From e907fe5fdf893d117a8d9775e47c384b906a8f6c Mon Sep 17 00:00:00 2001 From: Lefteris Chatzimparmpas Date: Sun, 19 Feb 2012 12:36:44 +0100 Subject: [PATCH] Make OpenSSL a mandatory requirement There is no point in having SSL/TLS IMAP support as optional, it's as useful if not more than the the non-encrypted connections. The Makefile was better organized to make it easier to change some options during compile. The SHAREDIR variable passed as configuration option has changed name. --- Makefile | 2 +- README | 2 +- src/Makefile | 22 +++++++++++++++------- src/auth.c | 6 ++---- src/cert.c | 9 +++------ src/file.c | 1 + src/imapfilter.c | 12 +++--------- src/imapfilter.h | 12 ++---------- src/pathnames.h | 16 ++++++++-------- src/request.c | 4 ---- src/response.c | 6 ------ src/session.c | 2 -- src/session.h | 4 ---- src/socket.c | 37 +++++-------------------------------- 14 files changed, 41 insertions(+), 94 deletions(-) diff --git a/Makefile b/Makefile index f4e6ab3..2af7238 100644 --- a/Makefile +++ b/Makefile @@ -1,2 +1,2 @@ -all nossl install uninstall clean: +all install uninstall clean: cd src && $(MAKE) $@ diff --git a/README b/README index e3660af..268ab1b 100644 --- a/README +++ b/README @@ -26,7 +26,7 @@ Changes Installation Compile time requirements are Lua (version 5.2 or 5.1), the PCRE library, and - optionally the OpenSSL library (for SSL/TLS and CRAM-MD5 support). + the OpenSSL library. Compile and install the program: diff --git a/src/Makefile b/src/Makefile index b021281..3938401 100644 --- a/src/Makefile +++ b/src/Makefile @@ -4,9 +4,21 @@ BINDIR = $(PREFIX)/bin SHAREDIR = $(PREFIX)/share/imapfilter MANDIR = $(PREFIX)/man -CFLAGS = -Wall -O -DMAKEFILE_SHAREDIR='"$(SHAREDIR)"' -LDFLAGS = -LIBS = -lm -llua -lpcre -lssl -lcrypto +MYCFLAGS = +MYLDFLAGS = +MYLIBS = + +INCDIRS = +LIBDIRS = + +LIBLUA = -llua +LIBPCRE = -lpcre +LIBSSL = -lssl +LIBCRYPTO = -lcrypto + +CFLAGS = -Wall -O -DCONFIG_SHAREDIR='"$(SHAREDIR)"' $(INCDIRS) $(MYCFLAGS) +LDFLAGS = $(LIBDIRS) $(MYLDFLAGS) +LIBS = -lm $(LIBLUA) $(LIBPCRE) $(LIBSSL) $(LIBCRYPTO) $(MYLIBS) MAN1 = imapfilter.1 MAN5 = imapfilter_config.5 @@ -21,10 +33,6 @@ OBJ = auth.o buffer.o cert.o core.o file.o imapfilter.o list.o log.o lua.o \ all: $(BIN) -nossl: - $(MAKE) $(BIN) CFLAGS="-Wall -O -DMAKEFILE_SHAREDIR='\"$(SHAREDIR)\"' \ - -DNO_SSLTLS -DNO_CRAMMD5" LIBS="-lm -llua -lpcre" - $(BIN): $(OBJ) $(CC) -o $(BIN) $(LDFLAGS) $(OBJ) $(LIBS) diff --git a/src/auth.c b/src/auth.c index 4c1d772..fec6e8c 100644 --- a/src/auth.c +++ b/src/auth.c @@ -1,12 +1,11 @@ #include #include -#include "imapfilter.h" - -#ifndef NO_CRAMMD5 #include #include +#include "imapfilter.h" + /* * Authenticate to the server with the Challenge-Response Authentication @@ -57,4 +56,3 @@ auth_cram_md5(const char *user, const char *pass, unsigned char *chal) return out; } -#endif /* NO_CRAMMD5 */ diff --git a/src/cert.c b/src/cert.c index 21ac475..6922e88 100644 --- a/src/cert.c +++ b/src/cert.c @@ -1,5 +1,3 @@ -#ifndef NO_SSLTLS - #include #include #include @@ -7,14 +5,14 @@ #include #include -#include "imapfilter.h" -#include "session.h" - #include #include #include #include +#include "imapfilter.h" +#include "session.h" + extern environment env; @@ -207,4 +205,3 @@ mismatch_cert(void) else return -1; } -#endif /* NO_SSLTLS */ diff --git a/src/file.c b/src/file.c index 1de5d36..375281e 100644 --- a/src/file.c +++ b/src/file.c @@ -1,4 +1,5 @@ #include +#include #include #include #include diff --git a/src/imapfilter.c b/src/imapfilter.c index 227cf77..39f9c62 100644 --- a/src/imapfilter.c +++ b/src/imapfilter.c @@ -7,6 +7,9 @@ #include #include +#include +#include + #include "imapfilter.h" #include "session.h" #include "list.h" @@ -15,11 +18,6 @@ #include "pathnames.h" #include "regexp.h" -#ifndef NO_SSLTLS -#include -#include -#endif - extern buffer ibuf, obuf, nbuf, cbuf; extern regexp responses[]; @@ -100,10 +98,8 @@ main(int argc, char *argv[]) regexp_compile(responses); -#ifndef NO_SSLTLS SSL_library_init(); SSL_load_error_strings(); -#endif start_lua(); #if LUA_VERSION_NUM < 502 @@ -122,9 +118,7 @@ main(int argc, char *argv[]) #endif stop_lua(); -#ifndef NO_SSLTLS ERR_free_strings(); -#endif regexp_free(responses); diff --git a/src/imapfilter.h b/src/imapfilter.h index 3932af2..526c11c 100644 --- a/src/imapfilter.h +++ b/src/imapfilter.h @@ -9,11 +9,9 @@ #include #include -#include "session.h" - -#ifndef NO_SSLTLS #include -#endif + +#include "session.h" /* Fatal error exit codes. */ @@ -79,15 +77,11 @@ typedef struct environment { /* auth.c */ -#ifndef NO_CRAMMD5 unsigned char *auth_cram_md5(const char *user, const char *pass, unsigned char *chal); -#endif /* cert.c */ -#ifndef NO_SSLTLS int get_cert(session *ssn); -#endif /* core.c */ LUALIB_API int luaopen_ifcore(lua_State *lua); @@ -218,12 +212,10 @@ int close_connection(session *ssn); ssize_t socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail); ssize_t socket_write(session *ssn, const char *buf, size_t len); -#ifndef NO_SSLTLS int open_secure_connection(session *ssn); int close_secure_connection(session *ssn); ssize_t socket_secure_read(session *ssn, char *buf, size_t len); ssize_t socket_secure_write(session *ssn, const char *buf, size_t len); -#endif /* system.c */ LUALIB_API int luaopen_ifsys(lua_State *lua); diff --git a/src/pathnames.h b/src/pathnames.h index 15ab23a..7dac639 100644 --- a/src/pathnames.h +++ b/src/pathnames.h @@ -3,28 +3,28 @@ /* Lua imapfilter set functions file. */ -#define PATHNAME_COMMON MAKEFILE_SHAREDIR "/common.lua" +#define PATHNAME_COMMON CONFIG_SHAREDIR "/common.lua" /* Lua imapfilter set functions file. */ -#define PATHNAME_SET MAKEFILE_SHAREDIR "/set.lua" +#define PATHNAME_SET CONFIG_SHAREDIR "/set.lua" /* Lua imapfilter account functions file. */ -#define PATHNAME_ACCOUNT MAKEFILE_SHAREDIR "/account.lua" +#define PATHNAME_ACCOUNT CONFIG_SHAREDIR "/account.lua" /* Lua imapfilter mailbox functions file. */ -#define PATHNAME_MAILBOX MAKEFILE_SHAREDIR "/mailbox.lua" +#define PATHNAME_MAILBOX CONFIG_SHAREDIR "/mailbox.lua" /* Lua imapfilter message functions file. */ -#define PATHNAME_MESSAGE MAKEFILE_SHAREDIR "/message.lua" +#define PATHNAME_MESSAGE CONFIG_SHAREDIR "/message.lua" /* Lua imapfilter message functions file. */ -#define PATHNAME_OPTIONS MAKEFILE_SHAREDIR "/options.lua" +#define PATHNAME_OPTIONS CONFIG_SHAREDIR "/options.lua" /* Lua imapfilter regex functions file. */ -#define PATHNAME_REGEX MAKEFILE_SHAREDIR "/regex.lua" +#define PATHNAME_REGEX CONFIG_SHAREDIR "/regex.lua" /* Lua imapfilter auxiliary functions file. */ -#define PATHNAME_AUXILIARY MAKEFILE_SHAREDIR "/auxiliary.lua" +#define PATHNAME_AUXILIARY CONFIG_SHAREDIR "/auxiliary.lua" #endif /* PATHNAMES_H */ diff --git a/src/request.c b/src/request.c index 60b6176..c3a164d 100644 --- a/src/request.c +++ b/src/request.c @@ -181,7 +181,6 @@ request_login(session **ssnptr, const char *server, const char *port, const if (response_capability(ssn, t) == -1) goto fail; -#ifndef NO_SSLTLS if (!ssn->ssl && ssn->capabilities & CAPABILITY_STARTTLS && get_option_boolean("starttls")) { t = send_request(ssn, "STARTTLS"); @@ -198,10 +197,8 @@ request_login(session **ssnptr, const char *server, const char *port, const break; } } -#endif if (rg != STATUS_PREAUTH) { -#ifndef NO_CRAMMD5 if (ssn->capabilities & CAPABILITY_CRAMMD5 && get_option_boolean("crammd5")) { unsigned char *in, *out; @@ -221,7 +218,6 @@ request_login(session **ssnptr, const char *server, const char *port, const } else goto fail; } -#endif if (r != STATUS_OK) { t = send_request(ssn, "LOGIN \"%s\" \"%s\"", ssn->username, ssn->password); diff --git a/src/response.c b/src/response.c index f23caaf..360be03 100644 --- a/src/response.c +++ b/src/response.c @@ -320,14 +320,10 @@ response_capability(session *ssn, int tag) if (xstrcasestr(s, "NAMESPACE")) ssn->capabilities |= CAPABILITY_NAMESPACE; -#ifndef NO_CRAMMD5 if (xstrcasestr(s, "AUTH=CRAM-MD5")) ssn->capabilities |= CAPABILITY_CRAMMD5; -#endif -#ifndef NO_SSLTLS if (xstrcasestr(s, "STARTTLS")) ssn->capabilities |= CAPABILITY_STARTTLS; -#endif if (xstrcasestr(s, "CHILDREN")) ssn->capabilities |= CAPABILITY_CHILDREN; @@ -341,7 +337,6 @@ response_capability(session *ssn, int tag) } -#ifndef NO_CRAMMD5 /* * Process the data that server sent due to IMAP AUTHENTICATE client request. */ @@ -361,7 +356,6 @@ response_authenticate(session *ssn, int tag, unsigned char **cont) return r; } -#endif /* diff --git a/src/session.c b/src/session.c index 0173a33..9454902 100644 --- a/src/session.c +++ b/src/session.c @@ -41,9 +41,7 @@ session_init(session *ssn) ssn->username = NULL; ssn->password = NULL; ssn->socket = -1; -#ifndef NO_SSLTLS ssn->sslsocket = NULL; -#endif ssn->protocol = PROTOCOL_NONE; ssn->capabilities = CAPABILITY_NONE; ssn->ns.prefix = NULL; diff --git a/src/session.h b/src/session.h index b6cb74d..ba1fe50 100644 --- a/src/session.h +++ b/src/session.h @@ -2,9 +2,7 @@ #define SESSION_H -#ifndef NO_SSLTLS #include -#endif /* IMAP session. */ @@ -15,9 +13,7 @@ typedef struct session { const char *username; /* User name. */ const char *password; /* User password. */ int socket; /* Socket. */ -#ifndef NO_SSLTLS SSL *sslsocket; /* SSL socket. */ -#endif unsigned int protocol; /* IMAP protocol. Currently IMAP4rev1 and * IMAP4 are supported. */ unsigned int capabilities; /* Capabilities of the mail server. */ diff --git a/src/socket.c b/src/socket.c index 246a30f..2e551da 100644 --- a/src/socket.c +++ b/src/socket.c @@ -10,13 +10,11 @@ #include #include -#include "imapfilter.h" -#include "session.h" - -#ifndef NO_SSLTLS #include #include -#endif + +#include "imapfilter.h" +#include "session.h" /* @@ -28,13 +26,6 @@ open_connection(session *ssn) struct addrinfo hints, *res, *ressave; int n, sockfd; -#ifdef NO_SSLTLS - if (ssn->ssl) { - error("SSL not supported by this build\n"); - return -1; - } -#endif - memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_family = AF_UNSPEC; @@ -75,20 +66,17 @@ open_connection(session *ssn) ssn->socket = sockfd; -#ifndef NO_SSLTLS if (ssn->ssl) { if (open_secure_connection(ssn) == -1) { close_connection(ssn); return -1; } } -#endif return ssn->socket; } -#ifndef NO_SSLTLS /* * Initialize SSL/TLS connection. */ @@ -166,7 +154,6 @@ fail: return -1; } -#endif /* NO_SSLTLS */ /* @@ -179,9 +166,7 @@ close_connection(session *ssn) r = 0; -#ifndef NO_SSLTLS close_secure_connection(ssn); -#endif if (ssn->socket != -1) { r = close(ssn->socket); @@ -194,7 +179,6 @@ close_connection(session *ssn) } -#ifndef NO_SSLTLS /* * Shutdown SSL/TLS connection. */ @@ -210,7 +194,6 @@ close_secure_connection(session *ssn) return 0; } -#endif /* @@ -242,7 +225,6 @@ socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail) FD_ZERO(&fds); FD_SET(ssn->socket, &fds); -#ifndef NO_SSLTLS if (ssn->sslsocket) { if (SSL_pending(ssn->sslsocket) > 0 || ((s = select(ssn->socket + 1, &fds, NULL, NULL, tvp)) > 0 && @@ -252,9 +234,7 @@ socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail) if (r <= 0) goto fail; } - } else -#endif - { + } else { if ((s = select(ssn->socket + 1, &fds, NULL, NULL, tvp)) > 0 && FD_ISSET(ssn->socket, &fds)) { r = read(ssn->socket, buf, len); @@ -285,7 +265,6 @@ fail: } -#ifndef NO_SSLTLS /* * Read data from a TLS/SSL connection. */ @@ -332,7 +311,6 @@ socket_secure_read(session *ssn, char *buf, size_t len) return r; } -#endif /* @@ -354,15 +332,12 @@ socket_write(session *ssn, const char *buf, size_t len) while (len) { if ((s = select(ssn->socket + 1, NULL, &fds, NULL, NULL) > 0 && FD_ISSET(ssn->socket, &fds))) { -#ifndef NO_SSLTLS if (ssn->sslsocket) { r = socket_secure_write(ssn, buf, len); if (r <= 0) goto fail; - } else -#endif - { + } else { r = write(ssn->socket, buf, len); if (r == -1) { @@ -398,7 +373,6 @@ fail: } -#ifndef NO_SSLTLS /* * Write data to a TLS/SSL connection. */ @@ -445,4 +419,3 @@ socket_secure_write(session *ssn, const char *buf, size_t len) return r; } -#endif