ReactOS  0.4.14-dev-604-gcfdd483
net.c
Go to the documentation of this file.
1 /*
2  * Copyright 2008 Hans Leidekker for CodeWeavers
3  * Copyright 2013 Jacek Caban for CodeWeavers
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18  */
19 
20 #include "config.h"
21 #define NONAMELESSUNION
22 #include "ws2tcpip.h"
23 #include <stdarg.h>
24 #include <stdio.h>
25 #include <assert.h>
26 
27 #include "windef.h"
28 #include "winbase.h"
29 #include "winhttp.h"
30 #include "schannel.h"
31 
32 #include "wine/debug.h"
33 #include "wine/library.h"
34 #include "winhttp_private.h"
35 
37 
38 static int sock_send(int fd, const void *msg, size_t len, int flags)
39 {
40  int ret;
41  do
42  {
43  if ((ret = send(fd, msg, len, flags)) == -1) WARN("send error %u\n", WSAGetLastError());
44  }
45  while(ret == -1 && WSAGetLastError() == WSAEINTR);
46  return ret;
47 }
48 
49 static int sock_recv(int fd, void *msg, size_t len, int flags)
50 {
51  int ret;
52  do
53  {
54  if ((ret = recv(fd, msg, len, flags)) == -1) WARN("recv error %u\n", WSAGetLastError());
55  }
56  while(ret == -1 && WSAGetLastError() == WSAEINTR);
57  return ret;
58 }
59 
60 static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, WCHAR *server, DWORD security_flags, BOOL check_revocation )
61 {
62  HCERTSTORE store = cert->hCertStore;
63  BOOL ret;
64  CERT_CHAIN_PARA chainPara = { sizeof(chainPara), { 0 } };
66  char oid_server_auth[] = szOID_PKIX_KP_SERVER_AUTH;
67  char *server_auth[] = { oid_server_auth };
69 
70  TRACE("verifying %s\n", debugstr_w( server ));
72  chainPara.RequestedUsage.Usage.rgpszUsageIdentifier = server_auth;
73  ret = CertGetCertificateChain( NULL, cert, NULL, store, &chainPara,
75  NULL, &chain );
76  if (ret)
77  {
78  if (chain->TrustStatus.dwErrorStatus)
79  {
80  static const DWORD supportedErrors =
84 
85  if (chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_TIME_VALID)
86  {
87  if (!(security_flags & SECURITY_FLAG_IGNORE_CERT_DATE_INVALID))
89  }
90  else if (chain->TrustStatus.dwErrorStatus &
92  {
93  if (!(security_flags & SECURITY_FLAG_IGNORE_UNKNOWN_CA))
95  }
96  else if ((chain->TrustStatus.dwErrorStatus &
98  (chain->TrustStatus.dwErrorStatus &
101  else if (chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_REVOKED)
103  else if (chain->TrustStatus.dwErrorStatus &
105  {
106  if (!(security_flags & SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE))
108  }
109  else if (chain->TrustStatus.dwErrorStatus & ~supportedErrors)
111  }
112  if (!err)
113  {
114  CERT_CHAIN_POLICY_PARA policyPara;
115  SSL_EXTRA_CERT_CHAIN_POLICY_PARA sslExtraPolicyPara;
116  CERT_CHAIN_POLICY_STATUS policyStatus;
117  CERT_CHAIN_CONTEXT chainCopy;
118 
119  /* Clear chain->TrustStatus.dwErrorStatus so
120  * CertVerifyCertificateChainPolicy will verify additional checks
121  * rather than stopping with an existing, ignored error.
122  */
123  memcpy(&chainCopy, chain, sizeof(chainCopy));
124  chainCopy.TrustStatus.dwErrorStatus = 0;
125  sslExtraPolicyPara.u.cbSize = sizeof(sslExtraPolicyPara);
126  sslExtraPolicyPara.dwAuthType = AUTHTYPE_SERVER;
127  sslExtraPolicyPara.pwszServerName = server;
128  sslExtraPolicyPara.fdwChecks = security_flags;
129  policyPara.cbSize = sizeof(policyPara);
130  policyPara.dwFlags = 0;
131  policyPara.pvExtraPolicyPara = &sslExtraPolicyPara;
133  &chainCopy, &policyPara,
134  &policyStatus );
135  /* Any error in the policy status indicates that the
136  * policy couldn't be verified.
137  */
138  if (ret && policyStatus.dwError)
139  {
140  if (policyStatus.dwError == CERT_E_CN_NO_MATCH)
142  else
144  }
145  }
147  }
148  else
150  TRACE("returning %08x\n", err);
151  return err;
152 }
153 
155 
156 void netconn_unload( void )
157 {
158  if (winsock_loaded) WSACleanup();
159 }
160 
161 static BOOL WINAPI winsock_startup( INIT_ONCE *once, void *param, void **ctx )
162 {
163  int ret;
164  WSADATA data;
165  if (!(ret = WSAStartup( MAKEWORD(1,1), &data ))) winsock_loaded = TRUE;
166  else ERR( "WSAStartup failed: %d\n", ret );
167  return TRUE;
168 }
169 
170 static void winsock_init(void)
171 {
172  static INIT_ONCE once = INIT_ONCE_STATIC_INIT;
174 }
175 
176 static void set_blocking( struct netconn *conn, BOOL blocking )
177 {
178  ULONG state = !blocking;
179  ioctlsocket( conn->socket, FIONBIO, &state );
180 }
181 
182 struct netconn *netconn_create( struct hostdata *host, const struct sockaddr_storage *sockaddr, int timeout )
183 {
184  struct netconn *conn;
185  unsigned int addr_len;
186  BOOL ret = FALSE;
187 
188  winsock_init();
189 
190  conn = heap_alloc_zero(sizeof(*conn));
191  if (!conn) return NULL;
192  conn->host = host;
193  conn->sockaddr = *sockaddr;
194  if ((conn->socket = socket( sockaddr->ss_family, SOCK_STREAM, 0 )) == -1)
195  {
196  WARN("unable to create socket (%u)\n", WSAGetLastError());
197  heap_free(conn);
198  return NULL;
199  }
200 
201  switch (conn->sockaddr.ss_family)
202  {
203  case AF_INET:
204  addr_len = sizeof(struct sockaddr_in);
205  break;
206  case AF_INET6:
207  addr_len = sizeof(struct sockaddr_in6);
208  break;
209  default:
210  assert(0);
211  }
212 
213  if (timeout > 0) set_blocking( conn, FALSE );
214 
215  if (!connect( conn->socket, (const struct sockaddr *)&conn->sockaddr, addr_len )) ret = TRUE;
216  else
217  {
219  if (err == WSAEWOULDBLOCK || err == WSAEINPROGRESS)
220  {
221  FD_SET set;
222  TIMEVAL timeval = { 0, timeout * 1000 };
223  int res;
224 
225  FD_ZERO( &set );
226  FD_SET( conn->socket, &set );
227  if ((res = select( conn->socket + 1, NULL, &set, NULL, &timeval )) > 0) ret = TRUE;
228  else if (!res) SetLastError( ERROR_WINHTTP_TIMEOUT );
229  }
230  }
231 
232  if (timeout > 0) set_blocking( conn, TRUE );
233 
234  if (!ret)
235  {
236  WARN("unable to connect to host (%u)\n", GetLastError());
237  closesocket( conn->socket );
238  heap_free( conn );
239  return NULL;
240  }
241  return conn;
242 }
243 
244 void netconn_close( struct netconn *conn )
245 {
246  if (conn->secure)
247  {
248  heap_free( conn->peek_msg_mem );
249  heap_free(conn->ssl_buf);
250  heap_free(conn->extra_buf);
252  }
253  closesocket( conn->socket );
254  release_host( conn->host );
255  heap_free(conn);
256 }
257 
259  BOOL check_revocation)
260 {
261  SecBuffer out_buf = {0, SECBUFFER_TOKEN, NULL}, in_bufs[2] = {{0, SECBUFFER_TOKEN}, {0, SECBUFFER_EMPTY}};
262  SecBufferDesc out_desc = {SECBUFFER_VERSION, 1, &out_buf}, in_desc = {SECBUFFER_VERSION, 2, in_bufs};
263  BYTE *read_buf;
264  SIZE_T read_buf_size = 2048;
265  ULONG attrs = 0;
266  CtxtHandle ctx;
267  SSIZE_T size;
268  const CERT_CONTEXT *cert;
271 
274 
275  read_buf = heap_alloc(read_buf_size);
276  if(!read_buf)
277  return FALSE;
278 
279  status = InitializeSecurityContextW(cred_handle, NULL, hostname, isc_req_flags, 0, 0, NULL, 0,
280  &ctx, &out_desc, &attrs, NULL);
281 
282  assert(status != SEC_E_OK);
283 
285  if(out_buf.cbBuffer) {
287 
288  TRACE("sending %u bytes\n", out_buf.cbBuffer);
289 
290  size = sock_send(conn->socket, out_buf.pvBuffer, out_buf.cbBuffer, 0);
291  if(size != out_buf.cbBuffer) {
292  ERR("send failed\n");
294  break;
295  }
296 
297  FreeContextBuffer(out_buf.pvBuffer);
298  out_buf.pvBuffer = NULL;
299  out_buf.cbBuffer = 0;
300  }
301 
303  assert(in_bufs[1].cbBuffer < read_buf_size);
304 
305  memmove(read_buf, (BYTE*)in_bufs[0].pvBuffer+in_bufs[0].cbBuffer-in_bufs[1].cbBuffer, in_bufs[1].cbBuffer);
306  in_bufs[0].cbBuffer = in_bufs[1].cbBuffer;
307 
308  in_bufs[1].BufferType = SECBUFFER_EMPTY;
309  in_bufs[1].cbBuffer = 0;
310  in_bufs[1].pvBuffer = NULL;
311  }
312 
313  assert(in_bufs[0].BufferType == SECBUFFER_TOKEN);
314  assert(in_bufs[1].BufferType == SECBUFFER_EMPTY);
315 
316  if(in_bufs[0].cbBuffer + 1024 > read_buf_size) {
317  BYTE *new_read_buf;
318 
319  new_read_buf = heap_realloc(read_buf, read_buf_size + 1024);
320  if(!new_read_buf) {
322  break;
323  }
324 
325  in_bufs[0].pvBuffer = read_buf = new_read_buf;
326  read_buf_size += 1024;
327  }
328 
329  size = sock_recv(conn->socket, read_buf+in_bufs[0].cbBuffer, read_buf_size-in_bufs[0].cbBuffer, 0);
330  if(size < 1) {
332  break;
333  }
334 
335  TRACE("recv %lu bytes\n", size);
336 
337  in_bufs[0].cbBuffer += size;
338  in_bufs[0].pvBuffer = read_buf;
339  status = InitializeSecurityContextW(cred_handle, &ctx, hostname, isc_req_flags, 0, 0, &in_desc,
340  0, NULL, &out_desc, &attrs, NULL);
341  TRACE("InitializeSecurityContext ret %08x\n", status);
342 
343  if(status == SEC_E_OK) {
344  if(in_bufs[1].BufferType == SECBUFFER_EXTRA)
345  FIXME("SECBUFFER_EXTRA not supported\n");
346 
348  if(status != SEC_E_OK) {
349  WARN("Could not get sizes\n");
350  break;
351  }
352 
354  if(status == SEC_E_OK) {
355  res = netconn_verify_cert(cert, hostname, security_flags, check_revocation);
357  if(res != ERROR_SUCCESS) {
358  WARN("cert verify failed: %u\n", res);
359  break;
360  }
361  }else {
362  WARN("Could not get cert\n");
363  break;
364  }
365 
367  if(!conn->ssl_buf) {
368  res = GetLastError();
369  break;
370  }
371  }
372  }
373 
375 
376  if(status != SEC_E_OK || res != ERROR_SUCCESS) {
377  WARN("Failed to initialize security context failed: %08x\n", status);
378  heap_free(conn->ssl_buf);
379  conn->ssl_buf = NULL;
380  DeleteSecurityContext(&ctx);
382  return FALSE;
383  }
384 
385 
386  TRACE("established SSL connection\n");
387  conn->secure = TRUE;
388  conn->ssl_ctx = ctx;
389  return TRUE;
390 }
391 
392 static BOOL send_ssl_chunk(struct netconn *conn, const void *msg, size_t size)
393 {
394  SecBuffer bufs[4] = {
396  {size, SECBUFFER_DATA, conn->ssl_buf+conn->ssl_sizes.cbHeader},
398  {0, SECBUFFER_EMPTY, NULL}
399  };
402 
403  memcpy(bufs[1].pvBuffer, msg, size);
404  res = EncryptMessage(&conn->ssl_ctx, 0, &buf_desc, 0);
405  if(res != SEC_E_OK) {
406  WARN("EncryptMessage failed\n");
407  return FALSE;
408  }
409 
410  if(sock_send(conn->socket, conn->ssl_buf, bufs[0].cbBuffer+bufs[1].cbBuffer+bufs[2].cbBuffer, 0) < 1) {
411  WARN("send failed\n");
412  return FALSE;
413  }
414 
415  return TRUE;
416 }
417 
418 BOOL netconn_send( struct netconn *conn, const void *msg, size_t len, int *sent )
419 {
420  if (conn->secure)
421  {
422  const BYTE *ptr = msg;
423  size_t chunk_size;
424 
425  *sent = 0;
426 
427  while(len) {
428  chunk_size = min(len, conn->ssl_sizes.cbMaximumMessage);
429  if(!send_ssl_chunk(conn, ptr, chunk_size))
430  return FALSE;
431 
432  *sent += chunk_size;
433  ptr += chunk_size;
434  len -= chunk_size;
435  }
436 
437  return TRUE;
438  }
439  return ((*sent = sock_send( conn->socket, msg, len, 0 )) != -1);
440 }
441 
442 static BOOL read_ssl_chunk(struct netconn *conn, void *buf, SIZE_T buf_size, SIZE_T *ret_size, BOOL *eof)
443 {
444  const SIZE_T ssl_buf_size = conn->ssl_sizes.cbHeader+conn->ssl_sizes.cbMaximumMessage+conn->ssl_sizes.cbTrailer;
445  SecBuffer bufs[4];
447  SSIZE_T size, buf_len;
448  unsigned int i;
450 
451  assert(conn->extra_len < ssl_buf_size);
452 
453  if(conn->extra_len) {
454  memcpy(conn->ssl_buf, conn->extra_buf, conn->extra_len);
455  buf_len = conn->extra_len;
456  conn->extra_len = 0;
457  heap_free(conn->extra_buf);
458  conn->extra_buf = NULL;
459  }else {
460  buf_len = sock_recv(conn->socket, conn->ssl_buf+conn->extra_len, ssl_buf_size-conn->extra_len, 0);
461  if(buf_len < 0)
462  return FALSE;
463 
464  if(!buf_len) {
465  *eof = TRUE;
466  return TRUE;
467  }
468  }
469 
470  *ret_size = 0;
471  *eof = FALSE;
472 
473  do {
474  memset(bufs, 0, sizeof(bufs));
475  bufs[0].BufferType = SECBUFFER_DATA;
476  bufs[0].cbBuffer = buf_len;
477  bufs[0].pvBuffer = conn->ssl_buf;
478 
479  res = DecryptMessage(&conn->ssl_ctx, &buf_desc, 0, NULL);
480  switch(res) {
481  case SEC_E_OK:
482  break;
484  TRACE("context expired\n");
485  *eof = TRUE;
486  return TRUE;
488  assert(buf_len < ssl_buf_size);
489 
490  size = sock_recv(conn->socket, conn->ssl_buf+buf_len, ssl_buf_size-buf_len, 0);
491  if(size < 1)
492  return FALSE;
493 
494  buf_len += size;
495  continue;
496  default:
497  WARN("failed: %08x\n", res);
498  return FALSE;
499  }
500  } while(res != SEC_E_OK);
501 
502  for(i = 0; i < ARRAY_SIZE(bufs); i++) {
503  if(bufs[i].BufferType == SECBUFFER_DATA) {
504  size = min(buf_size, bufs[i].cbBuffer);
505  memcpy(buf, bufs[i].pvBuffer, size);
506  if(size < bufs[i].cbBuffer) {
507  assert(!conn->peek_len);
508  conn->peek_msg_mem = conn->peek_msg = heap_alloc(bufs[i].cbBuffer - size);
509  if(!conn->peek_msg)
510  return FALSE;
511  conn->peek_len = bufs[i].cbBuffer-size;
512  memcpy(conn->peek_msg, (char*)bufs[i].pvBuffer+size, conn->peek_len);
513  }
514 
515  *ret_size = size;
516  }
517  }
518 
519  for(i = 0; i < ARRAY_SIZE(bufs); i++) {
520  if(bufs[i].BufferType == SECBUFFER_EXTRA) {
521  conn->extra_buf = heap_alloc(bufs[i].cbBuffer);
522  if(!conn->extra_buf)
523  return FALSE;
524 
525  conn->extra_len = bufs[i].cbBuffer;
526  memcpy(conn->extra_buf, bufs[i].pvBuffer, conn->extra_len);
527  }
528  }
529 
530  return TRUE;
531 }
532 
533 BOOL netconn_recv( struct netconn *conn, void *buf, size_t len, int flags, int *recvd )
534 {
535  *recvd = 0;
536  if (!len) return TRUE;
537 
538  if (conn->secure)
539  {
540  SIZE_T size, cread;
541  BOOL res, eof;
542 
543  if (conn->peek_msg)
544  {
545  *recvd = min( len, conn->peek_len );
546  memcpy( buf, conn->peek_msg, *recvd );
547  conn->peek_len -= *recvd;
548  conn->peek_msg += *recvd;
549 
550  if (conn->peek_len == 0)
551  {
552  heap_free( conn->peek_msg_mem );
553  conn->peek_msg_mem = NULL;
554  conn->peek_msg = NULL;
555  }
556  /* check if we have enough data from the peek buffer */
557  if (!(flags & MSG_WAITALL) || *recvd == len) return TRUE;
558  }
559  size = *recvd;
560 
561  do {
562  res = read_ssl_chunk(conn, (BYTE*)buf+size, len-size, &cread, &eof);
563  if(!res) {
564  WARN("read_ssl_chunk failed\n");
565  if(!size)
566  return FALSE;
567  break;
568  }
569 
570  if(eof) {
571  TRACE("EOF\n");
572  break;
573  }
574 
575  size += cread;
576  }while(!size || ((flags & MSG_WAITALL) && size < len));
577 
578  TRACE("received %ld bytes\n", size);
579  *recvd = size;
580  return TRUE;
581  }
582  return ((*recvd = sock_recv( conn->socket, buf, len, flags )) != -1);
583 }
584 
586 {
587  return conn->secure ? conn->peek_len : 0;
588 }
589 
591 {
592  int opt = send ? SO_SNDTIMEO : SO_RCVTIMEO;
593  if (setsockopt( netconn->socket, SOL_SOCKET, opt, (void *)&value, sizeof(value) ) == -1)
594  {
596  WARN("setsockopt failed (%u)\n", err );
597  return err;
598  }
599  return ERROR_SUCCESS;
600 }
601 
603 {
604  int len;
605  char b;
606  DWORD err;
607 
609  len = sock_recv( netconn->socket, &b, 1, MSG_PEEK );
610  err = WSAGetLastError();
612 
613  return len == 1 || (len == -1 && err == WSAEWOULDBLOCK);
614 }
615 
617 {
618  ADDRINFOW *res, hints;
619  int ret;
620 
621  memset( &hints, 0, sizeof(hints) );
622  /* Prefer IPv4 to IPv6 addresses, since some web servers do not listen on
623  * their IPv6 addresses even though they have IPv6 addresses in the DNS.
624  */
625  hints.ai_family = AF_INET;
626 
627  ret = GetAddrInfoW( name, NULL, &hints, &res );
628  if (ret != 0)
629  {
630  TRACE("failed to get IPv4 address of %s, retrying with IPv6\n", debugstr_w(name));
631  hints.ai_family = AF_INET6;
632  ret = GetAddrInfoW( name, NULL, &hints, &res );
633  if (ret != 0)
634  {
635  TRACE("failed to get address of %s\n", debugstr_w(name));
637  }
638  }
639  memcpy( sa, res->ai_addr, res->ai_addrlen );
640  switch (res->ai_family)
641  {
642  case AF_INET:
643  ((struct sockaddr_in *)sa)->sin_port = htons( port );
644  break;
645  case AF_INET6:
646  ((struct sockaddr_in6 *)sa)->sin6_port = htons( port );
647  break;
648  }
649 
650  FreeAddrInfoW( res );
651  return ERROR_SUCCESS;
652 }
653 
654 #ifdef __REACTOS__
655 
656 struct resolve_args
657 {
658  const WCHAR *hostname;
660  struct sockaddr_storage *sa;
661 };
662 
664 {
665  struct resolve_args *ra = arg;
666  return resolve_hostname( ra->hostname, ra->port, ra->sa );
667 }
668 
670 {
671  DWORD ret;
672 
673  if (timeout)
674  {
675  DWORD status;
676  HANDLE thread;
677  struct resolve_args ra;
678 
679  ra.hostname = hostname;
680  ra.port = port;
681  ra.sa = sa;
682 
683  thread = CreateThread( NULL, 0, resolve_proc, &ra, 0, NULL );
684  if (!thread) return FALSE;
685 
688  else ret = ERROR_WINHTTP_TIMEOUT;
689  CloseHandle( thread );
690  }
691  else ret = resolve_hostname( hostname, port, sa );
692 
693  if (ret)
694  {
695  SetLastError( ret );
696  return FALSE;
697  }
698  return TRUE;
699 }
700 
701 #else /* __REACTOS__ */
702 
704 {
705  const WCHAR *hostname;
710 };
711 
713 {
714  struct async_resolve *async = ctx;
715  async->result = resolve_hostname( async->hostname, async->port, async->addr );
716  SetEvent( async->done );
717 }
718 
720 {
721  DWORD ret;
722 
724  else
725  {
726  struct async_resolve async;
727 
728  async.hostname = hostname;
729  async.port = port;
730  async.addr = addr;
731  if (!(async.done = CreateEventW( NULL, FALSE, FALSE, NULL ))) return FALSE;
732  if (!TrySubmitThreadpoolCallback( resolve_proc, &async, NULL ))
733  {
734  CloseHandle( async.done );
735  return FALSE;
736  }
738  else ret = async.result;
739  CloseHandle( async.done );
740  }
741 
742  if (ret)
743  {
744  SetLastError( ret );
745  return FALSE;
746  }
747  return TRUE;
748 }
749 
750 #endif /* __REACTOS__ */
751 
752 const void *netconn_get_certificate( struct netconn *conn )
753 {
754  const CERT_CONTEXT *ret;
756 
757  if (!conn->secure) return NULL;
759  return res == SEC_E_OK ? ret : NULL;
760 }
761 
763 {
766 
767  if (!conn->secure) return 0;
768  res = QueryContextAttributesW(&conn->ssl_ctx, SECPKG_ATTR_CONNECTION_INFO, (void*)&conn_info);
769  if(res != SEC_E_OK)
770  WARN("QueryContextAttributesW failed: %08x\n", res);
771  return res == SEC_E_OK ? conn_info.dwCipherStrength : 0;
772 }
#define ISC_REQ_SEQUENCE_DETECT
Definition: sspi.h:352
BOOL WINAPI CertGetCertificateChain(HCERTCHAINENGINE hChainEngine, PCCERT_CONTEXT pCertContext, LPFILETIME pTime, HCERTSTORE hAdditionalStore, PCERT_CHAIN_PARA pChainPara, DWORD dwFlags, LPVOID pvReserved, PCCERT_CHAIN_CONTEXT *ppChainContext)
Definition: chain.c:2879
Definition: winsock.h:66
namespace GUID const ADDRINFOEXW * hints
Definition: sock.c:80
char * peek_msg_mem
CERT_ENHKEY_USAGE Usage
Definition: wincrypt.h:1048
static DWORD netconn_verify_cert(PCCERT_CONTEXT cert, WCHAR *server, DWORD security_flags, BOOL check_revocation)
Definition: net.c:60
size_t peek_len
#define memmove(s1, s2, n)
Definition: mkisofs.h:881
#define TRUE
Definition: types.h:120
#define CloseHandle
Definition: compat.h:406
#define SECURITY_FLAG_IGNORE_UNKNOWN_CA
Definition: winhttp.h:281
static DWORD resolve_hostname(const WCHAR *name, INTERNET_PORT port, struct sockaddr_storage *sa)
Definition: net.c:616
static rfbScreenInfoPtr server
Definition: vnc.c:74
SOCKET WSAAPI socket(IN INT af, IN INT type, IN INT protocol)
Definition: socklife.c:143
#define CERT_TRUST_IS_NOT_TIME_VALID
Definition: wincrypt.h:870
char * extra_buf
#define ERROR_SUCCESS
Definition: deptool.c:10
size_t extra_len
#define SECBUFFER_STREAM_HEADER
Definition: sspi.h:153
const GLenum * bufs
Definition: glext.h:6026
#define CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT
Definition: wincrypt.h:1058
#define MAKEWORD(a, b)
Definition: typedefs.h:247
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
Definition: sspi.c:699
#define ERROR_WINHTTP_SECURE_CHANNEL_ERROR
Definition: winhttp.h:219
#define ERROR_WINHTTP_TIMEOUT
Definition: winhttp.h:189
#define SEC_I_CONTEXT_EXPIRED
Definition: winerror.h:2933
char * peek_msg
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
Definition: cert.c:371
#define WARN(fmt,...)
Definition: debug.h:111
char * host
Definition: whois.c:55
#define INIT_ONCE_STATIC_INIT
Definition: winbase.h:593
#define closesocket
Definition: precomp.h:57
#define SECPKG_ATTR_REMOTE_CERT_CONTEXT
Definition: schannel.h:69
#define CALLBACK
Definition: compat.h:27
INT WSAAPI WSACleanup(VOID)
Definition: startup.c:60
BOOL netconn_secure_connect(struct netconn *conn, WCHAR *hostname, DWORD security_flags, CredHandle *cred_handle, BOOL check_revocation)
Definition: net.c:258
#define WSAEWOULDBLOCK
Definition: winerror.h:1948
static SecHandle cred_handle
ULONG netconn_query_data_available(struct netconn *conn)
Definition: net.c:585
CERT_USAGE_MATCH RequestedUsage
Definition: wincrypt.h:1070
#define SECBUFFER_DATA
Definition: sspi.h:147
#define assert(x)
Definition: debug.h:53
SecPkgContext_StreamSizes ssl_sizes
BOOL WINAPI DECLSPEC_HOTPATCH SetEvent(IN HANDLE hEvent)
Definition: synch.c:733
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
LONG_PTR SSIZE_T
Definition: basetsd.h:183
static int fd
Definition: io.c:51
void * arg
Definition: msvc.h:10
Definition: dhcpd.h:245
#define szOID_PKIX_KP_SERVER_AUTH
Definition: wincrypt.h:3294
#define SOL_SOCKET
Definition: winsock.h:398
BOOL netconn_resolve(WCHAR *hostname, INTERNET_PORT port, struct sockaddr_storage *addr, int timeout)
Definition: net.c:719
#define FD_ZERO(set)
Definition: winsock.h:96
#define FD_SET(fd, set)
Definition: winsock.h:89
INT WSAAPI connect(IN SOCKET s, IN CONST struct sockaddr *name, IN INT namelen)
Definition: sockctrl.c:23
#define WSAEINPROGRESS
Definition: winerror.h:1949
VOID WINAPI CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT pChainContext)
Definition: chain.c:2960
static void * heap_realloc(void *mem, size_t len)
Definition: appwiz.h:70
#define CERT_E_CN_NO_MATCH
Definition: winerror.h:3131
static void * heap_alloc(size_t len)
Definition: appwiz.h:65
DWORD netconn_set_timeout(struct netconn *netconn, BOOL send, int value)
Definition: net.c:590
#define SECBUFFER_EXTRA
Definition: sspi.h:151
HANDLE WINAPI DECLSPEC_HOTPATCH CreateEventW(IN LPSECURITY_ATTRIBUTES lpEventAttributes OPTIONAL, IN BOOL bManualReset, IN BOOL bInitialState, IN LPCWSTR lpName OPTIONAL)
Definition: synch.c:651
unsigned read_buf(z_streamp strm, Bytef *buf, unsigned size)
Definition: deflate.c:1167
BOOL WINAPI CertVerifyCertificateChainPolicy(LPCSTR szPolicyOID, PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara, PCERT_CHAIN_POLICY_STATUS pPolicyStatus)
Definition: chain.c:3716
#define ERROR_WINHTTP_SECURE_INVALID_CERT
Definition: winhttp.h:222
char * hostname
Definition: ftp.c:88
WORD INTERNET_PORT
Definition: winhttp.h:38
#define ISC_REQ_MANUAL_CRED_VALIDATION
Definition: sspi.h:368
#define CERT_TRUST_IS_REVOKED
Definition: wincrypt.h:872
BOOL WINAPI GetExitCodeThread(IN HANDLE hThread, OUT LPDWORD lpExitCode)
Definition: thread.c:540
DWORD WINAPI WaitForSingleObject(IN HANDLE hHandle, IN DWORD dwMilliseconds)
Definition: synch.c:82
const WCHAR * hostname
Definition: net.c:705
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define CERT_CHAIN_POLICY_SSL
Definition: wincrypt.h:965
#define E_OUTOFMEMORY
Definition: ddrawi.h:100
INT WSAAPI GetAddrInfoW(IN PCWSTR pszNodeName, IN PCWSTR pszServiceName, IN const ADDRINFOW *ptHints, OUT PADDRINFOW *pptResult)
Definition: addrinfo.c:509
unsigned int BOOL
Definition: ntddk_ex.h:94
INT WSAAPI select(IN INT s, IN OUT LPFD_SET readfds, IN OUT LPFD_SET writefds, IN OUT LPFD_SET exceptfds, IN CONST struct timeval *timeout)
Definition: select.c:41
static void CALLBACK resolve_proc(TP_CALLBACK_INSTANCE *instance, void *ctx)
Definition: net.c:712
#define debugstr_w
Definition: kernel32.h:32
DWORD result
Definition: net.c:708
#define FIXME(fmt,...)
Definition: debug.h:110
INTERNET_PORT port
Definition: net.c:706
INT WSAAPI setsockopt(IN SOCKET s, IN INT level, IN INT optname, IN CONST CHAR FAR *optval, IN INT optlen)
Definition: sockctrl.c:421
static PVOID ptr
Definition: dispmode.c:27
static BOOL read_ssl_chunk(struct netconn *conn, void *buf, SIZE_T buf_size, SIZE_T *ret_size, BOOL *eof)
Definition: net.c:442
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:136
INT WINAPI WSAStartup(IN WORD wVersionRequested, OUT LPWSADATA lpWSAData)
Definition: startup.c:113
void netconn_unload(void)
Definition: net.c:156
smooth NULL
Definition: ftsmooth.c:416
#define ERROR_WINHTTP_SECURE_CERT_CN_INVALID
Definition: winhttp.h:205
#define AF_INET6
Definition: winsock.h:369
#define CERT_TRUST_REVOCATION_STATUS_UNKNOWN
Definition: wincrypt.h:876
static BOOL winsock_loaded
Definition: net.c:154
#define SECBUFFER_EMPTY
Definition: sspi.h:146
struct sock * chain
Definition: tcpcore.h:1164
#define SEC_I_CONTINUE_NEEDED
Definition: winerror.h:2927
static BYTE cert[]
Definition: msg.c:1437
CERT_TRUST_STATUS TrustStatus
Definition: wincrypt.h:939
#define b
Definition: ke_i.h:79
LONG SECURITY_STATUS
Definition: sspi.h:34
BOOL netconn_send(struct netconn *conn, const void *msg, size_t len, int *sent)
Definition: net.c:418
const void * netconn_get_certificate(struct netconn *conn)
Definition: net.c:752
#define ERROR_WINHTTP_SECURE_CERT_REVOKED
Definition: winhttp.h:223
BOOL NTAPI InitOnceExecuteOnce(INIT_ONCE *once, PINIT_ONCE_FN func, void *param, void **context)
GLboolean GLboolean GLboolean b
Definition: glext.h:6204
#define SO_RCVTIMEO
Definition: winsock.h:193
#define TRACE(s)
Definition: solgame.cpp:4
INT WSAAPI WSAGetLastError(VOID)
Definition: dllmain.c:112
#define WAIT_OBJECT_0
Definition: winbase.h:387
GLsizeiptr size
Definition: glext.h:5919
SECURITY_STATUS WINAPI InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
Definition: wrapper.c:301
__wchar_t WCHAR
Definition: xmlstorage.h:180
INT WSAAPI send(IN SOCKET s, IN CONST CHAR FAR *buf, IN INT len, IN INT flags)
Definition: send.c:23
CtxtHandle ssl_ctx
GLfloat param
Definition: glext.h:5796
#define WINAPI
Definition: msvc.h:6
static UINT set(struct ID3DXConstantTableImpl *table, IDirect3DDevice9 *device, struct ctab_constant *constant, const void **indata, D3DXPARAMETER_TYPE intype, UINT *size, UINT incol, D3DXPARAMETER_CLASS inclass, UINT index, BOOL is_pointer)
Definition: shader.c:1095
unsigned long DWORD
Definition: ntddk_ex.h:95
#define SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE
Definition: winhttp.h:284
#define SetLastError(x)
Definition: compat.h:417
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
BOOL netconn_recv(struct netconn *conn, void *buf, size_t len, int flags, int *recvd)
Definition: net.c:533
struct sockaddr_storage * addr
Definition: net.c:707
static BOOL send_ssl_chunk(struct netconn *conn, const void *msg, size_t size)
Definition: net.c:392
#define ISC_REQ_USE_SESSION_KEY
Definition: sspi.h:354
GLbitfield flags
Definition: glext.h:7161
struct _TP_CALLBACK_INSTANCE TP_CALLBACK_INSTANCE
Definition: winnt_old.h:4232
#define SECPKG_ATTR_STREAM_SIZES
Definition: sspi.h:512
#define SECBUFFER_STREAM_TRAILER
Definition: sspi.h:152
static HANDLE thread
Definition: service.c:33
int ret
GLenum const GLvoid * addr
Definition: glext.h:9621
#define ISC_REQ_ALLOCATE_MEMORY
Definition: sspi.h:357
Definition: msg.h:34
#define SECBUFFER_TOKEN
Definition: sspi.h:148
static int state
Definition: maze.c:121
#define SECPKG_ATTR_CONNECTION_INFO
Definition: schannel.h:76
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
GLenum GLsizei len
Definition: glext.h:6722
unsigned char BYTE
Definition: mem.h:68
#define err(...)
void release_host(struct hostdata *host)
Definition: request.c:1494
void netconn_close(struct netconn *conn)
Definition: net.c:244
struct hostdata * host
#define SEC_E_OK
Definition: winerror.h:2356
struct sockaddr_storage sockaddr
SECURITY_STATUS WINAPI QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
Definition: wrapper.c:535
#define FIONBIO
Definition: winsock.h:149
_Check_return_ _CRTIMP int __cdecl __cdecl eof(_In_ int _FileHandle)
#define ERR(fmt,...)
Definition: debug.h:109
#define SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
Definition: winhttp.h:282
static void winsock_init(void)
Definition: net.c:170
ULONG_PTR SIZE_T
Definition: typedefs.h:78
#define CERT_TRUST_IS_NOT_VALID_FOR_USAGE
Definition: wincrypt.h:874
static int sock_send(int fd, const void *msg, size_t len, int flags)
Definition: net.c:38
#define SECBUFFER_VERSION
Definition: sspi.h:174
DWORD cUsageIdentifier
Definition: wincrypt.h:719
#define ioctlsocket
Definition: precomp.h:58
ULONG cbBuffer
Definition: sspi.h:140
#define ARRAY_SIZE(a)
Definition: main.h:24
#define ERROR_WINHTTP_SECURE_CERT_WRONG_USAGE
Definition: winhttp.h:227
static HINSTANCE instance
Definition: main.c:40
struct netconn * netconn_create(struct hostdata *host, const struct sockaddr_storage *sockaddr, int timeout)
Definition: net.c:182
#define min(a, b)
Definition: monoChain.cc:55
SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: wrapper.c:1036
#define CERT_TRUST_IS_UNTRUSTED_ROOT
Definition: wincrypt.h:875
WINSOCK_API_LINKAGE VOID WSAAPI FreeAddrInfoW(_In_opt_ PADDRINFOW pAddrInfo)
WINE_DEFAULT_DEBUG_CHANNEL(winhttp)
#define msg(x)
Definition: auth_time.c:54
LPSTR * rgpszUsageIdentifier
Definition: wincrypt.h:720
#define SO_SNDTIMEO
Definition: winsock.h:192
Definition: name.c:38
GLuint res
Definition: glext.h:9613
#define ERROR_WINHTTP_SECURE_INVALID_CA
Definition: winhttp.h:207
static BOOL WINAPI winsock_startup(INIT_ONCE *once, void *param, void **ctx)
Definition: net.c:161
int netconn_get_cipher_strength(struct netconn *conn)
Definition: net.c:762
unsigned int ULONG
Definition: retypes.h:1
#define AF_INET
Definition: tcpip.h:117
#define ERROR_WINHTTP_SECURE_CERT_REV_FAILED
Definition: winhttp.h:208
#define ISC_REQ_CONFIDENTIALITY
Definition: sspi.h:353
#define CERT_TRUST_IS_OFFLINE_REVOCATION
Definition: wincrypt.h:886
#define ISC_REQ_REPLAY_DETECT
Definition: sspi.h:351
#define SOCK_STREAM
Definition: tcpip.h:118
#define htons(x)
Definition: module.h:213
static int sock_recv(int fd, void *msg, size_t len, int flags)
Definition: net.c:49
Definition: _set.h:46
#define AUTHTYPE_SERVER
Definition: wincrypt.h:1035
USHORT port
Definition: uri.c:228
#define memset(x, y, z)
Definition: compat.h:39
static SERVICE_STATUS status
Definition: service.c:31
#define ERROR_WINHTTP_NAME_NOT_RESOLVED
Definition: winhttp.h:193
INT WSAAPI recv(IN SOCKET s, OUT CHAR FAR *buf, IN INT len, IN INT flags)
Definition: recv.c:23
BOOL netconn_is_alive(struct netconn *netconn)
Definition: net.c:602
char * ssl_buf
static struct sockaddr_in sa
Definition: adnsresfilter.c:69
#define WSAEINTR
Definition: winerror.h:1942
#define SEC_E_INCOMPLETE_MESSAGE
Definition: winerror.h:2934
SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: wrapper.c:1006
#define ERROR_WINHTTP_SECURE_CERT_DATE_INVALID
Definition: winhttp.h:204
HANDLE done
Definition: net.c:709
SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle phContext)
Definition: wrapper.c:450
static BOOL heap_free(void *mem)
Definition: appwiz.h:75
static void set_blocking(struct netconn *conn, BOOL blocking)
Definition: net.c:176
#define MSG_PEEK
Definition: winsock.h:222
Definition: ps.c:97