src/hg/gsid/gsidMember/bio.c 4898794edd81be5285ea6e544acbedeaeb31bf78

4898794edd81be5285ea6e544acbedeaeb31bf78
max
  Tue Nov 23 08:10:57 2021 -0800
Fixing pointers to README file for license in all source code files. refs #27614

diff --git src/hg/gsid/gsidMember/bio.c src/hg/gsid/gsidMember/bio.c
index 2b0313c..46dd0a8 100644
--- src/hg/gsid/gsidMember/bio.c
+++ src/hg/gsid/gsidMember/bio.c
@@ -1,133 +1,133 @@
 /* use bio to call openssl on https://host/url */
 
 /* Copyright (C) 2009 The Regents of the University of California 
- * See README in this or parent directory for licensing information. */
+ * See kent/LICENSE or http://genome.ucsc.edu/license/ for licensing information. */
 
 #include "openssl/ssl.h"
 #include "openssl/err.h"
 
 #include "bio.h"
 
 int check_cert(SSL *ssl, char *host)
 {
 X509 *peer;
 char peer_CN[256];
 
 int verifyResult = SSL_get_verify_result(ssl);
 if (verifyResult != X509_V_OK)
     {
     fprintf(stderr,"Certificate doesn't verify, result=%d\n", verifyResult);
     return FALSE;
     }
 
 
 /*Check the cert chain. The chain length
 is automatically checked by OpenSSL when
 we set the verify depth in the ctx */
 
 
 /*Check the common name*/
 
 peer=SSL_get_peer_certificate(ssl);
 
 X509_NAME_get_text_by_NID( X509_get_subject_name(peer),
  NID_commonName, peer_CN, 256);
 
 if (strcasecmp(peer_CN,host))
     {
     fprintf(stderr,"Common name %s doesn't match host name %s\n",peer_CN,host);
     return FALSE;
     }
     
 return TRUE;
 }
 
 struct dyString *bio(char *host, char *url, char *certFile, char *certPath)
 /*
 This SSL/TLS client example, attempts to retrieve a page from an SSL/TLS web server. 
 The I/O routines are identical to those of the unencrypted example in BIO_s_connect(3).
 */
 {
 struct dyString *dy = dyStringNew(0);
 char hostnameProto[256];
 char requestLine[4096];
 
 BIO *sbio;
 int len;
 char tmpbuf[1024];
 SSL_CTX *ctx;
 SSL *ssl;
 
 SSL_library_init();
 ERR_load_crypto_strings();
 ERR_load_SSL_strings();
 OpenSSL_add_all_algorithms();
 
 /* We would seed the PRNG here if the platform didn't
 * do it automatically
 */
 
 ctx = SSL_CTX_new(SSLv23_client_method());
 if (certFile || certPath)
     {
     SSL_CTX_load_verify_locations(ctx,certFile,certPath);
 #if (OPENSSL_VERSION_NUMBER < 0x0090600fL)
     SSL_CTX_set_verify_depth(ctx,1);
 #endif
     }
 
 /* We'd normally set some stuff like the verify paths and
 * mode here because as things stand this will connect to
 * any server whose certificate is signed by any CA.
 */
 
 sbio = BIO_new_ssl_connect(ctx);
 
 BIO_get_ssl(sbio, &ssl);
 
 if(!ssl) 
     {
     fprintf(stderr, "Can't locate SSL pointer\n");
     return NULL;
     }
 
 /* Don't want any retries */
 SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
 
 /* We might want to do other things with ssl here */
 
 safef(hostnameProto,sizeof(hostnameProto),"%s:https",host);
 BIO_set_conn_hostname(sbio, hostnameProto);
 
 if(BIO_do_connect(sbio) <= 0) 
     {
     fprintf(stderr, "Error connecting to server\n");
     ERR_print_errors_fp(stderr);
     return NULL;
     }
 
 if(BIO_do_handshake(sbio) <= 0) 
     {
     fprintf(stderr, "Error establishing SSL connection\n");
     ERR_print_errors_fp(stderr);
     return NULL;
     }
 
 if (certFile || certPath)
     if (!check_cert(ssl, host))
 	return NULL;
 
 /* Could examine ssl here to get connection info */
 
 safef(requestLine,sizeof(requestLine),"GET %s HTTP/1.0\n\n",url);
 BIO_puts(sbio, requestLine);
 for(;;) 
     {
     len = BIO_read(sbio, tmpbuf, 1024);
     if(len <= 0) break;
     dyStringAppendN(dy, tmpbuf, len);
     }
 BIO_free_all(sbio);
 
 return dy;
 }