2 // Copyright (C) 2011 Suguru Kawamoto
\r
4 // socket関連関数をOpenSSL用に置換
\r
5 // コンパイルにはOpenSSLのヘッダーファイルが必要
\r
6 // 実行にはOpenSSLのDLLが必要
\r
9 #include <mmsystem.h>
\r
10 #include <openssl/ssl.h>
\r
12 #include "socketwrapper.h"
\r
13 #include "protectprocess.h"
\r
15 typedef void (__cdecl* _SSL_load_error_strings)();
\r
16 typedef int (__cdecl* _SSL_library_init)();
\r
17 typedef SSL_METHOD* (__cdecl* _SSLv23_method)();
\r
18 typedef SSL_CTX* (__cdecl* _SSL_CTX_new)(SSL_METHOD*);
\r
19 typedef void (__cdecl* _SSL_CTX_free)(SSL_CTX*);
\r
20 typedef SSL* (__cdecl* _SSL_new)(SSL_CTX*);
\r
21 typedef void (__cdecl* _SSL_free)(SSL*);
\r
22 typedef int (__cdecl* _SSL_shutdown)(SSL*);
\r
23 typedef int (__cdecl* _SSL_get_fd)(SSL*);
\r
24 typedef int (__cdecl* _SSL_set_fd)(SSL*, int);
\r
25 typedef int (__cdecl* _SSL_accept)(SSL*);
\r
26 typedef int (__cdecl* _SSL_connect)(SSL*);
\r
27 typedef int (__cdecl* _SSL_write)(SSL*, const void*, int);
\r
28 typedef int (__cdecl* _SSL_peek)(SSL*, void*, int);
\r
29 typedef int (__cdecl* _SSL_read)(SSL*, void*, int);
\r
30 typedef int (__cdecl* _SSL_get_error)(SSL*, int);
\r
32 _SSL_load_error_strings pSSL_load_error_strings;
\r
33 _SSL_library_init pSSL_library_init;
\r
34 _SSLv23_method pSSLv23_method;
\r
35 _SSL_CTX_new pSSL_CTX_new;
\r
36 _SSL_CTX_free pSSL_CTX_free;
\r
38 _SSL_free pSSL_free;
\r
39 _SSL_shutdown pSSL_shutdown;
\r
40 _SSL_get_fd pSSL_get_fd;
\r
41 _SSL_set_fd pSSL_set_fd;
\r
42 _SSL_accept pSSL_accept;
\r
43 _SSL_connect pSSL_connect;
\r
44 _SSL_write pSSL_write;
\r
45 _SSL_peek pSSL_peek;
\r
46 _SSL_read pSSL_read;
\r
47 _SSL_get_error pSSL_get_error;
\r
49 #define MAX_SSL_SOCKET 64
\r
51 BOOL g_bOpenSSLLoaded;
\r
53 CRITICAL_SECTION g_OpenSSLLock;
\r
54 DWORD g_OpenSSLTimeout;
\r
55 LPSSLTIMEOUTCALLBACK g_pOpenSSLTimeoutCallback;
\r
56 SSL_CTX* g_pOpenSSLCTX;
\r
57 SSL* g_pOpenSSLHandle[MAX_SSL_SOCKET];
\r
59 BOOL __stdcall DefaultSSLTimeoutCallback()
\r
67 if(g_bOpenSSLLoaded)
\r
69 #ifdef ENABLE_PROCESS_PROTECTION
\r
70 // 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること
\r
71 // ssleay32.dll 1.0.0e
\r
72 // libssl32.dll 1.0.0e
\r
73 RegisterTrustedModuleSHA1Hash("\x4E\xB7\xA0\x22\x14\x4B\x58\x6D\xBC\xF5\x21\x0D\x96\x78\x0D\x79\x7D\x66\xB2\xB0");
\r
74 // libeay32.dll 1.0.0e
\r
75 RegisterTrustedModuleSHA1Hash("\x01\x32\x7A\xAE\x69\x26\xE6\x58\xC7\x63\x22\x1E\x53\x5A\x78\xBC\x61\xC7\xB5\xC1");
\r
77 g_hOpenSSL = LoadLibrary("ssleay32.dll");
\r
79 g_hOpenSSL = LoadLibrary("libssl32.dll");
\r
81 || !(pSSL_load_error_strings = (_SSL_load_error_strings)GetProcAddress(g_hOpenSSL, "SSL_load_error_strings"))
\r
82 || !(pSSL_library_init = (_SSL_library_init)GetProcAddress(g_hOpenSSL, "SSL_library_init"))
\r
83 || !(pSSLv23_method = (_SSLv23_method)GetProcAddress(g_hOpenSSL, "SSLv23_method"))
\r
84 || !(pSSL_CTX_new = (_SSL_CTX_new)GetProcAddress(g_hOpenSSL, "SSL_CTX_new"))
\r
85 || !(pSSL_CTX_free = (_SSL_CTX_free)GetProcAddress(g_hOpenSSL, "SSL_CTX_free"))
\r
86 || !(pSSL_new = (_SSL_new)GetProcAddress(g_hOpenSSL, "SSL_new"))
\r
87 || !(pSSL_free = (_SSL_free)GetProcAddress(g_hOpenSSL, "SSL_free"))
\r
88 || !(pSSL_shutdown = (_SSL_shutdown)GetProcAddress(g_hOpenSSL, "SSL_shutdown"))
\r
89 || !(pSSL_get_fd = (_SSL_get_fd)GetProcAddress(g_hOpenSSL, "SSL_get_fd"))
\r
90 || !(pSSL_set_fd = (_SSL_set_fd)GetProcAddress(g_hOpenSSL, "SSL_set_fd"))
\r
91 || !(pSSL_accept = (_SSL_accept)GetProcAddress(g_hOpenSSL, "SSL_accept"))
\r
92 || !(pSSL_connect = (_SSL_connect)GetProcAddress(g_hOpenSSL, "SSL_connect"))
\r
93 || !(pSSL_write = (_SSL_write)GetProcAddress(g_hOpenSSL, "SSL_write"))
\r
94 || !(pSSL_peek = (_SSL_peek)GetProcAddress(g_hOpenSSL, "SSL_peek"))
\r
95 || !(pSSL_read = (_SSL_read)GetProcAddress(g_hOpenSSL, "SSL_read"))
\r
96 || !(pSSL_get_error = (_SSL_get_error)GetProcAddress(g_hOpenSSL, "SSL_get_error")))
\r
99 FreeLibrary(g_hOpenSSL);
\r
103 InitializeCriticalSection(&g_OpenSSLLock);
\r
104 pSSL_load_error_strings();
\r
105 pSSL_library_init();
\r
106 SetSSLTimeoutCallback(60000, DefaultSSLTimeoutCallback);
\r
107 g_bOpenSSLLoaded = TRUE;
\r
114 if(!g_bOpenSSLLoaded)
\r
116 EnterCriticalSection(&g_OpenSSLLock);
\r
117 for(i = 0; i < MAX_SSL_SOCKET; i++)
\r
119 if(g_pOpenSSLHandle[i])
\r
121 pSSL_shutdown(g_pOpenSSLHandle[i]);
\r
122 pSSL_free(g_pOpenSSLHandle[i]);
\r
123 g_pOpenSSLHandle[i] = NULL;
\r
127 pSSL_CTX_free(g_pOpenSSLCTX);
\r
128 g_pOpenSSLCTX = NULL;
\r
129 FreeLibrary(g_hOpenSSL);
\r
131 LeaveCriticalSection(&g_OpenSSLLock);
\r
132 DeleteCriticalSection(&g_OpenSSLLock);
\r
133 g_bOpenSSLLoaded = FALSE;
\r
136 BOOL IsOpenSSLLoaded()
\r
138 return g_bOpenSSLLoaded;
\r
141 SSL** GetUnusedSSLPointer()
\r
144 for(i = 0; i < MAX_SSL_SOCKET; i++)
\r
146 if(!g_pOpenSSLHandle[i])
\r
147 return &g_pOpenSSLHandle[i];
\r
152 SSL** FindSSLPointerFromSocket(SOCKET s)
\r
155 for(i = 0; i < MAX_SSL_SOCKET; i++)
\r
157 if(g_pOpenSSLHandle[i])
\r
159 if(pSSL_get_fd(g_pOpenSSLHandle[i]) == s)
\r
160 return &g_pOpenSSLHandle[i];
\r
166 void SetSSLTimeoutCallback(DWORD Timeout, LPSSLTIMEOUTCALLBACK pCallback)
\r
168 if(!g_bOpenSSLLoaded)
\r
170 EnterCriticalSection(&g_OpenSSLLock);
\r
171 g_OpenSSLTimeout = Timeout;
\r
172 g_pOpenSSLTimeoutCallback = pCallback;
\r
173 LeaveCriticalSection(&g_OpenSSLLock);
\r
176 BOOL AttachSSL(SOCKET s)
\r
181 if(!g_bOpenSSLLoaded)
\r
184 Time = timeGetTime();
\r
185 EnterCriticalSection(&g_OpenSSLLock);
\r
187 g_pOpenSSLCTX = pSSL_CTX_new(pSSLv23_method());
\r
190 if(ppSSL = GetUnusedSSLPointer())
\r
192 if(*ppSSL = pSSL_new(g_pOpenSSLCTX))
\r
194 if(pSSL_set_fd(*ppSSL, s) != 0)
\r
197 // SSLのネゴシエーションには時間がかかる場合がある
\r
198 while(pSSL_connect(*ppSSL) != 1)
\r
200 LeaveCriticalSection(&g_OpenSSLLock);
\r
201 if(g_pOpenSSLTimeoutCallback() || timeGetTime() - Time >= g_OpenSSLTimeout)
\r
205 EnterCriticalSection(&g_OpenSSLLock);
\r
208 EnterCriticalSection(&g_OpenSSLLock);
\r
213 LeaveCriticalSection(&g_OpenSSLLock);
\r
215 EnterCriticalSection(&g_OpenSSLLock);
\r
220 LeaveCriticalSection(&g_OpenSSLLock);
\r
224 BOOL DetachSSL(SOCKET s)
\r
228 if(!g_bOpenSSLLoaded)
\r
231 EnterCriticalSection(&g_OpenSSLLock);
\r
232 if(ppSSL = FindSSLPointerFromSocket(s))
\r
234 pSSL_shutdown(*ppSSL);
\r
239 LeaveCriticalSection(&g_OpenSSLLock);
\r
243 BOOL IsSSLAttached(SOCKET s)
\r
246 if(!g_bOpenSSLLoaded)
\r
248 EnterCriticalSection(&g_OpenSSLLock);
\r
249 ppSSL = FindSSLPointerFromSocket(s);
\r
250 LeaveCriticalSection(&g_OpenSSLLock);
\r
256 SOCKET socketS(int af, int type, int protocol)
\r
258 return socket(af, type, protocol);
\r
261 int bindS(SOCKET s, const struct sockaddr *addr, int namelen)
\r
263 return bind(s, addr, namelen);
\r
266 int listenS(SOCKET s, int backlog)
\r
268 return listen(s, backlog);
\r
271 SOCKET acceptS(SOCKET s, struct sockaddr *addr, int *addrlen)
\r
274 r = accept(s, addr, addrlen);
\r
278 return INVALID_SOCKET;
\r
283 int connectS(SOCKET s, const struct sockaddr *name, int namelen)
\r
286 r = connect(s, name, namelen);
\r
288 return SOCKET_ERROR;
\r
292 int closesocketS(SOCKET s)
\r
295 return closesocket(s);
\r
298 int sendS(SOCKET s, const char * buf, int len, int flags)
\r
301 if(!g_bOpenSSLLoaded)
\r
302 return send(s, buf, len, flags);
\r
303 EnterCriticalSection(&g_OpenSSLLock);
\r
304 ppSSL = FindSSLPointerFromSocket(s);
\r
305 LeaveCriticalSection(&g_OpenSSLLock);
\r
307 return send(s, buf, len, flags);
\r
308 return pSSL_write(*ppSSL, buf, len);
\r
311 int recvS(SOCKET s, char * buf, int len, int flags)
\r
314 if(!g_bOpenSSLLoaded)
\r
315 return recv(s, buf, len, flags);
\r
316 EnterCriticalSection(&g_OpenSSLLock);
\r
317 ppSSL = FindSSLPointerFromSocket(s);
\r
318 LeaveCriticalSection(&g_OpenSSLLock);
\r
320 return recv(s, buf, len, flags);
\r
321 if(flags & MSG_PEEK)
\r
322 return pSSL_peek(*ppSSL, buf, len);
\r
323 return pSSL_read(*ppSSL, buf, len);
\r