OSDN Git Service

Fix bugs of corruption on resuming downloading files larger than 4GB.
[ffftp/ffftp.git] / socketwrapper.c
index a819e26..612218e 100644 (file)
-// socketwrapper.c
-// Copyright (C) 2011 Suguru Kawamoto
-// ソケットラッパー
-// socket関連関数をOpenSSL用に置換
-// コンパイルにはOpenSSLのヘッダーファイルが必要
-// 実行にはOpenSSLのDLLが必要
-
-#include <windows.h>
-#include <mmsystem.h>
-#include <openssl/ssl.h>
-
-#include "socketwrapper.h"
-#include "protectprocess.h"
-
-typedef void (__cdecl* _SSL_load_error_strings)();
-typedef int (__cdecl* _SSL_library_init)();
-typedef SSL_METHOD* (__cdecl* _SSLv23_method)();
-typedef SSL_CTX* (__cdecl* _SSL_CTX_new)(SSL_METHOD*);
-typedef void (__cdecl* _SSL_CTX_free)(SSL_CTX*);
-typedef SSL* (__cdecl* _SSL_new)(SSL_CTX*);
-typedef void (__cdecl* _SSL_free)(SSL*);
-typedef int (__cdecl* _SSL_shutdown)(SSL*);
-typedef int (__cdecl* _SSL_get_fd)(SSL*);
-typedef int (__cdecl* _SSL_set_fd)(SSL*, int);
-typedef int (__cdecl* _SSL_accept)(SSL*);
-typedef int (__cdecl* _SSL_connect)(SSL*);
-typedef int (__cdecl* _SSL_write)(SSL*, const void*, int);
-typedef int (__cdecl* _SSL_peek)(SSL*, void*, int);
-typedef int (__cdecl* _SSL_read)(SSL*, void*, int);
-typedef int (__cdecl* _SSL_get_error)(SSL*, int);
-
-_SSL_load_error_strings pSSL_load_error_strings;
-_SSL_library_init pSSL_library_init;
-_SSLv23_method pSSLv23_method;
-_SSL_CTX_new pSSL_CTX_new;
-_SSL_CTX_free pSSL_CTX_free;
-_SSL_new pSSL_new;
-_SSL_free pSSL_free;
-_SSL_shutdown pSSL_shutdown;
-_SSL_get_fd pSSL_get_fd;
-_SSL_set_fd pSSL_set_fd;
-_SSL_accept pSSL_accept;
-_SSL_connect pSSL_connect;
-_SSL_write pSSL_write;
-_SSL_peek pSSL_peek;
-_SSL_read pSSL_read;
-_SSL_get_error pSSL_get_error;
-
-#define MAX_SSL_SOCKET 64
-
-BOOL g_bOpenSSLLoaded;
-HMODULE g_hOpenSSL;
-CRITICAL_SECTION g_OpenSSLLock;
-DWORD g_OpenSSLTimeout;
-LPSSLTIMEOUTCALLBACK g_pOpenSSLTimeoutCallback;
-SSL_CTX* g_pOpenSSLCTX;
-SSL* g_pOpenSSLHandle[MAX_SSL_SOCKET];
-
-BOOL __stdcall DefaultSSLTimeoutCallback()
-{
-       Sleep(100);
-       return FALSE;
-}
-
-BOOL LoadOpenSSL()
-{
-       if(g_bOpenSSLLoaded)
-               return FALSE;
-#ifdef ENABLE_PROCESS_PROTECTION
-       // ssleay32.dll 1.0.0e
-       // libssl32.dll 1.0.0e
-       RegisterTrustedModuleMD5Hash("\x8B\xA3\xB7\xB3\xCE\x2E\x4F\x07\x8C\xB8\x93\x7D\x77\xE1\x09\x3A");
-       // libeay32.dll 1.0.0e
-       RegisterTrustedModuleMD5Hash("\xA6\x4C\xAF\x9E\xF3\xDC\xFC\x68\xAE\xCA\xCC\x61\xD2\xF6\x70\x8B");
-#endif
-       g_hOpenSSL = LoadLibrary("ssleay32.dll");
-       if(!g_hOpenSSL)
-               g_hOpenSSL = LoadLibrary("libssl32.dll");
-       if(!g_hOpenSSL
-               || !(pSSL_load_error_strings = (_SSL_load_error_strings)GetProcAddress(g_hOpenSSL, "SSL_load_error_strings"))
-               || !(pSSL_library_init = (_SSL_library_init)GetProcAddress(g_hOpenSSL, "SSL_library_init"))
-               || !(pSSLv23_method = (_SSLv23_method)GetProcAddress(g_hOpenSSL, "SSLv23_method"))
-               || !(pSSL_CTX_new = (_SSL_CTX_new)GetProcAddress(g_hOpenSSL, "SSL_CTX_new"))
-               || !(pSSL_CTX_free = (_SSL_CTX_free)GetProcAddress(g_hOpenSSL, "SSL_CTX_free"))
-               || !(pSSL_new = (_SSL_new)GetProcAddress(g_hOpenSSL, "SSL_new"))
-               || !(pSSL_free = (_SSL_free)GetProcAddress(g_hOpenSSL, "SSL_free"))
-               || !(pSSL_shutdown = (_SSL_shutdown)GetProcAddress(g_hOpenSSL, "SSL_shutdown"))
-               || !(pSSL_get_fd = (_SSL_get_fd)GetProcAddress(g_hOpenSSL, "SSL_get_fd"))
-               || !(pSSL_set_fd = (_SSL_set_fd)GetProcAddress(g_hOpenSSL, "SSL_set_fd"))
-               || !(pSSL_accept = (_SSL_accept)GetProcAddress(g_hOpenSSL, "SSL_accept"))
-               || !(pSSL_connect = (_SSL_connect)GetProcAddress(g_hOpenSSL, "SSL_connect"))
-               || !(pSSL_write = (_SSL_write)GetProcAddress(g_hOpenSSL, "SSL_write"))
-               || !(pSSL_peek = (_SSL_peek)GetProcAddress(g_hOpenSSL, "SSL_peek"))
-               || !(pSSL_read = (_SSL_read)GetProcAddress(g_hOpenSSL, "SSL_read"))
-               || !(pSSL_get_error = (_SSL_get_error)GetProcAddress(g_hOpenSSL, "SSL_get_error")))
-       {
-               if(g_hOpenSSL)
-                       FreeLibrary(g_hOpenSSL);
-               g_hOpenSSL = NULL;
-               return FALSE;
-       }
-       InitializeCriticalSection(&g_OpenSSLLock);
-       pSSL_load_error_strings();
-       pSSL_library_init();
-       SetSSLTimeoutCallback(60000, DefaultSSLTimeoutCallback);
-       g_bOpenSSLLoaded = TRUE;
-       return TRUE;
-}
-
-void FreeOpenSSL()
-{
-       int i;
-       if(!g_bOpenSSLLoaded)
-               return;
-       EnterCriticalSection(&g_OpenSSLLock);
-       for(i = 0; i < MAX_SSL_SOCKET; i++)
-       {
-               if(g_pOpenSSLHandle[i])
-               {
-                       pSSL_shutdown(g_pOpenSSLHandle[i]);
-                       pSSL_free(g_pOpenSSLHandle[i]);
-                       g_pOpenSSLHandle[i] = NULL;
-               }
-       }
-       if(g_pOpenSSLCTX)
-               pSSL_CTX_free(g_pOpenSSLCTX);
-       g_pOpenSSLCTX = NULL;
-       FreeLibrary(g_hOpenSSL);
-       g_hOpenSSL = NULL;
-       LeaveCriticalSection(&g_OpenSSLLock);
-       DeleteCriticalSection(&g_OpenSSLLock);
-       g_bOpenSSLLoaded = FALSE;
-}
-
-BOOL IsOpenSSLLoaded()
-{
-       return g_bOpenSSLLoaded;
-}
-
-SSL** GetUnusedSSLPointer()
-{
-       int i;
-       for(i = 0; i < MAX_SSL_SOCKET; i++)
-       {
-               if(!g_pOpenSSLHandle[i])
-                       return &g_pOpenSSLHandle[i];
-       }
-       return NULL;
-}
-
-SSL** FindSSLPointerFromSocket(SOCKET s)
-{
-       int i;
-       for(i = 0; i < MAX_SSL_SOCKET; i++)
-       {
-               if(g_pOpenSSLHandle[i])
-               {
-                       if(pSSL_get_fd(g_pOpenSSLHandle[i]) == s)
-                               return &g_pOpenSSLHandle[i];
-               }
-       }
-       return NULL;
-}
-
-void SetSSLTimeoutCallback(DWORD Timeout, LPSSLTIMEOUTCALLBACK pCallback)
-{
-       if(!g_bOpenSSLLoaded)
-               return;
-       EnterCriticalSection(&g_OpenSSLLock);
-       g_OpenSSLTimeout = Timeout;
-       g_pOpenSSLTimeoutCallback = pCallback;
-       LeaveCriticalSection(&g_OpenSSLLock);
-}
-
-BOOL AttachSSL(SOCKET s)
-{
-       BOOL r;
-       DWORD Time;
-       SSL** ppSSL;
-       if(!g_bOpenSSLLoaded)
-               return FALSE;
-       r = FALSE;
-       Time = timeGetTime();
-       EnterCriticalSection(&g_OpenSSLLock);
-       if(!g_pOpenSSLCTX)
-               g_pOpenSSLCTX = pSSL_CTX_new(pSSLv23_method());
-       if(g_pOpenSSLCTX)
-       {
-               if(ppSSL = GetUnusedSSLPointer())
-               {
-                       if(*ppSSL = pSSL_new(g_pOpenSSLCTX))
-                       {
-                               if(pSSL_set_fd(*ppSSL, s) != 0)
-                               {
-                                       r = TRUE;
-                                       // SSLのネゴシエーションには時間がかかる場合がある
-                                       while(pSSL_connect(*ppSSL) != 1)
-                                       {
-                                               LeaveCriticalSection(&g_OpenSSLLock);
-                                               if(g_pOpenSSLTimeoutCallback() || timeGetTime() - Time >= g_OpenSSLTimeout)
-                                               {
-                                                       DetachSSL(s);
-                                                       r = FALSE;
-                                                       EnterCriticalSection(&g_OpenSSLLock);
-                                                       break;
-                                               }
-                                               EnterCriticalSection(&g_OpenSSLLock);
-                                       }
-                               }
-                               else
-                               {
-                                       LeaveCriticalSection(&g_OpenSSLLock);
-                                       DetachSSL(s);
-                                       EnterCriticalSection(&g_OpenSSLLock);
-                               }
-                       }
-               }
-       }
-       LeaveCriticalSection(&g_OpenSSLLock);
-       return r;
-}
-
-BOOL DetachSSL(SOCKET s)
-{
-       BOOL r;
-       SSL** ppSSL;
-       if(!g_bOpenSSLLoaded)
-               return FALSE;
-       r = FALSE;
-       EnterCriticalSection(&g_OpenSSLLock);
-       if(ppSSL = FindSSLPointerFromSocket(s))
-       {
-               pSSL_shutdown(*ppSSL);
-               pSSL_free(*ppSSL);
-               *ppSSL = NULL;
-               r = TRUE;
-       }
-       LeaveCriticalSection(&g_OpenSSLLock);
-       return r;
-}
-
-BOOL IsSSLAttached(SOCKET s)
-{
-       SSL** ppSSL;
-       if(!g_bOpenSSLLoaded)
-               return FALSE;
-       EnterCriticalSection(&g_OpenSSLLock);
-       ppSSL = FindSSLPointerFromSocket(s);
-       LeaveCriticalSection(&g_OpenSSLLock);
-       if(!ppSSL)
-               return TRUE;
-       return TRUE;
-}
-
-SOCKET socketS(int af, int type, int protocol)
-{
-       return socket(af, type, protocol);
-}
-
-int bindS(SOCKET s, const struct sockaddr *addr, int namelen)
-{
-       return bind(s, addr, namelen);
-}
-
-int listenS(SOCKET s, int backlog)
-{
-       return listen(s, backlog);
-}
-
-SOCKET acceptS(SOCKET s, struct sockaddr *addr, int *addrlen)
-{
-       SOCKET r;
-       r = accept(s, addr, addrlen);
-       if(!AttachSSL(r))
-       {
-               closesocket(r);
-               return INVALID_SOCKET;
-       }
-       return r;
-}
-
-int connectS(SOCKET s, const struct sockaddr *name, int namelen)
-{
-       int r;
-       r = connect(s, name, namelen);
-       if(!AttachSSL(r))
-               return SOCKET_ERROR;
-       return r;
-}
-
-int closesocketS(SOCKET s)
-{
-       DetachSSL(s);
-       return closesocket(s);
-}
-
-int sendS(SOCKET s, const char * buf, int len, int flags)
-{
-       SSL** ppSSL;
-       if(!g_bOpenSSLLoaded)
-               return send(s, buf, len, flags);
-       EnterCriticalSection(&g_OpenSSLLock);
-       ppSSL = FindSSLPointerFromSocket(s);
-       LeaveCriticalSection(&g_OpenSSLLock);
-       if(!ppSSL)
-               return send(s, buf, len, flags);
-       return pSSL_write(*ppSSL, buf, len);
-}
-
-int recvS(SOCKET s, char * buf, int len, int flags)
-{
-       SSL** ppSSL;
-       if(!g_bOpenSSLLoaded)
-               return recv(s, buf, len, flags);
-       EnterCriticalSection(&g_OpenSSLLock);
-       ppSSL = FindSSLPointerFromSocket(s);
-       LeaveCriticalSection(&g_OpenSSLLock);
-       if(!ppSSL)
-               return recv(s, buf, len, flags);
-       if(flags & MSG_PEEK)
-               return pSSL_peek(*ppSSL, buf, len);
-       return pSSL_read(*ppSSL, buf, len);
-}
-
+// socketwrapper.c\r
+// Copyright (C) 2011 Suguru Kawamoto\r
+// ソケットラッパー\r
+// socket関連関数をOpenSSL用に置換\r
+// コンパイルにはOpenSSLのヘッダーファイルが必要\r
+// 実行にはOpenSSLのDLLが必要\r
+\r
+#include <windows.h>\r
+#include <mmsystem.h>\r
+#include <openssl/ssl.h>\r
+\r
+#include "socketwrapper.h"\r
+#include "protectprocess.h"\r
+\r
+typedef void (__cdecl* _SSL_load_error_strings)();\r
+typedef int (__cdecl* _SSL_library_init)();\r
+typedef SSL_METHOD* (__cdecl* _SSLv23_method)();\r
+typedef SSL_CTX* (__cdecl* _SSL_CTX_new)(SSL_METHOD*);\r
+typedef void (__cdecl* _SSL_CTX_free)(SSL_CTX*);\r
+typedef SSL* (__cdecl* _SSL_new)(SSL_CTX*);\r
+typedef void (__cdecl* _SSL_free)(SSL*);\r
+typedef int (__cdecl* _SSL_shutdown)(SSL*);\r
+typedef int (__cdecl* _SSL_get_fd)(SSL*);\r
+typedef int (__cdecl* _SSL_set_fd)(SSL*, int);\r
+typedef int (__cdecl* _SSL_accept)(SSL*);\r
+typedef int (__cdecl* _SSL_connect)(SSL*);\r
+typedef int (__cdecl* _SSL_write)(SSL*, const void*, int);\r
+typedef int (__cdecl* _SSL_peek)(SSL*, void*, int);\r
+typedef int (__cdecl* _SSL_read)(SSL*, void*, int);\r
+typedef int (__cdecl* _SSL_get_error)(SSL*, int);\r
+typedef X509* (__cdecl* _SSL_get_peer_certificate)(const SSL*);\r
+typedef long (__cdecl* _SSL_get_verify_result)(const SSL*);\r
+typedef SSL_SESSION* (__cdecl* _SSL_get_session)(SSL*);\r
+typedef int (__cdecl* _SSL_set_session)(SSL*, SSL_SESSION*);\r
+typedef BIO_METHOD* (__cdecl* _BIO_s_mem)();\r
+typedef BIO* (__cdecl* _BIO_new)(BIO_METHOD*);\r
+typedef int (__cdecl* _BIO_free)(BIO*);\r
+typedef long (__cdecl* _BIO_ctrl)(BIO*, int, long, void*);\r
+typedef void (__cdecl* _X509_free)(X509*);\r
+typedef int (__cdecl* _X509_print_ex)(BIO*, X509*, unsigned long, unsigned long);\r
+typedef X509_NAME* (__cdecl* _X509_get_subject_name)(X509*);\r
+typedef int (__cdecl* _X509_NAME_print_ex)(BIO*, X509_NAME*, int, unsigned long);\r
+\r
+_SSL_load_error_strings p_SSL_load_error_strings;\r
+_SSL_library_init p_SSL_library_init;\r
+_SSLv23_method p_SSLv23_method;\r
+_SSL_CTX_new p_SSL_CTX_new;\r
+_SSL_CTX_free p_SSL_CTX_free;\r
+_SSL_new p_SSL_new;\r
+_SSL_free p_SSL_free;\r
+_SSL_shutdown p_SSL_shutdown;\r
+_SSL_get_fd p_SSL_get_fd;\r
+_SSL_set_fd p_SSL_set_fd;\r
+_SSL_accept p_SSL_accept;\r
+_SSL_connect p_SSL_connect;\r
+_SSL_write p_SSL_write;\r
+_SSL_peek p_SSL_peek;\r
+_SSL_read p_SSL_read;\r
+_SSL_get_error p_SSL_get_error;\r
+_SSL_get_peer_certificate p_SSL_get_peer_certificate;\r
+_SSL_get_verify_result p_SSL_get_verify_result;\r
+_SSL_get_session p_SSL_get_session;\r
+_SSL_set_session p_SSL_set_session;\r
+_BIO_s_mem p_BIO_s_mem;\r
+_BIO_new p_BIO_new;\r
+_BIO_free p_BIO_free;\r
+_BIO_ctrl p_BIO_ctrl;\r
+_X509_free p_X509_free;\r
+_X509_print_ex p_X509_print_ex;\r
+_X509_get_subject_name p_X509_get_subject_name;\r
+_X509_NAME_print_ex p_X509_NAME_print_ex;\r
+\r
+#define MAX_SSL_SOCKET 64\r
+\r
+BOOL g_bOpenSSLLoaded;\r
+HMODULE g_hOpenSSL;\r
+HMODULE g_hOpenSSLCommon;\r
+CRITICAL_SECTION g_OpenSSLLock;\r
+DWORD g_OpenSSLTimeout;\r
+LPSSLTIMEOUTCALLBACK g_pOpenSSLTimeoutCallback;\r
+LPSSLCONFIRMCALLBACK g_pOpenSSLConfirmCallback;\r
+SSL_CTX* g_pOpenSSLCTX;\r
+SSL* g_pOpenSSLHandle[MAX_SSL_SOCKET];\r
+\r
+BOOL __stdcall DefaultSSLTimeoutCallback()\r
+{\r
+       Sleep(100);\r
+       return FALSE;\r
+}\r
+\r
+BOOL __stdcall DefaultSSLConfirmCallback(BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName)\r
+{\r
+       return bVerified;\r
+}\r
+\r
+BOOL LoadOpenSSL()\r
+{\r
+       if(g_bOpenSSLLoaded)\r
+               return FALSE;\r
+#ifdef ENABLE_PROCESS_PROTECTION\r
+       // 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること\r
+       // ssleay32.dll 1.0.0e\r
+       // libssl32.dll 1.0.0e\r
+       RegisterTrustedModuleSHA1Hash("\x4E\xB7\xA0\x22\x14\x4B\x58\x6D\xBC\xF5\x21\x0D\x96\x78\x0D\x79\x7D\x66\xB2\xB0");\r
+       // libeay32.dll 1.0.0e\r
+       RegisterTrustedModuleSHA1Hash("\x01\x32\x7A\xAE\x69\x26\xE6\x58\xC7\x63\x22\x1E\x53\x5A\x78\xBC\x61\xC7\xB5\xC1");\r
+#endif\r
+       g_hOpenSSL = LoadLibrary("ssleay32.dll");\r
+       if(!g_hOpenSSL)\r
+               g_hOpenSSL = LoadLibrary("libssl32.dll");\r
+       if(!g_hOpenSSL\r
+               || !(p_SSL_load_error_strings = (_SSL_load_error_strings)GetProcAddress(g_hOpenSSL, "SSL_load_error_strings"))\r
+               || !(p_SSL_library_init = (_SSL_library_init)GetProcAddress(g_hOpenSSL, "SSL_library_init"))\r
+               || !(p_SSLv23_method = (_SSLv23_method)GetProcAddress(g_hOpenSSL, "SSLv23_method"))\r
+               || !(p_SSL_CTX_new = (_SSL_CTX_new)GetProcAddress(g_hOpenSSL, "SSL_CTX_new"))\r
+               || !(p_SSL_CTX_free = (_SSL_CTX_free)GetProcAddress(g_hOpenSSL, "SSL_CTX_free"))\r
+               || !(p_SSL_new = (_SSL_new)GetProcAddress(g_hOpenSSL, "SSL_new"))\r
+               || !(p_SSL_free = (_SSL_free)GetProcAddress(g_hOpenSSL, "SSL_free"))\r
+               || !(p_SSL_shutdown = (_SSL_shutdown)GetProcAddress(g_hOpenSSL, "SSL_shutdown"))\r
+               || !(p_SSL_get_fd = (_SSL_get_fd)GetProcAddress(g_hOpenSSL, "SSL_get_fd"))\r
+               || !(p_SSL_set_fd = (_SSL_set_fd)GetProcAddress(g_hOpenSSL, "SSL_set_fd"))\r
+               || !(p_SSL_accept = (_SSL_accept)GetProcAddress(g_hOpenSSL, "SSL_accept"))\r
+               || !(p_SSL_connect = (_SSL_connect)GetProcAddress(g_hOpenSSL, "SSL_connect"))\r
+               || !(p_SSL_write = (_SSL_write)GetProcAddress(g_hOpenSSL, "SSL_write"))\r
+               || !(p_SSL_peek = (_SSL_peek)GetProcAddress(g_hOpenSSL, "SSL_peek"))\r
+               || !(p_SSL_read = (_SSL_read)GetProcAddress(g_hOpenSSL, "SSL_read"))\r
+               || !(p_SSL_get_error = (_SSL_get_error)GetProcAddress(g_hOpenSSL, "SSL_get_error"))\r
+               || !(p_SSL_get_peer_certificate = (_SSL_get_peer_certificate)GetProcAddress(g_hOpenSSL, "SSL_get_peer_certificate"))\r
+               || !(p_SSL_get_verify_result = (_SSL_get_verify_result)GetProcAddress(g_hOpenSSL, "SSL_get_verify_result"))\r
+               || !(p_SSL_get_session = (_SSL_get_session)GetProcAddress(g_hOpenSSL, "SSL_get_session"))\r
+               || !(p_SSL_set_session = (_SSL_set_session)GetProcAddress(g_hOpenSSL, "SSL_set_session")))\r
+       {\r
+               if(g_hOpenSSL)\r
+                       FreeLibrary(g_hOpenSSL);\r
+               g_hOpenSSL = NULL;\r
+               return FALSE;\r
+       }\r
+       g_hOpenSSLCommon = LoadLibrary("libeay32.dll");\r
+       if(!g_hOpenSSLCommon\r
+               || !(p_BIO_s_mem = (_BIO_s_mem)GetProcAddress(g_hOpenSSLCommon, "BIO_s_mem"))\r
+               || !(p_BIO_new = (_BIO_new)GetProcAddress(g_hOpenSSLCommon, "BIO_new"))\r
+               || !(p_BIO_free = (_BIO_free)GetProcAddress(g_hOpenSSLCommon, "BIO_free"))\r
+               || !(p_BIO_ctrl = (_BIO_ctrl)GetProcAddress(g_hOpenSSLCommon, "BIO_ctrl"))\r
+               || !(p_X509_free = (_X509_free)GetProcAddress(g_hOpenSSLCommon, "X509_free"))\r
+               || !(p_X509_print_ex = (_X509_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_print_ex"))\r
+               || !(p_X509_get_subject_name = (_X509_get_subject_name)GetProcAddress(g_hOpenSSLCommon, "X509_get_subject_name"))\r
+               || !(p_X509_NAME_print_ex = (_X509_NAME_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_NAME_print_ex")))\r
+       {\r
+               if(g_hOpenSSL)\r
+                       FreeLibrary(g_hOpenSSL);\r
+               g_hOpenSSL = NULL;\r
+               if(g_hOpenSSLCommon)\r
+                       FreeLibrary(g_hOpenSSLCommon);\r
+               g_hOpenSSLCommon = NULL;\r
+               return FALSE;\r
+       }\r
+       InitializeCriticalSection(&g_OpenSSLLock);\r
+       p_SSL_load_error_strings();\r
+       p_SSL_library_init();\r
+       SetSSLTimeoutCallback(60000, DefaultSSLTimeoutCallback);\r
+       SetSSLConfirmCallback(DefaultSSLConfirmCallback);\r
+       g_bOpenSSLLoaded = TRUE;\r
+       return TRUE;\r
+}\r
+\r
+void FreeOpenSSL()\r
+{\r
+       int i;\r
+       if(!g_bOpenSSLLoaded)\r
+               return;\r
+       EnterCriticalSection(&g_OpenSSLLock);\r
+       for(i = 0; i < MAX_SSL_SOCKET; i++)\r
+       {\r
+               if(g_pOpenSSLHandle[i])\r
+               {\r
+                       p_SSL_shutdown(g_pOpenSSLHandle[i]);\r
+                       p_SSL_free(g_pOpenSSLHandle[i]);\r
+                       g_pOpenSSLHandle[i] = NULL;\r
+               }\r
+       }\r
+       if(g_pOpenSSLCTX)\r
+               p_SSL_CTX_free(g_pOpenSSLCTX);\r
+       g_pOpenSSLCTX = NULL;\r
+       FreeLibrary(g_hOpenSSL);\r
+       g_hOpenSSL = NULL;\r
+       FreeLibrary(g_hOpenSSLCommon);\r
+       g_hOpenSSLCommon = NULL;\r
+       LeaveCriticalSection(&g_OpenSSLLock);\r
+       DeleteCriticalSection(&g_OpenSSLLock);\r
+       g_bOpenSSLLoaded = FALSE;\r
+}\r
+\r
+BOOL IsOpenSSLLoaded()\r
+{\r
+       return g_bOpenSSLLoaded;\r
+}\r
+\r
+SSL** GetUnusedSSLPointer()\r
+{\r
+       int i;\r
+       for(i = 0; i < MAX_SSL_SOCKET; i++)\r
+       {\r
+               if(!g_pOpenSSLHandle[i])\r
+                       return &g_pOpenSSLHandle[i];\r
+       }\r
+       return NULL;\r
+}\r
+\r
+SSL** FindSSLPointerFromSocket(SOCKET s)\r
+{\r
+       int i;\r
+       for(i = 0; i < MAX_SSL_SOCKET; i++)\r
+       {\r
+               if(g_pOpenSSLHandle[i])\r
+               {\r
+                       if(p_SSL_get_fd(g_pOpenSSLHandle[i]) == s)\r
+                               return &g_pOpenSSLHandle[i];\r
+               }\r
+       }\r
+       return NULL;\r
+}\r
+\r
+BOOL ConfirmSSLCertificate(SSL* pSSL)\r
+{\r
+       BOOL bResult;\r
+       BOOL bVerified;\r
+       char* pData;\r
+       char* pSubject;\r
+       X509* pX509;\r
+       BIO* pBIO;\r
+       long Length;\r
+       char* pBuffer;\r
+       char* pCN;\r
+       char* p;\r
+       bResult = FALSE;\r
+       bVerified = FALSE;\r
+       pData = NULL;\r
+       pSubject = NULL;\r
+       if(pX509 = p_SSL_get_peer_certificate(pSSL))\r
+       {\r
+               if(pBIO = p_BIO_new(p_BIO_s_mem()))\r
+               {\r
+                       p_X509_print_ex(pBIO, pX509, 0, XN_FLAG_RFC2253);\r
+                       if((Length = p_BIO_ctrl(pBIO, BIO_CTRL_INFO, 0, &pBuffer)) > 0)\r
+                       {\r
+                               if(pData = (char*)malloc(Length + sizeof(char)))\r
+                               {\r
+                                       memcpy(pData, pBuffer, Length);\r
+                                       *(char*)((size_t)pData + Length) = '\0';\r
+                               }\r
+                       }\r
+                       p_BIO_free(pBIO);\r
+               }\r
+               if(pBIO = p_BIO_new(p_BIO_s_mem()))\r
+               {\r
+                       p_X509_NAME_print_ex(pBIO, p_X509_get_subject_name(pX509), 0, XN_FLAG_RFC2253);\r
+                       if((Length = p_BIO_ctrl(pBIO, BIO_CTRL_INFO, 0, &pBuffer)) > 0)\r
+                       {\r
+                               if(pSubject = (char*)malloc(Length + sizeof(char)))\r
+                               {\r
+                                       memcpy(pSubject, pBuffer, Length);\r
+                                       *(char*)((size_t)pSubject + Length) = '\0';\r
+                               }\r
+                       }\r
+                       p_BIO_free(pBIO);\r
+               }\r
+               p_X509_free(pX509);\r
+       }\r
+       if(p_SSL_get_verify_result(pSSL) == X509_V_OK)\r
+               bVerified = TRUE;\r
+       pCN = pSubject;\r
+       while(pCN)\r
+       {\r
+               if(strncmp(pCN, "CN=", strlen("CN=")) == 0)\r
+               {\r
+                       pCN += strlen("CN=");\r
+                       if(p = strchr(pCN, ','))\r
+                               *p = '\0';\r
+                       break;\r
+               }\r
+               if(pCN = strchr(pCN, ','))\r
+                       pCN++;\r
+       }\r
+       bResult = g_pOpenSSLConfirmCallback(bVerified, pData, pCN);\r
+       if(pData)\r
+               free(pData);\r
+       if(pSubject)\r
+               free(pSubject);\r
+       return bResult;\r
+}\r
+\r
+void SetSSLTimeoutCallback(DWORD Timeout, LPSSLTIMEOUTCALLBACK pCallback)\r
+{\r
+       if(!g_bOpenSSLLoaded)\r
+               return;\r
+       EnterCriticalSection(&g_OpenSSLLock);\r
+       g_OpenSSLTimeout = Timeout;\r
+       g_pOpenSSLTimeoutCallback = pCallback;\r
+       LeaveCriticalSection(&g_OpenSSLLock);\r
+}\r
+\r
+void SetSSLConfirmCallback(LPSSLCONFIRMCALLBACK pCallback)\r
+{\r
+       if(!g_bOpenSSLLoaded)\r
+               return;\r
+       EnterCriticalSection(&g_OpenSSLLock);\r
+       g_pOpenSSLConfirmCallback = pCallback;\r
+       LeaveCriticalSection(&g_OpenSSLLock);\r
+}\r
+\r
+BOOL IsHostNameMatched(LPCSTR HostName, LPCSTR CommonName)\r
+{\r
+       BOOL bResult;\r
+       char* pAsterisk;\r
+       bResult = FALSE;\r
+       if(HostName && CommonName)\r
+       {\r
+               if(pAsterisk = strchr(CommonName, '*'))\r
+               {\r
+                       if(_strnicmp(HostName, CommonName, ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char)) == 0)\r
+                       {\r
+                               while(*pAsterisk == '*')\r
+                               {\r
+                                       pAsterisk++;\r
+                               }\r
+                               if(_stricmp(HostName + strlen(HostName) - strlen(pAsterisk), pAsterisk) == 0)\r
+                                       bResult = TRUE;\r
+                       }\r
+               }\r
+               else if(_stricmp(HostName, CommonName) == 0)\r
+                       bResult = TRUE;\r
+       }\r
+       return bResult;\r
+}\r
+\r
+BOOL AttachSSL(SOCKET s, SOCKET parent)\r
+{\r
+       BOOL r;\r
+       DWORD Time;\r
+       SSL** ppSSL;\r
+       SSL** ppSSLParent;\r
+       SSL_SESSION* pSession;\r
+       int Return;\r
+       int Error;\r
+       if(!g_bOpenSSLLoaded)\r
+               return FALSE;\r
+       r = FALSE;\r
+       Time = timeGetTime();\r
+       EnterCriticalSection(&g_OpenSSLLock);\r
+       if(!g_pOpenSSLCTX)\r
+               g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+       if(g_pOpenSSLCTX)\r
+       {\r
+               if(ppSSL = GetUnusedSSLPointer())\r
+               {\r
+                       if(*ppSSL = p_SSL_new(g_pOpenSSLCTX))\r
+                       {\r
+                               if(p_SSL_set_fd(*ppSSL, s) != 0)\r
+                               {\r
+                                       if(parent != INVALID_SOCKET)\r
+                                       {\r
+                                               if(ppSSLParent = FindSSLPointerFromSocket(parent))\r
+                                               {\r
+                                                       if(pSession = p_SSL_get_session(*ppSSLParent))\r
+                                                       {\r
+                                                               if(p_SSL_set_session(*ppSSL, pSession) == 1)\r
+                                                               {\r
+                                                               }\r
+                                                       }\r
+                                               }\r
+                                       }\r
+                                       // SSLのネゴシエーションには時間がかかる場合がある\r
+                                       r = TRUE;\r
+                                       while(r)\r
+                                       {\r
+                                               Return = p_SSL_connect(*ppSSL);\r
+                                               if(Return == 1)\r
+                                                       break;\r
+                                               Error = p_SSL_get_error(*ppSSL, Return);\r
+                                               if(Error == SSL_ERROR_WANT_READ || Error == SSL_ERROR_WANT_WRITE)\r
+                                               {\r
+                                                       LeaveCriticalSection(&g_OpenSSLLock);\r
+                                                       if(g_pOpenSSLTimeoutCallback() || (g_OpenSSLTimeout > 0 && timeGetTime() - Time >= g_OpenSSLTimeout))\r
+                                                               r = FALSE;\r
+                                                       EnterCriticalSection(&g_OpenSSLLock);\r
+                                               }\r
+                                               else\r
+                                                       r = FALSE;\r
+                                       }\r
+                                       if(r)\r
+                                       {\r
+                                               if(ConfirmSSLCertificate(*ppSSL))\r
+                                               {\r
+                                               }\r
+                                               else\r
+                                               {\r
+                                                       LeaveCriticalSection(&g_OpenSSLLock);\r
+                                                       DetachSSL(s);\r
+                                                       r = FALSE;\r
+                                                       EnterCriticalSection(&g_OpenSSLLock);\r
+                                               }\r
+                                       }\r
+                                       else\r
+                                       {\r
+                                               LeaveCriticalSection(&g_OpenSSLLock);\r
+                                               DetachSSL(s);\r
+                                               EnterCriticalSection(&g_OpenSSLLock);\r
+                                       }\r
+                               }\r
+                               else\r
+                               {\r
+                                       LeaveCriticalSection(&g_OpenSSLLock);\r
+                                       DetachSSL(s);\r
+                                       EnterCriticalSection(&g_OpenSSLLock);\r
+                               }\r
+                       }\r
+               }\r
+       }\r
+       LeaveCriticalSection(&g_OpenSSLLock);\r
+       return r;\r
+}\r
+\r
+BOOL DetachSSL(SOCKET s)\r
+{\r
+       BOOL r;\r
+       SSL** ppSSL;\r
+       if(!g_bOpenSSLLoaded)\r
+               return FALSE;\r
+       r = FALSE;\r
+       EnterCriticalSection(&g_OpenSSLLock);\r
+       if(ppSSL = FindSSLPointerFromSocket(s))\r
+       {\r
+               p_SSL_shutdown(*ppSSL);\r
+               p_SSL_free(*ppSSL);\r
+               *ppSSL = NULL;\r
+               r = TRUE;\r
+       }\r
+       LeaveCriticalSection(&g_OpenSSLLock);\r
+       return r;\r
+}\r
+\r
+BOOL IsSSLAttached(SOCKET s)\r
+{\r
+       SSL** ppSSL;\r
+       if(!g_bOpenSSLLoaded)\r
+               return FALSE;\r
+       EnterCriticalSection(&g_OpenSSLLock);\r
+       ppSSL = FindSSLPointerFromSocket(s);\r
+       LeaveCriticalSection(&g_OpenSSLLock);\r
+       if(!ppSSL)\r
+               return FALSE;\r
+       return TRUE;\r
+}\r
+\r
+SOCKET socketS(int af, int type, int protocol)\r
+{\r
+       return socket(af, type, protocol);\r
+}\r
+\r
+int bindS(SOCKET s, const struct sockaddr *addr, int namelen)\r
+{\r
+       return bind(s, addr, namelen);\r
+}\r
+\r
+int listenS(SOCKET s, int backlog)\r
+{\r
+       return listen(s, backlog);\r
+}\r
+\r
+SOCKET acceptS(SOCKET s, struct sockaddr *addr, int *addrlen)\r
+{\r
+       SOCKET r;\r
+       r = accept(s, addr, addrlen);\r
+       if(!AttachSSL(r, INVALID_SOCKET))\r
+       {\r
+               closesocket(r);\r
+               return INVALID_SOCKET;\r
+       }\r
+       return r;\r
+}\r
+\r
+int connectS(SOCKET s, const struct sockaddr *name, int namelen)\r
+{\r
+       int r;\r
+       r = connect(s, name, namelen);\r
+       if(!AttachSSL(r, INVALID_SOCKET))\r
+               return SOCKET_ERROR;\r
+       return r;\r
+}\r
+\r
+int closesocketS(SOCKET s)\r
+{\r
+       DetachSSL(s);\r
+       return closesocket(s);\r
+}\r
+\r
+int sendS(SOCKET s, const char * buf, int len, int flags)\r
+{\r
+       SSL** ppSSL;\r
+       if(!g_bOpenSSLLoaded)\r
+               return send(s, buf, len, flags);\r
+       EnterCriticalSection(&g_OpenSSLLock);\r
+       ppSSL = FindSSLPointerFromSocket(s);\r
+       LeaveCriticalSection(&g_OpenSSLLock);\r
+       if(!ppSSL)\r
+               return send(s, buf, len, flags);\r
+       return p_SSL_write(*ppSSL, buf, len);\r
+}\r
+\r
+int recvS(SOCKET s, char * buf, int len, int flags)\r
+{\r
+       SSL** ppSSL;\r
+       if(!g_bOpenSSLLoaded)\r
+               return recv(s, buf, len, flags);\r
+       EnterCriticalSection(&g_OpenSSLLock);\r
+       ppSSL = FindSSLPointerFromSocket(s);\r
+       LeaveCriticalSection(&g_OpenSSLLock);\r
+       if(!ppSSL)\r
+               return recv(s, buf, len, flags);\r
+       if(flags & MSG_PEEK)\r
+               return p_SSL_peek(*ppSSL, buf, len);\r
+       return p_SSL_read(*ppSSL, buf, len);\r
+}\r
+\r