void clear_cert(){ if(_cred){ ne_ssl_clicert_free(_cred); _cred = NULL; } pemLoaded = false; x509_ucert.clear(); x509_ukey.clear(); x509_passwd.clear(); }
void ne_session_destroy(ne_session *sess) { NE_DEBUG_WINSCP_CONTEXT(sess); struct hook *hk; NE_DEBUG(NE_DBG_HTTP, "sess: Destroying session.\n"); /* Run the destroy hooks. */ for (hk = sess->destroy_sess_hooks; hk != NULL; hk = hk->next) { ne_destroy_sess_fn fn = (ne_destroy_sess_fn)hk->fn; fn(hk->userdata); } /* Close the connection; note that the notifier callback could * still be invoked here. */ if (sess->connected) { ne_close_connection(sess); } destroy_hooks(sess->create_req_hooks); destroy_hooks(sess->pre_send_hooks); destroy_hooks(sess->post_headers_hooks); destroy_hooks(sess->post_send_hooks); destroy_hooks(sess->destroy_req_hooks); destroy_hooks(sess->destroy_sess_hooks); destroy_hooks(sess->close_conn_hooks); destroy_hooks(sess->private); ne_free(sess->scheme); free_hostinfo(&sess->server); free_proxies(sess); if (sess->user_agent) ne_free(sess->user_agent); if (sess->socks_user) ne_free(sess->socks_user); if (sess->socks_password) ne_free(sess->socks_password); #ifdef NE_HAVE_SSL if (sess->ssl_context) ne_ssl_context_destroy(sess->ssl_context); if (sess->server_cert) ne_ssl_cert_free(sess->server_cert); if (sess->client_cert) ne_ssl_clicert_free(sess->client_cert); #endif ne_free(sess); }
void ne_session_destroy(ne_session *sess) { struct hook *hk; NE_DEBUG(NE_DBG_HTTP, "ne_session_destroy called.\n"); /* Run the destroy hooks. */ for (hk = sess->destroy_sess_hooks; hk != NULL; hk = hk->next) { ne_destroy_sess_fn fn = (ne_destroy_sess_fn)hk->fn; fn(hk->userdata); } destroy_hooks(sess->create_req_hooks); destroy_hooks(sess->pre_send_hooks); destroy_hooks(sess->post_send_hooks); destroy_hooks(sess->destroy_req_hooks); destroy_hooks(sess->destroy_sess_hooks); destroy_hooks(sess->private); ne_free(sess->scheme); ne_free(sess->server.hostname); ne_free(sess->server.hostport); if (sess->server.address) ne_addr_destroy(sess->server.address); if (sess->proxy.address) ne_addr_destroy(sess->proxy.address); if (sess->proxy.hostname) ne_free(sess->proxy.hostname); if (sess->user_agent) ne_free(sess->user_agent); if (sess->connected) { ne_close_connection(sess); } #ifdef NE_HAVE_SSL if (sess->ssl_context) ne_ssl_context_destroy(sess->ssl_context); if (sess->server_cert) ne_ssl_cert_free(sess->server_cert); if (sess->client_cert) ne_ssl_clicert_free(sess->client_cert); #endif ne_free(sess); }
int dav_startsessx(char *server, char *comment, int enable_ssl) { FILE *p12 = NULL; const char *p12cert = "/tmp/usercert.p12"; const char *userkey, *usercert, *userproxy; char buffer[128]; /* Function to be executed once per thread, used to create the connection structure and set the server name */ if(mutex == 0) { /* If no host specified, use the DPNS default one */ if (!server) server = getenv("DPNS_HOST"); /* Finish the function if the host is still NULL*/ if (!server) { dav_error = SENOSHOST; return -1; } /* Trigger an error if the comment is too long */ if(comment && (strlen(comment) > CA_MAXCOMMENTLEN)) { dav_error = EINVAL; return -1; } pthread_once(&init_once, thread_init_once); connection = (struct dav_connection *)calloc(sizeof(struct dav_connection), 1); strcpy(connection->server, server); mutex = 1; } /* exit function if a session already exists */ if(connection->session) return 0; /* Retrieve userkey and usercert from environement variable */ userkey = getenv("X509_USER_KEY"); usercert = getenv("X509_USER_CERT"); userproxy = getenv("X509_USER_PROXY"); /* Use a proxy */ if (enable_ssl) { if (userproxy) { userkey = usercert = userproxy; } /* Try default proxy location */ else if (!userkey && !usercert) { struct stat stat_buf; snprintf(buffer, sizeof(buffer), "/tmp/x509up_u%d", getuid()); /* No luck, try with host cert and key */ if (stat(buffer, &stat_buf) != 0) { usercert = "/etc/grid-security/hostcert.pem"; userkey = "/etc/grid-security/hostkey.pem"; } } debug_msg("User certificate: %s", usercert); debug_msg("User key: %s", userkey); /* Try to open the certificate, create one if file does not exist yet */ if ((p12 = fopen(p12cert, "r")) == NULL){ if(convert_x509_to_p12(userkey, usercert, p12cert) == -1){ fprintf(stderr, "An error occur in the certificate conversion\n"); return -1; } }else { fclose(p12); } /* Try to open a session, return -1 and set the correct errno if it failed */ if ((connection->session = ne_session_create("https", server, 443)) == NULL) { dav_error = ENSNACT; return -1; } } else { if ((connection->session = ne_session_create("http", server, 80)) == NULL) { dav_error = ENSNACT; return -1; } } /* manual checking for ssl credentials */ ne_ssl_set_verify(connection->session, no_ssl_verification, NULL); /* Read the pkcs12 certificate */ if (enable_ssl) { ne_ssl_client_cert *cert = ne_ssl_clicert_read(p12cert); if (cert == NULL) { ne_session_destroy(connection->session); dav_error = SECOMERR; return -1; } ne_ssl_set_clicert(connection->session, cert); ne_ssl_clicert_free(cert); } return 0; }