X-Git-Url: http://git.sourceforge.jp/view?p=ffftp%2Fffftp.git;a=blobdiff_plain;f=socketwrapper.c;h=caae5893cf3eccf0fecd8da33d0077d537398c1a;hp=acf23c36921e1431e1cbb86a90874023fdd1f954;hb=0d9559ea57ae201a5b1fe0161f88545141674c09;hpb=f453e0e463e50f18f50f051f23fa08c8eb28dd54

diff --git a/socketwrapper.c b/socketwrapper.c
index acf23c3..caae589 100644
--- a/socketwrapper.c
+++ b/socketwrapper.c
@@ -2,15 +2,21 @@
 // Copyright (C) 2011 Suguru Kawamoto
 // ソケットラッパー
 // socket関連関数をOpenSSL用に置換
+// socket関連関数のIPv6対応
 // コンパイルにはOpenSSLのヘッダーファイルが必要
 // 実行にはOpenSSLのDLLが必要
 
+#include <ws2tcpip.h>
 #include <windows.h>
 #include <mmsystem.h>
 #include <openssl/ssl.h>
 
 #include "socketwrapper.h"
 #include "protectprocess.h"
+#include "mbswrapper.h"
+#include "punycode.h"
+
+// FTPS対応
 
 typedef void (__cdecl* _SSL_load_error_strings)();
 typedef int (__cdecl* _SSL_library_init)();
@@ -32,14 +38,18 @@ typedef X509* (__cdecl* _SSL_get_peer_certificate)(const SSL*);
 typedef long (__cdecl* _SSL_get_verify_result)(const SSL*);
 typedef SSL_SESSION* (__cdecl* _SSL_get_session)(SSL*);
 typedef int (__cdecl* _SSL_set_session)(SSL*, SSL_SESSION*);
+typedef X509_STORE* (__cdecl* _SSL_CTX_get_cert_store)(const SSL_CTX*);
 typedef BIO_METHOD* (__cdecl* _BIO_s_mem)();
 typedef BIO* (__cdecl* _BIO_new)(BIO_METHOD*);
 typedef int (__cdecl* _BIO_free)(BIO*);
+typedef BIO* (__cdecl* _BIO_new_mem_buf)(void*, int);
 typedef long (__cdecl* _BIO_ctrl)(BIO*, int, long, void*);
 typedef void (__cdecl* _X509_free)(X509*);
 typedef int (__cdecl* _X509_print_ex)(BIO*, X509*, unsigned long, unsigned long);
 typedef X509_NAME* (__cdecl* _X509_get_subject_name)(X509*);
 typedef int (__cdecl* _X509_NAME_print_ex)(BIO*, X509_NAME*, int, unsigned long);
+typedef X509* (__cdecl* _PEM_read_bio_X509)(BIO*, X509**, pem_password_cb*, void*);
+typedef int (__cdecl* _X509_STORE_add_cert)(X509_STORE*, X509*);
 
 _SSL_load_error_strings p_SSL_load_error_strings;
 _SSL_library_init p_SSL_library_init;
@@ -61,16 +71,20 @@ _SSL_get_peer_certificate p_SSL_get_peer_certificate;
 _SSL_get_verify_result p_SSL_get_verify_result;
 _SSL_get_session p_SSL_get_session;
 _SSL_set_session p_SSL_set_session;
+_SSL_CTX_get_cert_store p_SSL_CTX_get_cert_store;
 _BIO_s_mem p_BIO_s_mem;
 _BIO_new p_BIO_new;
 _BIO_free p_BIO_free;
+_BIO_new_mem_buf p_BIO_new_mem_buf;
 _BIO_ctrl p_BIO_ctrl;
 _X509_free p_X509_free;
 _X509_print_ex p_X509_print_ex;
 _X509_get_subject_name p_X509_get_subject_name;
 _X509_NAME_print_ex p_X509_NAME_print_ex;
+_PEM_read_bio_X509 p_PEM_read_bio_X509;
+_X509_STORE_add_cert p_X509_STORE_add_cert;
 
-#define MAX_SSL_SOCKET 64
+#define MAX_SSL_SOCKET 16
 
 BOOL g_bOpenSSLLoaded;
 HMODULE g_hOpenSSL;
@@ -82,32 +96,34 @@ LPSSLCONFIRMCALLBACK g_pOpenSSLConfirmCallback;
 SSL_CTX* g_pOpenSSLCTX;
 SSL* g_pOpenSSLHandle[MAX_SSL_SOCKET];
 
-BOOL __stdcall DefaultSSLTimeoutCallback()
+BOOL __stdcall DefaultSSLTimeoutCallback(BOOL* pbAborted)
 {
 	Sleep(100);
-	return FALSE;
+	return *pbAborted;
 }
 
-BOOL __stdcall DefaultSSLConfirmCallback(BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName)
+BOOL __stdcall DefaultSSLConfirmCallback(BOOL* pbAborted, BOOL bVerified, LPCSTR Certificate, LPCSTR CommonName)
 {
 	return bVerified;
 }
 
+// OpenSSLを初期化
 BOOL LoadOpenSSL()
 {
 	if(g_bOpenSSLLoaded)
 		return FALSE;
 #ifdef ENABLE_PROCESS_PROTECTION
 	// 同梱するOpenSSLのバージョンに合わせてSHA1ハッシュ値を変更すること
-	// ssleay32.dll 1.0.0e
-	// libssl32.dll 1.0.0e
-	RegisterTrustedModuleSHA1Hash("\x4E\xB7\xA0\x22\x14\x4B\x58\x6D\xBC\xF5\x21\x0D\x96\x78\x0D\x79\x7D\x66\xB2\xB0");
-	// libeay32.dll 1.0.0e
-	RegisterTrustedModuleSHA1Hash("\x01\x32\x7A\xAE\x69\x26\xE6\x58\xC7\x63\x22\x1E\x53\x5A\x78\xBC\x61\xC7\xB5\xC1");
+	// ssleay32.dll 1.0.0g
+	// libssl32.dll 1.0.0g
+	RegisterTrustedModuleSHA1Hash("\x42\x32\x3E\x44\x35\xBC\x98\x6C\x45\xC9\xA2\xB8\x41\xE7\xDA\x7B\x6A\x98\xB2\x28");
+	// libeay32.dll 1.0.0g
+	RegisterTrustedModuleSHA1Hash("\x3F\xC8\x07\x84\xB3\xF0\x71\x4A\x18\x59\x52\x1F\x99\x09\x65\xB9\x49\xA7\x15\x36");
 #endif
 	g_hOpenSSL = LoadLibrary("ssleay32.dll");
-	if(!g_hOpenSSL)
-		g_hOpenSSL = LoadLibrary("libssl32.dll");
+	// バージョン固定のためlibssl32.dllの読み込みは脆弱性の原因になり得るので廃止
+//	if(!g_hOpenSSL)
+//		g_hOpenSSL = LoadLibrary("libssl32.dll");
 	if(!g_hOpenSSL
 		|| !(p_SSL_load_error_strings = (_SSL_load_error_strings)GetProcAddress(g_hOpenSSL, "SSL_load_error_strings"))
 		|| !(p_SSL_library_init = (_SSL_library_init)GetProcAddress(g_hOpenSSL, "SSL_library_init"))
@@ -128,7 +144,8 @@ BOOL LoadOpenSSL()
 		|| !(p_SSL_get_peer_certificate = (_SSL_get_peer_certificate)GetProcAddress(g_hOpenSSL, "SSL_get_peer_certificate"))
 		|| !(p_SSL_get_verify_result = (_SSL_get_verify_result)GetProcAddress(g_hOpenSSL, "SSL_get_verify_result"))
 		|| !(p_SSL_get_session = (_SSL_get_session)GetProcAddress(g_hOpenSSL, "SSL_get_session"))
-		|| !(p_SSL_set_session = (_SSL_set_session)GetProcAddress(g_hOpenSSL, "SSL_set_session")))
+		|| !(p_SSL_set_session = (_SSL_set_session)GetProcAddress(g_hOpenSSL, "SSL_set_session"))
+		|| !(p_SSL_CTX_get_cert_store = (_SSL_CTX_get_cert_store)GetProcAddress(g_hOpenSSL, "SSL_CTX_get_cert_store")))
 	{
 		if(g_hOpenSSL)
 			FreeLibrary(g_hOpenSSL);
@@ -140,11 +157,14 @@ BOOL LoadOpenSSL()
 		|| !(p_BIO_s_mem = (_BIO_s_mem)GetProcAddress(g_hOpenSSLCommon, "BIO_s_mem"))
 		|| !(p_BIO_new = (_BIO_new)GetProcAddress(g_hOpenSSLCommon, "BIO_new"))
 		|| !(p_BIO_free = (_BIO_free)GetProcAddress(g_hOpenSSLCommon, "BIO_free"))
+		|| !(p_BIO_new_mem_buf = (_BIO_new_mem_buf)GetProcAddress(g_hOpenSSLCommon, "BIO_new_mem_buf"))
 		|| !(p_BIO_ctrl = (_BIO_ctrl)GetProcAddress(g_hOpenSSLCommon, "BIO_ctrl"))
 		|| !(p_X509_free = (_X509_free)GetProcAddress(g_hOpenSSLCommon, "X509_free"))
 		|| !(p_X509_print_ex = (_X509_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_print_ex"))
 		|| !(p_X509_get_subject_name = (_X509_get_subject_name)GetProcAddress(g_hOpenSSLCommon, "X509_get_subject_name"))
-		|| !(p_X509_NAME_print_ex = (_X509_NAME_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_NAME_print_ex")))
+		|| !(p_X509_NAME_print_ex = (_X509_NAME_print_ex)GetProcAddress(g_hOpenSSLCommon, "X509_NAME_print_ex"))
+		|| !(p_PEM_read_bio_X509 = (_PEM_read_bio_X509)GetProcAddress(g_hOpenSSLCommon, "PEM_read_bio_X509"))
+		|| !(p_X509_STORE_add_cert = (_X509_STORE_add_cert)GetProcAddress(g_hOpenSSLCommon, "X509_STORE_add_cert")))
 	{
 		if(g_hOpenSSL)
 			FreeLibrary(g_hOpenSSL);
@@ -163,6 +183,7 @@ BOOL LoadOpenSSL()
 	return TRUE;
 }
 
+// OpenSSLを解放
 void FreeOpenSSL()
 {
 	int i;
@@ -190,6 +211,7 @@ void FreeOpenSSL()
 	g_bOpenSSLLoaded = FALSE;
 }
 
+// OpenSSLが使用可能かどうか確認
 BOOL IsOpenSSLLoaded()
 {
 	return g_bOpenSSLLoaded;
@@ -220,7 +242,7 @@ SSL** FindSSLPointerFromSocket(SOCKET s)
 	return NULL;
 }
 
-BOOL ConfirmSSLCertificate(SSL* pSSL)
+BOOL ConfirmSSLCertificate(SSL* pSSL, BOOL* pbAborted)
 {
 	BOOL bResult;
 	BOOL bVerified;
@@ -266,7 +288,7 @@ BOOL ConfirmSSLCertificate(SSL* pSSL)
 		}
 		p_X509_free(pX509);
 	}
-	if(p_SSL_get_verify_result(pSSL) == X509_V_OK)
+	if(pX509 && p_SSL_get_verify_result(pSSL) == X509_V_OK)
 		bVerified = TRUE;
 	pCN = pSubject;
 	while(pCN)
@@ -281,7 +303,7 @@ BOOL ConfirmSSLCertificate(SSL* pSSL)
 		if(pCN = strchr(pCN, ','))
 			pCN++;
 	}
-	bResult = g_pOpenSSLConfirmCallback(bVerified, pData, pCN);
+	bResult = g_pOpenSSLConfirmCallback(pbAborted, bVerified, pData, pCN);
 	if(pData)
 		free(pData);
 	if(pSubject)
@@ -308,23 +330,103 @@ void SetSSLConfirmCallback(LPSSLCONFIRMCALLBACK pCallback)
 	LeaveCriticalSection(&g_OpenSSLLock);
 }
 
+// SSLルート証明書を設定
+// PEM形式のみ指定可能
+BOOL SetSSLRootCertificate(const void* pData, DWORD Length)
+{
+	BOOL r;
+	X509_STORE* pStore;
+	BYTE* p;
+	BYTE* pBegin;
+	BYTE* pEnd;
+	BIO* pBIO;
+	X509* pX509;
+	if(!g_bOpenSSLLoaded)
+		return FALSE;
+	r = FALSE;
+	EnterCriticalSection(&g_OpenSSLLock);
+	if(!g_pOpenSSLCTX)
+		g_pOpenSSLCTX = p_SSL_CTX_new(p_SSLv23_method());
+	if(g_pOpenSSLCTX)
+	{
+		if(pStore = p_SSL_CTX_get_cert_store(g_pOpenSSLCTX))
+		{
+			p = (BYTE*)pData;
+			pBegin = NULL;
+			pEnd = NULL;
+			while(Length > 0)
+			{
+				if(!pBegin)
+				{
+					if(Length < 27)
+						break;
+					if(memcmp(p, "-----BEGIN CERTIFICATE-----", 27) == 0)
+						pBegin = p;
+				}
+				else if(!pEnd)
+				{
+					if(Length < 25)
+						break;
+					if(memcmp(p, "-----END CERTIFICATE-----", 25) == 0)
+						pEnd = p + 25;
+				}
+				if(pBegin && pEnd)
+				{
+					if(pBIO = p_BIO_new_mem_buf(pBegin, (int)((size_t)pEnd - (size_t)pBegin)))
+					{
+						if(pX509 = p_PEM_read_bio_X509(pBIO, NULL, NULL, NULL))
+						{
+							if(p_X509_STORE_add_cert(pStore, pX509) == 1)
+								r = TRUE;
+							p_X509_free(pX509);
+						}
+						p_BIO_free(pBIO);
+					}
+					pBegin = NULL;
+					pEnd = NULL;
+				}
+				p++;
+				Length--;
+			}
+		}
+	}
+	LeaveCriticalSection(&g_OpenSSLLock);
+	return r;
+}
+
+// ワイルドカードの比較
+// 主にSSL証明書のCN確認用
 BOOL IsHostNameMatched(LPCSTR HostName, LPCSTR CommonName)
 {
 	BOOL bResult;
-	char* pAsterisk;
+	const char* pAsterisk;
+	size_t BeforeAsterisk;
+	const char* pBeginAsterisk;
+	const char* pEndAsterisk;
+	const char* pDot;
 	bResult = FALSE;
 	if(HostName && CommonName)
 	{
 		if(pAsterisk = strchr(CommonName, '*'))
 		{
-			if(_strnicmp(HostName, CommonName, ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char)) == 0)
+			BeforeAsterisk = ((size_t)pAsterisk - (size_t)CommonName) / sizeof(char);
+			pBeginAsterisk = HostName + BeforeAsterisk;
+			while(*pAsterisk == '*')
 			{
-				while(*pAsterisk == '*')
+				pAsterisk++;
+			}
+			pEndAsterisk = HostName + strlen(HostName) - strlen(pAsterisk);
+			// "*"より前は大文字小文字を無視して完全一致
+			if(_strnicmp(HostName, CommonName, BeforeAsterisk) == 0)
+			{
+				// "*"より後は大文字小文字を無視して完全一致
+				if(_stricmp(pEndAsterisk, pAsterisk) == 0)
 				{
-					pAsterisk++;
+					// "*"と一致する範囲に"."が含まれてはならない
+					pDot = strchr(pBeginAsterisk, '.');
+					if(!pDot || pDot >= pEndAsterisk)
+						bResult = TRUE;
 				}
-				if(_stricmp(HostName + strlen(HostName) - strlen(pAsterisk), pAsterisk) == 0)
-					bResult = TRUE;
 			}
 		}
 		else if(_stricmp(HostName, CommonName) == 0)
@@ -333,13 +435,16 @@ BOOL IsHostNameMatched(LPCSTR HostName, LPCSTR CommonName)
 	return bResult;
 }
 
-BOOL AttachSSL(SOCKET s, SOCKET parent)
+// SSLセッションを開始
+BOOL AttachSSL(SOCKET s, SOCKET parent, BOOL* pbAborted)
 {
 	BOOL r;
 	DWORD Time;
 	SSL** ppSSL;
 	SSL** ppSSLParent;
 	SSL_SESSION* pSession;
+	int Return;
+	int Error;
 	if(!g_bOpenSSLLoaded)
 		return FALSE;
 	r = FALSE;
@@ -369,25 +474,40 @@ BOOL AttachSSL(SOCKET s, SOCKET parent)
 					}
 					// SSLのネゴシエーションには時間がかかる場合がある
 					r = TRUE;
-					while(p_SSL_connect(*ppSSL) != 1)
+					while(r)
 					{
-						LeaveCriticalSection(&g_OpenSSLLock);
-						if(g_pOpenSSLTimeoutCallback() || (g_OpenSSLTimeout > 0 && timeGetTime() - Time >= g_OpenSSLTimeout))
+						Return = p_SSL_connect(*ppSSL);
+						if(Return == 1)
+							break;
+						Error = p_SSL_get_error(*ppSSL, Return);
+						if(Error == SSL_ERROR_WANT_READ || Error == SSL_ERROR_WANT_WRITE)
 						{
-							DetachSSL(s);
-							r = FALSE;
+							LeaveCriticalSection(&g_OpenSSLLock);
+							if(g_pOpenSSLTimeoutCallback(pbAborted) || (g_OpenSSLTimeout > 0 && timeGetTime() - Time >= g_OpenSSLTimeout))
+								r = FALSE;
 							EnterCriticalSection(&g_OpenSSLLock);
-							break;
 						}
-						EnterCriticalSection(&g_OpenSSLLock);
+						else
+							r = FALSE;
 					}
-					if(ConfirmSSLCertificate(*ppSSL))
+					if(r)
 					{
+						if(ConfirmSSLCertificate(*ppSSL, pbAborted))
+						{
+						}
+						else
+						{
+							LeaveCriticalSection(&g_OpenSSLLock);
+							DetachSSL(s);
+							r = FALSE;
+							EnterCriticalSection(&g_OpenSSLLock);
+						}
 					}
 					else
 					{
+						LeaveCriticalSection(&g_OpenSSLLock);
 						DetachSSL(s);
-						r = FALSE;
+						EnterCriticalSection(&g_OpenSSLLock);
 					}
 				}
 				else
@@ -403,6 +523,7 @@ BOOL AttachSSL(SOCKET s, SOCKET parent)
 	return r;
 }
 
+// SSLセッションを終了
 BOOL DetachSSL(SOCKET s)
 {
 	BOOL r;
@@ -422,6 +543,8 @@ BOOL DetachSSL(SOCKET s)
 	return r;
 }
 
+// SSLとしてマークされているか確認
+// マークされていればTRUEを返す
 BOOL IsSSLAttached(SOCKET s)
 {
 	SSL** ppSSL;
@@ -431,30 +554,34 @@ BOOL IsSSLAttached(SOCKET s)
 	ppSSL = FindSSLPointerFromSocket(s);
 	LeaveCriticalSection(&g_OpenSSLLock);
 	if(!ppSSL)
-		return TRUE;
+		return FALSE;
 	return TRUE;
 }
 
-SOCKET socketS(int af, int type, int protocol)
+SOCKET FTPS_socket(int af, int type, int protocol)
 {
 	return socket(af, type, protocol);
 }
 
-int bindS(SOCKET s, const struct sockaddr *addr, int namelen)
+int FTPS_bind(SOCKET s, const struct sockaddr *addr, int namelen)
 {
 	return bind(s, addr, namelen);
 }
 
-int listenS(SOCKET s, int backlog)
+int FTPS_listen(SOCKET s, int backlog)
 {
 	return listen(s, backlog);
 }
 
-SOCKET acceptS(SOCKET s, struct sockaddr *addr, int *addrlen)
+// accept相当の関数
+// ただし初めからSSLのネゴシエーションを行う
+SOCKET FTPS_accept(SOCKET s, struct sockaddr *addr, int *addrlen)
 {
 	SOCKET r;
+	BOOL bAborted;
 	r = accept(s, addr, addrlen);
-	if(!AttachSSL(r, INVALID_SOCKET))
+	bAborted = FALSE;
+	if(!AttachSSL(r, INVALID_SOCKET, &bAborted))
 	{
 		closesocket(r);
 		return INVALID_SOCKET;
@@ -462,22 +589,28 @@ SOCKET acceptS(SOCKET s, struct sockaddr *addr, int *addrlen)
 	return r;
 }
 
-int connectS(SOCKET s, const struct sockaddr *name, int namelen)
+// connect相当の関数
+// ただし初めからSSLのネゴシエーションを行う
+int FTPS_connect(SOCKET s, const struct sockaddr *name, int namelen)
 {
 	int r;
+	BOOL bAborted;
 	r = connect(s, name, namelen);
-	if(!AttachSSL(r, INVALID_SOCKET))
+	bAborted = FALSE;
+	if(!AttachSSL(r, INVALID_SOCKET, &bAborted))
 		return SOCKET_ERROR;
 	return r;
 }
 
-int closesocketS(SOCKET s)
+// closesocket相当の関数
+int FTPS_closesocket(SOCKET s)
 {
 	DetachSSL(s);
 	return closesocket(s);
 }
 
-int sendS(SOCKET s, const char * buf, int len, int flags)
+// send相当の関数
+int FTPS_send(SOCKET s, const char * buf, int len, int flags)
 {
 	SSL** ppSSL;
 	if(!g_bOpenSSLLoaded)
@@ -490,7 +623,8 @@ int sendS(SOCKET s, const char * buf, int len, int flags)
 	return p_SSL_write(*ppSSL, buf, len);
 }
 
-int recvS(SOCKET s, char * buf, int len, int flags)
+// recv相当の関数
+int FTPS_recv(SOCKET s, char * buf, int len, int flags)
 {
 	SSL** ppSSL;
 	if(!g_bOpenSSLLoaded)
@@ -505,3 +639,707 @@ int recvS(SOCKET s, char * buf, int len, int flags)
 	return p_SSL_read(*ppSSL, buf, len);
 }
 
+// IPv6対応
+
+const struct in6_addr IN6ADDR_NONE = {{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}};
+
+typedef struct
+{
+	HANDLE h;
+	HWND hWnd;
+	u_int wMsg;
+	char * name;
+	char * buf;
+	int buflen;
+	short Family;
+} GETHOSTBYNAMEDATA;
+
+DWORD WINAPI WSAAsyncGetHostByNameIPv6ThreadProc(LPVOID lpParameter)
+{
+	GETHOSTBYNAMEDATA* pData;
+	struct hostent* pHost;
+	struct addrinfo* pAddr;
+	struct addrinfo* p;
+	pHost = NULL;
+	pData = (GETHOSTBYNAMEDATA*)lpParameter;
+	if(getaddrinfo(pData->name, NULL, NULL, &pAddr) == 0)
+	{
+		p = pAddr;
+		while(p)
+		{
+			if(p->ai_family == pData->Family)
+			{
+				switch(p->ai_family)
+				{
+				case AF_INET:
+					pHost = (struct hostent*)pData->buf;
+					if((size_t)pData->buflen >= sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in_addr)
+						&& p->ai_addrlen >= sizeof(struct sockaddr_in))
+					{
+						pHost->h_name = NULL;
+						pHost->h_aliases = NULL;
+						pHost->h_addrtype = p->ai_family;
+						pHost->h_length = sizeof(struct in_addr);
+						pHost->h_addr_list = (char**)(&pHost[1]);
+						pHost->h_addr_list[0] = (char*)(&pHost->h_addr_list[2]);
+						pHost->h_addr_list[1] = NULL;
+						memcpy(pHost->h_addr_list[0], &((struct sockaddr_in*)p->ai_addr)->sin_addr, sizeof(struct in_addr));
+						PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in_addr)));
+					}
+					else
+						PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(WSAENOBUFS << 16));
+					break;
+				case AF_INET6:
+					pHost = (struct hostent*)pData->buf;
+					if((size_t)pData->buflen >= sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in6_addr)
+						&& p->ai_addrlen >= sizeof(struct sockaddr_in6))
+					{
+						pHost->h_name = NULL;
+						pHost->h_aliases = NULL;
+						pHost->h_addrtype = p->ai_family;
+						pHost->h_length = sizeof(struct in6_addr);
+						pHost->h_addr_list = (char**)(&pHost[1]);
+						pHost->h_addr_list[0] = (char*)(&pHost->h_addr_list[2]);
+						pHost->h_addr_list[1] = NULL;
+						memcpy(pHost->h_addr_list[0], &((struct sockaddr_in6*)p->ai_addr)->sin6_addr, sizeof(struct in6_addr));
+						PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(sizeof(struct hostent) + sizeof(char*) * 2 + sizeof(struct in6_addr)));
+					}
+					else
+						PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(WSAENOBUFS << 16));
+					break;
+				}
+			}
+			if(pHost)
+				break;
+			p = p->ai_next;
+		}
+		if(!p)
+			PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(ERROR_INVALID_FUNCTION << 16));
+		freeaddrinfo(pAddr);
+	}
+	else
+		PostMessage(pData->hWnd, pData->wMsg, (WPARAM)pData->h, (LPARAM)(ERROR_INVALID_FUNCTION << 16));
+	// CreateThreadが返すハンドルが重複するのを回避
+	Sleep(10000);
+	CloseHandle(pData->h);
+	free(pData->name);
+	free(pData);
+	return 0;
+}
+
+// IPv6対応のWSAAsyncGetHostByName相当の関数
+// FamilyにはAF_INETまたはAF_INET6を指定可能
+// ただしANSI用
+HANDLE WSAAsyncGetHostByNameIPv6(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen, short Family)
+{
+	HANDLE hResult;
+	GETHOSTBYNAMEDATA* pData;
+	hResult = NULL;
+	if(pData = malloc(sizeof(GETHOSTBYNAMEDATA)))
+	{
+		pData->hWnd = hWnd;
+		pData->wMsg = wMsg;
+		if(pData->name = malloc(sizeof(char) * (strlen(name) + 1)))
+		{
+			strcpy(pData->name, name);
+			pData->buf = buf;
+			pData->buflen = buflen;
+			pData->Family = Family;
+			if(pData->h = CreateThread(NULL, 0, WSAAsyncGetHostByNameIPv6ThreadProc, pData, CREATE_SUSPENDED, NULL))
+			{
+				ResumeThread(pData->h);
+				hResult = pData->h;
+			}
+		}
+	}
+	if(!hResult)
+	{
+		if(pData)
+		{
+			if(pData->name)
+				free(pData->name);
+			free(pData);
+		}
+	}
+	return hResult;
+}
+
+// WSAAsyncGetHostByNameIPv6用のWSACancelAsyncRequest相当の関数
+int WSACancelAsyncRequestIPv6(HANDLE hAsyncTaskHandle)
+{
+	int Result;
+	Result = SOCKET_ERROR;
+	if(TerminateThread(hAsyncTaskHandle, 0))
+	{
+		CloseHandle(hAsyncTaskHandle);
+		Result = 0;
+	}
+	return Result;
+}
+
+char* AddressToStringIPv6(char* str, void* in6)
+{
+	char* pResult;
+	unsigned char* p;
+	int MaxZero;
+	int MaxZeroLen;
+	int i;
+	int j;
+	char Tmp[5];
+	pResult = str;
+	p = (unsigned char*)in6;
+	MaxZero = 8;
+	MaxZeroLen = 1;
+	for(i = 0; i < 8; i++)
+	{
+		for(j = i; j < 8; j++)
+		{
+			if(p[j * 2] != 0 || p[j * 2 + 1] != 0)
+				break;
+		}
+		if(j - i > MaxZeroLen)
+		{
+			MaxZero = i;
+			MaxZeroLen = j - i;
+		}
+	}
+	strcpy(str, "");
+	for(i = 0; i < 8; i++)
+	{
+		if(i == MaxZero)
+		{
+			if(i == 0)
+				strcat(str, ":");
+			strcat(str, ":");
+		}
+		else if(i < MaxZero || i >= MaxZero + MaxZeroLen)
+		{
+			sprintf(Tmp, "%x", (((int)p[i * 2] & 0xff) << 8) | ((int)p[i * 2 + 1] & 0xff));
+			strcat(str, Tmp);
+			if(i < 7)
+				strcat(str, ":");
+		}
+	}
+	return pResult;
+}
+
+// IPv6対応のinet_ntoa相当の関数
+// ただしANSI用
+char* inet6_ntoa(struct in6_addr in6)
+{
+	char* pResult;
+	static char Adrs[40];
+	pResult = NULL;
+	memset(Adrs, 0, sizeof(Adrs));
+	pResult = AddressToStringIPv6(Adrs, &in6);
+	return pResult;
+}
+
+// IPv6対応のinet_addr相当の関数
+// ただしANSI用
+struct in6_addr inet6_addr(const char* cp)
+{
+	struct in6_addr Result;
+	int AfterZero;
+	int i;
+	char* p;
+	memset(&Result, 0, sizeof(Result));
+	AfterZero = 0;
+	for(i = 0; i < 8; i++)
+	{
+		if(!cp)
+		{
+			memcpy(&Result, &IN6ADDR_NONE, sizeof(struct in6_addr));
+			break;
+		}
+		if(i >= AfterZero)
+		{
+			if(strncmp(cp, ":", 1) == 0)
+			{
+				cp = cp + 1;
+				if(i == 0 && strncmp(cp, ":", 1) == 0)
+					cp = cp + 1;
+				p = (char*)cp;
+				AfterZero = 7;
+				while(p = strstr(p, ":"))
+				{
+					p = p + 1;
+					AfterZero--;
+				}
+			}
+			else
+			{
+				Result.u.Word[i] = (USHORT)strtol(cp, &p, 16);
+				Result.u.Word[i] = ((Result.u.Word[i] & 0xff00) >> 8) | ((Result.u.Word[i] & 0x00ff) << 8);
+				if(strncmp(p, ":", 1) != 0 && strlen(p) > 0)
+				{
+					memcpy(&Result, &IN6ADDR_NONE, sizeof(struct in6_addr));
+					break;
+				}
+				if(cp = strstr(cp, ":"))
+					cp = cp + 1;
+			}
+		}
+	}
+	return Result;
+}
+
+BOOL ConvertDomainNameToPunycode(LPSTR Output, DWORD Count, LPCSTR Input)
+{
+	BOOL bResult;
+	punycode_uint* pUnicode;
+	punycode_uint* p;
+	BOOL bNeeded;
+	LPCSTR InputString;
+	punycode_uint Length;
+	punycode_uint OutputLength;
+	bResult = FALSE;
+	if(pUnicode = malloc(sizeof(punycode_uint) * strlen(Input)))
+	{
+		p = pUnicode;
+		bNeeded = FALSE;
+		InputString = Input;
+		Length = 0;
+		while(*InputString != '\0')
+		{
+			*p = (punycode_uint)GetNextCharM(InputString, &InputString);
+			if(*p >= 0x80)
+				bNeeded = TRUE;
+			p++;
+			Length++;
+		}
+		if(bNeeded)
+		{
+			if(Count >= strlen("xn--") + 1)
+			{
+				strcpy(Output, "xn--");
+				OutputLength = Count - strlen("xn--");
+				if(punycode_encode(Length, pUnicode, NULL, (punycode_uint*)&OutputLength, Output + strlen("xn--")) == punycode_success)
+				{
+					Output[strlen("xn--") + OutputLength] = '\0';
+					bResult = TRUE;
+				}
+			}
+		}
+		free(pUnicode);
+	}
+	if(!bResult)
+	{
+		if(Count >= strlen(Input) + 1)
+		{
+			strcpy(Output, Input);
+			bResult = TRUE;
+		}
+	}
+	return bResult;
+}
+
+BOOL ConvertNameToPunycode(LPSTR Output, LPCSTR Input)
+{
+	BOOL bResult;
+	DWORD Length;
+	char* pm0;
+	char* pm1;
+	char* p;
+	char* pNext;
+	bResult = FALSE;
+	Length = strlen(Input);
+	if(pm0 = AllocateStringM(Length + 1))
+	{
+		if(pm1 = AllocateStringM(Length * 4 + 1))
+		{
+			strcpy(pm0, Input);
+			p = pm0;
+			while(p)
+			{
+				if(pNext = strchr(p, '.'))
+				{
+					*pNext = '\0';
+					pNext++;
+				}
+				if(ConvertDomainNameToPunycode(pm1, Length * 4, p))
+					strcat(Output, pm1);
+				if(pNext)
+					strcat(Output, ".");
+				p = pNext;
+			}
+			bResult = TRUE;
+			FreeDuplicatedString(pm1);
+		}
+		FreeDuplicatedString(pm0);
+	}
+	return bResult;
+}
+
+HANDLE WSAAsyncGetHostByNameM(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen)
+{
+	HANDLE r = NULL;
+	char* pa0 = NULL;
+	if(pa0 = AllocateStringA(strlen(name) * 4))
+	{
+		if(ConvertNameToPunycode(pa0, name))
+			r = WSAAsyncGetHostByName(hWnd, wMsg, pa0, buf, buflen);
+	}
+	FreeDuplicatedString(pa0);
+	return r;
+}
+
+HANDLE WSAAsyncGetHostByNameIPv6M(HWND hWnd, u_int wMsg, const char * name, char * buf, int buflen, short Family)
+{
+	HANDLE r = NULL;
+	char* pa0 = NULL;
+	if(pa0 = AllocateStringA(strlen(name) * 4))
+	{
+		if(ConvertNameToPunycode(pa0, name))
+			r = WSAAsyncGetHostByNameIPv6(hWnd, wMsg, pa0, buf, buflen, Family);
+	}
+	FreeDuplicatedString(pa0);
+	return r;
+}
+
+// SFTP対応
+
+typedef void* (__cdecl* _SFTP_Create)();
+typedef void (__cdecl* _SFTP_Destroy)(void*);
+typedef BOOL (__cdecl* _SFTP_IsExited)(void*);
+typedef BOOL (__cdecl* _SFTP_SetTimeoutCallback)(void*, void*);
+typedef size_t (__cdecl* _SFTP_PeekStdOut)(void*, void*, size_t);
+typedef size_t (__cdecl* _SFTP_ReadStdOut)(void*, void*, size_t);
+typedef size_t (__cdecl* _SFTP_WriteStdIn)(void*, const void*, size_t);
+typedef size_t (__cdecl* _SFTP_PeekDataOut)(void*, void*, size_t);
+typedef size_t (__cdecl* _SFTP_ReadDataOut)(void*, void*, size_t);
+typedef size_t (__cdecl* _SFTP_WriteDataIn)(void*, const void*, size_t);
+typedef BOOL (__cdecl* _SFTP_SetFilePosition)(void*, LONGLONG);
+
+_SFTP_Create p_SFTP_Create;
+_SFTP_Destroy p_SFTP_Destroy;
+_SFTP_IsExited p_SFTP_IsExited;
+_SFTP_SetTimeoutCallback p_SFTP_SetTimeoutCallback;
+_SFTP_PeekStdOut p_SFTP_PeekStdOut;
+_SFTP_ReadStdOut p_SFTP_ReadStdOut;
+_SFTP_WriteStdIn p_SFTP_WriteStdIn;
+_SFTP_PeekDataOut p_SFTP_PeekDataOut;
+_SFTP_ReadDataOut p_SFTP_ReadDataOut;
+_SFTP_WriteDataIn p_SFTP_WriteDataIn;
+_SFTP_SetFilePosition p_SFTP_SetFilePosition;
+
+typedef struct
+{
+	SOCKET Control;
+	SOCKET Data;
+	void* Handle;
+	char Host[1024];
+	int Port;
+	char User[1024];
+	char Password[1024];
+} SFTPDATA;
+
+#define MAX_SFTP_SOCKET 16
+
+BOOL g_bPuTTYLoaded;
+HMODULE g_hPuTTY;
+CRITICAL_SECTION g_PuTTYLock;
+SFTPDATA g_SFTPData[MAX_SFTP_SOCKET];
+
+// PuTTYを初期化
+BOOL LoadPuTTY()
+{
+	int i;
+	if(g_bPuTTYLoaded)
+		return FALSE;
+#ifdef ENABLE_PROCESS_PROTECTION
+	// ビルドしたputty.dllに合わせてSHA1ハッシュ値を変更すること
+	RegisterTrustedModuleSHA1Hash("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00");
+#endif
+	// デバッグ用
+#ifdef _DEBUG
+	{
+		char Path[MAX_PATH];
+		GetModuleFileName(NULL, Path, MAX_PATH);
+		strcpy(strrchr(Path, '\\'), "\\..\\putty\\Debug\\PuTTY.dll");
+		g_hPuTTY = LoadLibrary(Path);
+	}
+#else
+	g_hPuTTY = LoadLibrary("putty.dll");
+#endif
+	if(!g_hPuTTY
+		|| !(p_SFTP_Create = (_SFTP_Create)GetProcAddress(g_hPuTTY, "SFTP_Create"))
+		|| !(p_SFTP_Destroy = (_SFTP_Destroy)GetProcAddress(g_hPuTTY, "SFTP_Destroy"))
+		|| !(p_SFTP_IsExited = (_SFTP_IsExited)GetProcAddress(g_hPuTTY, "SFTP_IsExited"))
+		|| !(p_SFTP_SetTimeoutCallback = (_SFTP_SetTimeoutCallback)GetProcAddress(g_hPuTTY, "SFTP_SetTimeoutCallback"))
+		|| !(p_SFTP_PeekStdOut = (_SFTP_PeekStdOut)GetProcAddress(g_hPuTTY, "SFTP_PeekStdOut"))
+		|| !(p_SFTP_ReadStdOut = (_SFTP_ReadStdOut)GetProcAddress(g_hPuTTY, "SFTP_ReadStdOut"))
+		|| !(p_SFTP_WriteStdIn = (_SFTP_WriteStdIn)GetProcAddress(g_hPuTTY, "SFTP_WriteStdIn"))
+		|| !(p_SFTP_PeekDataOut = (_SFTP_PeekDataOut)GetProcAddress(g_hPuTTY, "SFTP_PeekDataOut"))
+		|| !(p_SFTP_ReadDataOut = (_SFTP_ReadDataOut)GetProcAddress(g_hPuTTY, "SFTP_ReadDataOut"))
+		|| !(p_SFTP_WriteDataIn = (_SFTP_WriteDataIn)GetProcAddress(g_hPuTTY, "SFTP_WriteDataIn"))
+		|| !(p_SFTP_SetFilePosition = (_SFTP_SetFilePosition)GetProcAddress(g_hPuTTY, "SFTP_SetFilePosition")))
+	{
+		if(g_hPuTTY)
+			FreeLibrary(g_hPuTTY);
+		g_hPuTTY = NULL;
+		return FALSE;
+	}
+	for(i = 0; i < MAX_SFTP_SOCKET; i++)
+	{
+		g_SFTPData[i].Control = INVALID_SOCKET;
+		g_SFTPData[i].Data = INVALID_SOCKET;
+	}
+	InitializeCriticalSection(&g_PuTTYLock);
+	g_bPuTTYLoaded = TRUE;
+	return TRUE;
+}
+
+// PuTTYを解放
+void FreePuTTY()
+{
+	int i;
+	if(!g_bPuTTYLoaded)
+		return;
+	EnterCriticalSection(&g_PuTTYLock);
+	for(i = 0; i < MAX_SFTP_SOCKET; i++)
+	{
+		if(g_SFTPData[i].Control != INVALID_SOCKET)
+		{
+			closesocket(g_SFTPData[i].Control);
+			g_SFTPData[i].Control = INVALID_SOCKET;
+			p_SFTP_Destroy(g_SFTPData[i].Handle);
+		}
+		if(g_SFTPData[i].Data != INVALID_SOCKET)
+		{
+			closesocket(g_SFTPData[i].Data);
+			g_SFTPData[i].Data = INVALID_SOCKET;
+		}
+	}
+	FreeLibrary(g_hPuTTY);
+	g_hPuTTY = NULL;
+	LeaveCriticalSection(&g_PuTTYLock);
+	DeleteCriticalSection(&g_PuTTYLock);
+	g_bPuTTYLoaded = FALSE;
+}
+
+// PuTTYが使用可能かどうか確認
+BOOL IsPuTTYLoaded()
+{
+	return g_bPuTTYLoaded;
+}
+
+SFTPDATA* GetUnusedSFTPData()
+{
+	int i;
+	for(i = 0; i < MAX_SFTP_SOCKET; i++)
+	{
+		if(g_SFTPData[i].Control == INVALID_SOCKET)
+		{
+			memset(&g_SFTPData[i], 0, sizeof(SFTPDATA));
+			return &g_SFTPData[i];
+		}
+	}
+	return NULL;
+}
+
+SFTPDATA* FindSFTPDataFromSocket(SOCKET s)
+{
+	int i;
+	for(i = 0; i < MAX_SFTP_SOCKET; i++)
+	{
+		if(g_SFTPData[i].Control == s || g_SFTPData[i].Data == s)
+			return &g_SFTPData[i];
+	}
+	return NULL;
+}
+
+// SFTPとしてマークされているか確認
+// マークされていればTRUEを返す
+BOOL IsSFTPAttached(SOCKET s)
+{
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return FALSE;
+	EnterCriticalSection(&g_PuTTYLock);
+	pSFTPData = FindSFTPDataFromSocket(s);
+	LeaveCriticalSection(&g_PuTTYLock);
+	if(!pSFTPData)
+		return FALSE;
+	return TRUE;
+}
+
+// コントロール用の仮想的なソケットを取得
+// 識別子としてダミーのソケットを返す
+SOCKET SFTP_socket(int af, int type, int protocol)
+{
+	SOCKET r;
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return INVALID_SOCKET;
+	r = INVALID_SOCKET;
+	EnterCriticalSection(&g_PuTTYLock);
+	if(pSFTPData = GetUnusedSFTPData())
+	{
+		r = socket(af, type, protocol);
+		pSFTPData->Control = r;
+		pSFTPData->Data = INVALID_SOCKET;
+		pSFTPData->Handle = p_SFTP_Create();
+	}
+	LeaveCriticalSection(&g_PuTTYLock);
+	return r;
+}
+
+int SFTP_bind(SOCKET s, const struct sockaddr *addr, int namelen)
+{
+	return SOCKET_ERROR;
+}
+
+int SFTP_listen(SOCKET s, int backlog)
+{
+	return SOCKET_ERROR;
+}
+
+// accept相当の関数
+SOCKET SFTP_accept(SOCKET s, struct sockaddr *addr, int *addrlen)
+{
+	return INVALID_SOCKET;
+}
+
+// connect相当の関数
+int SFTP_connect(SOCKET s, const struct sockaddr *name, int namelen)
+{
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return SOCKET_ERROR;
+	EnterCriticalSection(&g_PuTTYLock);
+	pSFTPData = FindSFTPDataFromSocket(s);
+	LeaveCriticalSection(&g_PuTTYLock);
+	if(!pSFTPData)
+		return SOCKET_ERROR;
+	if(namelen == sizeof(struct sockaddr_in))
+	{
+	}
+	else if(namelen == sizeof(struct sockaddr_in6))
+	{
+	}
+	else
+		return SOCKET_ERROR;
+	return 0;
+}
+
+// closesocket相当の関数
+int SFTP_closesocket(SOCKET s)
+{
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return SOCKET_ERROR;
+	EnterCriticalSection(&g_PuTTYLock);
+	if(pSFTPData = FindSFTPDataFromSocket(s))
+	{
+		if(pSFTPData->Control == s)
+		{
+			pSFTPData->Control = INVALID_SOCKET;
+			p_SFTP_Destroy(pSFTPData->Handle);
+		}
+		if(pSFTPData->Data == s)
+			pSFTPData->Data = INVALID_SOCKET;
+	}
+	LeaveCriticalSection(&g_PuTTYLock);
+	return closesocket(s);
+}
+
+// send相当の関数
+int SFTP_send(SOCKET s, const char * buf, int len, int flags)
+{
+	int r;
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return SOCKET_ERROR;
+	EnterCriticalSection(&g_PuTTYLock);
+	pSFTPData = FindSFTPDataFromSocket(s);
+	LeaveCriticalSection(&g_PuTTYLock);
+	if(!pSFTPData)
+		return SOCKET_ERROR;
+	if(p_SFTP_IsExited(pSFTPData->Handle))
+		return SOCKET_ERROR;
+	r = SOCKET_ERROR;
+	if(pSFTPData->Control == s)
+		r = (int)p_SFTP_WriteStdIn(pSFTPData->Handle, buf, len);
+	else if(pSFTPData->Data == s)
+		r = (int)p_SFTP_WriteDataIn(pSFTPData->Handle, buf, len);
+	return r;
+}
+
+// recv相当の関数
+int SFTP_recv(SOCKET s, char * buf, int len, int flags)
+{
+	int r;
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return SOCKET_ERROR;
+	EnterCriticalSection(&g_PuTTYLock);
+	pSFTPData = FindSFTPDataFromSocket(s);
+	LeaveCriticalSection(&g_PuTTYLock);
+	if(!pSFTPData)
+		return SOCKET_ERROR;
+	if(p_SFTP_IsExited(pSFTPData->Handle))
+		return SOCKET_ERROR;
+	r = SOCKET_ERROR;
+	if(pSFTPData->Control == s)
+	{
+		if(flags & MSG_PEEK)
+			r = (int)p_SFTP_PeekStdOut(pSFTPData->Handle, buf, len);
+		else
+			r = (int)p_SFTP_ReadStdOut(pSFTPData->Handle, buf, len);
+	}
+	else if(pSFTPData->Data == s)
+	{
+		if(flags & MSG_PEEK)
+			r = (int)p_SFTP_PeekDataOut(pSFTPData->Handle, buf, len);
+		else
+			r = (int)p_SFTP_ReadDataOut(pSFTPData->Handle, buf, len);
+	}
+	return r;
+}
+
+BOOL SFTP_SetTimeoutCallback(SOCKET s, void* pCallback)
+{
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return FALSE;
+	EnterCriticalSection(&g_PuTTYLock);
+	pSFTPData = FindSFTPDataFromSocket(s);
+	LeaveCriticalSection(&g_PuTTYLock);
+	if(!pSFTPData)
+		return FALSE;
+	return p_SFTP_SetTimeoutCallback(pSFTPData->Handle, pCallback);
+}
+
+// データ用の仮想的なソケットを取得
+// 識別子としてダミーのソケットを返す
+SOCKET SFTP_GetDataHandle(SOCKET s, int af, int type, int protocol)
+{
+	SOCKET r;
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return INVALID_SOCKET;
+	r = INVALID_SOCKET;
+	EnterCriticalSection(&g_PuTTYLock);
+	if(pSFTPData = FindSFTPDataFromSocket(s))
+	{
+		r = socket(af, type, protocol);
+		pSFTPData->Data = r;
+	}
+	LeaveCriticalSection(&g_PuTTYLock);
+	return r;
+}
+
+BOOL SFTP_SetFilePosition(SOCKET s, LONGLONG Position)
+{
+	SFTPDATA* pSFTPData;
+	if(!g_bPuTTYLoaded)
+		return FALSE;
+	EnterCriticalSection(&g_PuTTYLock);
+	pSFTPData = FindSFTPDataFromSocket(s);
+	LeaveCriticalSection(&g_PuTTYLock);
+	if(!pSFTPData)
+		return FALSE;
+	return p_SFTP_SetFilePosition(pSFTPData->Handle, Position);
+}
+