From 8380d00c6f8b203d303205efcc4d62748e87b184 Mon Sep 17 00:00:00 2001 From: George Hazan Date: Sun, 20 Jun 2021 18:04:43 +0300 Subject: =?UTF-8?q?fixes=20#2923=20(CurrencyRates:=20=D0=BD=D0=B5=20=D0=BE?= =?UTF-8?q?=D0=B1=D0=BD=D0=BE=D0=B2=D0=BB=D1=8F=D1=8E=D1=82=D1=81=D1=8F=20?= =?UTF-8?q?=D0=BA=D1=83=D1=80=D1=81=D1=8B=20=D0=B2=D0=B0=D0=BB=D1=8E=D1=82?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/mir_app/src/netlib_ssl.cpp | 54 ++++++++++++++++++------------------------ src/mir_app/src/stdafx.h | 2 ++ 2 files changed, 25 insertions(+), 31 deletions(-) diff --git a/src/mir_app/src/netlib_ssl.cpp b/src/mir_app/src/netlib_ssl.cpp index 1d752454df..9946658bde 100644 --- a/src/mir_app/src/netlib_ssl.cpp +++ b/src/mir_app/src/netlib_ssl.cpp @@ -101,28 +101,6 @@ static void ReportSslError(SECURITY_STATUS scRet, int line, bool = false) PUShowMessageW(tszMsg.GetBuffer(), SM_WARNING); } -static bool ClientConnect(SslHandle *ssl, const char*) -{ - { - mir_cslock lck(csSsl); - ssl->session = SSL_new(g_ctx); - } - - if (!ssl->session) { - Netlib_Logf(nullptr, "SSL setup failure: session"); - return false; - } - SSL_set_fd(ssl->session, ssl->s); - - int err = SSL_connect(ssl->session); - if (err != 1) { - dump_error(ssl->session, err); - return false; - } - - return true; -} - static PCCERT_CONTEXT SSL_X509ToCryptCert(X509 * x509) { unsigned char *buf = nullptr; @@ -251,22 +229,36 @@ cleanup: MIR_APP_DLL(HSSL) Netlib_SslConnect(SOCKET s, const char* host, int verify) { - SslHandle *ssl = new SslHandle(); + std::unique_ptr ssl(new SslHandle()); ssl->s = s; - bool res = ClientConnect(ssl, host); + { + mir_cslock lck(csSsl); + ssl->session = SSL_new(g_ctx); + } + + if (!ssl->session) { + Netlib_Logf(nullptr, "SSL setup failure: session"); + return false; + } + SSL_set_fd(ssl->session, ssl->s); - if (res && verify) { + SSL_set_tlsext_host_name(ssl->session, host); + + int err = SSL_connect(ssl->session); + if (err != 1) { + dump_error(ssl->session, err); + return nullptr; + } + + if (verify) { DWORD dwFlags = 0; if (!host || inet_addr(host) != INADDR_NONE) dwFlags |= 0x00001000; - res = VerifyCertificate(ssl, host, dwFlags); + if (!VerifyCertificate(ssl.get(), host, dwFlags)) + return nullptr; } - if (res) - return ssl; - - delete ssl; - return nullptr; + return ssl.release(); } ///////////////////////////////////////////////////////////////////////////////////////// diff --git a/src/mir_app/src/stdafx.h b/src/mir_app/src/stdafx.h index db5ce33430..221dc96031 100644 --- a/src/mir_app/src/stdafx.h +++ b/src/mir_app/src/stdafx.h @@ -60,6 +60,8 @@ typedef struct SslHandle *HSSL; #include #include +#include + #define __NO_CMPLUGIN_NEEDED #include #include -- cgit v1.2.3