X-Git-Url: http://git.marmaro.de/?a=blobdiff_plain;f=mts%2Fsmtp%2Fsmtp.c;h=8d3a23337e24a5107aa21af6affe607daf9a9d84;hb=ec8527028003cd9bd8170b5aa3f8ba63020487d3;hp=e6bca9a9f1338f49d9a2ac6574cf285976a5fed9;hpb=da304a48a24d7cc7fafae13c994d94ad3d6483f2;p=mmh diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c index e6bca9a..8d3a233 100644 --- a/mts/smtp/smtp.c +++ b/mts/smtp/smtp.c @@ -1,8 +1,6 @@ /* * smtp.c -- nmh SMTP interface * - * $Id$ - * * This code is Copyright (c) 2002, by the authors of nmh. See the * COPYRIGHT file in the root directory of the nmh distribution for * complete copyright information. @@ -118,6 +116,7 @@ static SSL_CTX *sslctx = NULL; static SSL *ssl = NULL; static BIO *sbior = NULL; static BIO *sbiow = NULL; +static BIO *io = NULL; #endif /* TLS_SUPPORT */ #if defined(CYRUS_SASL) || defined(TLS_SUPPORT) @@ -288,6 +287,8 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose, */ if (tls) { + BIO *ssl_bio; + if (! EHLOset("STARTTLS")) { sm_end(NOTOK); return sm_ierror("SMTP server does not support TLS"); @@ -340,8 +341,36 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose, } SSL_set_bio(ssl, sbior, sbiow); + SSL_set_connect_state(ssl); + + /* + * Set up a BIO to handle buffering for us + */ + + io = BIO_new(BIO_f_buffer()); + + if (! io) { + sm_end(NOTOK); + return sm_ierror("Unable to create a buffer BIO: %s", + ERR_error_string(ERR_get_error(), NULL)); + } + + ssl_bio = BIO_new(BIO_f_ssl()); + + if (! ssl_bio) { + sm_end(NOTOK); + return sm_ierror("Unable to create a SSL BIO: %s", + ERR_error_string(ERR_get_error(), NULL)); + } + + BIO_set_ssl(ssl_bio, ssl, BIO_CLOSE); + BIO_push(io, ssl_bio); - if (SSL_connect(ssl) < 1) { + /* + * Try doing the handshake now + */ + + if (BIO_do_handshake(io) < 1) { sm_end(NOTOK); return sm_ierror("Unable to negotiate SSL connection: %s", ERR_error_string(ERR_get_error(), NULL)); @@ -443,12 +472,12 @@ sendmail_init (char *client, char *server, int watch, int verbose, if (client == NULL || *client == '\0') client = "localhost"; -#ifdef CYRUS_SASL +#if defined(CYRUS_SASL) || defined(TLS_SUPPORT) sasl_inbuffer = malloc(SASL_MAXRECVBUF); if (!sasl_inbuffer) return sm_ierror("Unable to allocate %d bytes for read buffer", SASL_MAXRECVBUF); -#endif /* CYRUS_SASL */ +#endif /* CYRUS_SASL || TLS_SUPPORT */ if (pipe (pdi) == NOTOK) return sm_ierror ("no pipes"); @@ -787,10 +816,12 @@ sm_end (int type) break; } +#ifdef TLS_SUPPORT if (tls_active) { - SSL_shutdown(ssl); - SSL_free(ssl); + BIO_ssl_shutdown(io); + BIO_free_all(io); } +#endif /* TLS_SUPPORT */ if (sm_rfp != NULL) { alarm (SM_CLOS); @@ -1235,9 +1266,9 @@ sm_fwrite(char *buffer, int len) if (tls_active) { int ret; - ret = SSL_write(ssl, buffer, len); + ret = BIO_write(io, buffer, len); - if (SSL_get_error(ssl, ret) != SSL_ERROR_NONE) { + if (ret <= 0) { sm_ierror("TLS error during write: %s", ERR_error_string(ERR_get_error(), NULL)); return NOTOK; @@ -1316,6 +1347,12 @@ sm_fflush(void) } #endif /* CYRUS_SASL */ +#ifdef TLS_SUPPORT + if (tls_active) { + (void) BIO_flush(io); + } +#endif /* TLS_SUPPORT */ + fflush(sm_wfp); } @@ -1572,6 +1609,7 @@ sm_fgetc(FILE *f) * encryption working */ +#ifdef CYRUS_SASL if (sasl_complete == 0 || sasl_ssf == 0) { retbuf = tmpbuf; retbufsize = cc; @@ -1585,6 +1623,10 @@ sm_fgetc(FILE *f) return -2; } } +#else /* ! CYRUS_SASL */ + retbuf = tmpbuf; + retbufsize = cc; +#endif /* CYRUS_SASL */ } if (retbufsize > SASL_MAXRECVBUF) {