typedef SSL_SESSION* (__cdecl* _SSL_get_session)(SSL*);\r
typedef int (__cdecl* _SSL_set_session)(SSL*, SSL_SESSION*);\r
typedef X509_STORE* (__cdecl* _SSL_CTX_get_cert_store)(const SSL_CTX*);\r
+typedef long (__cdecl* _SSL_CTX_ctrl)(SSL_CTX*, int, long, void*);\r
typedef BIO_METHOD* (__cdecl* _BIO_s_mem)();\r
typedef BIO* (__cdecl* _BIO_new)(BIO_METHOD*);\r
typedef int (__cdecl* _BIO_free)(BIO*);\r
_SSL_get_session p_SSL_get_session;\r
_SSL_set_session p_SSL_set_session;\r
_SSL_CTX_get_cert_store p_SSL_CTX_get_cert_store;\r
+_SSL_CTX_ctrl p_SSL_CTX_ctrl;\r
_BIO_s_mem p_BIO_s_mem;\r
_BIO_new p_BIO_new;\r
_BIO_free p_BIO_free;\r
return FALSE;\r
#ifdef ENABLE_PROCESS_PROTECTION\r
// 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること\r
- // ssleay32.dll 1.0.0g\r
- // libssl32.dll 1.0.0g\r
- RegisterTrustedModuleSHA1Hash("\x42\x32\x3E\x44\x35\xBC\x98\x6C\x45\xC9\xA2\xB8\x41\xE7\xDA\x7B\x6A\x98\xB2\x28");\r
- // libeay32.dll 1.0.0g\r
- RegisterTrustedModuleSHA1Hash("\x3F\xC8\x07\x84\xB3\xF0\x71\x4A\x18\x59\x52\x1F\x99\x09\x65\xB9\x49\xA7\x15\x36");\r
+ // ssleay32.dll 1.0.1c\r
+ RegisterTrustedModuleSHA1Hash("\x8A\xB5\x6D\x5E\x0B\x31\x80\x5E\x21\x55\x2D\x6E\x4F\xAF\xB1\x47\x7B\xD3\xB5\x23");\r
+ // libeay32.dll 1.0.1c\r
+ RegisterTrustedModuleSHA1Hash("\xB4\x88\x17\x2E\x5C\x26\x9D\x62\x83\x65\x3A\xC1\x1B\xC9\x6E\x70\x1A\x8D\x6E\x76");\r
#endif\r
g_hOpenSSL = LoadLibrary("ssleay32.dll");\r
// バージョン固定のためlibssl32.dllの読み込みは脆弱性の原因になり得るので廃止\r
|| !(p_SSL_get_verify_result = (_SSL_get_verify_result)GetProcAddress(g_hOpenSSL, "SSL_get_verify_result"))\r
|| !(p_SSL_get_session = (_SSL_get_session)GetProcAddress(g_hOpenSSL, "SSL_get_session"))\r
|| !(p_SSL_set_session = (_SSL_set_session)GetProcAddress(g_hOpenSSL, "SSL_set_session"))\r
- || !(p_SSL_CTX_get_cert_store = (_SSL_CTX_get_cert_store)GetProcAddress(g_hOpenSSL, "SSL_CTX_get_cert_store")))\r
+ || !(p_SSL_CTX_get_cert_store = (_SSL_CTX_get_cert_store)GetProcAddress(g_hOpenSSL, "SSL_CTX_get_cert_store"))\r
+ || !(p_SSL_CTX_ctrl = (_SSL_CTX_ctrl)GetProcAddress(g_hOpenSSL, "SSL_CTX_ctrl")))\r
{\r
if(g_hOpenSSL)\r
FreeLibrary(g_hOpenSSL);\r
r = FALSE;\r
EnterCriticalSection(&g_OpenSSLLock);\r
if(!g_pOpenSSLCTX)\r
+ {\r
g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+ p_SSL_CTX_ctrl(g_pOpenSSLCTX, SSL_CTRL_MODE, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY, NULL);\r
+ }\r
if(g_pOpenSSLCTX)\r
{\r
if(pStore = p_SSL_CTX_get_cert_store(g_pOpenSSLCTX))\r
Time = timeGetTime();\r
EnterCriticalSection(&g_OpenSSLLock);\r
if(!g_pOpenSSLCTX)\r
+ {\r
g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+ p_SSL_CTX_ctrl(g_pOpenSSLCTX, SSL_CTRL_MODE, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY, NULL);\r
+ }\r
if(g_pOpenSSLCTX)\r
{\r
if(ppSSL = GetUnusedSSLPointer())\r
// send相当の関数\r
int FTPS_send(SOCKET s, const char * buf, int len, int flags)\r
{\r
+ int r;\r
SSL** ppSSL;\r
if(!g_bOpenSSLLoaded)\r
return send(s, buf, len, flags);\r
LeaveCriticalSection(&g_OpenSSLLock);\r
if(!ppSSL)\r
return send(s, buf, len, flags);\r
- return p_SSL_write(*ppSSL, buf, len);\r
+ r = p_SSL_write(*ppSSL, buf, len);\r
+ if(r < 0)\r
+ return SOCKET_ERROR;\r
+ return r;\r
}\r
\r
// recv相当の関数\r
int FTPS_recv(SOCKET s, char * buf, int len, int flags)\r
{\r
+ int r;\r
SSL** ppSSL;\r
if(!g_bOpenSSLLoaded)\r
return recv(s, buf, len, flags);\r
if(!ppSSL)\r
return recv(s, buf, len, flags);\r
if(flags & MSG_PEEK)\r
- return p_SSL_peek(*ppSSL, buf, len);\r
- return p_SSL_read(*ppSSL, buf, len);\r
+ r = p_SSL_peek(*ppSSL, buf, len);\r
+ else\r
+ r = p_SSL_read(*ppSSL, buf, len);\r
+ if(r < 0)\r
+ return SOCKET_ERROR;\r
+ return r;\r
}\r
\r
// IPv6対応\r
return r;\r
}\r
\r
-// SFTP対応\r
-\r
-typedef void* (__cdecl* _SFTP_Create)();\r
-typedef void (__cdecl* _SFTP_Destroy)(void*);\r
-typedef BOOL (__cdecl* _SFTP_IsExited)(void*);\r
-typedef BOOL (__cdecl* _SFTP_SetTimeoutCallback)(void*, void*);\r
-typedef size_t (__cdecl* _SFTP_PeekStdOut)(void*, void*, size_t);\r
-typedef size_t (__cdecl* _SFTP_ReadStdOut)(void*, void*, size_t);\r
-typedef size_t (__cdecl* _SFTP_WriteStdIn)(void*, const void*, size_t);\r
-typedef size_t (__cdecl* _SFTP_PeekDataOut)(void*, void*, size_t);\r
-typedef size_t (__cdecl* _SFTP_ReadDataOut)(void*, void*, size_t);\r
-typedef size_t (__cdecl* _SFTP_WriteDataIn)(void*, const void*, size_t);\r
-typedef BOOL (__cdecl* _SFTP_SetFilePosition)(void*, LONGLONG);\r
-\r
-_SFTP_Create p_SFTP_Create;\r
-_SFTP_Destroy p_SFTP_Destroy;\r
-_SFTP_IsExited p_SFTP_IsExited;\r
-_SFTP_SetTimeoutCallback p_SFTP_SetTimeoutCallback;\r
-_SFTP_PeekStdOut p_SFTP_PeekStdOut;\r
-_SFTP_ReadStdOut p_SFTP_ReadStdOut;\r
-_SFTP_WriteStdIn p_SFTP_WriteStdIn;\r
-_SFTP_PeekDataOut p_SFTP_PeekDataOut;\r
-_SFTP_ReadDataOut p_SFTP_ReadDataOut;\r
-_SFTP_WriteDataIn p_SFTP_WriteDataIn;\r
-_SFTP_SetFilePosition p_SFTP_SetFilePosition;\r
-\r
-typedef struct\r
-{\r
- SOCKET Control;\r
- SOCKET Data;\r
- void* Handle;\r
- char Host[1024];\r
- int Port;\r
- char User[1024];\r
- char Password[1024];\r
-} SFTPDATA;\r
-\r
-#define MAX_SFTP_SOCKET 16\r
-\r
-BOOL g_bPuTTYLoaded;\r
-HMODULE g_hPuTTY;\r
-CRITICAL_SECTION g_PuTTYLock;\r
-SFTPDATA g_SFTPData[MAX_SFTP_SOCKET];\r
-\r
-// PuTTYを初期化\r
-BOOL LoadPuTTY()\r
-{\r
- int i;\r
- if(g_bPuTTYLoaded)\r
- return FALSE;\r
-#ifdef ENABLE_PROCESS_PROTECTION\r
- // ビルドしたputty.dllに合わせてSHA1ハッシュ値を変更すること\r
- RegisterTrustedModuleSHA1Hash("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00");\r
-#endif\r
- // デバッグ用\r
-#ifdef _DEBUG\r
- {\r
- char Path[MAX_PATH];\r
- GetModuleFileName(NULL, Path, MAX_PATH);\r
- strcpy(strrchr(Path, '\\'), "\\..\\putty\\Debug\\PuTTY.dll");\r
- g_hPuTTY = LoadLibrary(Path);\r
- }\r
-#else\r
- g_hPuTTY = LoadLibrary("putty.dll");\r
-#endif\r
- if(!g_hPuTTY\r
- || !(p_SFTP_Create = (_SFTP_Create)GetProcAddress(g_hPuTTY, "SFTP_Create"))\r
- || !(p_SFTP_Destroy = (_SFTP_Destroy)GetProcAddress(g_hPuTTY, "SFTP_Destroy"))\r
- || !(p_SFTP_IsExited = (_SFTP_IsExited)GetProcAddress(g_hPuTTY, "SFTP_IsExited"))\r
- || !(p_SFTP_SetTimeoutCallback = (_SFTP_SetTimeoutCallback)GetProcAddress(g_hPuTTY, "SFTP_SetTimeoutCallback"))\r
- || !(p_SFTP_PeekStdOut = (_SFTP_PeekStdOut)GetProcAddress(g_hPuTTY, "SFTP_PeekStdOut"))\r
- || !(p_SFTP_ReadStdOut = (_SFTP_ReadStdOut)GetProcAddress(g_hPuTTY, "SFTP_ReadStdOut"))\r
- || !(p_SFTP_WriteStdIn = (_SFTP_WriteStdIn)GetProcAddress(g_hPuTTY, "SFTP_WriteStdIn"))\r
- || !(p_SFTP_PeekDataOut = (_SFTP_PeekDataOut)GetProcAddress(g_hPuTTY, "SFTP_PeekDataOut"))\r
- || !(p_SFTP_ReadDataOut = (_SFTP_ReadDataOut)GetProcAddress(g_hPuTTY, "SFTP_ReadDataOut"))\r
- || !(p_SFTP_WriteDataIn = (_SFTP_WriteDataIn)GetProcAddress(g_hPuTTY, "SFTP_WriteDataIn"))\r
- || !(p_SFTP_SetFilePosition = (_SFTP_SetFilePosition)GetProcAddress(g_hPuTTY, "SFTP_SetFilePosition")))\r
- {\r
- if(g_hPuTTY)\r
- FreeLibrary(g_hPuTTY);\r
- g_hPuTTY = NULL;\r
- return FALSE;\r
- }\r
- for(i = 0; i < MAX_SFTP_SOCKET; i++)\r
- {\r
- g_SFTPData[i].Control = INVALID_SOCKET;\r
- g_SFTPData[i].Data = INVALID_SOCKET;\r
- }\r
- InitializeCriticalSection(&g_PuTTYLock);\r
- g_bPuTTYLoaded = TRUE;\r
- return TRUE;\r
-}\r
-\r
-// PuTTYを解放\r
-void FreePuTTY()\r
-{\r
- int i;\r
- if(!g_bPuTTYLoaded)\r
- return;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- for(i = 0; i < MAX_SFTP_SOCKET; i++)\r
- {\r
- if(g_SFTPData[i].Control != INVALID_SOCKET)\r
- {\r
- closesocket(g_SFTPData[i].Control);\r
- g_SFTPData[i].Control = INVALID_SOCKET;\r
- p_SFTP_Destroy(g_SFTPData[i].Handle);\r
- }\r
- if(g_SFTPData[i].Data != INVALID_SOCKET)\r
- {\r
- closesocket(g_SFTPData[i].Data);\r
- g_SFTPData[i].Data = INVALID_SOCKET;\r
- }\r
- }\r
- FreeLibrary(g_hPuTTY);\r
- g_hPuTTY = NULL;\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- DeleteCriticalSection(&g_PuTTYLock);\r
- g_bPuTTYLoaded = FALSE;\r
-}\r
-\r
-// PuTTYが使用可能かどうか確認\r
-BOOL IsPuTTYLoaded()\r
-{\r
- return g_bPuTTYLoaded;\r
-}\r
-\r
-SFTPDATA* GetUnusedSFTPData()\r
-{\r
- int i;\r
- for(i = 0; i < MAX_SFTP_SOCKET; i++)\r
- {\r
- if(g_SFTPData[i].Control == INVALID_SOCKET)\r
- {\r
- memset(&g_SFTPData[i], 0, sizeof(SFTPDATA));\r
- return &g_SFTPData[i];\r
- }\r
- }\r
- return NULL;\r
-}\r
-\r
-SFTPDATA* FindSFTPDataFromSocket(SOCKET s)\r
-{\r
- int i;\r
- for(i = 0; i < MAX_SFTP_SOCKET; i++)\r
- {\r
- if(g_SFTPData[i].Control == s || g_SFTPData[i].Data == s)\r
- return &g_SFTPData[i];\r
- }\r
- return NULL;\r
-}\r
-\r
-// SFTPとしてマークされているか確認\r
-// マークされていればTRUEを返す\r
-BOOL IsSFTPAttached(SOCKET s)\r
-{\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return FALSE;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- pSFTPData = FindSFTPDataFromSocket(s);\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- if(!pSFTPData)\r
- return FALSE;\r
- return TRUE;\r
-}\r
-\r
-// コントロール用の仮想的なソケットを取得\r
-// 識別子としてダミーのソケットを返す\r
-SOCKET SFTP_socket(int af, int type, int protocol)\r
-{\r
- SOCKET r;\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return INVALID_SOCKET;\r
- r = INVALID_SOCKET;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- if(pSFTPData = GetUnusedSFTPData())\r
- {\r
- r = socket(af, type, protocol);\r
- pSFTPData->Control = r;\r
- pSFTPData->Data = INVALID_SOCKET;\r
- pSFTPData->Handle = p_SFTP_Create();\r
- }\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- return r;\r
-}\r
-\r
-int SFTP_bind(SOCKET s, const struct sockaddr *addr, int namelen)\r
-{\r
- return SOCKET_ERROR;\r
-}\r
-\r
-int SFTP_listen(SOCKET s, int backlog)\r
-{\r
- return SOCKET_ERROR;\r
-}\r
-\r
-// accept相当の関数\r
-SOCKET SFTP_accept(SOCKET s, struct sockaddr *addr, int *addrlen)\r
-{\r
- return INVALID_SOCKET;\r
-}\r
-\r
-// connect相当の関数\r
-int SFTP_connect(SOCKET s, const struct sockaddr *name, int namelen)\r
-{\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return SOCKET_ERROR;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- pSFTPData = FindSFTPDataFromSocket(s);\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- if(!pSFTPData)\r
- return SOCKET_ERROR;\r
- if(namelen == sizeof(struct sockaddr_in))\r
- {\r
- }\r
- else if(namelen == sizeof(struct sockaddr_in6))\r
- {\r
- }\r
- else\r
- return SOCKET_ERROR;\r
- return 0;\r
-}\r
-\r
-// closesocket相当の関数\r
-int SFTP_closesocket(SOCKET s)\r
-{\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return SOCKET_ERROR;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- if(pSFTPData = FindSFTPDataFromSocket(s))\r
- {\r
- if(pSFTPData->Control == s)\r
- {\r
- pSFTPData->Control = INVALID_SOCKET;\r
- p_SFTP_Destroy(pSFTPData->Handle);\r
- }\r
- if(pSFTPData->Data == s)\r
- pSFTPData->Data = INVALID_SOCKET;\r
- }\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- return closesocket(s);\r
-}\r
-\r
-// send相当の関数\r
-int SFTP_send(SOCKET s, const char * buf, int len, int flags)\r
-{\r
- int r;\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return SOCKET_ERROR;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- pSFTPData = FindSFTPDataFromSocket(s);\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- if(!pSFTPData)\r
- return SOCKET_ERROR;\r
- if(p_SFTP_IsExited(pSFTPData->Handle))\r
- return SOCKET_ERROR;\r
- r = SOCKET_ERROR;\r
- if(pSFTPData->Control == s)\r
- r = (int)p_SFTP_WriteStdIn(pSFTPData->Handle, buf, len);\r
- else if(pSFTPData->Data == s)\r
- r = (int)p_SFTP_WriteDataIn(pSFTPData->Handle, buf, len);\r
- return r;\r
-}\r
-\r
-// recv相当の関数\r
-int SFTP_recv(SOCKET s, char * buf, int len, int flags)\r
-{\r
- int r;\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return SOCKET_ERROR;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- pSFTPData = FindSFTPDataFromSocket(s);\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- if(!pSFTPData)\r
- return SOCKET_ERROR;\r
- if(p_SFTP_IsExited(pSFTPData->Handle))\r
- return SOCKET_ERROR;\r
- r = SOCKET_ERROR;\r
- if(pSFTPData->Control == s)\r
- {\r
- if(flags & MSG_PEEK)\r
- r = (int)p_SFTP_PeekStdOut(pSFTPData->Handle, buf, len);\r
- else\r
- r = (int)p_SFTP_ReadStdOut(pSFTPData->Handle, buf, len);\r
- }\r
- else if(pSFTPData->Data == s)\r
- {\r
- if(flags & MSG_PEEK)\r
- r = (int)p_SFTP_PeekDataOut(pSFTPData->Handle, buf, len);\r
- else\r
- r = (int)p_SFTP_ReadDataOut(pSFTPData->Handle, buf, len);\r
- }\r
- return r;\r
-}\r
-\r
-BOOL SFTP_SetTimeoutCallback(SOCKET s, void* pCallback)\r
-{\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return FALSE;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- pSFTPData = FindSFTPDataFromSocket(s);\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- if(!pSFTPData)\r
- return FALSE;\r
- return p_SFTP_SetTimeoutCallback(pSFTPData->Handle, pCallback);\r
-}\r
-\r
-// データ用の仮想的なソケットを取得\r
-// 識別子としてダミーのソケットを返す\r
-SOCKET SFTP_GetDataHandle(SOCKET s, int af, int type, int protocol)\r
-{\r
- SOCKET r;\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return INVALID_SOCKET;\r
- r = INVALID_SOCKET;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- if(pSFTPData = FindSFTPDataFromSocket(s))\r
- {\r
- r = socket(af, type, protocol);\r
- pSFTPData->Data = r;\r
- }\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- return r;\r
-}\r
-\r
-BOOL SFTP_SetFilePosition(SOCKET s, LONGLONG Position)\r
-{\r
- SFTPDATA* pSFTPData;\r
- if(!g_bPuTTYLoaded)\r
- return FALSE;\r
- EnterCriticalSection(&g_PuTTYLock);\r
- pSFTPData = FindSFTPDataFromSocket(s);\r
- LeaveCriticalSection(&g_PuTTYLock);\r
- if(!pSFTPData)\r
- return FALSE;\r
- return p_SFTP_SetFilePosition(pSFTPData->Handle, Position);\r
-}\r
-\r