}
retry:
- openconnect_SSL_printf(vpninfo->https_ssl, "CONNECT /CSCOSSLC/tunnel HTTP/1.1\r\n");
- openconnect_SSL_printf(vpninfo->https_ssl, "Host: %s\r\n", vpninfo->hostname);
- openconnect_SSL_printf(vpninfo->https_ssl, "User-Agent: %s\r\n", vpninfo->useragent);
- openconnect_SSL_printf(vpninfo->https_ssl, "Cookie: webvpn=%s\r\n", vpninfo->cookie);
- openconnect_SSL_printf(vpninfo->https_ssl, "X-CSTP-Version: 1\r\n");
- openconnect_SSL_printf(vpninfo->https_ssl, "X-CSTP-Hostname: %s\r\n", vpninfo->localname);
+ openconnect_SSL_printf(vpninfo, "CONNECT /CSCOSSLC/tunnel HTTP/1.1\r\n");
+ openconnect_SSL_printf(vpninfo, "Host: %s\r\n", vpninfo->hostname);
+ openconnect_SSL_printf(vpninfo, "User-Agent: %s\r\n", vpninfo->useragent);
+ openconnect_SSL_printf(vpninfo, "Cookie: webvpn=%s\r\n", vpninfo->cookie);
+ openconnect_SSL_printf(vpninfo, "X-CSTP-Version: 1\r\n");
+ openconnect_SSL_printf(vpninfo, "X-CSTP-Hostname: %s\r\n", vpninfo->localname);
if (vpninfo->deflate)
- openconnect_SSL_printf(vpninfo->https_ssl, "X-CSTP-Accept-Encoding: deflate;q=1.0\r\n");
- openconnect_SSL_printf(vpninfo->https_ssl, "X-CSTP-MTU: %d\r\n", vpninfo->mtu);
- openconnect_SSL_printf(vpninfo->https_ssl, "X-CSTP-Address-Type: %s\r\n",
+ openconnect_SSL_printf(vpninfo, "X-CSTP-Accept-Encoding: deflate;q=1.0\r\n");
+ openconnect_SSL_printf(vpninfo, "X-CSTP-MTU: %d\r\n", vpninfo->mtu);
+ openconnect_SSL_printf(vpninfo, "X-CSTP-Address-Type: %s\r\n",
vpninfo->disable_ipv6?"IPv4":"IPv6,IPv4");
- openconnect_SSL_printf(vpninfo->https_ssl, "X-DTLS-Master-Secret: ");
+ openconnect_SSL_printf(vpninfo, "X-DTLS-Master-Secret: ");
for (i = 0; i < sizeof(vpninfo->dtls_secret); i++)
- openconnect_SSL_printf(vpninfo->https_ssl, "%02X", vpninfo->dtls_secret[i]);
- openconnect_SSL_printf(vpninfo->https_ssl, "\r\nX-DTLS-CipherSuite: %s\r\n\r\n",
+ openconnect_SSL_printf(vpninfo, "%02X", vpninfo->dtls_secret[i]);
+ openconnect_SSL_printf(vpninfo, "\r\nX-DTLS-CipherSuite: %s\r\n\r\n",
vpninfo->dtls_ciphers?:"AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA");
- if (openconnect_SSL_gets(vpninfo->https_ssl, buf, 65536) < 0) {
+ if (openconnect_SSL_gets(vpninfo, buf, 65536) < 0) {
vpn_progress(vpninfo, PRG_ERR,
_("Error fetching HTTPS response\n"));
if (!retried) {
if (!strncmp(buf, "HTTP/1.1 503 ", 13)) {
/* "Service Unavailable. Why? */
const char *reason = "<unknown>";
- while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
+ while ((i = openconnect_SSL_gets(vpninfo, buf, sizeof(buf)))) {
if (!strncmp(buf, "X-Reason: ", 10)) {
reason = buf + 10;
break;
/* We may have advertised it, but we only do it if the server agrees */
vpninfo->deflate = 0;
- while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
+ while ((i = openconnect_SSL_gets(vpninfo, buf, sizeof(buf)))) {
struct vpn_option *new_option;
char *colon = strchr(buf, ':');
if (!colon)
int i;
cont:
- if (openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)) < 0) {
+ if (openconnect_SSL_gets(vpninfo, buf, sizeof(buf)) < 0) {
vpn_progress(vpninfo, PRG_ERR,
_("Error fetching HTTPS response\n"));
return -EINVAL;
_("Got HTTP response: %s\n"), buf);
/* Eat headers... */
- while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
+ while ((i = openconnect_SSL_gets(vpninfo, buf, sizeof(buf)))) {
char *colon;
if (i < 0) {
}
} else if (bodylen == BODY_CHUNKED) {
/* ... else, chunked */
- while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
+ while ((i = openconnect_SSL_gets(vpninfo, buf, sizeof(buf)))) {
int chunklen, lastchunk = 0;
if (i < 0) {
done += i;
}
skip:
- if ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
+ if ((i = openconnect_SSL_gets(vpninfo, buf, sizeof(buf)))) {
if (i < 0) {
vpn_progress(vpninfo, PRG_ERR,
_("Error fetching HTTP response body\n"));
/* ssl.c */
int __attribute__ ((format (printf, 2, 3)))
- openconnect_SSL_printf(SSL *ssl, const char *fmt, ...);
-int openconnect_SSL_gets(SSL *ssl, char *buf, size_t len);
+ openconnect_SSL_printf(struct openconnect_info *vpninfo, const char *fmt, ...);
+int openconnect_SSL_gets(struct openconnect_info *vpninfo, char *buf, size_t len);
int openconnect_open_https(struct openconnect_info *vpninfo);
void openconnect_close_https(struct openconnect_info *vpninfo);
int get_cert_md5_fingerprint(struct openconnect_info *vpninfo, X509 *cert,
We could use cURL for the HTTP stuff, but it's overkill */
int __attribute__ ((format (printf, 2, 3)))
- openconnect_SSL_printf(SSL *ssl, const char *fmt, ...)
+ openconnect_SSL_printf(struct openconnect_info *vpninfo, const char *fmt, ...)
{
char buf[1024];
va_list args;
va_start(args, fmt);
vsnprintf(buf, 1023, fmt, args);
va_end(args);
- return SSL_write(ssl, buf, strlen(buf));
+ return SSL_write(vpninfo->https_ssl, buf, strlen(buf));
}
ERR_print_errors_cb(print_err, vpninfo);
}
-int openconnect_SSL_gets(SSL *ssl, char *buf, size_t len)
+int openconnect_SSL_gets(struct openconnect_info *vpninfo, char *buf, size_t len)
{
int i = 0;
int ret;
if (len < 2)
return -EINVAL;
- while ( (ret = SSL_read(ssl, buf + i, 1)) == 1) {
+ while ( (ret = SSL_read(vpninfo->https_ssl, buf + i, 1)) == 1) {
if (buf[i] == '\n') {
buf[i] = 0;
if (i && buf[i-1] == '\r') {
}
}
if (ret == 0) {
- ret = -SSL_get_error(ssl, ret);
+ ret = -SSL_get_error(vpninfo->https_ssl, ret);
}
buf[i] = 0;
return i ?: ret;