-// socketwrapper.c
-// Copyright (C) 2011 Suguru Kawamoto
-// ソケットラッパー
-// socket関連関数をOpenSSL用に置換
-// コンパイルにはOpenSSLのヘッダーファイルが必要
-// 実行にはOpenSSLのDLLが必要
-
-#define _WIN32_WINNT 0x0600
-
-#include <windows.h>
-#include <mmsystem.h>
-#include <openssl/ssl.h>
-
-#include "socketwrapper.h"
-#include "protectprocess.h"
-
-typedef void (__cdecl* _SSL_load_error_strings)();
-typedef int (__cdecl* _SSL_library_init)();
-typedef SSL_METHOD* (__cdecl* _SSLv23_method)();
-typedef SSL_CTX* (__cdecl* _SSL_CTX_new)(SSL_METHOD*);
-typedef void (__cdecl* _SSL_CTX_free)(SSL_CTX*);
-typedef SSL* (__cdecl* _SSL_new)(SSL_CTX*);
-typedef void (__cdecl* _SSL_free)(SSL*);
-typedef int (__cdecl* _SSL_shutdown)(SSL*);
-typedef int (__cdecl* _SSL_get_fd)(SSL*);
-typedef int (__cdecl* _SSL_set_fd)(SSL*, int);
-typedef int (__cdecl* _SSL_accept)(SSL*);
-typedef int (__cdecl* _SSL_connect)(SSL*);
-typedef int (__cdecl* _SSL_write)(SSL*, const void*, int);
-typedef int (__cdecl* _SSL_peek)(SSL*, void*, int);
-typedef int (__cdecl* _SSL_read)(SSL*, void*, int);
-typedef int (__cdecl* _SSL_get_error)(SSL*, int);
-
-_SSL_load_error_strings pSSL_load_error_strings;
-_SSL_library_init pSSL_library_init;
-_SSLv23_method pSSLv23_method;
-_SSL_CTX_new pSSL_CTX_new;
-_SSL_CTX_free pSSL_CTX_free;
-_SSL_new pSSL_new;
-_SSL_free pSSL_free;
-_SSL_shutdown pSSL_shutdown;
-_SSL_get_fd pSSL_get_fd;
-_SSL_set_fd pSSL_set_fd;
-_SSL_accept pSSL_accept;
-_SSL_connect pSSL_connect;
-_SSL_write pSSL_write;
-_SSL_peek pSSL_peek;
-_SSL_read pSSL_read;
-_SSL_get_error pSSL_get_error;
-
-#define MAX_SSL_SOCKET 64
-
-BOOL g_bOpenSSLLoaded;
-HMODULE g_hOpenSSL;
-CRITICAL_SECTION g_OpenSSLLock;
-DWORD g_OpenSSLTimeout;
-LPSSLTIMEOUTCALLBACK g_pOpenSSLTimeoutCallback;
-SSL_CTX* g_pOpenSSLCTX;
-SSL* g_pOpenSSLHandle[MAX_SSL_SOCKET];
-
-BOOL __stdcall DefaultSSLTimeoutCallback()
-{
- Sleep(100);
- return FALSE;
-}
-
-BOOL LoadOpenSSL()
-{
- if(g_bOpenSSLLoaded)
- return FALSE;
-#ifdef ENABLE_PROCESS_PROTECTION
- // ssleay32.dll 1.0.0e
- // libssl32.dll 1.0.0e
- RegisterModuleMD5Hash("\x8B\xA3\xB7\xB3\xCE\x2E\x4F\x07\x8C\xB8\x93\x7D\x77\xE1\x09\x3A");
- // libeay32.dll 1.0.0e
- RegisterModuleMD5Hash("\xA6\x4C\xAF\x9E\xF3\xDC\xFC\x68\xAE\xCA\xCC\x61\xD2\xF6\x70\x8B");
-#endif
- g_hOpenSSL = LoadLibrary("ssleay32.dll");
- if(!g_hOpenSSL)
- g_hOpenSSL = LoadLibrary("libssl32.dll");
- if(!g_hOpenSSL
- || !(pSSL_load_error_strings = (_SSL_load_error_strings)GetProcAddress(g_hOpenSSL, "SSL_load_error_strings"))
- || !(pSSL_library_init = (_SSL_library_init)GetProcAddress(g_hOpenSSL, "SSL_library_init"))
- || !(pSSLv23_method = (_SSLv23_method)GetProcAddress(g_hOpenSSL, "SSLv23_method"))
- || !(pSSL_CTX_new = (_SSL_CTX_new)GetProcAddress(g_hOpenSSL, "SSL_CTX_new"))
- || !(pSSL_CTX_free = (_SSL_CTX_free)GetProcAddress(g_hOpenSSL, "SSL_CTX_free"))
- || !(pSSL_new = (_SSL_new)GetProcAddress(g_hOpenSSL, "SSL_new"))
- || !(pSSL_free = (_SSL_free)GetProcAddress(g_hOpenSSL, "SSL_free"))
- || !(pSSL_shutdown = (_SSL_shutdown)GetProcAddress(g_hOpenSSL, "SSL_shutdown"))
- || !(pSSL_get_fd = (_SSL_get_fd)GetProcAddress(g_hOpenSSL, "SSL_get_fd"))
- || !(pSSL_set_fd = (_SSL_set_fd)GetProcAddress(g_hOpenSSL, "SSL_set_fd"))
- || !(pSSL_accept = (_SSL_accept)GetProcAddress(g_hOpenSSL, "SSL_accept"))
- || !(pSSL_connect = (_SSL_connect)GetProcAddress(g_hOpenSSL, "SSL_connect"))
- || !(pSSL_write = (_SSL_write)GetProcAddress(g_hOpenSSL, "SSL_write"))
- || !(pSSL_peek = (_SSL_peek)GetProcAddress(g_hOpenSSL, "SSL_peek"))
- || !(pSSL_read = (_SSL_read)GetProcAddress(g_hOpenSSL, "SSL_read"))
- || !(pSSL_get_error = (_SSL_get_error)GetProcAddress(g_hOpenSSL, "SSL_get_error")))
- {
- if(g_hOpenSSL)
- FreeLibrary(g_hOpenSSL);
- g_hOpenSSL = NULL;
- return FALSE;
- }
- InitializeCriticalSection(&g_OpenSSLLock);
- pSSL_load_error_strings();
- pSSL_library_init();
- SetSSLTimeoutCallback(60000, DefaultSSLTimeoutCallback);
- g_bOpenSSLLoaded = TRUE;
- return TRUE;
-}
-
-void FreeOpenSSL()
-{
- int i;
- if(!g_bOpenSSLLoaded)
- return;
- EnterCriticalSection(&g_OpenSSLLock);
- for(i = 0; i < MAX_SSL_SOCKET; i++)
- {
- if(g_pOpenSSLHandle[i])
- {
- pSSL_shutdown(g_pOpenSSLHandle[i]);
- pSSL_free(g_pOpenSSLHandle[i]);
- g_pOpenSSLHandle[i] = NULL;
- }
- }
- if(g_pOpenSSLCTX)
- pSSL_CTX_free(g_pOpenSSLCTX);
- g_pOpenSSLCTX = NULL;
- FreeLibrary(g_hOpenSSL);
- g_hOpenSSL = NULL;
- LeaveCriticalSection(&g_OpenSSLLock);
- DeleteCriticalSection(&g_OpenSSLLock);
- g_bOpenSSLLoaded = FALSE;
-}
-
-BOOL IsOpenSSLLoaded()
-{
- return g_bOpenSSLLoaded;
-}
-
-SSL** GetUnusedSSLPointer()
-{
- int i;
- for(i = 0; i < MAX_SSL_SOCKET; i++)
- {
- if(!g_pOpenSSLHandle[i])
- return &g_pOpenSSLHandle[i];
- }
- return NULL;
-}
-
-SSL** FindSSLPointerFromSocket(SOCKET s)
-{
- int i;
- for(i = 0; i < MAX_SSL_SOCKET; i++)
- {
- if(g_pOpenSSLHandle[i])
- {
- if(pSSL_get_fd(g_pOpenSSLHandle[i]) == s)
- return &g_pOpenSSLHandle[i];
- }
- }
- return NULL;
-}
-
-void SetSSLTimeoutCallback(DWORD Timeout, LPSSLTIMEOUTCALLBACK pCallback)
-{
- if(!g_bOpenSSLLoaded)
- return;
- EnterCriticalSection(&g_OpenSSLLock);
- g_OpenSSLTimeout = Timeout;
- g_pOpenSSLTimeoutCallback = pCallback;
- LeaveCriticalSection(&g_OpenSSLLock);
-}
-
-BOOL AttachSSL(SOCKET s)
-{
- BOOL r;
- DWORD Time;
- SSL** ppSSL;
- if(!g_bOpenSSLLoaded)
- return FALSE;
- r = FALSE;
- Time = timeGetTime();
- EnterCriticalSection(&g_OpenSSLLock);
- if(!g_pOpenSSLCTX)
- g_pOpenSSLCTX = pSSL_CTX_new(pSSLv23_method());
- if(g_pOpenSSLCTX)
- {
- if(ppSSL = GetUnusedSSLPointer())
- {
- if(*ppSSL = pSSL_new(g_pOpenSSLCTX))
- {
- if(pSSL_set_fd(*ppSSL, s) != 0)
- {
- r = TRUE;
- // SSLのネゴシエーションには時間がかかる場合がある
- while(pSSL_connect(*ppSSL) != 1)
- {
- LeaveCriticalSection(&g_OpenSSLLock);
- if(g_pOpenSSLTimeoutCallback() || timeGetTime() - Time >= g_OpenSSLTimeout)
- {
- DetachSSL(s);
- r = FALSE;
- EnterCriticalSection(&g_OpenSSLLock);
- break;
- }
- EnterCriticalSection(&g_OpenSSLLock);
- }
- }
- else
- {
- LeaveCriticalSection(&g_OpenSSLLock);
- DetachSSL(s);
- EnterCriticalSection(&g_OpenSSLLock);
- }
- }
- }
- }
- LeaveCriticalSection(&g_OpenSSLLock);
- return r;
-}
-
-BOOL DetachSSL(SOCKET s)
-{
- BOOL r;
- SSL** ppSSL;
- if(!g_bOpenSSLLoaded)
- return FALSE;
- r = FALSE;
- EnterCriticalSection(&g_OpenSSLLock);
- if(ppSSL = FindSSLPointerFromSocket(s))
- {
- pSSL_shutdown(*ppSSL);
- pSSL_free(*ppSSL);
- *ppSSL = NULL;
- r = TRUE;
- }
- LeaveCriticalSection(&g_OpenSSLLock);
- return r;
-}
-
-BOOL IsSSLAttached(SOCKET s)
-{
- SSL** ppSSL;
- if(!g_bOpenSSLLoaded)
- return FALSE;
- EnterCriticalSection(&g_OpenSSLLock);
- ppSSL = FindSSLPointerFromSocket(s);
- LeaveCriticalSection(&g_OpenSSLLock);
- if(!ppSSL)
- return TRUE;
- return TRUE;
-}
-
-SOCKET socketS(int af, int type, int protocol)
-{
- return socket(af, type, protocol);
-}
-
-int bindS(SOCKET s, const struct sockaddr *addr, int namelen)
-{
- return bind(s, addr, namelen);
-}
-
-int listenS(SOCKET s, int backlog)
-{
- return listen(s, backlog);
-}
-
-SOCKET acceptS(SOCKET s, struct sockaddr *addr, int *addrlen)
-{
- SOCKET r;
- r = accept(s, addr, addrlen);
- if(!AttachSSL(r))
- {
- closesocket(r);
- return INVALID_SOCKET;
- }
- return r;
-}
-
-int connectS(SOCKET s, const struct sockaddr *name, int namelen)
-{
- int r;
- r = connect(s, name, namelen);
- if(!AttachSSL(r))
- return SOCKET_ERROR;
- return r;
-}
-
-int closesocketS(SOCKET s)
-{
- DetachSSL(s);
- return closesocket(s);
-}
-
-int sendS(SOCKET s, const char * buf, int len, int flags)
-{
- SSL** ppSSL;
- if(!g_bOpenSSLLoaded)
- return send(s, buf, len, flags);
- EnterCriticalSection(&g_OpenSSLLock);
- ppSSL = FindSSLPointerFromSocket(s);
- LeaveCriticalSection(&g_OpenSSLLock);
- if(!ppSSL)
- return send(s, buf, len, flags);
- return pSSL_write(*ppSSL, buf, len);
-}
-
-int recvS(SOCKET s, char * buf, int len, int flags)
-{
- SSL** ppSSL;
- if(!g_bOpenSSLLoaded)
- return recv(s, buf, len, flags);
- EnterCriticalSection(&g_OpenSSLLock);
- ppSSL = FindSSLPointerFromSocket(s);
- LeaveCriticalSection(&g_OpenSSLLock);
- if(!ppSSL)
- return recv(s, buf, len, flags);
- if(flags & MSG_PEEK)
- return pSSL_peek(*ppSSL, buf, len);
- return pSSL_read(*ppSSL, buf, len);
-}
-
+// socketwrapper.c\r
+// Copyright (C) 2011 Suguru Kawamoto\r
+// ソケットラッパー\r
+// socket関連関数をOpenSSL用に置換\r
+// socket関連関数のIPv6対応\r
+// コンパイルにはOpenSSLのヘッダーファイルが必要\r
+// 実行にはOpenSSLのDLLが必要\r
+\r
+#include <ws2tcpip.h>\r
+#include <windows.h>\r
+#include <mmsystem.h>\r
+#include <openssl/ssl.h>\r
+\r
+#include "socketwrapper.h"\r
+#include "protectprocess.h"\r
+#include "mbswrapper.h"\r
+#include "punycode.h"\r
+\r
+// FTPS対応\r
+\r
+typedef void (__cdecl* _SSL_load_error_strings)();\r
+typedef int (__cdecl* _SSL_library_init)();\r
+typedef SSL_METHOD* (__cdecl* _SSLv23_method)();\r
+typedef SSL_CTX* (__cdecl* _SSL_CTX_new)(SSL_METHOD*);\r
+typedef void (__cdecl* _SSL_CTX_free)(SSL_CTX*);\r
+typedef SSL* (__cdecl* _SSL_new)(SSL_CTX*);\r
+typedef void (__cdecl* _SSL_free)(SSL*);\r
+typedef int (__cdecl* _SSL_shutdown)(SSL*);\r
+typedef int (__cdecl* _SSL_get_fd)(SSL*);\r
+typedef int (__cdecl* _SSL_set_fd)(SSL*, int);\r
+typedef int (__cdecl* _SSL_accept)(SSL*);\r
+typedef int (__cdecl* _SSL_connect)(SSL*);\r
+typedef int (__cdecl* _SSL_write)(SSL*, const void*, int);\r
+typedef int (__cdecl* _SSL_peek)(SSL*, void*, int);\r
+typedef int (__cdecl* _SSL_read)(SSL*, void*, int);\r
+typedef int (__cdecl* _SSL_get_error)(SSL*, int);\r
+typedef X509* (__cdecl* _SSL_get_peer_certificate)(const SSL*);\r
+typedef long (__cdecl* _SSL_get_verify_result)(const SSL*);\r
+typedef SSL_SESSION* (__cdecl* _SSL_get_session)(SSL*);\r
+typedef int (__cdecl* _SSL_set_session)(SSL*, SSL_SESSION*);\r
+typedef X509_STORE* (__cdecl* _SSL_CTX_get_cert_store)(const SSL_CTX*);\r
+typedef BIO_METHOD* (__cdecl* _BIO_s_mem)();\r
+typedef BIO* (__cdecl* _BIO_new)(BIO_METHOD*);\r
+typedef int (__cdecl* _BIO_free)(BIO*);\r
+typedef BIO* (__cdecl* _BIO_new_mem_buf)(void*, int);\r
+typedef long (__cdecl* _BIO_ctrl)(BIO*, int, long, void*);\r
+typedef void (__cdecl* _X509_free)(X509*);\r
+typedef int (__cdecl* _X509_print_ex)(BIO*, X509*, unsigned long, unsigned long);\r
+typedef X509_NAME* (__cdecl* _X509_get_subject_name)(X509*);\r
+typedef int (__cdecl* _X509_NAME_print_ex)(BIO*, X509_NAME*, int, unsigned long);\r
+typedef X509* (__cdecl* _PEM_read_bio_X509)(BIO*, X509**, pem_password_cb*, void*);\r
+typedef int (__cdecl* _X509_STORE_add_cert)(X509_STORE*, X509*);\r
+\r
+_SSL_load_error_strings p_SSL_load_error_strings;\r
+_SSL_library_init p_SSL_library_init;\r
+_SSLv23_method p_SSLv23_method;\r
+_SSL_CTX_new p_SSL_CTX_new;\r
+_SSL_CTX_free p_SSL_CTX_free;\r
+_SSL_new p_SSL_new;\r
+_SSL_free p_SSL_free;\r
+_SSL_shutdown p_SSL_shutdown;\r
+_SSL_get_fd p_SSL_get_fd;\r
+_SSL_set_fd p_SSL_set_fd;\r
+_SSL_accept p_SSL_accept;\r
+_SSL_connect p_SSL_connect;\r
+_SSL_write p_SSL_write;\r
+_SSL_peek p_SSL_peek;\r
+_SSL_read p_SSL_read;\r
+_SSL_get_error p_SSL_get_error;\r
+_SSL_get_peer_certificate p_SSL_get_peer_certificate;\r
+_SSL_get_verify_result p_SSL_get_verify_result;\r
+_SSL_get_session p_SSL_get_session;\r
+_SSL_set_session p_SSL_set_session;\r
+_SSL_CTX_get_cert_store p_SSL_CTX_get_cert_store;\r
+_BIO_s_mem p_BIO_s_mem;\r
+_BIO_new p_BIO_new;\r
+_BIO_free p_BIO_free;\r
+_BIO_new_mem_buf p_BIO_new_mem_buf;\r
+_BIO_ctrl p_BIO_ctrl;\r
+_X509_free p_X509_free;\r
+_X509_print_ex p_X509_print_ex;\r
+_X509_get_subject_name p_X509_get_subject_name;\r
+_X509_NAME_print_ex p_X509_NAME_print_ex;\r
+_PEM_read_bio_X509 p_PEM_read_bio_X509;\r
+_X509_STORE_add_cert p_X509_STORE_add_cert;\r
+\r
+#define MAX_SSL_SOCKET 16\r
+\r
+BOOL g_bOpenSSLLoaded;\r
+HMODULE g_hOpenSSL;\r
+HMODULE g_hOpenSSLCommon;\r
+CRITICAL_SECTION g_OpenSSLLock;\r
+DWORD g_OpenSSLTimeout;\r
+LPSSLTIMEOUTCALLBACK g_pOpenSSLTimeoutCallback;\r
+LPSSLCONFIRMCALLBACK g_pOpenSSLConfirmCallback;\r
+SSL_CTX* g_pOpenSSLCTX;\r
+SSL* g_pOpenSSLHandle[MAX_SSL_SOCKET];\r
+\r
+BOOL __stdcall DefaultSSLTimeoutCallback(BOOL* pbAborted)\r
+{\r
+ Sleep(100);\r
+ return *pbAborted;\r
+}\r
+\r
+BOOL __stdcall DefaultSSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName)\r
+{\r
+ return bVerified;\r
+}\r
+\r
+// OpenSSLを初期化\r
+BOOL LoadOpenSSL()\r
+{\r
+ if(g_bOpenSSLLoaded)\r
+ return FALSE;\r
+#ifdef ENABLE_PROCESS_PROTECTION\r
+ // 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること\r
+ // ssleay32.dll 1.0.0e\r
+ // libssl32.dll 1.0.0e\r
+ RegisterTrustedModuleSHA1Hash("\x4E\xB7\xA0\x22\x14\x4B\x58\x6D\xBC\xF5\x21\x0D\x96\x78\x0D\x79\x7D\x66\xB2\xB0");\r
+ // libeay32.dll 1.0.0e\r
+ RegisterTrustedModuleSHA1Hash("\x01\x32\x7A\xAE\x69\x26\xE6\x58\xC7\x63\x22\x1E\x53\x5A\x78\xBC\x61\xC7\xB5\xC1");\r
+#endif\r
+ g_hOpenSSL = LoadLibrary("ssleay32.dll");\r
+ // バージョン固定のためlibssl32.dllの読み込みは脆弱性の原因になり得るので廃止\r
+// if(!g_hOpenSSL)\r
+// g_hOpenSSL = LoadLibrary("libssl32.dll");\r
+ if(!g_hOpenSSL\r
+ || !(p_SSL_load_error_strings = (_SSL_load_error_strings)GetProcAddress(g_hOpenSSL, "SSL_load_error_strings"))\r
+ || !(p_SSL_library_init = (_SSL_library_init)GetProcAddress(g_hOpenSSL, "SSL_library_init"))\r
+ || !(p_SSLv23_method = (_SSLv23_method)GetProcAddress(g_hOpenSSL, "SSLv23_method"))\r
+ || !(p_SSL_CTX_new = (_SSL_CTX_new)GetProcAddress(g_hOpenSSL, "SSL_CTX_new"))\r
+ || !(p_SSL_CTX_free = (_SSL_CTX_free)GetProcAddress(g_hOpenSSL, "SSL_CTX_free"))\r
+ || !(p_SSL_new = (_SSL_new)GetProcAddress(g_hOpenSSL, "SSL_new"))\r
+ || !(p_SSL_free = (_SSL_free)GetProcAddress(g_hOpenSSL, "SSL_free"))\r
+ || !(p_SSL_shutdown = (_SSL_shutdown)GetProcAddress(g_hOpenSSL, "SSL_shutdown"))\r
+ || !(p_SSL_get_fd = (_SSL_get_fd)GetProcAddress(g_hOpenSSL, "SSL_get_fd"))\r
+ || !(p_SSL_set_fd = (_SSL_set_fd)GetProcAddress(g_hOpenSSL, "SSL_set_fd"))\r
+ || !(p_SSL_accept = (_SSL_accept)GetProcAddress(g_hOpenSSL, "SSL_accept"))\r
+ || !(p_SSL_connect = (_SSL_connect)GetProcAddress(g_hOpenSSL, "SSL_connect"))\r
+ || !(p_SSL_write = (_SSL_write)GetProcAddress(g_hOpenSSL, "SSL_write"))\r
+ || !(p_SSL_peek = (_SSL_peek)GetProcAddress(g_hOpenSSL, "SSL_peek"))\r
+ || !(p_SSL_read = (_SSL_read)GetProcAddress(g_hOpenSSL, "SSL_read"))\r
+ || !(p_SSL_get_error = (_SSL_get_error)GetProcAddress(g_hOpenSSL, "SSL_get_error"))\r
+ || !(p_SSL_get_peer_certificate = (_SSL_get_peer_certificate)GetProcAddress(g_hOpenSSL, "SSL_get_peer_certificate"))\r
+ || !(p_SSL_get_verify_result = (_SSL_get_verify_result)GetProcAddress(g_hOpenSSL, "SSL_get_verify_result"))\r
+ || !(p_SSL_get_session = (_SSL_get_session)GetProcAddress(g_hOpenSSL, "SSL_get_session"))\r
+ || !(p_SSL_set_session = (_SSL_set_session)GetProcAddress(g_hOpenSSL, "SSL_set_session"))\r
+ || !(p_SSL_CTX_get_cert_store = (_SSL_CTX_get_cert_store)GetProcAddress(g_hOpenSSL, "SSL_CTX_get_cert_store")))\r
+ {\r
+ if(g_hOpenSSL)\r
+ FreeLibrary(g_hOpenSSL);\r
+ g_hOpenSSL = NULL;\r
+ return FALSE;\r
+ }\r
+ g_hOpenSSLCommon = LoadLibrary("libeay32.dll");\r
+ if(!g_hOpenSSLCommon\r
+ || !(p_BIO_s_mem = (_BIO_s_mem)GetProcAddress(g_hOpenSSLCommon, "BIO_s_mem"))\r
+ || !(p_BIO_new = (_BIO_new)GetProcAddress(g_hOpenSSLCommon, "BIO_new"))\r
+ || !(p_BIO_free = (_BIO_free)GetProcAddress(g_hOpenSSLCommon, "BIO_free"))\r
+ || !(p_BIO_new_mem_buf = (_BIO_new_mem_buf)GetProcAddress(g_hOpenSSLCommon, "BIO_new_mem_buf"))\r
+ || !(p_BIO_ctrl = (_BIO_ctrl)GetProcAddress(g_hOpenSSLCommon, "BIO_ctrl"))\r
+ || !(p_X509_free = (_X509_free)GetProcAddress(g_hOpenSSLCommon, "X509_free"))\r
+ || !(p_X509_print_ex = (_X509_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_print_ex"))\r
+ || !(p_X509_get_subject_name = (_X509_get_subject_name)GetProcAddress(g_hOpenSSLCommon, "X509_get_subject_name"))\r
+ || !(p_X509_NAME_print_ex = (_X509_NAME_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_NAME_print_ex"))\r
+ || !(p_PEM_read_bio_X509 = (_PEM_read_bio_X509)GetProcAddress(g_hOpenSSLCommon, "PEM_read_bio_X509"))\r
+ || !(p_X509_STORE_add_cert = (_X509_STORE_add_cert)GetProcAddress(g_hOpenSSLCommon, "X509_STORE_add_cert")))\r
+ {\r
+ if(g_hOpenSSL)\r
+ FreeLibrary(g_hOpenSSL);\r
+ g_hOpenSSL = NULL;\r
+ if(g_hOpenSSLCommon)\r
+ FreeLibrary(g_hOpenSSLCommon);\r
+ g_hOpenSSLCommon = NULL;\r
+ return FALSE;\r
+ }\r
+ InitializeCriticalSection(&g_OpenSSLLock);\r
+ p_SSL_load_error_strings();\r
+ p_SSL_library_init();\r
+ SetSSLTimeoutCallback(60000, DefaultSSLTimeoutCallback);\r
+ SetSSLConfirmCallback(DefaultSSLConfirmCallback);\r
+ g_bOpenSSLLoaded = TRUE;\r
+ return TRUE;\r
+}\r
+\r
+// OpenSSLを解放\r
+void FreeOpenSSL()\r
+{\r
+ int i;\r
+ if(!g_bOpenSSLLoaded)\r
+ return;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ for(i = 0; i < MAX_SSL_SOCKET; i++)\r
+ {\r
+ if(g_pOpenSSLHandle[i])\r
+ {\r
+ p_SSL_shutdown(g_pOpenSSLHandle[i]);\r
+ p_SSL_free(g_pOpenSSLHandle[i]);\r
+ g_pOpenSSLHandle[i] = NULL;\r
+ }\r
+ }\r
+ if(g_pOpenSSLCTX)\r
+ p_SSL_CTX_free(g_pOpenSSLCTX);\r
+ g_pOpenSSLCTX = NULL;\r
+ FreeLibrary(g_hOpenSSL);\r
+ g_hOpenSSL = NULL;\r
+ FreeLibrary(g_hOpenSSLCommon);\r
+ g_hOpenSSLCommon = NULL;\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ DeleteCriticalSection(&g_OpenSSLLock);\r
+ g_bOpenSSLLoaded = FALSE;\r
+}\r
+\r
+// OpenSSLが使用可能かどうか確認\r
+BOOL IsOpenSSLLoaded()\r
+{\r
+ return g_bOpenSSLLoaded;\r
+}\r
+\r
+SSL** GetUnusedSSLPointer()\r
+{\r
+ int i;\r
+ for(i = 0; i < MAX_SSL_SOCKET; i++)\r
+ {\r
+ if(!g_pOpenSSLHandle[i])\r
+ return &g_pOpenSSLHandle[i];\r
+ }\r
+ return NULL;\r
+}\r
+\r
+SSL** FindSSLPointerFromSocket(SOCKET s)\r
+{\r
+ int i;\r
+ for(i = 0; i < MAX_SSL_SOCKET; i++)\r
+ {\r
+ if(g_pOpenSSLHandle[i])\r
+ {\r
+ if(p_SSL_get_fd(g_pOpenSSLHandle[i]) == s)\r
+ return &g_pOpenSSLHandle[i];\r
+ }\r
+ }\r
+ return NULL;\r
+}\r
+\r
+BOOL ConfirmSSLCertificate(SSL* pSSL, BOOL* pbAborted)\r
+{\r
+ BOOL bResult;\r
+ BOOL bVerified;\r
+ char* pData;\r
+ char* pSubject;\r
+ X509* pX509;\r
+ BIO* pBIO;\r
+ long Length;\r
+ char* pBuffer;\r
+ char* pCN;\r
+ char* p;\r
+ bResult = FALSE;\r
+ bVerified = FALSE;\r
+ pData = NULL;\r
+ pSubject = NULL;\r
+ if(pX509 = p_SSL_get_peer_certificate(pSSL))\r
+ {\r
+ if(pBIO = p_BIO_new(p_BIO_s_mem()))\r
+ {\r
+ p_X509_print_ex(pBIO, pX509, 0, XN_FLAG_RFC2253);\r
+ if((Length = p_BIO_ctrl(pBIO, BIO_CTRL_INFO, 0, &pBuffer)) > 0)\r
+ {\r
+ if(pData = (char*)malloc(Length + sizeof(char)))\r
+ {\r
+ memcpy(pData, pBuffer, Length);\r
+ *(char*)((size_t)pData + Length) = '\0';\r
+ }\r
+ }\r
+ p_BIO_free(pBIO);\r
+ }\r
+ if(pBIO = p_BIO_new(p_BIO_s_mem()))\r
+ {\r
+ p_X509_NAME_print_ex(pBIO, p_X509_get_subject_name(pX509), 0, XN_FLAG_RFC2253);\r
+ if((Length = p_BIO_ctrl(pBIO, BIO_CTRL_INFO, 0, &pBuffer)) > 0)\r
+ {\r
+ if(pSubject = (char*)malloc(Length + sizeof(char)))\r
+ {\r
+ memcpy(pSubject, pBuffer, Length);\r
+ *(char*)((size_t)pSubject + Length) = '\0';\r
+ }\r
+ }\r
+ p_BIO_free(pBIO);\r
+ }\r
+ p_X509_free(pX509);\r
+ }\r
+ if(pX509 && p_SSL_get_verify_result(pSSL) == X509_V_OK)\r
+ bVerified = TRUE;\r
+ pCN = pSubject;\r
+ while(pCN)\r
+ {\r
+ if(strncmp(pCN, "CN=", strlen("CN=")) == 0)\r
+ {\r
+ pCN += strlen("CN=");\r
+ if(p = strchr(pCN, ','))\r
+ *p = '\0';\r
+ break;\r
+ }\r
+ if(pCN = strchr(pCN, ','))\r
+ pCN++;\r
+ }\r
+ bResult = g_pOpenSSLConfirmCallback(pbAborted, bVerified, pData, pCN);\r
+ if(pData)\r
+ free(pData);\r
+ if(pSubject)\r
+ free(pSubject);\r
+ return bResult;\r
+}\r
+\r
+void SetSSLTimeoutCallback(DWORD Timeout, LPSSLTIMEOUTCALLBACK pCallback)\r
+{\r
+ if(!g_bOpenSSLLoaded)\r
+ return;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ g_OpenSSLTimeout = Timeout;\r
+ g_pOpenSSLTimeoutCallback = pCallback;\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+}\r
+\r
+void SetSSLConfirmCallback(LPSSLCONFIRMCALLBACK pCallback)\r
+{\r
+ if(!g_bOpenSSLLoaded)\r
+ return;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ g_pOpenSSLConfirmCallback = pCallback;\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+}\r
+\r
+// SSLルート証明書を設定\r
+// PEM形式のみ指定可能\r
+BOOL SetSSLRootCertificate(const void* pData, DWORD Length)\r
+{\r
+ BOOL r;\r
+ X509_STORE* pStore;\r
+ BYTE* p;\r
+ BYTE* pBegin;\r
+ BYTE* pEnd;\r
+ BIO* pBIO;\r
+ X509* pX509;\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ r = FALSE;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ if(!g_pOpenSSLCTX)\r
+ g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+ if(g_pOpenSSLCTX)\r
+ {\r
+ if(pStore = p_SSL_CTX_get_cert_store(g_pOpenSSLCTX))\r
+ {\r
+ p = (BYTE*)pData;\r
+ pBegin = NULL;\r
+ pEnd = NULL;\r
+ while(Length > 0)\r
+ {\r
+ if(!pBegin)\r
+ {\r
+ if(Length < 27)\r
+ break;\r
+ if(memcmp(p, "-----BEGIN CERTIFICATE-----", 27) == 0)\r
+ pBegin = p;\r
+ }\r
+ else if(!pEnd)\r
+ {\r
+ if(Length < 25)\r
+ break;\r
+ if(memcmp(p, "-----END CERTIFICATE-----", 25) == 0)\r
+ pEnd = p + 25;\r
+ }\r
+ if(pBegin && pEnd)\r
+ {\r
+ if(pBIO = p_BIO_new_mem_buf(pBegin, (int)((size_t)pEnd - (size_t)pBegin)))\r
+ {\r
+ if(pX509 = p_PEM_read_bio_X509(pBIO, NULL, NULL, NULL))\r
+ {\r
+ if(p_X509_STORE_add_cert(pStore, pX509) == 1)\r
+ r = TRUE;\r
+ p_X509_free(pX509);\r
+ }\r
+ p_BIO_free(pBIO);\r
+ }\r
+ pBegin = NULL;\r
+ pEnd = NULL;\r
+ }\r
+ p++;\r
+ Length--;\r
+ }\r
+ }\r
+ }\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ return r;\r
+}\r
+\r
+// ワイルドカードの比較\r
+// 主にSSL証明書のCN確認用\r
+BOOL IsHostNameMatched(LPCSTR HostName, LPCSTR CommonName)\r
+{\r
+ BOOL bResult;\r
+ const char* pAsterisk;\r
+ size_t BeforeAsterisk;\r
+ const char* pBeginAsterisk;\r
+ const char* pEndAsterisk;\r
+ const char* pDot;\r
+ bResult = FALSE;\r
+ if(HostName && CommonName)\r
+ {\r
+ if(pAsterisk = strchr(CommonName, '*'))\r
+ {\r
+ BeforeAsterisk = ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char);\r
+ pBeginAsterisk = HostName + BeforeAsterisk;\r
+ while(*pAsterisk == '*')\r
+ {\r
+ pAsterisk++;\r
+ }\r
+ pEndAsterisk = HostName + strlen(HostName) - strlen(pAsterisk);\r
+ // "*"より前は大文字小文字を無視して完全一致\r
+ if(_strnicmp(HostName, CommonName, BeforeAsterisk) == 0)\r
+ {\r
+ // "*"より後は大文字小文字を無視して完全一致\r
+ if(_stricmp(pEndAsterisk, pAsterisk) == 0)\r
+ {\r
+ // "*"と一致する範囲に"."が含まれてはならない\r
+ pDot = strchr(pBeginAsterisk, '.');\r
+ if(!pDot || pDot >= pEndAsterisk)\r
+ bResult = TRUE;\r
+ }\r
+ }\r
+ }\r
+ else if(_stricmp(HostName, CommonName) == 0)\r
+ bResult = TRUE;\r
+ }\r
+ return bResult;\r
+}\r
+\r
+// SSLセッションを開始\r
+BOOL AttachSSL(SOCKET s, SOCKET parent, BOOL* pbAborted)\r
+{\r
+ BOOL r;\r
+ DWORD Time;\r
+ SSL** ppSSL;\r
+ SSL** ppSSLParent;\r
+ SSL_SESSION* pSession;\r
+ int Return;\r
+ int Error;\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ r = FALSE;\r
+ Time = timeGetTime();\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ if(!g_pOpenSSLCTX)\r
+ g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());\r
+ if(g_pOpenSSLCTX)\r
+ {\r
+ if(ppSSL = GetUnusedSSLPointer())\r
+ {\r
+ if(*ppSSL = p_SSL_new(g_pOpenSSLCTX))\r
+ {\r
+ if(p_SSL_set_fd(*ppSSL, s) != 0)\r
+ {\r
+ if(parent != INVALID_SOCKET)\r
+ {\r
+ if(ppSSLParent = FindSSLPointerFromSocket(parent))\r
+ {\r
+ if(pSession = p_SSL_get_session(*ppSSLParent))\r
+ {\r
+ if(p_SSL_set_session(*ppSSL, pSession) == 1)\r
+ {\r
+ }\r
+ }\r
+ }\r
+ }\r
+ // SSLのネゴシエーションには時間がかかる場合がある\r
+ r = TRUE;\r
+ while(r)\r
+ {\r
+ Return = p_SSL_connect(*ppSSL);\r
+ if(Return == 1)\r
+ break;\r
+ Error = p_SSL_get_error(*ppSSL, Return);\r
+ if(Error == SSL_ERROR_WANT_READ || Error == SSL_ERROR_WANT_WRITE)\r
+ {\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ if(g_pOpenSSLTimeoutCallback(pbAborted) || (g_OpenSSLTimeout > 0 && timeGetTime() - Time >= g_OpenSSLTimeout))\r
+ r = FALSE;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ }\r
+ else\r
+ r = FALSE;\r
+ }\r
+ if(r)\r
+ {\r
+ if(ConfirmSSLCertificate(*ppSSL, pbAborted))\r
+ {\r
+ }\r
+ else\r
+ {\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ DetachSSL(s);\r
+ r = FALSE;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ }\r
+ }\r
+ else\r
+ {\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ DetachSSL(s);\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ }\r
+ }\r
+ else\r
+ {\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ DetachSSL(s);\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ }\r
+ }\r
+ }\r
+ }\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ return r;\r
+}\r
+\r
+// SSLセッションを終了\r
+BOOL DetachSSL(SOCKET s)\r
+{\r
+ BOOL r;\r
+ SSL** ppSSL;\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ r = FALSE;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ if(ppSSL = FindSSLPointerFromSocket(s))\r
+ {\r
+ p_SSL_shutdown(*ppSSL);\r
+ p_SSL_free(*ppSSL);\r
+ *ppSSL = NULL;\r
+ r = TRUE;\r
+ }\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ return r;\r
+}\r
+\r
+// SSLとしてマークされているか確認\r
+// マークされていればTRUEを返す\r
+BOOL IsSSLAttached(SOCKET s)\r
+{\r
+ SSL** ppSSL;\r
+ if(!g_bOpenSSLLoaded)\r
+ return FALSE;\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ ppSSL = FindSSLPointerFromSocket(s);\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ if(!ppSSL)\r
+ return FALSE;\r
+ return TRUE;\r
+}\r
+\r
+SOCKET FTPS_socket(int af, int type, int protocol)\r
+{\r
+ return socket(af, type, protocol);\r
+}\r
+\r
+int FTPS_bind(SOCKET s, const struct sockaddr *addr, int namelen)\r
+{\r
+ return bind(s, addr, namelen);\r
+}\r
+\r
+int FTPS_listen(SOCKET s, int backlog)\r
+{\r
+ return listen(s, backlog);\r
+}\r
+\r
+// accept相当の関数\r
+// ただし初めからSSLのネゴシエーションを行う\r
+SOCKET FTPS_accept(SOCKET s, struct sockaddr *addr, int *addrlen)\r
+{\r
+ SOCKET r;\r
+ BOOL bAborted;\r
+ r = accept(s, addr, addrlen);\r
+ bAborted = FALSE;\r
+ if(!AttachSSL(r, INVALID_SOCKET, &bAborted))\r
+ {\r
+ closesocket(r);\r
+ return INVALID_SOCKET;\r
+ }\r
+ return r;\r
+}\r
+\r
+// connect相当の関数\r
+// ただし初めからSSLのネゴシエーションを行う\r
+int FTPS_connect(SOCKET s, const struct sockaddr *name, int namelen)\r
+{\r
+ int r;\r
+ BOOL bAborted;\r
+ r = connect(s, name, namelen);\r
+ bAborted = FALSE;\r
+ if(!AttachSSL(r, INVALID_SOCKET, &bAborted))\r
+ return SOCKET_ERROR;\r
+ return r;\r
+}\r
+\r
+// closesocket相当の関数\r
+int FTPS_closesocket(SOCKET s)\r
+{\r
+ DetachSSL(s);\r
+ return closesocket(s);\r
+}\r
+\r
+// send相当の関数\r
+int FTPS_send(SOCKET s, const char * buf, int len, int flags)\r
+{\r
+ SSL** ppSSL;\r
+ if(!g_bOpenSSLLoaded)\r
+ return send(s, buf, len, flags);\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ ppSSL = FindSSLPointerFromSocket(s);\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ if(!ppSSL)\r
+ return send(s, buf, len, flags);\r
+ return p_SSL_write(*ppSSL, buf, len);\r
+}\r
+\r
+// recv相当の関数\r
+int FTPS_recv(SOCKET s, char * buf, int len, int flags)\r
+{\r
+ SSL** ppSSL;\r
+ if(!g_bOpenSSLLoaded)\r
+ return recv(s, buf, len, flags);\r
+ EnterCriticalSection(&g_OpenSSLLock);\r
+ ppSSL = FindSSLPointerFromSocket(s);\r
+ LeaveCriticalSection(&g_OpenSSLLock);\r
+ if(!ppSSL)\r
+ return recv(s, buf, len, flags);\r
+ if(flags & MSG_PEEK)\r
+ return p_SSL_peek(*ppSSL, buf, len);\r
+ return p_SSL_read(*ppSSL, buf, len);\r
+}\r
+\r
+// IPv6対応\r
+\r
+typedef struct\r
+{\r
+ HANDLE h;\r
+ HWND hWnd;\r
+ u_int wMsg;\r
+ char * name;\r
+ char * buf;\r
+ int buflen;\r
+ short Family;\r
+} GETHOSTBYNAMEDATA;\r
+\r
+DWORD WINAPI WSAAsyncGetHostByNameIPv6ThreadProc(LPVOID lpParameter)\r
+{\r
+ GETHOSTBYNAMEDATA* pData;\r
+ struct hostent* pHost;\r
+ struct addrinfo* pAddr;\r
+ struct addrinfo* p;\r
+ pHost = NULL;\r
+ pData = (GETHOSTBYNAMEDATA*)lpParameter;\r
+ if(getaddrinfo(pData->name, NULL, NULL, &pAddr) == 0)\r
+ {\r
+ p = pAddr;\r
+ while(p)\r
+ {\r
+ if(p->ai_family == pData->Family)\r
+ {\r
+ switch(p->ai_family)\r
+ {\r
+ case AF_INET:\r
+ pHost = (struct hostent*)pData->buf;\r
+ if((size_t)pData->buflen >= sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in_addr)\r
+ && p->ai_addrlen >= sizeof(struct sockaddr_in))\r
+ {\r
+ pHost->h_name = NULL;\r
+ pHost->h_aliases = NULL;\r
+ pHost->h_addrtype = p->ai_family;\r
+ pHost->h_length = sizeof(struct in_addr);\r
+ pHost->h_addr_list = (char**)(&pHost[1]);\r
+ pHost->h_addr_list[0] = (char*)(&pHost->h_addr_list[2]);\r
+ pHost->h_addr_list[1] = NULL;\r
+ memcpy(pHost->h_addr_list[0], &((struct sockaddr_in*)p->ai_addr)->sin_addr, sizeof(struct in_addr));\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + p->ai_addrlen));\r
+ }\r
+ else\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(WSAENOBUFS << 16));\r
+ break;\r
+ case AF_INET6:\r
+ pHost = (struct hostent*)pData->buf;\r
+ if((size_t)pData->buflen >= sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in6_addr)\r
+ && p->ai_addrlen >= sizeof(struct sockaddr_in6))\r
+ {\r
+ pHost->h_name = NULL;\r
+ pHost->h_aliases = NULL;\r
+ pHost->h_addrtype = p->ai_family;\r
+ pHost->h_length = sizeof(struct in6_addr);\r
+ pHost->h_addr_list = (char**)(&pHost[1]);\r
+ pHost->h_addr_list[0] = (char*)(&pHost->h_addr_list[2]);\r
+ pHost->h_addr_list[1] = NULL;\r
+ memcpy(pHost->h_addr_list[0], &((struct sockaddr_in6*)p->ai_addr)->sin6_addr, sizeof(struct in6_addr));\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + p->ai_addrlen));\r
+ }\r
+ else\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(WSAENOBUFS << 16));\r
+ break;\r
+ }\r
+ }\r
+ if(pHost)\r
+ break;\r
+ p = p->ai_next;\r
+ }\r
+ if(!p)\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(ERROR_INVALID_FUNCTION << 16));\r
+ freeaddrinfo(pAddr);\r
+ }\r
+ else\r
+ PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(ERROR_INVALID_FUNCTION << 16));\r
+ free(pData->name);\r
+ free(pData);\r
+ // CreateThreadが返すハンドルが重複するのを回避\r
+ Sleep(10000);\r
+ return 0;\r
+}\r
+\r
+// IPv6対応のWSAAsyncGetHostByName相当の関数\r
+// FamilyにはAF_INETまたはAF_INET6を指定可能\r
+// ただしANSI用\r
+HANDLE WSAAsyncGetHostByNameIPv6(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen, short Family)\r
+{\r
+ HANDLE hResult;\r
+ GETHOSTBYNAMEDATA* pData;\r
+ hResult = NULL;\r
+ if(pData = malloc(sizeof(GETHOSTBYNAMEDATA)))\r
+ {\r
+ pData->hWnd = hWnd;\r
+ pData->wMsg = wMsg;\r
+ if(pData->name = malloc(sizeof(char) * (strlen(name) + 1)))\r
+ {\r
+ strcpy(pData->name, name);\r
+ pData->buf = buf;\r
+ pData->buflen = buflen;\r
+ pData->Family = Family;\r
+ if(pData->h = CreateThread(NULL, 0, WSAAsyncGetHostByNameIPv6ThreadProc, pData, CREATE_SUSPENDED, NULL))\r
+ {\r
+ ResumeThread(pData->h);\r
+ hResult = pData->h;\r
+ }\r
+ }\r
+ }\r
+ if(!hResult)\r
+ {\r
+ if(pData)\r
+ {\r
+ if(pData->name)\r
+ free(pData->name);\r
+ free(pData);\r
+ }\r
+ }\r
+ return hResult;\r
+}\r
+\r
+// WSAAsyncGetHostByNameIPv6用のWSACancelAsyncRequest相当の関数\r
+int WSACancelAsyncRequestIPv6(HANDLE hAsyncTaskHandle)\r
+{\r
+ int Result;\r
+ Result = SOCKET_ERROR;\r
+ if(TerminateThread(hAsyncTaskHandle, 0))\r
+ Result = 0;\r
+ return Result;\r
+}\r
+\r
+char* AddressToStringIPv6(char* str, void* in6)\r
+{\r
+ char* pResult;\r
+ unsigned char* p;\r
+ int MaxZero;\r
+ int MaxZeroLen;\r
+ int i;\r
+ int j;\r
+ char Tmp[5];\r
+ pResult = str;\r
+ p = (unsigned char*)in6;\r
+ MaxZero = 8;\r
+ MaxZeroLen = 1;\r
+ for(i = 0; i < 8; i++)\r
+ {\r
+ for(j = i; j < 8; j++)\r
+ {\r
+ if(p[j * 2] != 0 || p[j * 2 + 1] != 0)\r
+ break;\r
+ }\r
+ if(j - i > MaxZeroLen)\r
+ {\r
+ MaxZero = i;\r
+ MaxZeroLen = j - i;\r
+ }\r
+ }\r
+ strcpy(str, "");\r
+ for(i = 0; i < 8; i++)\r
+ {\r
+ if(i == MaxZero)\r
+ {\r
+ if(i == 0)\r
+ strcat(str, ":");\r
+ strcat(str, ":");\r
+ }\r
+ else if(i < MaxZero || i >= MaxZero + MaxZeroLen)\r
+ {\r
+ sprintf(Tmp, "%x", (((int)p[i * 2] & 0xff) << 8) | ((int)p[i * 2 + 1] & 0xff));\r
+ strcat(str, Tmp);\r
+ if(i < 7)\r
+ strcat(str, ":");\r
+ }\r
+ }\r
+ return pResult;\r
+}\r
+\r
+// IPv6対応のinet_ntoa相当の関数\r
+// ただしANSI用\r
+char* inet6_ntoa(struct in6_addr in6)\r
+{\r
+ char* pResult;\r
+ static char Adrs[40];\r
+ pResult = NULL;\r
+ memset(Adrs, 0, sizeof(Adrs));\r
+ pResult = AddressToStringIPv6(Adrs, &in6);\r
+ return pResult;\r
+}\r
+\r
+// IPv6対応のinet_addr相当の関数\r
+// ただしANSI用\r
+struct in6_addr inet6_addr(const char* cp)\r
+{\r
+ struct in6_addr Result;\r
+ int AfterZero;\r
+ int i;\r
+ char* p;\r
+ memset(&Result, 0, sizeof(Result));\r
+ AfterZero = 0;\r
+ for(i = 0; i < 8; i++)\r
+ {\r
+ if(!cp)\r
+ {\r
+ memset(&Result, 0xff, sizeof(Result));\r
+ break;\r
+ }\r
+ if(i >= AfterZero)\r
+ {\r
+ if(strncmp(cp, ":", 1) == 0)\r
+ {\r
+ cp = cp + 1;\r
+ if(i == 0 && strncmp(cp, ":", 1) == 0)\r
+ cp = cp + 1;\r
+ p = (char*)cp;\r
+ AfterZero = 7;\r
+ while(p = strstr(p, ":"))\r
+ {\r
+ p = p + 1;\r
+ AfterZero--;\r
+ }\r
+ }\r
+ else\r
+ {\r
+ Result.u.Word[i] = (USHORT)strtol(cp, &p, 16);\r
+ Result.u.Word[i] = ((Result.u.Word[i] & 0xff00) >> 8) | ((Result.u.Word[i] & 0x00ff) << 8);\r
+ if(strncmp(p, ":", 1) != 0 && strlen(p) > 0)\r
+ {\r
+ memset(&Result, 0xff, sizeof(Result));\r
+ break;\r
+ }\r
+ if(cp = strstr(cp, ":"))\r
+ cp = cp + 1;\r
+ }\r
+ }\r
+ }\r
+ return Result;\r
+}\r
+\r
+BOOL ConvertDomainNameToPunycode(LPSTR Output, DWORD Count, LPCSTR Input)\r
+{\r
+ BOOL bResult;\r
+ punycode_uint* pUnicode;\r
+ punycode_uint* p;\r
+ BOOL bNeeded;\r
+ LPCSTR InputString;\r
+ punycode_uint Length;\r
+ punycode_uint OutputLength;\r
+ bResult = FALSE;\r
+ if(pUnicode = malloc(sizeof(punycode_uint) * strlen(Input)))\r
+ {\r
+ p = pUnicode;\r
+ bNeeded = FALSE;\r
+ InputString = Input;\r
+ Length = 0;\r
+ while(*InputString != '\0')\r
+ {\r
+ *p = (punycode_uint)GetNextCharM(InputString, &InputString);\r
+ if(*p >= 0x80)\r
+ bNeeded = TRUE;\r
+ p++;\r
+ Length++;\r
+ }\r
+ if(bNeeded)\r
+ {\r
+ if(Count >= strlen("xn--") + 1)\r
+ {\r
+ strcpy(Output, "xn--");\r
+ OutputLength = Count - strlen("xn--");\r
+ if(punycode_encode(Length, pUnicode, NULL, (punycode_uint*)&OutputLength, Output + strlen("xn--")) == punycode_success)\r
+ {\r
+ Output[strlen("xn--") + OutputLength] = '\0';\r
+ bResult = TRUE;\r
+ }\r
+ }\r
+ }\r
+ free(pUnicode);\r
+ }\r
+ if(!bResult)\r
+ {\r
+ if(Count >= strlen(Input) + 1)\r
+ {\r
+ strcpy(Output, Input);\r
+ bResult = TRUE;\r
+ }\r
+ }\r
+ return bResult;\r
+}\r
+\r
+BOOL ConvertNameToPunycode(LPSTR Output, LPCSTR Input)\r
+{\r
+ BOOL bResult;\r
+ DWORD Length;\r
+ char* pm0;\r
+ char* pm1;\r
+ char* p;\r
+ char* pNext;\r
+ bResult = FALSE;\r
+ Length = strlen(Input);\r
+ if(pm0 = AllocateStringM(Length + 1))\r
+ {\r
+ if(pm1 = AllocateStringM(Length * 4 + 1))\r
+ {\r
+ strcpy(pm0, Input);\r
+ p = pm0;\r
+ while(p)\r
+ {\r
+ if(pNext = strchr(p, '.'))\r
+ {\r
+ *pNext = '\0';\r
+ pNext++;\r
+ }\r
+ if(ConvertDomainNameToPunycode(pm1, Length * 4, p))\r
+ strcat(Output, pm1);\r
+ if(pNext)\r
+ strcat(Output, ".");\r
+ p = pNext;\r
+ }\r
+ bResult = TRUE;\r
+ FreeDuplicatedString(pm1);\r
+ }\r
+ FreeDuplicatedString(pm0);\r
+ }\r
+ return bResult;\r
+}\r
+\r
+HANDLE WSAAsyncGetHostByNameM(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen)\r
+{\r
+ HANDLE r = NULL;\r
+ char* pa0 = NULL;\r
+ if(pa0 = AllocateStringA(strlen(name) * 4))\r
+ {\r
+ if(ConvertNameToPunycode(pa0, name))\r
+ r = WSAAsyncGetHostByName(hWnd, wMsg, pa0, buf, buflen);\r
+ }\r
+ FreeDuplicatedString(pa0);\r
+ return r;\r
+}\r
+\r
+HANDLE WSAAsyncGetHostByNameIPv6M(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen, short Family)\r
+{\r
+ HANDLE r = NULL;\r
+ char* pa0 = NULL;\r
+ if(pa0 = AllocateStringA(strlen(name) * 4))\r
+ {\r
+ if(ConvertNameToPunycode(pa0, name))\r
+ r = WSAAsyncGetHostByNameIPv6(hWnd, wMsg, pa0, buf, buflen, Family);\r
+ }\r
+ FreeDuplicatedString(pa0);\r
+ return r;\r
+}\r
+\r
+// SFTP対応\r
+\r
+typedef void* (__cdecl* _SFTP_Create)();\r
+typedef void (__cdecl* _SFTP_Destroy)(void*);\r
+typedef BOOL (__cdecl* _SFTP_IsExited)(void*);\r
+typedef BOOL (__cdecl* _SFTP_SetTimeoutCallback)(void*, void*);\r
+typedef size_t (__cdecl* _SFTP_PeekStdOut)(void*, void*, size_t);\r
+typedef size_t (__cdecl* _SFTP_ReadStdOut)(void*, void*, size_t);\r
+typedef size_t (__cdecl* _SFTP_WriteStdIn)(void*, const void*, size_t);\r
+typedef size_t (__cdecl* _SFTP_PeekDataOut)(void*, void*, size_t);\r
+typedef size_t (__cdecl* _SFTP_ReadDataOut)(void*, void*, size_t);\r
+typedef size_t (__cdecl* _SFTP_WriteDataIn)(void*, const void*, size_t);\r
+typedef BOOL (__cdecl* _SFTP_SetFilePosition)(void*, LONGLONG);\r
+\r
+_SFTP_Create p_SFTP_Create;\r
+_SFTP_Destroy p_SFTP_Destroy;\r
+_SFTP_IsExited p_SFTP_IsExited;\r
+_SFTP_SetTimeoutCallback p_SFTP_SetTimeoutCallback;\r
+_SFTP_PeekStdOut p_SFTP_PeekStdOut;\r
+_SFTP_ReadStdOut p_SFTP_ReadStdOut;\r
+_SFTP_WriteStdIn p_SFTP_WriteStdIn;\r
+_SFTP_PeekDataOut p_SFTP_PeekDataOut;\r
+_SFTP_ReadDataOut p_SFTP_ReadDataOut;\r
+_SFTP_WriteDataIn p_SFTP_WriteDataIn;\r
+_SFTP_SetFilePosition p_SFTP_SetFilePosition;\r
+\r
+typedef struct\r
+{\r
+ SOCKET Control;\r
+ SOCKET Data;\r
+ void* Handle;\r
+ char Host[1024];\r
+ int Port;\r
+ char User[1024];\r
+ char Password[1024];\r
+} SFTPDATA;\r
+\r
+#define MAX_SFTP_SOCKET 16\r
+\r
+BOOL g_bPuTTYLoaded;\r
+HMODULE g_hPuTTY;\r
+CRITICAL_SECTION g_PuTTYLock;\r
+SFTPDATA g_SFTPData[MAX_SFTP_SOCKET];\r
+\r
+// PuTTYを初期化\r
+BOOL LoadPuTTY()\r
+{\r
+ int i;\r
+ if(g_bPuTTYLoaded)\r
+ return FALSE;\r
+#ifdef ENABLE_PROCESS_PROTECTION\r
+ // ビルドしたputty.dllに合わせてSHA1ハッシュ値を変更すること\r
+ RegisterTrustedModuleSHA1Hash("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00");\r
+#endif\r
+ // デバッグ用\r
+// g_hPuTTY = LoadLibrary("putty.dll");\r
+ g_hPuTTY = LoadLibrary("C:\\SourceForge\\ffftp\\putty\\Debug\\PuTTY.dll");\r
+ if(!g_hPuTTY\r
+ || !(p_SFTP_Create = (_SFTP_Create)GetProcAddress(g_hPuTTY, "SFTP_Create"))\r
+ || !(p_SFTP_Destroy = (_SFTP_Destroy)GetProcAddress(g_hPuTTY, "SFTP_Destroy"))\r
+ || !(p_SFTP_IsExited = (_SFTP_IsExited)GetProcAddress(g_hPuTTY, "SFTP_IsExited"))\r
+ || !(p_SFTP_SetTimeoutCallback = (_SFTP_SetTimeoutCallback)GetProcAddress(g_hPuTTY, "SFTP_SetTimeoutCallback"))\r
+ || !(p_SFTP_PeekStdOut = (_SFTP_PeekStdOut)GetProcAddress(g_hPuTTY, "SFTP_PeekStdOut"))\r
+ || !(p_SFTP_ReadStdOut = (_SFTP_ReadStdOut)GetProcAddress(g_hPuTTY, "SFTP_ReadStdOut"))\r
+ || !(p_SFTP_WriteStdIn = (_SFTP_WriteStdIn)GetProcAddress(g_hPuTTY, "SFTP_WriteStdIn"))\r
+ || !(p_SFTP_PeekDataOut = (_SFTP_PeekDataOut)GetProcAddress(g_hPuTTY, "SFTP_PeekDataOut"))\r
+ || !(p_SFTP_ReadDataOut = (_SFTP_ReadDataOut)GetProcAddress(g_hPuTTY, "SFTP_ReadDataOut"))\r
+ || !(p_SFTP_WriteDataIn = (_SFTP_WriteDataIn)GetProcAddress(g_hPuTTY, "SFTP_WriteDataIn"))\r
+ || !(p_SFTP_SetFilePosition = (_SFTP_SetFilePosition)GetProcAddress(g_hPuTTY, "SFTP_SetFilePosition")))\r
+ {\r
+ if(g_hPuTTY)\r
+ FreeLibrary(g_hPuTTY);\r
+ g_hPuTTY = NULL;\r
+ return FALSE;\r
+ }\r
+ for(i = 0; i < MAX_SFTP_SOCKET; i++)\r
+ {\r
+ g_SFTPData[i].Control = INVALID_SOCKET;\r
+ g_SFTPData[i].Data = INVALID_SOCKET;\r
+ }\r
+ InitializeCriticalSection(&g_PuTTYLock);\r
+ g_bPuTTYLoaded = TRUE;\r
+ return TRUE;\r
+}\r
+\r
+// PuTTYを解放\r
+void FreePuTTY()\r
+{\r
+ int i;\r
+ if(!g_bPuTTYLoaded)\r
+ return;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ for(i = 0; i < MAX_SFTP_SOCKET; i++)\r
+ {\r
+ if(g_SFTPData[i].Control != INVALID_SOCKET)\r
+ {\r
+ closesocket(g_SFTPData[i].Control);\r
+ g_SFTPData[i].Control = INVALID_SOCKET;\r
+ p_SFTP_Destroy(g_SFTPData[i].Handle);\r
+ }\r
+ if(g_SFTPData[i].Data != INVALID_SOCKET)\r
+ {\r
+ closesocket(g_SFTPData[i].Data);\r
+ g_SFTPData[i].Data = INVALID_SOCKET;\r
+ }\r
+ }\r
+ FreeLibrary(g_hPuTTY);\r
+ g_hPuTTY = NULL;\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ DeleteCriticalSection(&g_PuTTYLock);\r
+ g_bPuTTYLoaded = FALSE;\r
+}\r
+\r
+// PuTTYが使用可能かどうか確認\r
+BOOL IsPuTTYLoaded()\r
+{\r
+ return g_bPuTTYLoaded;\r
+}\r
+\r
+SFTPDATA* GetUnusedSFTPData()\r
+{\r
+ int i;\r
+ for(i = 0; i < MAX_SFTP_SOCKET; i++)\r
+ {\r
+ if(g_SFTPData[i].Control == INVALID_SOCKET)\r
+ {\r
+ memset(&g_SFTPData[i], 0, sizeof(SFTPDATA));\r
+ return &g_SFTPData[i];\r
+ }\r
+ }\r
+ return NULL;\r
+}\r
+\r
+SFTPDATA* FindSFTPDataFromSocket(SOCKET s)\r
+{\r
+ int i;\r
+ for(i = 0; i < MAX_SFTP_SOCKET; i++)\r
+ {\r
+ if(g_SFTPData[i].Control == s || g_SFTPData[i].Data == s)\r
+ return &g_SFTPData[i];\r
+ }\r
+ return NULL;\r
+}\r
+\r
+// SFTPとしてマークされているか確認\r
+// マークされていればTRUEを返す\r
+BOOL IsSFTPAttached(SOCKET s)\r
+{\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return FALSE;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ pSFTPData = FindSFTPDataFromSocket(s);\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ if(!pSFTPData)\r
+ return FALSE;\r
+ return TRUE;\r
+}\r
+\r
+// コントロール用の仮想的なソケットを取得\r
+// 識別子としてダミーのソケットを返す\r
+SOCKET SFTP_socket(int af, int type, int protocol)\r
+{\r
+ SOCKET r;\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return INVALID_SOCKET;\r
+ r = INVALID_SOCKET;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ if(pSFTPData = GetUnusedSFTPData())\r
+ {\r
+ r = socket(af, type, protocol);\r
+ pSFTPData->Control = r;\r
+ pSFTPData->Data = INVALID_SOCKET;\r
+ pSFTPData->Handle = p_SFTP_Create();\r
+ }\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ return r;\r
+}\r
+\r
+int SFTP_bind(SOCKET s, const struct sockaddr *addr, int namelen)\r
+{\r
+ return SOCKET_ERROR;\r
+}\r
+\r
+int SFTP_listen(SOCKET s, int backlog)\r
+{\r
+ return SOCKET_ERROR;\r
+}\r
+\r
+// accept相当の関数\r
+SOCKET SFTP_accept(SOCKET s, struct sockaddr *addr, int *addrlen)\r
+{\r
+ return INVALID_SOCKET;\r
+}\r
+\r
+// connect相当の関数\r
+int SFTP_connect(SOCKET s, const struct sockaddr *name, int namelen)\r
+{\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return SOCKET_ERROR;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ pSFTPData = FindSFTPDataFromSocket(s);\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ if(!pSFTPData)\r
+ return SOCKET_ERROR;\r
+ if(namelen == sizeof(struct sockaddr_in))\r
+ {\r
+ }\r
+ else if(namelen == sizeof(struct sockaddr_in6))\r
+ {\r
+ }\r
+ else\r
+ return SOCKET_ERROR;\r
+ return 0;\r
+}\r
+\r
+// closesocket相当の関数\r
+int SFTP_closesocket(SOCKET s)\r
+{\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return SOCKET_ERROR;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ if(pSFTPData = FindSFTPDataFromSocket(s))\r
+ {\r
+ if(pSFTPData->Control == s)\r
+ {\r
+ pSFTPData->Control = INVALID_SOCKET;\r
+ p_SFTP_Destroy(pSFTPData->Handle);\r
+ }\r
+ if(pSFTPData->Data == s)\r
+ pSFTPData->Data = INVALID_SOCKET;\r
+ }\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ return closesocket(s);\r
+}\r
+\r
+// send相当の関数\r
+int SFTP_send(SOCKET s, const char * buf, int len, int flags)\r
+{\r
+ int r;\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return SOCKET_ERROR;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ pSFTPData = FindSFTPDataFromSocket(s);\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ if(!pSFTPData)\r
+ return SOCKET_ERROR;\r
+ if(p_SFTP_IsExited(pSFTPData->Handle))\r
+ return SOCKET_ERROR;\r
+ r = SOCKET_ERROR;\r
+ if(pSFTPData->Control == s)\r
+ r = (int)p_SFTP_WriteStdIn(pSFTPData->Handle, buf, len);\r
+ else if(pSFTPData->Data == s)\r
+ r = (int)p_SFTP_WriteDataIn(pSFTPData->Handle, buf, len);\r
+ return r;\r
+}\r
+\r
+// recv相当の関数\r
+int SFTP_recv(SOCKET s, char * buf, int len, int flags)\r
+{\r
+ int r;\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return SOCKET_ERROR;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ pSFTPData = FindSFTPDataFromSocket(s);\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ if(!pSFTPData)\r
+ return SOCKET_ERROR;\r
+ if(p_SFTP_IsExited(pSFTPData->Handle))\r
+ return SOCKET_ERROR;\r
+ r = SOCKET_ERROR;\r
+ if(pSFTPData->Control == s)\r
+ {\r
+ if(flags & MSG_PEEK)\r
+ r = (int)p_SFTP_PeekStdOut(pSFTPData->Handle, buf, len);\r
+ else\r
+ r = (int)p_SFTP_ReadStdOut(pSFTPData->Handle, buf, len);\r
+ }\r
+ else if(pSFTPData->Data == s)\r
+ {\r
+ if(flags & MSG_PEEK)\r
+ r = (int)p_SFTP_PeekDataOut(pSFTPData->Handle, buf, len);\r
+ else\r
+ r = (int)p_SFTP_ReadDataOut(pSFTPData->Handle, buf, len);\r
+ }\r
+ return r;\r
+}\r
+\r
+BOOL SFTP_SetTimeoutCallback(SOCKET s, void* pCallback)\r
+{\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return FALSE;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ pSFTPData = FindSFTPDataFromSocket(s);\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ if(!pSFTPData)\r
+ return FALSE;\r
+ return p_SFTP_SetTimeoutCallback(pSFTPData->Handle, pCallback);\r
+}\r
+\r
+// データ用の仮想的なソケットを取得\r
+// 識別子としてダミーのソケットを返す\r
+SOCKET SFTP_GetDataHandle(SOCKET s, int af, int type, int protocol)\r
+{\r
+ SOCKET r;\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return INVALID_SOCKET;\r
+ r = INVALID_SOCKET;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ if(pSFTPData = FindSFTPDataFromSocket(s))\r
+ {\r
+ r = socket(af, type, protocol);\r
+ pSFTPData->Data = r;\r
+ }\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ return r;\r
+}\r
+\r
+BOOL SFTP_SetFilePosition(SOCKET s, LONGLONG Position)\r
+{\r
+ SFTPDATA* pSFTPData;\r
+ if(!g_bPuTTYLoaded)\r
+ return FALSE;\r
+ EnterCriticalSection(&g_PuTTYLock);\r
+ pSFTPData = FindSFTPDataFromSocket(s);\r
+ LeaveCriticalSection(&g_PuTTYLock);\r
+ if(!pSFTPData)\r
+ return FALSE;\r
+ return p_SFTP_SetFilePosition(pSFTPData->Handle, Position);\r
+}\r
+\r
OSDN Git Service
