Change SSL variables' names in session structure.
This commit is contained in:
parent
716ee036dc
commit
47521ace3f
|
@ -36,7 +36,7 @@ get_cert(session *ssn)
|
||||||
|
|
||||||
mdlen = 0;
|
mdlen = 0;
|
||||||
|
|
||||||
if (!(cert = SSL_get_peer_certificate(ssn->sslsocket)))
|
if (!(cert = SSL_get_peer_certificate(ssn->sslconn)))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (!(X509_digest(cert, EVP_md5(), md, &mdlen)))
|
if (!(X509_digest(cert, EVP_md5(), md, &mdlen)))
|
||||||
|
|
|
@ -158,11 +158,11 @@ request_login(session **ssnptr, const char *server, const char *port, const
|
||||||
if ((!strncasecmp(ssl, "tls1", 4) ||
|
if ((!strncasecmp(ssl, "tls1", 4) ||
|
||||||
!strncasecmp(ssl, "ssl3", 4) ||
|
!strncasecmp(ssl, "ssl3", 4) ||
|
||||||
!strncasecmp(ssl, "ssl2", 4)))
|
!strncasecmp(ssl, "ssl2", 4)))
|
||||||
ssn->ssl = ssl;
|
ssn->sslproto = ssl;
|
||||||
} else {
|
} else {
|
||||||
debug("recovering connection: %s://%s@%s:%s/%s\n", ssn->ssl ?
|
debug("recovering connection: %s://%s@%s:%s/%s\n",
|
||||||
"imaps" : "imap", ssn->username, ssn->server, ssn->port,
|
ssn->sslproto ?"imaps" : "imap", ssn->username, ssn->server,
|
||||||
ssn->selected ? ssn->selected : "");
|
ssn->port, ssn->selected ? ssn->selected : "");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (open_connection(ssn) == -1)
|
if (open_connection(ssn) == -1)
|
||||||
|
@ -181,7 +181,7 @@ request_login(session **ssnptr, const char *server, const char *port, const
|
||||||
if (response_capability(ssn, t) == -1)
|
if (response_capability(ssn, t) == -1)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
if (!ssn->ssl && ssn->capabilities & CAPABILITY_STARTTLS &&
|
if (!ssn->sslproto && ssn->capabilities & CAPABILITY_STARTTLS &&
|
||||||
get_option_boolean("starttls")) {
|
get_option_boolean("starttls")) {
|
||||||
t = send_request(ssn, "STARTTLS");
|
t = send_request(ssn, "STARTTLS");
|
||||||
switch (response_generic(ssn, t)) {
|
switch (response_generic(ssn, t)) {
|
||||||
|
|
|
@ -37,11 +37,11 @@ session_init(session *ssn)
|
||||||
|
|
||||||
ssn->server = NULL;
|
ssn->server = NULL;
|
||||||
ssn->port = NULL;
|
ssn->port = NULL;
|
||||||
ssn->ssl = NULL;
|
ssn->sslproto = NULL;
|
||||||
ssn->username = NULL;
|
ssn->username = NULL;
|
||||||
ssn->password = NULL;
|
ssn->password = NULL;
|
||||||
ssn->socket = -1;
|
ssn->socket = -1;
|
||||||
ssn->sslsocket = NULL;
|
ssn->sslconn = NULL;
|
||||||
ssn->protocol = PROTOCOL_NONE;
|
ssn->protocol = PROTOCOL_NONE;
|
||||||
ssn->capabilities = CAPABILITY_NONE;
|
ssn->capabilities = CAPABILITY_NONE;
|
||||||
ssn->ns.prefix = NULL;
|
ssn->ns.prefix = NULL;
|
||||||
|
|
|
@ -9,11 +9,11 @@
|
||||||
typedef struct session {
|
typedef struct session {
|
||||||
const char *server; /* Server hostname. */
|
const char *server; /* Server hostname. */
|
||||||
const char *port; /* Server port. */
|
const char *port; /* Server port. */
|
||||||
const char *ssl; /* SSL protocol. */
|
const char *sslproto; /* SSL protocol. */
|
||||||
const char *username; /* User name. */
|
const char *username; /* User name. */
|
||||||
const char *password; /* User password. */
|
const char *password; /* User password. */
|
||||||
int socket; /* Socket. */
|
int socket; /* Socket. */
|
||||||
SSL *sslsocket; /* SSL socket. */
|
SSL *sslconn; /* SSL connection. */
|
||||||
unsigned int protocol; /* IMAP protocol. Currently IMAP4rev1 and
|
unsigned int protocol; /* IMAP protocol. Currently IMAP4rev1 and
|
||||||
* IMAP4 are supported. */
|
* IMAP4 are supported. */
|
||||||
unsigned int capabilities; /* Capabilities of the mail server. */
|
unsigned int capabilities; /* Capabilities of the mail server. */
|
||||||
|
|
66
src/socket.c
66
src/socket.c
|
@ -66,7 +66,7 @@ open_connection(session *ssn)
|
||||||
|
|
||||||
ssn->socket = sockfd;
|
ssn->socket = sockfd;
|
||||||
|
|
||||||
if (ssn->ssl) {
|
if (ssn->sslproto) {
|
||||||
if (open_secure_connection(ssn) == -1) {
|
if (open_secure_connection(ssn) == -1) {
|
||||||
close_connection(ssn);
|
close_connection(ssn);
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -89,8 +89,8 @@ open_secure_connection(session *ssn)
|
||||||
|
|
||||||
method = NULL;
|
method = NULL;
|
||||||
|
|
||||||
if (ssn->ssl && (!strncasecmp(ssn->ssl, "ssl3", 4) ||
|
if (ssn->sslproto && (!strncasecmp(ssn->sslproto, "ssl3", 4) ||
|
||||||
!strncasecmp(ssn->ssl, "ssl2", 4)))
|
!strncasecmp(ssn->sslproto, "ssl2", 4)))
|
||||||
method = SSLv23_client_method();
|
method = SSLv23_client_method();
|
||||||
else
|
else
|
||||||
method = TLSv1_client_method();
|
method = TLSv1_client_method();
|
||||||
|
@ -98,16 +98,16 @@ open_secure_connection(session *ssn)
|
||||||
if (!(ctx = SSL_CTX_new(method)))
|
if (!(ctx = SSL_CTX_new(method)))
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
if (!(ssn->sslsocket = SSL_new(ctx)))
|
if (!(ssn->sslconn = SSL_new(ctx)))
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
SSL_set_fd(ssn->sslsocket, ssn->socket);
|
SSL_set_fd(ssn->sslconn, ssn->socket);
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
if ((r = SSL_connect(ssn->sslsocket)) > 0)
|
if ((r = SSL_connect(ssn->sslconn)) > 0)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
switch (SSL_get_error(ssn->sslsocket, r)) {
|
switch (SSL_get_error(ssn->sslconn, r)) {
|
||||||
case SSL_ERROR_ZERO_RETURN:
|
case SSL_ERROR_ZERO_RETURN:
|
||||||
error("initiating SSL connection to %s; the "
|
error("initiating SSL connection to %s; the "
|
||||||
"connection has been closed cleanly\n",
|
"connection has been closed cleanly\n",
|
||||||
|
@ -149,7 +149,7 @@ open_secure_connection(session *ssn)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
fail:
|
fail:
|
||||||
ssn->sslsocket = NULL;
|
ssn->sslconn = NULL;
|
||||||
SSL_CTX_free(ctx);
|
SSL_CTX_free(ctx);
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -186,10 +186,10 @@ int
|
||||||
close_secure_connection(session *ssn)
|
close_secure_connection(session *ssn)
|
||||||
{
|
{
|
||||||
|
|
||||||
if (ssn->sslsocket) {
|
if (ssn->sslconn) {
|
||||||
SSL_shutdown(ssn->sslsocket);
|
SSL_shutdown(ssn->sslconn);
|
||||||
SSL_free(ssn->sslsocket);
|
SSL_free(ssn->sslconn);
|
||||||
ssn->sslsocket = NULL;
|
ssn->sslconn = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -225,8 +225,8 @@ socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail)
|
||||||
FD_ZERO(&fds);
|
FD_ZERO(&fds);
|
||||||
FD_SET(ssn->socket, &fds);
|
FD_SET(ssn->socket, &fds);
|
||||||
|
|
||||||
if (ssn->sslsocket) {
|
if (ssn->sslconn) {
|
||||||
if (SSL_pending(ssn->sslsocket) > 0 ||
|
if (SSL_pending(ssn->sslconn) > 0 ||
|
||||||
((s = select(ssn->socket + 1, &fds, NULL, NULL, tvp)) > 0 &&
|
((s = select(ssn->socket + 1, &fds, NULL, NULL, tvp)) > 0 &&
|
||||||
FD_ISSET(ssn->socket, &fds))) {
|
FD_ISSET(ssn->socket, &fds))) {
|
||||||
r = socket_secure_read(ssn, buf, len);
|
r = socket_secure_read(ssn, buf, len);
|
||||||
|
@ -274,13 +274,13 @@ socket_secure_read(session *ssn, char *buf, size_t len)
|
||||||
int r, e;
|
int r, e;
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
if ((r = (ssize_t) SSL_read(ssn->sslsocket, buf, len)) > 0)
|
if ((r = (ssize_t) SSL_read(ssn->sslconn, buf, len)) > 0)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
switch (SSL_get_error(ssn->sslsocket, r)) {
|
switch (SSL_get_error(ssn->sslconn, r)) {
|
||||||
case SSL_ERROR_ZERO_RETURN:
|
case SSL_ERROR_ZERO_RETURN:
|
||||||
error("reading data through SSL; the connection has been "
|
error("reading data through SSL; the connection has "
|
||||||
"closed cleanly\n");
|
"been closed cleanly\n");
|
||||||
goto fail;
|
goto fail;
|
||||||
case SSL_ERROR_NONE:
|
case SSL_ERROR_NONE:
|
||||||
case SSL_ERROR_WANT_READ:
|
case SSL_ERROR_WANT_READ:
|
||||||
|
@ -292,10 +292,11 @@ socket_secure_read(session *ssn, char *buf, size_t len)
|
||||||
case SSL_ERROR_SYSCALL:
|
case SSL_ERROR_SYSCALL:
|
||||||
e = ERR_get_error();
|
e = ERR_get_error();
|
||||||
if (e == 0 && r == 0)
|
if (e == 0 && r == 0)
|
||||||
error("reading data through SSL; EOF in violation of "
|
error("reading data through SSL; EOF in "
|
||||||
"the protocol\n");
|
"violation of the protocol\n");
|
||||||
else if (e == 0 && r == -1)
|
else if (e == 0 && r == -1)
|
||||||
error("reading data through SSL; %s\n", strerror(errno));
|
error("reading data through SSL; %s\n",
|
||||||
|
strerror(errno));
|
||||||
else
|
else
|
||||||
error("reading data through SSL; %s\n",
|
error("reading data through SSL; %s\n",
|
||||||
ERR_error_string(e, NULL));
|
ERR_error_string(e, NULL));
|
||||||
|
@ -311,7 +312,8 @@ socket_secure_read(session *ssn, char *buf, size_t len)
|
||||||
|
|
||||||
return r;
|
return r;
|
||||||
fail:
|
fail:
|
||||||
SSL_set_shutdown(ssn->sslsocket, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
|
SSL_set_shutdown(ssn->sslconn, SSL_SENT_SHUTDOWN |
|
||||||
|
SSL_RECEIVED_SHUTDOWN);
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
@ -337,7 +339,7 @@ socket_write(session *ssn, const char *buf, size_t len)
|
||||||
while (len) {
|
while (len) {
|
||||||
if ((s = select(ssn->socket + 1, NULL, &fds, NULL, NULL) > 0 &&
|
if ((s = select(ssn->socket + 1, NULL, &fds, NULL, NULL) > 0 &&
|
||||||
FD_ISSET(ssn->socket, &fds))) {
|
FD_ISSET(ssn->socket, &fds))) {
|
||||||
if (ssn->sslsocket) {
|
if (ssn->sslconn) {
|
||||||
r = socket_secure_write(ssn, buf, len);
|
r = socket_secure_write(ssn, buf, len);
|
||||||
|
|
||||||
if (r <= 0)
|
if (r <= 0)
|
||||||
|
@ -387,13 +389,13 @@ socket_secure_write(session *ssn, const char *buf, size_t len)
|
||||||
int r, e;
|
int r, e;
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
if ((r = (ssize_t) SSL_write(ssn->sslsocket, buf, len)) > 0)
|
if ((r = (ssize_t) SSL_write(ssn->sslconn, buf, len)) > 0)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
switch (SSL_get_error(ssn->sslsocket, r)) {
|
switch (SSL_get_error(ssn->sslconn, r)) {
|
||||||
case SSL_ERROR_ZERO_RETURN:
|
case SSL_ERROR_ZERO_RETURN:
|
||||||
error("writing data through SSL; the connection has been "
|
error("writing data through SSL; the connection has "
|
||||||
"closed cleanly\n");
|
"been closed cleanly\n");
|
||||||
goto fail;
|
goto fail;
|
||||||
case SSL_ERROR_NONE:
|
case SSL_ERROR_NONE:
|
||||||
case SSL_ERROR_WANT_READ:
|
case SSL_ERROR_WANT_READ:
|
||||||
|
@ -405,10 +407,11 @@ socket_secure_write(session *ssn, const char *buf, size_t len)
|
||||||
case SSL_ERROR_SYSCALL:
|
case SSL_ERROR_SYSCALL:
|
||||||
e = ERR_get_error();
|
e = ERR_get_error();
|
||||||
if (e == 0 && r == 0)
|
if (e == 0 && r == 0)
|
||||||
error("writing data through SSL; EOF in violation of "
|
error("writing data through SSL; EOF in "
|
||||||
"the protocol\n");
|
"violation of the protocol\n");
|
||||||
else if (e == 0 && r == -1)
|
else if (e == 0 && r == -1)
|
||||||
error("writing data through SSL; %s\n", strerror(errno));
|
error("writing data through SSL; %s\n",
|
||||||
|
strerror(errno));
|
||||||
else
|
else
|
||||||
error("writing data through SSL; %s\n",
|
error("writing data through SSL; %s\n",
|
||||||
ERR_error_string(e, NULL));
|
ERR_error_string(e, NULL));
|
||||||
|
@ -424,7 +427,8 @@ socket_secure_write(session *ssn, const char *buf, size_t len)
|
||||||
|
|
||||||
return r;
|
return r;
|
||||||
fail:
|
fail:
|
||||||
SSL_set_shutdown(ssn->sslsocket, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
|
SSL_set_shutdown(ssn->sslconn, SSL_SENT_SHUTDOWN |
|
||||||
|
SSL_RECEIVED_SHUTDOWN);
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue