summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org>2021-08-25 08:57:09 +0300
committerSergey Poznyakoff <gray@gnu.org>2021-08-25 09:27:01 +0300
commit35fbbaf08f523e6bbe49af4a1cdbe53626e69e29 (patch)
treec6d46b28bf351516bd641e77a1e7430b6ff6b532
parentb9e2329f22c65e88c804e4e7c942381239d64bc6 (diff)
downloadmailutils-35fbbaf08f523e6bbe49af4a1cdbe53626e69e29.tar.gz
mailutils-35fbbaf08f523e6bbe49af4a1cdbe53626e69e29.tar.bz2
New function mu_tlsfd_stream2_convert
* libmu_auth/tlsfdstr.c (mu_tlsfd_stream_create): Remove last argument. All uses changed. (mu_tlsfd_stream2_convert): New function. * include/mailutils/tls.h (mu_tlsfd_stream_create): Change signature (flags removed). (mu_tlsfd_stream2_convert): New proto. (mu_tlsfd_stream_convert): New inline function. * libmailutils/diag/errors (MU_ERR_TRANSPORT_GET) (MU_ERR_TRANSPORT_SET): New error codes. * imap4d/io.c (imap4d_init_tls_server): Use mu_tlsfd_stream2_convert. * pop3d/extra.c (pop3d_init_tls_server): Use mu_tlsfd_stream2_convert.
-rw-r--r--imap4d/io.c77
-rw-r--r--include/mailutils/tls.h15
-rw-r--r--libmailutils/diag/errors4
-rw-r--r--libmu_auth/tlsfdstr.c72
-rw-r--r--pop3d/extra.c78
5 files changed, 125 insertions, 121 deletions
diff --git a/imap4d/io.c b/imap4d/io.c
index 238c1a4b8..7076eb03e 100644
--- a/imap4d/io.c
+++ b/imap4d/io.c
@@ -62,7 +62,7 @@ io_setio (int ifd, int ofd, struct mu_tls_config *tls_conf)
if (tls_conf)
{
- rc = mu_tlsfd_stream_create (&str, ifd, ofd, tls_conf, MU_TLS_SERVER, 0);
+ rc = mu_tlsfd_stream_create (&str, ifd, ofd, tls_conf, MU_TLS_SERVER);
if (rc)
{
mu_error (_("failed to create TLS stream: %s"), mu_strerror (rc));
@@ -127,64 +127,10 @@ int
imap4d_init_tls_server (struct mu_tls_config *tls_conf)
{
mu_stream_t tlsstream, stream[2], tstr, istr;
- mu_transport_t t[2];
- int ifd, ofd;
int rc;
-
- rc = mu_stream_ioctl (iostream, MU_IOCTL_SUBSTREAM, MU_IOCTL_OP_GET, stream);
- if (rc)
- {
- mu_error (_("%s failed: %s"), "MU_IOCTL_SUBSTREAM",
- mu_stream_strerror (iostream, rc));
- return 1;
- }
-
- rc = mu_stream_ioctl (stream[MU_TRANSPORT_INPUT], MU_IOCTL_TRANSPORT,
- MU_IOCTL_OP_GET, t);
- if (rc)
- {
- mu_error (_("%s failed: %s"), "MU_IOCTL_TRANSPORT",
- mu_stream_strerror (iostream, rc));
- return 1;
- }
- ifd = (int) (intptr_t) t[0];
-
- rc = mu_stream_ioctl (stream[MU_TRANSPORT_OUTPUT], MU_IOCTL_TRANSPORT,
- MU_IOCTL_OP_GET, t);
- if (rc)
- {
- mu_error (_("%s failed: %s"), "MU_IOCTL_TRANSPORT",
- mu_stream_strerror (iostream, rc));
- return 1;
- }
- ofd = (int) (intptr_t) t[0];
-
- rc = mu_tlsfd_stream_create (&tlsstream, ifd, ofd,
- tls_conf,
- MU_TLS_SERVER,
- 0);
-
- if (rc)
- {
- mu_diag_output (MU_DIAG_ERROR, _("cannot open TLS stream: %s"),
- mu_strerror (rc));
- return 1;
- }
-
- log_cipher (tlsstream);
-
- t[0] = (mu_transport_t) -1;
- mu_stream_ioctl (stream[MU_TRANSPORT_INPUT], MU_IOCTL_TRANSPORT,
- MU_IOCTL_OP_SET, t);
- t[0] = (mu_transport_t) -1;
- mu_stream_ioctl (stream[MU_TRANSPORT_OUTPUT], MU_IOCTL_TRANSPORT,
- MU_IOCTL_OP_SET, t);
- mu_stream_unref (stream[0]);
- mu_stream_unref (stream[1]);
-
/*
- * Find the iostream and replace it with the TLS stream.
+ * Find the iostream.
* Unless transcript is enabled the iostream variable refers to a
* CRLF filter, and its sub-stream is the iostream object. If transcript
* is enabled, the treanscript stream is added on top and iostream refers
@@ -215,7 +161,21 @@ imap4d_init_tls_server (struct mu_tls_config *tls_conf)
mu_stream_unref (stream[0]);
mu_stream_unref (stream[1]);
-
+
+ rc = mu_tlsfd_stream2_convert (&tlsstream, stream[0], stream[1],
+ tls_conf, MU_TLS_SERVER);
+ if (rc)
+ {
+ mu_error(_("cannot open TLS stream: %s"), mu_strerror (rc));
+ if (rc == MU_ERR_TRANSPORT_SET)
+ {
+ mu_stream_destroy (&tlsstream);
+ /* iostream is unusable now */
+ exit (EX_UNAVAILABLE);
+ }
+ return rc;
+ }
+
stream[0] = tlsstream;
stream[1] = NULL;
rc = mu_stream_ioctl (tstr, MU_IOCTL_TOPSTREAM, MU_IOCTL_OP_SET, stream);
@@ -223,9 +183,10 @@ imap4d_init_tls_server (struct mu_tls_config *tls_conf)
{
mu_error (_("INTERNAL ERROR: failed to install TLS stream: %s"),
mu_strerror (rc));
- return 1;
+ exit (EX_UNAVAILABLE);
}
mu_stream_unref (tlsstream);
+ log_cipher (tlsstream);
return 0;
}
diff --git a/include/mailutils/tls.h b/include/mailutils/tls.h
index 752598d67..d189f7723 100644
--- a/include/mailutils/tls.h
+++ b/include/mailutils/tls.h
@@ -63,8 +63,19 @@ void mu_tls_cfg_init (void);
int mu_tlsfd_stream_create (mu_stream_t *pstream, int ifd, int ofd,
struct mu_tls_config const *conf,
- enum mu_tls_type type,
- int flags);
+ enum mu_tls_type type);
+int mu_tlsfd_stream2_convert (mu_stream_t *pstream,
+ mu_stream_t istr, mu_stream_t ostr,
+ struct mu_tls_config const *conf,
+ enum mu_tls_type type);
+static inline int
+mu_tlsfd_stream_convert (mu_stream_t *pstream, mu_stream_t tstr,
+ struct mu_tls_config const *conf,
+ enum mu_tls_type type)
+{
+ return mu_tlsfd_stream2_convert (pstream, tstr, NULL, conf, type);
+}
+
int mu_tls_stream_create (mu_stream_t *pstream,
mu_stream_t strin, mu_stream_t strout,
struct mu_tls_config const *conf,
diff --git a/libmailutils/diag/errors b/libmailutils/diag/errors
index 54df0b0f1..1777efe29 100644
--- a/libmailutils/diag/errors
+++ b/libmailutils/diag/errors
@@ -146,4 +146,8 @@ MU_ERR_TIMEOUT _("timed out")
MU_ERR_SET_TIMEOUT _("error setting timeout")
MU_ERR_WRITE _("write error")
+
MU_ERR_TLS _("TLS error")
+
+MU_ERR_TRANSPORT_GET _("can't get transport desciptor")
+MU_ERR_TRANSPORT_SET _("can't set transport desciptor")
diff --git a/libmu_auth/tlsfdstr.c b/libmu_auth/tlsfdstr.c
index be369a3e9..abf756615 100644
--- a/libmu_auth/tlsfdstr.c
+++ b/libmu_auth/tlsfdstr.c
@@ -601,8 +601,7 @@ _tlsfd_error_string (struct _mu_stream *stream, int rc)
int
mu_tlsfd_stream_create (mu_stream_t *pstream, int ifd, int ofd,
struct mu_tls_config const *conf,
- enum mu_tls_type type,
- int flags)
+ enum mu_tls_type type)
{
struct _mu_tlsfd_stream *sp;
int rc;
@@ -685,3 +684,72 @@ mu_tlsfd_stream_create (mu_stream_t *pstream, int ifd, int ofd,
*pstream = stream;
return rc;
}
+
+int
+mu_tlsfd_stream2_convert (mu_stream_t *pstream,
+ mu_stream_t istr, mu_stream_t ostr,
+ struct mu_tls_config const *conf,
+ enum mu_tls_type type)
+{
+ mu_transport_t t[2];
+ int ifd, ofd;
+ int rc;
+
+ rc = mu_stream_ioctl (istr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_GET, t);
+ if (rc)
+ {
+ mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
+ ("ioctl(istr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_GET): %s",
+ mu_stream_strerror (istr, rc)));
+ return MU_ERR_TRANSPORT_GET;
+ }
+ ifd = (int) (intptr_t) t[0];
+
+ if (ostr)
+ {
+ rc = mu_stream_ioctl (ostr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_GET, t);
+ if (rc)
+ {
+ mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
+ ("ioctl(ostr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_GET): %s",
+ mu_stream_strerror (ostr, rc)));
+ return MU_ERR_TRANSPORT_GET;
+ }
+ ofd = (int) (intptr_t) t[0];
+ }
+ else
+ ofd = ifd;
+
+ rc = mu_tlsfd_stream_create (pstream, ifd, ofd, conf, type);
+ if (rc)
+ {
+ mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
+ ("mu_tlsfd_stream_create: %s", mu_strerror (rc)));
+ return rc;
+ }
+
+ t[0] = (mu_transport_t) -1;
+ t[1] = NULL;
+ rc = mu_stream_ioctl (istr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET, t);
+ if (rc)
+ {
+ mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
+ ("ioctl(istr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET): %s",
+ mu_stream_strerror (istr, rc)));
+ return MU_ERR_TRANSPORT_SET;
+ }
+ if (ostr)
+ {
+ t[0] = NULL;
+ t[1] = (mu_transport_t) -1;
+ rc = mu_stream_ioctl (ostr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET, t);
+ if (rc)
+ {
+ mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
+ ("ioctl(ostr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET): %s",
+ mu_stream_strerror (ostr, rc)));
+ return MU_ERR_TRANSPORT_SET;
+ }
+ }
+ return 0;
+}
diff --git a/pop3d/extra.c b/pop3d/extra.c
index 4c175f388..a21785a5a 100644
--- a/pop3d/extra.c
+++ b/pop3d/extra.c
@@ -169,7 +169,7 @@ pop3d_setio (int ifd, int ofd, struct mu_tls_config *tls_conf)
if (tls_conf)
{
- rc = mu_tlsfd_stream_create (&str, ifd, ofd, tls_conf, MU_TLS_SERVER, 0);
+ rc = mu_tlsfd_stream_create (&str, ifd, ofd, tls_conf, MU_TLS_SERVER);
if (rc)
{
mu_error (_("failed to create TLS stream: %s"), mu_strerror (rc));
@@ -234,64 +234,10 @@ int
pop3d_init_tls_server (struct mu_tls_config *tls_conf)
{
mu_stream_t tlsstream, stream[2], tstr, istr;
- mu_transport_t t[2];
- int ifd, ofd;
int rc;
-
- rc = mu_stream_ioctl (iostream, MU_IOCTL_SUBSTREAM, MU_IOCTL_OP_GET, stream);
- if (rc)
- {
- mu_error (_("%s failed: %s"), "MU_IOCTL_SUBSTREAM",
- mu_stream_strerror (iostream, rc));
- return 1;
- }
- rc = mu_stream_ioctl (stream[MU_TRANSPORT_INPUT], MU_IOCTL_TRANSPORT,
- MU_IOCTL_OP_GET, t);
- if (rc)
- {
- mu_error (_("%s failed: %s"), "MU_IOCTL_TRANSPORT",
- mu_stream_strerror (iostream, rc));
- return 1;
- }
- ifd = (int) (intptr_t) t[0];
-
- rc = mu_stream_ioctl (stream[MU_TRANSPORT_OUTPUT], MU_IOCTL_TRANSPORT,
- MU_IOCTL_OP_GET, t);
- if (rc)
- {
- mu_error (_("%s failed: %s"), "MU_IOCTL_TRANSPORT",
- mu_stream_strerror (iostream, rc));
- return 1;
- }
- ofd = (int) (intptr_t) t[0];
-
- rc = mu_tlsfd_stream_create (&tlsstream, ifd, ofd,
- tls_conf,
- MU_TLS_SERVER,
- 0);
-
- if (rc)
- {
- mu_diag_output (MU_DIAG_ERROR, _("cannot open TLS stream: %s"),
- mu_strerror (rc));
- return 1;
- }
-
- log_cipher (tlsstream);
-
- t[0] = (mu_transport_t) -1;
- mu_stream_ioctl (stream[MU_TRANSPORT_INPUT], MU_IOCTL_TRANSPORT,
- MU_IOCTL_OP_SET, t);
- t[0] = (mu_transport_t) -1;
- mu_stream_ioctl (stream[MU_TRANSPORT_OUTPUT], MU_IOCTL_TRANSPORT,
- MU_IOCTL_OP_SET, t);
-
- mu_stream_unref (stream[0]);
- mu_stream_unref (stream[1]);
-
/*
- * Find the iostream and replace it with the TLS stream.
+ * Find the iostream.
* Unless transcript is enabled the iostream variable refers to a
* CRLF filter, and its sub-stream is the iostream object. If transcript
* is enabled, the treanscript stream is added on top and iostream refers
@@ -322,7 +268,21 @@ pop3d_init_tls_server (struct mu_tls_config *tls_conf)
mu_stream_unref (stream[0]);
mu_stream_unref (stream[1]);
-
+
+ rc = mu_tlsfd_stream2_convert (&tlsstream, stream[0], stream[1],
+ tls_conf, MU_TLS_SERVER);
+ if (rc)
+ {
+ mu_error(_("cannot open TLS stream: %s"), mu_strerror (rc));
+ if (rc == MU_ERR_TRANSPORT_SET)
+ {
+ mu_stream_destroy (&tlsstream);
+ /* iostream is unusable now */
+ exit (EX_UNAVAILABLE);
+ }
+ return rc;
+ }
+
stream[0] = tlsstream;
stream[1] = NULL;
rc = mu_stream_ioctl (tstr, MU_IOCTL_TOPSTREAM, MU_IOCTL_OP_SET, stream);
@@ -330,10 +290,10 @@ pop3d_init_tls_server (struct mu_tls_config *tls_conf)
{
mu_error (_("INTERNAL ERROR: failed to install TLS stream: %s"),
mu_strerror (rc));
- return 1;
+ exit (EX_UNAVAILABLE);
}
mu_stream_unref (tlsstream);
-
+ log_cipher (tlsstream);
return 0;
}

Return to:

Send suggestions and report system problems to the System administrator.