Password, const void* pIn, DWORD InLength, void* pOut, DWORD OutLength, DWORD* pOutLength)\r
+{\r
+ BOOL bResult;\r
+ BIO* pBIO;\r
+ EVP_PKEY* pPKEY;\r
+ RSA* pRSA;\r
+ int i;\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ bResult = FALSE;\r
+ if(pBIO = p_BIO_new_mem_buf((void*)PublicKey, sizeof(char) * strlen(PublicKey)))\r
+ {\r
+ if(pPKEY = p_PEM_read_bio_PUBKEY(pBIO, NULL, NULL, Password))\r
+ {\r
+ if(pRSA = p_EVP_PKEY_get1_RSA(pPKEY))\r
+ {\r
+ if(p_RSA_size(pRSA) <= (int)OutLength)\r
+ {\r
+ i = p_RSA_public_decrypt((int)InLength, (const unsigned char*)pIn, (unsigned char*)pOut, pRSA, RSA_PKCS1_PADDING);\r
+ if(i >= 0)\r
+ {\r
+ *pOutLength = (DWORD)i;\r
+ bResult = TRUE;\r
+ }\r
+ }\r
+ p_RSA_free(pRSA);\r
+ }\r
+ p_EVP_PKEY_free(pPKEY);\r
+ }\r
+ p_BIO_free(pBIO);\r
+ }\r
+ return bResult;\r
+}\r
+\r
+#pragma warning(pop)\r
+\r
+// ハッシュ計算\r
+// 他にも同等の関数はあるが主にマルウェア対策のための冗長化\r
+BOOL GetHashSHA1(const void* pData, DWORD Size, void* pHash)\r
+{\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ p_SHA1((const unsigned char*)pData, (size_t)Size, (unsigned char*)pHash);\r
+ return TRUE;\r
+}\r
+\r
+BOOL GetHashSHA224(const void* pData, DWORD Size, void* pHash)\r
+{\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ p_SHA224((const unsigned char*)pData, (size_t)Size, (unsigned char*)pHash);\r
+ return TRUE;\r
+}\r
+\r
+BOOL GetHashSHA256(const void* pData, DWORD Size, void* pHash)\r
+{\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ p_SHA256((const unsigned char*)pData, (size_t)Size, (unsigned char*)pHash);\r
+ return TRUE;\r
+}\r
+\r
+BOOL GetHashSHA384(const void* pData, DWORD Size, void* pHash)\r
+{\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ p_SHA384((const unsigned char*)pData, (size_t)Size, (unsigned char*)pHash);\r
+ return TRUE;\r
+}\r
+\r
+BOOL GetHashSHA512(const void* pData, DWORD Size, void* pHash)\r
+{\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ p_SHA512((const unsigned char*)pData, (size_t)Size, (unsigned char*)pHash);\r
+ return TRUE;\r
+}\r
+\r
+// SSLセッションを開始\r
+BOOL AttachSSL(SOCKET s, SOCKET parent, BOOL* pbAborted, BOOL bStrengthen)\r
{\r
BOOL r;\r
DWORD Time;\r
SSL** ppSSL;\r
+ BOOL bInherited;\r
SSL** ppSSLParent;\r
SSL_SESSION* pSession;\r
+ int Return;\r
+ int Error;\r
if(!g_bOpenSSLLoaded)\r
return FALSE;\r
r = FALSE;\r
Time = timeGetTime();\r
EnterCriticalSection(&g_OpenSSLLock);\r
if(!g_pOpenSSLCTX)\r
+ {\r
g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+ p_SSL_CTX_ctrl(g_pOpenSSLCTX, SSL_CTRL_MODE, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY, NULL);\r
+ }\r
if(g_pOpenSSLCTX)\r
{\r
if(ppSSL = GetUnusedSSLPointer())\r
{\r
if(p_SSL_set_fd(*ppSSL, s) != 0)\r
{\r
+ bInherited = FALSE;\r
if(parent != INVALID_SOCKET)\r
{\r
if(ppSSLParent = FindSSLPointerFromSocket(parent))\r
if(pSession = p_SSL_get_session(*ppSSLParent))\r
{\r
if(p_SSL_set_session(*ppSSL, pSession) == 1)\r
- {\r
- }\r
+ bInherited = TRUE;\r
}\r
}\r
}\r
+ if(!bInherited)\r
+ {\r
+ if(bStrengthen)\r
+ {\r
+ p_SSL_ctrl(*ppSSL, SSL_CTRL_OPTIONS, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3, NULL);\r
+ p_SSL_set_cipher_list(*ppSSL, "HIGH");\r
+ }\r
+ }\r
// SSLのネゴシエーションには時間がかかる場合がある\r
r = TRUE;\r
- while(p_SSL_connect(*ppSSL) != 1)\r
+ while(r)\r
{\r
- LeaveCriticalSection(&g_OpenSSLLock);\r
- if(g_pOpenSSLTimeoutCallback() || (g_OpenSSLTimeout > 0 && timeGetTime() - Time >= g_OpenSSLTimeout))\r
+ Return = p_SSL_connect(*ppSSL);\r
+ if(Return == 1)\r
+ break;\r
+ Error = p_SSL_get_error(*ppSSL, Return);\r
+ if(Error == SSL_ERROR_WANT_READ || Error == SSL_ERROR_WANT_WRITE)\r
{\r
- DetachSSL(s);\r
- r = FALSE;\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ if(g_pOpenSSLTimeoutCallback(pbAborted) || (g_OpenSSLTimeout > 0 && timeGetTime() - Time >= g_OpenSSLTimeout))\r
+ r = FALSE;\r
EnterCriticalSection(&g_OpenSSLLock);\r
- break;\r
}\r
- EnterCriticalSection(&g_OpenSSLLock);\r
+ else\r
+ r = FALSE;\r
}\r
- if(ConfirmSSLCertificate(*ppSSL))\r
+ if(r)\r
{\r
+ if(ConfirmSSLCertificate(*ppSSL, pbAborted))\r
+ {\r
+ }\r
+ else\r
+ {\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ DetachSSL(s);\r
+ r = FALSE;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ }\r
}\r
else\r
{\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
DetachSSL(s);\r
- r = FALSE;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
}\r
}\r
else\r
return r;\r
}\r
\r
+// SSLセッションを終了\r
BOOL DetachSSL(SOCKET s)\r
{\r
BOOL r;\r
return r;\r
}\r
\r
+// SSLとしてマークされているか確認\r
+// マークされていればTRUEを返す\r
BOOL IsSSLAttached(SOCKET s)\r
{\r
SSL** ppSSL;\r
ppSSL = FindSSLPointerFromSocket(s);\r
LeaveCriticalSection(&g_OpenSSLLock);\r
if(!ppSSL)\r
- return TRUE;\r
+ return FALSE;\r
return TRUE;\r
}\r
\r
-SOCKET socketS(int af, int type, int protocol)\r
+SOCKET FTPS_socket(int af, int type, int protocol)\r
{\r
return socket(af, type, protocol);\r
}\r
\r
-int bindS(SOCKET s, const struct sockaddr *addr, int namelen)\r
+int FTPS_bind(SOCKET s, const struct sockaddr *addr, int namelen)\r
{\r
return bind(s, addr, namelen);\r
}\r
\r
-int listenS(SOCKET s, int backlog)\r
+int FTPS_listen(SOCKET s, int backlog)\r
{\r
return listen(s, backlog);\r
}\r
\r
-SOCKET acceptS(SOCKET s, struct sockaddr *addr, int *addrlen)\r
+// accept相当の関数\r
+// ただし初めからSSLのネゴシエーションを行う\r
+SOCKET FTPS_accept(SOCKET s, struct sockaddr *addr, int *addrlen)\r
{\r
SOCKET r;\r
+ BOOL bAborted;\r
r = accept(s, addr, addrlen);\r
- if(!AttachSSL(r, INVALID_SOCKET))\r
+ bAborted = FALSE;\r
+ if(!AttachSSL(r, INVALID_SOCKET, &bAborted, TRUE))\r
{\r
closesocket(r);\r
return INVALID_SOCKET;\r
return r;\r
}\r
\r
-int connectS(SOCKET s, const struct sockaddr *name, int namelen)\r
+// connect相当の関数\r
+// ただし初めからSSLのネゴシエーションを行う\r
+int FTPS_connect(SOCKET s, const struct sockaddr *name, int namelen)\r
{\r
int r;\r
+ BOOL bAborted;\r
r = connect(s, name, namelen);\r
- if(!AttachSSL(r, INVALID_SOCKET))\r
+ bAborted = FALSE;\r
+ if(!AttachSSL(r, INVALID_SOCKET, &bAborted, TRUE))\r
return SOCKET_ERROR;\r
return r;\r
}\r
\r
-int closesocketS(SOCKET s)\r
+// closesocket相当の関数\r
+int FTPS_closesocket(SOCKET s)\r
{\r
DetachSSL(s);\r
return closesocket(s);\r
}\r
\r
-int sendS(SOCKET s, const char * buf, int len, int flags)\r
+// send相当の関数\r
+int FTPS_send(SOCKET s, const char * buf, int len, int flags)\r
{\r
+ int r;\r
SSL** ppSSL;\r
if(!g_bOpenSSLLoaded)\r
return send(s, buf, len, flags);\r
LeaveCriticalSection(&g_OpenSSLLock);\r
if(!ppSSL)\r
return send(s, buf, len, flags);\r
- return p_SSL_write(*ppSSL, buf, len);\r
+ r = p_SSL_write(*ppSSL, buf, len);\r
+ if(r < 0)\r
+ return SOCKET_ERROR;\r
+ return r;\r
}\r
\r
-int recvS(SOCKET s, char * buf, int len, int flags)\r
+// recv相当の関数\r
+int FTPS_recv(SOCKET s, char * buf, int len, int flags)\r
{\r
+ int r;\r
SSL** ppSSL;\r
if(!g_bOpenSSLLoaded)\r
return recv(s, buf, len, flags);\r
if(!ppSSL)\r
return recv(s, buf, len, flags);\r
if(flags & MSG_PEEK)\r
- return p_SSL_peek(*ppSSL, buf, len);\r
- return p_SSL_read(*ppSSL, buf, len);\r
+ r = p_SSL_peek(*ppSSL, buf, len);\r
+ else\r
+ r = p_SSL_read(*ppSSL, buf, len);\r
+ if(r < 0)\r
+ return SOCKET_ERROR;\r
+ return r;\r
+}\r
+\r
+// IPv6対応\r
+\r
+const struct in6_addr IN6ADDR_NONE = {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}};\r
+\r
+typedef struct\r
+{\r
+ HANDLE h;\r
+ HWND hWnd;\r
+ u_int wMsg;\r
+ char * name;\r
+ char * buf;\r
+ int buflen;\r
+ short Family;\r
+} GETHOSTBYNAMEDATA;\r
+\r
+DWORD WINAPI WSAAsyncGetHostByNameIPv6ThreadProc(LPVOID lpParameter)\r
+{\r
+ GETHOSTBYNAMEDATA* pData;\r
+ struct hostent* pHost;\r
+ struct addrinfo* pAddr;\r
+ struct addrinfo* p;\r
+ pHost = NULL;\r
+ pData = (GETHOSTBYNAMEDATA*)lpParameter;\r
+ if(getaddrinfo(pData->name, NULL, NULL, &pAddr) == 0)\r
+ {\r
+ p = pAddr;\r
+ while(p)\r
+ {\r
+ if(p->ai_family == pData->Family)\r
+ {\r
+ switch(p->ai_family)\r
+ {\r
+ case AF_INET:\r
+ pHost = (struct hostent*)pData->buf;\r
+ if((size_t)pData->buflen >= sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in_addr)\r
+ && p->ai_addrlen >= sizeof(struct sockaddr_in))\r
+ {\r
+ pHost->h_name = NULL;\r
+ pHost->h_aliases = NULL;\r
+ pHost->h_addrtype = p->ai_family;\r
+ pHost->h_length = sizeof(struct in_addr);\r
+ pHost->h_addr_list = (char**)(&pHost[1]);\r
+ pHost->h_addr_list[0] = (char*)(&pHost->h_addr_list[2]);\r
+ pHost->h_addr_list[1] = NULL;\r
+ memcpy(pHost->h_addr_list[0], &((struct sockaddr_in*)p->ai_addr)->sin_addr, sizeof(struct in_addr));\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in_addr)));\r
+ }\r
+ else\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(WSAENOBUFS << 16));\r
+ break;\r
+ case AF_INET6:\r
+ pHost = (struct hostent*)pData->buf;\r
+ if((size_t)pData->buflen >= sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in6_addr)\r
+ && p->ai_addrlen >= sizeof(struct sockaddr_in6))\r
+ {\r
+ pHost->h_name = NULL;\r
+ pHost->h_aliases = NULL;\r
+ pHost->h_addrtype = p->ai_family;\r
+ pHost->h_length = sizeof(struct in6_addr);\r
+ pHost->h_addr_list = (char**)(&pHost[1]);\r
+ pHost->h_addr_list[0] = (char*)(&pHost->h_addr_list[2]);\r
+ pHost->h_addr_list[1] = NULL;\r
+ memcpy(pHost->h_addr_list[0], &((struct sockaddr_in6*)p->ai_addr)->sin6_addr, sizeof(struct in6_addr));\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in6_addr)));\r
+ }\r
+ else\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(WSAENOBUFS << 16));\r
+ break;\r
+ }\r
+ }\r
+ if(pHost)\r
+ break;\r
+ p = p->ai_next;\r
+ }\r
+ if(!p)\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(ERROR_INVALID_FUNCTION << 16));\r
+ freeaddrinfo(pAddr);\r
+ }\r
+ else\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(ERROR_INVALID_FUNCTION << 16));\r
+ // CreateThreadが返すハンドルが重複するのを回避\r
+ Sleep(10000);\r
+ CloseHandle(pData->h);\r
+ free(pData->name);\r
+ free(pData);\r
+ return 0;\r
+}\r
+\r
+// IPv6対応のWSAAsyncGetHostByName相当の関数\r
+// FamilyにはAF_INETまたはAF_INET6を指定可能\r
+// ただしANSI用\r
+HANDLE WSAAsyncGetHostByNameIPv6(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen, short Family)\r
+{\r
+ HANDLE hResult;\r
+ GETHOSTBYNAMEDATA* pData;\r
+ hResult = NULL;\r
+ if(pData = malloc(sizeof(GETHOSTBYNAMEDATA)))\r
+ {\r
+ pData->hWnd = hWnd;\r
+ pData->wMsg = wMsg;\r
+ if(pData->name = malloc(sizeof(char) * (strlen(name) + 1)))\r
+ {\r
+ strcpy(pData->name, name);\r
+ pData->buf = buf;\r
+ pData->buflen = buflen;\r
+ pData->Family = Family;\r
+ if(pData->h = CreateThread(NULL, 0, WSAAsyncGetHostByNameIPv6ThreadProc, pData, CREATE_SUSPENDED, NULL))\r
+ {\r
+ ResumeThread(pData->h);\r
+ hResult = pData->h;\r
+ }\r
+ }\r
+ }\r
+ if(!hResult)\r
+ {\r
+ if(pData)\r
+ {\r
+ if(pData->name)\r
+ free(pData->name);\r
+ free(pData);\r
+ }\r
+ }\r
+ return hResult;\r
+}\r
+\r
+// WSAAsyncGetHostByNameIPv6用のWSACancelAsyncRequest相当の関数\r
+int WSACancelAsyncRequestIPv6(HANDLE hAsyncTaskHandle)\r
+{\r
+ int Result;\r
+ Result = SOCKET_ERROR;\r
+ if(TerminateThread(hAsyncTaskHandle, 0))\r
+ {\r
+ CloseHandle(hAsyncTaskHandle);\r
+ Result = 0;\r
+ }\r
+ return Result;\r
+}\r
+\r
+char* AddressToStringIPv4(char* str, void* in)\r
+{\r
+ char* pResult;\r
+ unsigned char* p;\r
+ pResult = str;\r
+ p = (unsigned char*)in;\r
+ sprintf(str, "%u.%u.%u.%u", p[0], p[1], p[2], p[3]);\r
+ return pResult;\r
+}\r
+\r
+char* AddressToStringIPv6(char* str, void* in6)\r
+{\r
+ char* pResult;\r
+ unsigned char* p;\r
+ int MaxZero;\r
+ int MaxZeroLen;\r
+ int i;\r
+ int j;\r
+ char Tmp[5];\r
+ pResult = str;\r
+ p = (unsigned char*)in6;\r
+ MaxZero = 8;\r
+ MaxZeroLen = 1;\r
+ for(i = 0; i < 8; i++)\r
+ {\r
+ for(j = i; j < 8; j++)\r
+ {\r
+ if(p[j * 2] != 0 || p[j * 2 + 1] != 0)\r
+ break;\r
+ }\r
+ if(j - i > MaxZeroLen)\r
+ {\r
+ MaxZero = i;\r
+ MaxZeroLen = j - i;\r
+ }\r
+ }\r
+ strcpy(str, "");\r
+ for(i = 0; i < 8; i++)\r
+ {\r
+ if(i == MaxZero)\r
+ {\r
+ if(i == 0)\r
+ strcat(str, ":");\r
+ strcat(str, ":");\r
+ }\r
+ else if(i < MaxZero || i >= MaxZero + MaxZeroLen)\r
+ {\r
+ sprintf(Tmp, "%x", (((int)p[i * 2] & 0xff) << 8) | ((int)p[i * 2 + 1] & 0xff));\r
+ strcat(str, Tmp);\r
+ if(i < 7)\r
+ strcat(str, ":");\r
+ }\r
+ }\r
+ return pResult;\r
+}\r
+\r
+// IPv6対応のinet_ntoa相当の関数\r
+// ただしANSI用\r
+char* inet6_ntoa(struct in6_addr in6)\r
+{\r
+ char* pResult;\r
+ static char Adrs[40];\r
+ pResult = NULL;\r
+ memset(Adrs, 0, sizeof(Adrs));\r
+ pResult = AddressToStringIPv6(Adrs, &in6);\r
+ return pResult;\r
+}\r
+\r
+// IPv6対応のinet_addr相当の関数\r
+// ただしANSI用\r
+struct in6_addr inet6_addr(const char* cp)\r
+{\r
+ struct in6_addr Result;\r
+ int AfterZero;\r
+ int i;\r
+ char* p;\r
+ memset(&Result, 0, sizeof(Result));\r
+ AfterZero = 0;\r
+ for(i = 0; i < 8; i++)\r
+ {\r
+ if(!cp)\r
+ {\r
+ memcpy(&Result, &IN6ADDR_NONE, sizeof(struct in6_addr));\r
+ break;\r
+ }\r
+ if(i >= AfterZero)\r
+ {\r
+ if(strncmp(cp, ":", 1) == 0)\r
+ {\r
+ cp = cp + 1;\r
+ if(i == 0 && strncmp(cp, ":", 1) == 0)\r
+ cp = cp + 1;\r
+ p = (char*)cp;\r
+ AfterZero = 7;\r
+ while(p = strstr(p, ":"))\r
+ {\r
+ p = p + 1;\r
+ AfterZero--;\r
+ }\r
+ }\r
+ else\r
+ {\r
+ Result.u.Word[i] = (USHORT)strtol(cp, &p, 16);\r
+ Result.u.Word[i] = ((Result.u.Word[i] & 0xff00) >> 8) | ((Result.u.Word[i] & 0x00ff) << 8);\r
+ if(strncmp(p, ":", 1) != 0 && strlen(p) > 0)\r
+ {\r
+ memcpy(&Result, &IN6ADDR_NONE, sizeof(struct in6_addr));\r
+ break;\r
+ }\r
+ if(cp = strstr(cp, ":"))\r
+ cp = cp + 1;\r
+ }\r
+ }\r
+ }\r
+ return Result;\r
+}\r
+\r
+BOOL ConvertDomainNameToPunycode(LPSTR Output, DWORD Count, LPCSTR Input)\r
+{\r
+ BOOL bResult;\r
+ punycode_uint* pUnicode;\r
+ punycode_uint* p;\r
+ BOOL bNeeded;\r
+ LPCSTR InputString;\r
+ punycode_uint Length;\r
+ punycode_uint OutputLength;\r
+ bResult = FALSE;\r
+ if(pUnicode = malloc(sizeof(punycode_uint) * strlen(Input)))\r
+ {\r
+ p = pUnicode;\r
+ bNeeded = FALSE;\r
+ InputString = Input;\r
+ Length = 0;\r
+ while(*InputString != '\0')\r
+ {\r
+ *p = (punycode_uint)GetNextCharM(InputString, NULL, &InputString);\r
+ if(*p >= 0x80)\r
+ bNeeded = TRUE;\r
+ p++;\r
+ Length++;\r
+ }\r
+ if(bNeeded)\r
+ {\r
+ if(Count >= strlen("xn--") + 1)\r
+ {\r
+ strcpy(Output, "xn--");\r
+ OutputLength = Count - strlen("xn--");\r
+ if(punycode_encode(Length, pUnicode, NULL, (punycode_uint*)&OutputLength, Output + strlen("xn--")) == punycode_success)\r
+ {\r
+ Output[strlen("xn--") + OutputLength] = '\0';\r
+ bResult = TRUE;\r
+ }\r
+ }\r
+ }\r
+ free(pUnicode);\r
+ }\r
+ if(!bResult)\r
+ {\r
+ if(Count >= strlen(Input) + 1)\r
+ {\r
+ strcpy(Output, Input);\r
+ bResult = TRUE;\r
+ }\r
+ }\r
+ return bResult;\r
+}\r
+\r
+BOOL ConvertNameToPunycode(LPSTR Output, LPCSTR Input)\r
+{\r
+ BOOL bResult;\r
+ DWORD Length;\r
+ char* pm0;\r
+ char* pm1;\r
+ char* p;\r
+ char* pNext;\r
+ bResult = FALSE;\r
+ Length = strlen(Input);\r
+ if(pm0 = AllocateStringM(Length + 1))\r
+ {\r
+ if(pm1 = AllocateStringM(Length * 4 + 1))\r
+ {\r
+ strcpy(pm0, Input);\r
+ p = pm0;\r
+ while(p)\r
+ {\r
+ if(pNext = strchr(p, '.'))\r
+ {\r
+ *pNext = '\0';\r
+ pNext++;\r
+ }\r
+ if(ConvertDomainNameToPunycode(pm1, Length * 4, p))\r
+ strcat(Output, pm1);\r
+ if(pNext)\r
+ strcat(Output, ".");\r
+ p = pNext;\r
+ }\r
+ bResult = TRUE;\r
+ FreeDuplicatedString(pm1);\r
+ }\r
+ FreeDuplicatedString(pm0);\r
+ }\r
+ return bResult;\r
+}\r
+\r
+HANDLE WSAAsyncGetHostByNameM(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen)\r
+{\r
+ HANDLE r = NULL;\r
+ char* pa0 = NULL;\r
+ if(pa0 = AllocateStringA(strlen(name) * 4))\r
+ {\r
+ if(ConvertNameToPunycode(pa0, name))\r
+ r = WSAAsyncGetHostByName(hWnd, wMsg, pa0, buf, buflen);\r
+ }\r
+ FreeDuplicatedString(pa0);\r
+ return r;\r
+}\r
+\r
+HANDLE WSAAsyncGetHostByNameIPv6M(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen, short Family)\r
+{\r
+ HANDLE r = NULL;\r
+ char* pa0 = NULL;\r
+ if(pa0 = AllocateStringA(strlen(name) * 4))\r
+ {\r
+ if(ConvertNameToPunycode(pa0, name))\r
+ r = WSAAsyncGetHostByNameIPv6(hWnd, wMsg, pa0, buf, buflen, Family);\r
+ }\r
+ FreeDuplicatedString(pa0);\r
+ return r;\r
}\r
\r