#include "mbswrapper.h"\r
#include "punycode.h"\r
\r
+// FTPS対応\r
+\r
typedef void (__cdecl* _SSL_load_error_strings)();\r
typedef int (__cdecl* _SSL_library_init)();\r
typedef SSL_METHOD* (__cdecl* _SSLv23_method)();\r
typedef SSL_SESSION* (__cdecl* _SSL_get_session)(SSL*);\r
typedef int (__cdecl* _SSL_set_session)(SSL*, SSL_SESSION*);\r
typedef X509_STORE* (__cdecl* _SSL_CTX_get_cert_store)(const SSL_CTX*);\r
+typedef long (__cdecl* _SSL_CTX_ctrl)(SSL_CTX*, int, long, void*);\r
typedef BIO_METHOD* (__cdecl* _BIO_s_mem)();\r
typedef BIO* (__cdecl* _BIO_new)(BIO_METHOD*);\r
typedef int (__cdecl* _BIO_free)(BIO*);\r
_SSL_get_session p_SSL_get_session;\r
_SSL_set_session p_SSL_set_session;\r
_SSL_CTX_get_cert_store p_SSL_CTX_get_cert_store;\r
+_SSL_CTX_ctrl p_SSL_CTX_ctrl;\r
_BIO_s_mem p_BIO_s_mem;\r
_BIO_new p_BIO_new;\r
_BIO_free p_BIO_free;\r
return FALSE;\r
#ifdef ENABLE_PROCESS_PROTECTION\r
// 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること\r
- // ssleay32.dll 1.0.0e\r
- // libssl32.dll 1.0.0e\r
- RegisterTrustedModuleSHA1Hash("\x4E\xB7\xA0\x22\x14\x4B\x58\x6D\xBC\xF5\x21\x0D\x96\x78\x0D\x79\x7D\x66\xB2\xB0");\r
- // libeay32.dll 1.0.0e\r
- RegisterTrustedModuleSHA1Hash("\x01\x32\x7A\xAE\x69\x26\xE6\x58\xC7\x63\x22\x1E\x53\x5A\x78\xBC\x61\xC7\xB5\xC1");\r
+ // ssleay32.dll 1.0.1c\r
+ RegisterTrustedModuleSHA1Hash("\x8A\xB5\x6D\x5E\x0B\x31\x80\x5E\x21\x55\x2D\x6E\x4F\xAF\xB1\x47\x7B\xD3\xB5\x23");\r
+ // libeay32.dll 1.0.1c\r
+ RegisterTrustedModuleSHA1Hash("\xB4\x88\x17\x2E\x5C\x26\x9D\x62\x83\x65\x3A\xC1\x1B\xC9\x6E\x70\x1A\x8D\x6E\x76");\r
#endif\r
g_hOpenSSL = LoadLibrary("ssleay32.dll");\r
// バージョン固定のためlibssl32.dllの読み込みは脆弱性の原因になり得るので廃止\r
|| !(p_SSL_get_verify_result = (_SSL_get_verify_result)GetProcAddress(g_hOpenSSL, "SSL_get_verify_result"))\r
|| !(p_SSL_get_session = (_SSL_get_session)GetProcAddress(g_hOpenSSL, "SSL_get_session"))\r
|| !(p_SSL_set_session = (_SSL_set_session)GetProcAddress(g_hOpenSSL, "SSL_set_session"))\r
- || !(p_SSL_CTX_get_cert_store = (_SSL_CTX_get_cert_store)GetProcAddress(g_hOpenSSL, "SSL_CTX_get_cert_store")))\r
+ || !(p_SSL_CTX_get_cert_store = (_SSL_CTX_get_cert_store)GetProcAddress(g_hOpenSSL, "SSL_CTX_get_cert_store"))\r
+ || !(p_SSL_CTX_ctrl = (_SSL_CTX_ctrl)GetProcAddress(g_hOpenSSL, "SSL_CTX_ctrl")))\r
{\r
if(g_hOpenSSL)\r
FreeLibrary(g_hOpenSSL);\r
r = FALSE;\r
EnterCriticalSection(&g_OpenSSLLock);\r
if(!g_pOpenSSLCTX)\r
+ {\r
g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+ p_SSL_CTX_ctrl(g_pOpenSSLCTX, SSL_CTRL_MODE, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY, NULL);\r
+ }\r
if(g_pOpenSSLCTX)\r
{\r
if(pStore = p_SSL_CTX_get_cert_store(g_pOpenSSLCTX))\r
BOOL IsHostNameMatched(LPCSTR HostName, LPCSTR CommonName)\r
{\r
BOOL bResult;\r
- char* pAsterisk;\r
+ const char* pAsterisk;\r
+ size_t BeforeAsterisk;\r
+ const char* pBeginAsterisk;\r
+ const char* pEndAsterisk;\r
+ const char* pDot;\r
bResult = FALSE;\r
if(HostName && CommonName)\r
{\r
if(pAsterisk = strchr(CommonName, '*'))\r
{\r
- if(_strnicmp(HostName, CommonName, ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char)) == 0)\r
+ BeforeAsterisk = ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char);\r
+ pBeginAsterisk = HostName + BeforeAsterisk;\r
+ while(*pAsterisk == '*')\r
{\r
- while(*pAsterisk == '*')\r
+ pAsterisk++;\r
+ }\r
+ pEndAsterisk = HostName + strlen(HostName) - strlen(pAsterisk);\r
+ // "*"より前は大文字小文字を無視して完全一致\r
+ if(_strnicmp(HostName, CommonName, BeforeAsterisk) == 0)\r
+ {\r
+ // "*"より後は大文字小文字を無視して完全一致\r
+ if(_stricmp(pEndAsterisk, pAsterisk) == 0)\r
{\r
- pAsterisk++;\r
+ // "*"と一致する範囲に"."が含まれてはならない\r
+ pDot = strchr(pBeginAsterisk, '.');\r
+ if(!pDot || pDot >= pEndAsterisk)\r
+ bResult = TRUE;\r
}\r
- if(_stricmp(HostName + strlen(HostName) - strlen(pAsterisk), pAsterisk) == 0)\r
- bResult = TRUE;\r
}\r
}\r
else if(_stricmp(HostName, CommonName) == 0)\r
Time = timeGetTime();\r
EnterCriticalSection(&g_OpenSSLLock);\r
if(!g_pOpenSSLCTX)\r
+ {\r
g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+ p_SSL_CTX_ctrl(g_pOpenSSLCTX, SSL_CTRL_MODE, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY, NULL);\r
+ }\r
if(g_pOpenSSLCTX)\r
{\r
if(ppSSL = GetUnusedSSLPointer())\r
return TRUE;\r
}\r
\r
-SOCKET socketS(int af, int type, int protocol)\r
+SOCKET FTPS_socket(int af, int type, int protocol)\r
{\r
return socket(af, type, protocol);\r
}\r
\r
-int bindS(SOCKET s, const struct sockaddr *addr, int namelen)\r
+int FTPS_bind(SOCKET s, const struct sockaddr *addr, int namelen)\r
{\r
return bind(s, addr, namelen);\r
}\r
\r
-int listenS(SOCKET s, int backlog)\r
+int FTPS_listen(SOCKET s, int backlog)\r
{\r
return listen(s, backlog);\r
}\r
\r
// accept相当の関数\r
// ただし初めからSSLのネゴシエーションを行う\r
-SOCKET acceptS(SOCKET s, struct sockaddr *addr, int *addrlen)\r
+SOCKET FTPS_accept(SOCKET s, struct sockaddr *addr, int *addrlen)\r
{\r
SOCKET r;\r
BOOL bAborted;\r
\r
// connect相当の関数\r
// ただし初めからSSLのネゴシエーションを行う\r
-int connectS(SOCKET s, const struct sockaddr *name, int namelen)\r
+int FTPS_connect(SOCKET s, const struct sockaddr *name, int namelen)\r
{\r
int r;\r
BOOL bAborted;\r
}\r
\r
// closesocket相当の関数\r
-int closesocketS(SOCKET s)\r
+int FTPS_closesocket(SOCKET s)\r
{\r
DetachSSL(s);\r
return closesocket(s);\r
}\r
\r
// send相当の関数\r
-int sendS(SOCKET s, const char * buf, int len, int flags)\r
+int FTPS_send(SOCKET s, const char * buf, int len, int flags)\r
{\r
+ int r;\r
SSL** ppSSL;\r
if(!g_bOpenSSLLoaded)\r
return send(s, buf, len, flags);\r
LeaveCriticalSection(&g_OpenSSLLock);\r
if(!ppSSL)\r
return send(s, buf, len, flags);\r
- return p_SSL_write(*ppSSL, buf, len);\r
+ r = p_SSL_write(*ppSSL, buf, len);\r
+ if(r < 0)\r
+ return SOCKET_ERROR;\r
+ return r;\r
}\r
\r
// recv相当の関数\r
-int recvS(SOCKET s, char * buf, int len, int flags)\r
+int FTPS_recv(SOCKET s, char * buf, int len, int flags)\r
{\r
+ int r;\r
SSL** ppSSL;\r
if(!g_bOpenSSLLoaded)\r
return recv(s, buf, len, flags);\r
if(!ppSSL)\r
return recv(s, buf, len, flags);\r
if(flags & MSG_PEEK)\r
- return p_SSL_peek(*ppSSL, buf, len);\r
- return p_SSL_read(*ppSSL, buf, len);\r
+ r = p_SSL_peek(*ppSSL, buf, len);\r
+ else\r
+ r = p_SSL_read(*ppSSL, buf, len);\r
+ if(r < 0)\r
+ return SOCKET_ERROR;\r
+ return r;\r
}\r
\r
// IPv6対応\r
\r
+const struct in6_addr IN6ADDR_NONE = {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}};\r
+\r
typedef struct\r
{\r
HANDLE h;\r
pHost->h_addr_list[0] = (char*)(&pHost->h_addr_list[2]);\r
pHost->h_addr_list[1] = NULL;\r
memcpy(pHost->h_addr_list[0], &((struct sockaddr_in*)p->ai_addr)->sin_addr, sizeof(struct in_addr));\r
- PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + p->ai_addrlen));\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in_addr)));\r
}\r
else\r
PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(WSAENOBUFS << 16));\r
pHost->h_addr_list[0] = (char*)(&pHost->h_addr_list[2]);\r
pHost->h_addr_list[1] = NULL;\r
memcpy(pHost->h_addr_list[0], &((struct sockaddr_in6*)p->ai_addr)->sin6_addr, sizeof(struct in6_addr));\r
- PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + p->ai_addrlen));\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in6_addr)));\r
}\r
else\r
PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(WSAENOBUFS << 16));\r
}\r
else\r
PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(ERROR_INVALID_FUNCTION << 16));\r
- free(pData->name);\r
- free(pData);\r
// CreateThreadが返すハンドルが重複するのを回避\r
Sleep(10000);\r
+ CloseHandle(pData->h);\r
+ free(pData->name);\r
+ free(pData);\r
return 0;\r
}\r
\r
int Result;\r
Result = SOCKET_ERROR;\r
if(TerminateThread(hAsyncTaskHandle, 0))\r
+ {\r
+ CloseHandle(hAsyncTaskHandle);\r
Result = 0;\r
+ }\r
return Result;\r
}\r
\r
{\r
if(!cp)\r
{\r
- memset(&Result, 0xff, sizeof(Result));\r
+ memcpy(&Result, &IN6ADDR_NONE, sizeof(struct in6_addr));\r
break;\r
}\r
if(i >= AfterZero)\r
Result.u.Word[i] = ((Result.u.Word[i] & 0xff00) >> 8) | ((Result.u.Word[i] & 0x00ff) << 8);\r
if(strncmp(p, ":", 1) != 0 && strlen(p) > 0)\r
{\r
- memset(&Result, 0xff, sizeof(Result));\r
+ memcpy(&Result, &IN6ADDR_NONE, sizeof(struct in6_addr));\r
break;\r
}\r
if(cp = strstr(cp, ":"))\r
Length = 0;\r
while(*InputString != '\0')\r
{\r
- *p = (punycode_uint)GetNextCharM(InputString, &InputString);\r
+ *p = (punycode_uint)GetNextCharM(InputString, NULL, &InputString);\r
if(*p >= 0x80)\r
bNeeded = TRUE;\r
p++;\r