Make OpenSSL a mandatory requirement

There is no point in having SSL/TLS IMAP support as optional, it's as useful if not more than the the non-encrypted connections. The Makefile was better organized to make it easier to change some options during compile. The SHAREDIR variable passed as configuration option has changed name.
2024-12-21 07:08:49 -05:00 · 2012-02-19 12:36:44 +01:00 · 2012-02-19 12:36:44 +01:00 · e907fe5fdf
commit e907fe5fdf
parent 820e9db522
14 changed files with 41 additions and 94 deletions
--- a/2
+++ b/2
@ -1,2 +1,2 @@
-all nossl install uninstall clean:
+all install uninstall clean:
 	cd src && $(MAKE) $@
--- a/2
+++ b/2
@ -26,7 +26,7 @@ Changes
 Installation

  Compile time requirements are Lua (version 5.2 or 5.1), the PCRE library, and
-  optionally the OpenSSL library (for SSL/TLS and CRAM-MD5 support).
+  the OpenSSL library.

  Compile and install the program:

--- a/src/Makefile
+++ b/src/Makefile
@ -4,9 +4,21 @@ BINDIR = $(PREFIX)/bin
 SHAREDIR = $(PREFIX)/share/imapfilter
 MANDIR = $(PREFIX)/man

-CFLAGS = -Wall -O -DMAKEFILE_SHAREDIR='"$(SHAREDIR)"'
-LDFLAGS =
-LIBS = -lm -llua -lpcre -lssl -lcrypto
+MYCFLAGS =
+MYLDFLAGS =
+MYLIBS =
+
+INCDIRS =
+LIBDIRS =
+
+LIBLUA = -llua
+LIBPCRE = -lpcre
+LIBSSL = -lssl
+LIBCRYPTO = -lcrypto
+
+CFLAGS = -Wall -O -DCONFIG_SHAREDIR='"$(SHAREDIR)"' $(INCDIRS) $(MYCFLAGS)
+LDFLAGS = $(LIBDIRS) $(MYLDFLAGS)
+LIBS = -lm $(LIBLUA) $(LIBPCRE) $(LIBSSL) $(LIBCRYPTO) $(MYLIBS)

 MAN1 = imapfilter.1
 MAN5 = imapfilter_config.5
@ -21,10 +33,6 @@ OBJ = auth.o buffer.o cert.o core.o file.o imapfilter.o list.o log.o lua.o \

 all: $(BIN)

-nossl:
-	$(MAKE) $(BIN) CFLAGS="-Wall -O -DMAKEFILE_SHAREDIR='\"$(SHAREDIR)\"' \
-		-DNO_SSLTLS -DNO_CRAMMD5" LIBS="-lm -llua -lpcre"
-
 $(BIN): $(OBJ)
 	$(CC) -o $(BIN) $(LDFLAGS) $(OBJ) $(LIBS)

--- a/src/auth.c
+++ b/src/auth.c
@ -1,12 +1,11 @@
 #include <stdio.h>
 #include <string.h>

-#include "imapfilter.h"
-
-#ifndef NO_CRAMMD5
 #include <openssl/hmac.h>
 #include <openssl/evp.h>

+#include "imapfilter.h"
+

 /*
 * Authenticate to the server with the Challenge-Response Authentication
@ -57,4 +56,3 @@ auth_cram_md5(const char *user, const char *pass, unsigned char *chal)

 	return out;
 }
-#endif				/* NO_CRAMMD5 */
--- a/src/cert.c
+++ b/src/cert.c
@ -1,5 +1,3 @@
-#ifndef NO_SSLTLS
-
 #include <stdio.h>
 #include <string.h>
 #include <ctype.h>
@ -7,14 +5,14 @@
 #include <sys/stat.h>
 #include <unistd.h>

-#include "imapfilter.h"
-#include "session.h"
-
 #include <openssl/x509.h>
 #include <openssl/ssl.h>
 #include <openssl/pem.h>
 #include <openssl/evp.h>

+#include "imapfilter.h"
+#include "session.h"
+

 extern environment env;

@ -207,4 +205,3 @@ mismatch_cert(void)
 	else
 		return -1;
 }
-#endif				/* NO_SSLTLS */
--- a/src/file.c
+++ b/src/file.c
@ -1,4 +1,5 @@
 #include <stdio.h>
+#include <stdlib.h>
 #include <unistd.h>
 #include <string.h>
 #include <errno.h>
--- a/src/imapfilter.c
+++ b/src/imapfilter.c
@ -7,6 +7,9 @@
 #include <sys/stat.h>
 #include <locale.h>

+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
 #include "imapfilter.h"
 #include "session.h"
 #include "list.h"
@ -15,11 +18,6 @@
 #include "pathnames.h"
 #include "regexp.h"

-#ifndef NO_SSLTLS
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#endif
-

 extern buffer ibuf, obuf, nbuf, cbuf;
 extern regexp responses[];
@ -100,10 +98,8 @@ main(int argc, char *argv[])

 	regexp_compile(responses);

-#ifndef NO_SSLTLS
 	SSL_library_init();
 	SSL_load_error_strings();
-#endif

 	start_lua();
 #if LUA_VERSION_NUM < 502
@ -122,9 +118,7 @@ main(int argc, char *argv[])
 #endif
 	stop_lua();

-#ifndef NO_SSLTLS
 	ERR_free_strings();
-#endif

 	regexp_free(responses);

--- a/src/imapfilter.h
+++ b/src/imapfilter.h
@ -9,11 +9,9 @@
 #include <lua.h>
 #include <lualib.h>

-#include "session.h"
-
-#ifndef NO_SSLTLS
 #include <openssl/ssl.h>
-#endif
+
+#include "session.h"


 /* Fatal error exit codes. */
@ -79,15 +77,11 @@ typedef struct environment {


 /*	auth.c		*/
-#ifndef NO_CRAMMD5
 unsigned char *auth_cram_md5(const char *user, const char *pass,
    unsigned char *chal);
-#endif

 /*	cert.c		*/
-#ifndef NO_SSLTLS
 int get_cert(session *ssn);
-#endif

 /*	core.c		*/
 LUALIB_API int luaopen_ifcore(lua_State *lua);
@ -218,12 +212,10 @@ int close_connection(session *ssn);
 ssize_t socket_read(session *ssn, char *buf, size_t len, long timeout,
    int timeoutfail);
 ssize_t socket_write(session *ssn, const char *buf, size_t len);
-#ifndef NO_SSLTLS
 int open_secure_connection(session *ssn);
 int close_secure_connection(session *ssn);
 ssize_t socket_secure_read(session *ssn, char *buf, size_t len);
 ssize_t socket_secure_write(session *ssn, const char *buf, size_t len);
-#endif

 /*	system.c	*/
 LUALIB_API int luaopen_ifsys(lua_State *lua);
--- a/src/pathnames.h
+++ b/src/pathnames.h
@ -3,28 +3,28 @@


 /* Lua imapfilter set functions file. */
-#define PATHNAME_COMMON			MAKEFILE_SHAREDIR "/common.lua"
+#define PATHNAME_COMMON			CONFIG_SHAREDIR "/common.lua"

 /* Lua imapfilter set functions file. */
-#define PATHNAME_SET			MAKEFILE_SHAREDIR "/set.lua"
+#define PATHNAME_SET			CONFIG_SHAREDIR "/set.lua"

 /* Lua imapfilter account functions file. */
-#define PATHNAME_ACCOUNT		MAKEFILE_SHAREDIR "/account.lua"
+#define PATHNAME_ACCOUNT		CONFIG_SHAREDIR "/account.lua"

 /* Lua imapfilter mailbox functions file. */
-#define PATHNAME_MAILBOX		MAKEFILE_SHAREDIR "/mailbox.lua"
+#define PATHNAME_MAILBOX		CONFIG_SHAREDIR "/mailbox.lua"

 /* Lua imapfilter message functions file. */
-#define PATHNAME_MESSAGE		MAKEFILE_SHAREDIR "/message.lua"
+#define PATHNAME_MESSAGE		CONFIG_SHAREDIR "/message.lua"

 /* Lua imapfilter message functions file. */
-#define PATHNAME_OPTIONS		MAKEFILE_SHAREDIR "/options.lua"
+#define PATHNAME_OPTIONS		CONFIG_SHAREDIR "/options.lua"

 /* Lua imapfilter regex functions file. */
-#define PATHNAME_REGEX			MAKEFILE_SHAREDIR "/regex.lua"
+#define PATHNAME_REGEX			CONFIG_SHAREDIR "/regex.lua"

 /* Lua imapfilter auxiliary functions file. */
-#define PATHNAME_AUXILIARY		MAKEFILE_SHAREDIR "/auxiliary.lua"
+#define PATHNAME_AUXILIARY		CONFIG_SHAREDIR "/auxiliary.lua"


 #endif				/* PATHNAMES_H */
--- a/src/request.c
+++ b/src/request.c
@ -181,7 +181,6 @@ request_login(session **ssnptr, const char *server, const char *port, const
 	if (response_capability(ssn, t) == -1)
 		goto fail;

-#ifndef NO_SSLTLS
 	if (!ssn->ssl && ssn->capabilities & CAPABILITY_STARTTLS &&
 	    get_option_boolean("starttls")) {
 		t = send_request(ssn, "STARTTLS");
@ -198,10 +197,8 @@ request_login(session **ssnptr, const char *server, const char *port, const
 			break;
 		}
 	}
-#endif

 	if (rg != STATUS_PREAUTH) {
-#ifndef NO_CRAMMD5
 		if (ssn->capabilities & CAPABILITY_CRAMMD5 &&
 		    get_option_boolean("crammd5")) {
 			unsigned char *in, *out;
@ -221,7 +218,6 @@ request_login(session **ssnptr, const char *server, const char *port, const
 			} else
 				goto fail;
 		}
-#endif
 		if (r != STATUS_OK) {
 			t = send_request(ssn, "LOGIN \"%s\" \"%s\"",
 			    ssn->username, ssn->password);
--- a/src/response.c
+++ b/src/response.c
@ -320,14 +320,10 @@ response_capability(session *ssn, int tag)

 		if (xstrcasestr(s, "NAMESPACE"))
 			ssn->capabilities |= CAPABILITY_NAMESPACE;
-#ifndef NO_CRAMMD5
 		if (xstrcasestr(s, "AUTH=CRAM-MD5"))
 			ssn->capabilities |= CAPABILITY_CRAMMD5;
-#endif
-#ifndef NO_SSLTLS
 		if (xstrcasestr(s, "STARTTLS"))
 			ssn->capabilities |= CAPABILITY_STARTTLS;
-#endif
 		if (xstrcasestr(s, "CHILDREN"))
 			ssn->capabilities |= CAPABILITY_CHILDREN;

@ -341,7 +337,6 @@ response_capability(session *ssn, int tag)
 }


-#ifndef NO_CRAMMD5
 /*
 * Process the data that server sent due to IMAP AUTHENTICATE client request.
 */
@ -361,7 +356,6 @@ response_authenticate(session *ssn, int tag, unsigned char **cont)

 	return r;
 }
-#endif


 /*
--- a/src/session.c
+++ b/src/session.c
@ -41,9 +41,7 @@ session_init(session *ssn)
 	ssn->username = NULL;
 	ssn->password = NULL;
 	ssn->socket = -1;
-#ifndef NO_SSLTLS
 	ssn->sslsocket = NULL;
-#endif
 	ssn->protocol = PROTOCOL_NONE;
 	ssn->capabilities = CAPABILITY_NONE;
 	ssn->ns.prefix = NULL;
--- a/src/session.h
+++ b/src/session.h
@ -2,9 +2,7 @@
 #define SESSION_H


-#ifndef NO_SSLTLS
 #include <openssl/ssl.h>
-#endif


 /* IMAP session. */
@ -15,9 +13,7 @@ typedef struct session {
 	const char *username;	/* User name. */
 	const char *password;	/* User password. */
 	int socket;		/* Socket. */
-#ifndef NO_SSLTLS
 	SSL *sslsocket;		/* SSL socket. */
-#endif
 	unsigned int protocol;	/* IMAP protocol.  Currently IMAP4rev1 and
 				 * IMAP4 are supported. */
 	unsigned int capabilities;	/* Capabilities of the mail server. */
--- a/src/socket.c
+++ b/src/socket.c
@ -10,13 +10,11 @@
 #include <sys/time.h>
 #include <sys/select.h>

-#include "imapfilter.h"
-#include "session.h"
-
-#ifndef NO_SSLTLS
 #include <openssl/ssl.h>
 #include <openssl/err.h>
-#endif
+
+#include "imapfilter.h"
+#include "session.h"


 /*
@ -28,13 +26,6 @@ open_connection(session *ssn)
 	struct addrinfo hints, *res, *ressave;
 	int n, sockfd;

-#ifdef NO_SSLTLS
-	if (ssn->ssl) {
-		error("SSL not supported by this build\n");
-		return -1;
-	}
-#endif
-
 	memset(&hints, 0, sizeof(struct addrinfo));

 	hints.ai_family = AF_UNSPEC;
@ -75,20 +66,17 @@ open_connection(session *ssn)

 	ssn->socket = sockfd;

-#ifndef NO_SSLTLS
 	if (ssn->ssl) {
 		if (open_secure_connection(ssn) == -1) {
 			close_connection(ssn);
 			return -1;
 		}
 	}
-#endif

 	return ssn->socket;
 }


-#ifndef NO_SSLTLS
 /*
 * Initialize SSL/TLS connection.
 */
@ -166,7 +154,6 @@ fail:

 	return -1;
 }
-#endif				/* NO_SSLTLS */


 /*
@ -179,9 +166,7 @@ close_connection(session *ssn)

 	r = 0;

-#ifndef NO_SSLTLS
 	close_secure_connection(ssn);
-#endif

 	if (ssn->socket != -1) {
 		r = close(ssn->socket);
@ -194,7 +179,6 @@ close_connection(session *ssn)
 }


-#ifndef NO_SSLTLS
 /*
 * Shutdown SSL/TLS connection.
 */
@ -210,7 +194,6 @@ close_secure_connection(session *ssn)

 	return 0;
 }
-#endif


 /*
@ -242,7 +225,6 @@ socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail)
 	FD_ZERO(&fds);
 	FD_SET(ssn->socket, &fds);
 
-#ifndef NO_SSLTLS
 	if (ssn->sslsocket) {
 		if (SSL_pending(ssn->sslsocket) > 0 ||
 		    ((s = select(ssn->socket + 1, &fds, NULL, NULL, tvp)) > 0 &&
@ -252,9 +234,7 @@ socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail)
 			if (r <= 0)
 				goto fail;
 		}
-	} else
-#endif
-	{
+	} else {
 		if ((s = select(ssn->socket + 1, &fds, NULL, NULL, tvp)) > 0 &&
 		    FD_ISSET(ssn->socket, &fds)) {
 			r = read(ssn->socket, buf, len);
@ -285,7 +265,6 @@ fail:
 }


-#ifndef NO_SSLTLS
 /*
 * Read data from a TLS/SSL connection.
 */
@ -332,7 +311,6 @@ socket_secure_read(session *ssn, char *buf, size_t len)

 	return r;
 }
-#endif


 /*
@ -354,15 +332,12 @@ socket_write(session *ssn, const char *buf, size_t len)
 	while (len) {
 		if ((s = select(ssn->socket + 1, NULL, &fds, NULL, NULL) > 0 &&
 		    FD_ISSET(ssn->socket, &fds))) {
-#ifndef NO_SSLTLS
 			if (ssn->sslsocket) {
 				r = socket_secure_write(ssn, buf, len);

 				if (r <= 0)
 					goto fail;
-			} else
-#endif
-			{
+			} else {
 				r = write(ssn->socket, buf, len);

 				if (r == -1) {
@ -398,7 +373,6 @@ fail:
 }


-#ifndef NO_SSLTLS
 /*
 * Write data to a TLS/SSL connection.
 */
@ -445,4 +419,3 @@ socket_secure_write(session *ssn, const char *buf, size_t len)

 	return r;
 }
-#endif