summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org>2021-08-25 14:05:53 +0300
committerSergey Poznyakoff <gray@gnu.org>2021-08-25 14:36:44 +0300
commitfcf34684375b037c92b5012da3fb219b5ea657f3 (patch)
tree3cd02ee44373b52d79bacb27529a18c53ec55aea
parent35fbbaf08f523e6bbe49af4a1cdbe53626e69e29 (diff)
downloadmailutils-fcf34684375b037c92b5012da3fb219b5ea657f3.tar.gz
mailutils-fcf34684375b037c92b5012da3fb219b5ea657f3.tar.bz2
New function: mu_starttls
* libmu_auth/tlsfdstr.c (mu_tlsfd_stream_create): Accept conf==NULL. (mu_starttls): New function. * include/mailutils/tls.h (mu_starttls): New proto. * include/mailutils/imapio.h (mu_imapio_get_transport) (mu_imapio_set_transport): New functions. * libmailutils/imapio/transport.c (mu_imapio_get_transport) (mu_imapio_set_transport): New functions. * libmailutils/stream/iostream.c (mu_iostream_create): Accept NULL out stream. * libmailutils/stream/tcp.c: Support MU_IOCTL_FD (_tcp_instance): New member fd_borrowed. (_tcp_close): Don't close fd if fd_borrowed is set. (_tcp_ioctl): Handle MU_IOCTL_FD. * libmailutils/stream/xscript-stream.c (_xscript_ctl): Accept pstr[1] == NULL. * libmu_auth/notls.c (mu_tlsfd_stream_create) (mu_tlsfd_stream2_convert) (mu_starttls): New placeholders. * libproto/imap/folder.c (_mu_imap_folder_open): Use mu_tlsfd_stream_convert. Fix stream leak. * libproto/imap/starttls.c (mu_imap_starttls): Use mu_starttls. * libproto/mailer/smtp.c (smtp_open): Use mu_tlsfd_stream_convert. * libproto/mailer/smtp_starttls.c (mu_smtp_starttls): Use mu_starttls. * libproto/pop/pop3_stls.c (mu_pop3_stls): Likewise. * libproto/pop/mailbox.c (pop_open): Use mu_tlsfd_stream_convert. Fix stream leak. * mu/libexec/imap.c (com_connect): Use mu_tlsfd_stream_convert. Fix stream leak. * mu/libexec/pop.c: Likewise. * mu/libexec/smtp.c: Likewise. * imap4d/io.c (imap4d_init_tls_server): Use mu_starttls. * pop3d/extra.c: Likewise.
-rw-r--r--imap4d/io.c63
-rw-r--r--include/mailutils/imapio.h3
-rw-r--r--include/mailutils/tls.h4
-rw-r--r--libmailutils/imapio/transport.c21
-rw-r--r--libmailutils/stream/iostream.c2
-rw-r--r--libmailutils/stream/tcp.c30
-rw-r--r--libmailutils/stream/xscript-stream.c16
-rw-r--r--libmu_auth/notls.c24
-rw-r--r--libmu_auth/tlsfdstr.c140
-rw-r--r--libproto/imap/folder.c13
-rw-r--r--libproto/imap/starttls.c18
-rw-r--r--libproto/mailer/smtp.c19
-rw-r--r--libproto/mailer/smtp_starttls.c15
-rw-r--r--libproto/pop/mailbox.c18
-rw-r--r--libproto/pop/pop3_stls.c62
-rw-r--r--mu/libexec/imap.c12
-rw-r--r--mu/libexec/pop.c8
-rw-r--r--mu/libexec/smtp.c8
-rw-r--r--pop3d/extra.c64
19 files changed, 290 insertions, 250 deletions
diff --git a/imap4d/io.c b/imap4d/io.c
index 7076eb03e..72cea2685 100644
--- a/imap4d/io.c
+++ b/imap4d/io.c
@@ -126,69 +126,18 @@ io_setio (int ifd, int ofd, struct mu_tls_config *tls_conf)
int
imap4d_init_tls_server (struct mu_tls_config *tls_conf)
{
- mu_stream_t tlsstream, stream[2], tstr, istr;
int rc;
- /*
- * Find the iostream.
- * Unless transcript is enabled the iostream variable refers to a
- * CRLF filter, and its sub-stream is the iostream object. If transcript
- * is enabled, the treanscript stream is added on top and iostream refers
- * to it.
- *
- * The loop below uses the fact that iostream is the only stream in
- * mailutils that returns *both* transport streams on MU_IOCTL_TOPSTREAM/
- * MU_IOCTL_OP_GET ioctl. Rest of streams that support MU_IOCTL_TOPSTREAM,
- * return the transport stream in stream[0] and NULL in stream[1].
- */
- tstr = NULL;
- istr = iostream;
- while ((rc = mu_stream_ioctl (istr,
- MU_IOCTL_TOPSTREAM, MU_IOCTL_OP_GET,
- stream)) == 0
- && stream[1] == NULL)
- {
- tstr = istr;
- istr = stream[0];
- mu_stream_unref (istr);
- }
-
- if (rc)
- {
- mu_error ("%s", _("INTERNAL ERROR: cannot locate iostream"));
- return 1;
- }
-
- mu_stream_unref (stream[0]);
- mu_stream_unref (stream[1]);
-
- rc = mu_tlsfd_stream2_convert (&tlsstream, stream[0], stream[1],
- tls_conf, MU_TLS_SERVER);
+ rc = mu_starttls (&iostream, tls_conf, MU_TLS_SERVER);
if (rc)
+ log_cipher (iostream);
+ else
{
- mu_error(_("cannot open TLS stream: %s"), mu_strerror (rc));
+ mu_diag_funcall (MU_DIAG_ERROR, "mu_starttls", NULL, rc);
if (rc == MU_ERR_TRANSPORT_SET)
- {
- mu_stream_destroy (&tlsstream);
- /* iostream is unusable now */
- exit (EX_UNAVAILABLE);
- }
- return rc;
- }
-
- stream[0] = tlsstream;
- stream[1] = NULL;
- rc = mu_stream_ioctl (tstr, MU_IOCTL_TOPSTREAM, MU_IOCTL_OP_SET, stream);
- if (rc)
- {
- mu_error (_("INTERNAL ERROR: failed to install TLS stream: %s"),
- mu_strerror (rc));
- exit (EX_UNAVAILABLE);
+ imap4d_bye (ERR_NO_IFILE);
}
- mu_stream_unref (tlsstream);
- log_cipher (tlsstream);
-
- return 0;
+ return rc;
}
/* Status Code to String. */
diff --git a/include/mailutils/imapio.h b/include/mailutils/imapio.h
index f2e163082..c9e9c822b 100644
--- a/include/mailutils/imapio.h
+++ b/include/mailutils/imapio.h
@@ -66,6 +66,9 @@ int mu_imapio_get_trace_payload (mu_imapio_t io);
int mu_imapio_get_streams (mu_imapio_t io, mu_stream_t *streams);
int mu_imapio_set_streams (mu_imapio_t io, mu_stream_t *streams);
+
+int mu_imapio_get_transport (mu_imapio_t io, mu_stream_t *pstream);
+int mu_imapio_set_transport (mu_imapio_t io, mu_stream_t stream);
int mu_imapio_getbuf (mu_imapio_t io, char **pptr, size_t *psize);
diff --git a/include/mailutils/tls.h b/include/mailutils/tls.h
index d189f7723..f5366aee3 100644
--- a/include/mailutils/tls.h
+++ b/include/mailutils/tls.h
@@ -76,6 +76,10 @@ mu_tlsfd_stream_convert (mu_stream_t *pstream, mu_stream_t tstr,
return mu_tlsfd_stream2_convert (pstream, tstr, NULL, conf, type);
}
+int mu_starttls (mu_stream_t *pstream, struct mu_tls_config *conf,
+ enum mu_tls_type type);
+
+
int mu_tls_stream_create (mu_stream_t *pstream,
mu_stream_t strin, mu_stream_t strout,
struct mu_tls_config const *conf,
diff --git a/libmailutils/imapio/transport.c b/libmailutils/imapio/transport.c
index 2df72f3bb..c6df4bc32 100644
--- a/libmailutils/imapio/transport.c
+++ b/libmailutils/imapio/transport.c
@@ -23,6 +23,27 @@
#include <mailutils/sys/imapio.h>
int
+mu_imapio_get_transport (struct _mu_imapio *io, mu_stream_t *pstream)
+{
+ if (!io)
+ return EINVAL;
+ if (io->_imap_stream)
+ mu_stream_ref (io->_imap_stream);
+ *pstream = io->_imap_stream;
+ return 0;
+}
+
+int
+mu_imapio_set_transport (mu_imapio_t io, mu_stream_t stream)
+{
+ if (!io)
+ return EINVAL;
+ io->_imap_stream = stream;
+ mu_stream_ref (stream);
+ return 0;
+}
+
+int
mu_imapio_get_streams (struct _mu_imapio *io, mu_stream_t *streams)
{
int rc;
diff --git a/libmailutils/stream/iostream.c b/libmailutils/stream/iostream.c
index 7b9eb50ed..9a3b7ca7d 100644
--- a/libmailutils/stream/iostream.c
+++ b/libmailutils/stream/iostream.c
@@ -405,6 +405,8 @@ mu_iostream_create (mu_stream_t *pref, mu_stream_t in, mu_stream_t out)
mu_stream_ref (in);
sp->transport[_MU_STREAM_INPUT] = in;
+ if (!out)
+ out = in;
mu_stream_ref (out);
sp->transport[_MU_STREAM_OUTPUT] = out;
diff --git a/libmailutils/stream/tcp.c b/libmailutils/stream/tcp.c
index 526a35bd1..621f39f87 100644
--- a/libmailutils/stream/tcp.c
+++ b/libmailutils/stream/tcp.c
@@ -50,8 +50,9 @@
struct _tcp_instance
{
struct _mu_stream stream;
- int fd;
- int state;
+ int fd;
+ int state;
+ int fd_borrowed;
struct mu_sockaddr *remote_addr;
struct mu_sockaddr *source_addr;
};
@@ -62,7 +63,7 @@ _tcp_close (mu_stream_t stream)
struct _tcp_instance *tcp = (struct _tcp_instance *)stream;
int err = 0;
- if (tcp->fd != -1)
+ if (tcp->fd != -1 && tcp->fd_borrowed)
{
if (close (tcp->fd) != 0)
{
@@ -169,14 +170,35 @@ _tcp_ioctl (mu_stream_t stream, int code, int opcode, void *ptr)
ptrans[0] = (mu_transport_t) (intptr_t) tcp->fd;
ptrans[1] = NULL;
break;
+
case MU_IOCTL_OP_SET:
- return ENOSYS;
+ tcp->fd = (int) (intptr_t) ptrans[0];
+ break;
+
default:
return EINVAL;
}
}
break;
+ case MU_IOCTL_FD:
+ if (!ptr)
+ return EINVAL;
+ switch (opcode)
+ {
+ case MU_IOCTL_FD_GET_BORROW:
+ *(int*) ptr = tcp->fd_borrowed;
+ break;
+
+ case MU_IOCTL_FD_SET_BORROW:
+ tcp->fd_borrowed = *(int*)ptr;
+ break;
+
+ default:
+ return EINVAL;
+ }
+ break;
+
case MU_IOCTL_TCPSTREAM:
switch (opcode)
{
diff --git a/libmailutils/stream/xscript-stream.c b/libmailutils/stream/xscript-stream.c
index e4a98395d..08b1867f5 100644
--- a/libmailutils/stream/xscript-stream.c
+++ b/libmailutils/stream/xscript-stream.c
@@ -442,19 +442,25 @@ _xscript_ctl (struct _mu_stream *str, int code, int opcode, void *arg)
mu_stream_t *pstr = arg;
mu_stream_t tmp;
- if (pstr[0] != pstr[1])
+ if (pstr[1] == NULL)
{
- status = mu_iostream_create (&tmp, pstr[0], pstr[1]);
- if (status)
- return status;
+ tmp = pstr[0];
+ mu_stream_ref (tmp);
+ status = 0;
}
- else
+ else if (pstr[0] == pstr[1])
{
tmp = pstr[0];
mu_stream_ref (tmp);
mu_stream_ref (tmp);
status = 0;
}
+ else
+ {
+ status = mu_iostream_create (&tmp, pstr[0], pstr[1]);
+ if (status)
+ return status;
+ }
mu_stream_unref (sp->transport);
sp->transport = tmp;
diff --git a/libmu_auth/notls.c b/libmu_auth/notls.c
index 273ed2bfa..0b2810eaf 100644
--- a/libmu_auth/notls.c
+++ b/libmu_auth/notls.c
@@ -15,6 +15,30 @@ mu_tls_stream_create (mu_stream_t *pstream,
return ENOSYS;
}
+int
+mu_tlsfd_stream_create (mu_stream_t *pstream, int ifd, int ofd,
+ struct mu_tls_config const *conf,
+ enum mu_tls_type type)
+{
+ return ENOSYS;
+}
+
+int
+mu_tlsfd_stream2_convert (mu_stream_t *pstream,
+ mu_stream_t istr, mu_stream_t ostr,
+ struct mu_tls_config const *conf,
+ enum mu_tls_type type)
+{
+ return ENOSYS;
+}
+
+int
+mu_starttls (mu_stream_t *pstream, struct mu_tls_config *conf,
+ enum mu_tls_type type)
+{
+ return ENOSYS;
+}
+
void
mu_deinit_tls_libs (void)
{
diff --git a/libmu_auth/tlsfdstr.c b/libmu_auth/tlsfdstr.c
index abf756615..f9c0a19aa 100644
--- a/libmu_auth/tlsfdstr.c
+++ b/libmu_auth/tlsfdstr.c
@@ -7,6 +7,7 @@
#include <sys/types.h>
#include <sys/select.h>
#include <gnutls/gnutls.h>
+#include <mailutils/nls.h>
#include <mailutils/stream.h>
#include <mailutils/errno.h>
#include <mailutils/property.h>
@@ -607,11 +608,14 @@ mu_tlsfd_stream_create (mu_stream_t *pstream, int ifd, int ofd,
int rc;
mu_stream_t stream;
int session_type;
+ static struct mu_tls_config default_conf = { .handshake_timeout = 60 };
if (!pstream)
return MU_ERR_OUT_PTR_NULL;
if (!conf)
- return EINVAL;
+ {
+ conf = &default_conf;
+ }
if (!mu_init_tls_libs ())
return ENOSYS;
@@ -685,6 +689,33 @@ mu_tlsfd_stream_create (mu_stream_t *pstream, int ifd, int ofd,
return rc;
}
+static int
+stream_reset_transport (mu_stream_t str)
+{
+ mu_transport_t t[2];
+ int rc;
+
+ t[0] = (mu_transport_t) -1;
+ t[1] = NULL;
+ rc = mu_stream_ioctl (str, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET, t);
+ if (rc)
+ {
+ int b = 1;
+ mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
+ ("ioctl(str, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET): %s",
+ mu_stream_strerror (str, rc)));
+ rc = mu_stream_ioctl (str, MU_IOCTL_FD, MU_IOCTL_FD_SET_BORROW, &b);
+ if (rc)
+ {
+ mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
+ ("ioctl(str, MU_IOCTL_FD, MU_IOCTL_FD_SET_BORROW): %s",
+ mu_stream_strerror (str, rc)));
+ return MU_ERR_TRANSPORT_SET;
+ }
+ }
+ return 0;
+}
+
int
mu_tlsfd_stream2_convert (mu_stream_t *pstream,
mu_stream_t istr, mu_stream_t ostr,
@@ -728,28 +759,109 @@ mu_tlsfd_stream2_convert (mu_stream_t *pstream,
return rc;
}
- t[0] = (mu_transport_t) -1;
- t[1] = NULL;
- rc = mu_stream_ioctl (istr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET, t);
+ if (stream_reset_transport (istr))
+ return MU_ERR_TRANSPORT_SET;
+ if (ostr)
+ {
+ if (stream_reset_transport (ostr))
+ return MU_ERR_TRANSPORT_SET;
+ }
+ return 0;
+}
+
+int
+mu_starttls (mu_stream_t *pstream, struct mu_tls_config *conf,
+ enum mu_tls_type type)
+{
+ mu_stream_t transport;
+ mu_stream_t tlsstream, stream[2], tstr, istr;
+ int rc;
+
+ if (!pstream || !*pstream)
+ return EINVAL;
+
+ transport = *pstream;
+ mu_stream_flush (transport);
+
+ /*
+ * Find the iostream.
+ * Unless transcript is enabled the iostream variable refers to a
+ * CRLF filter, and its sub-stream is the iostream object. If transcript
+ * is enabled, the transcript stream is added on top and iostream refers
+ * to it.
+ *
+ * The loop below uses the fact that iostream is the only stream in
+ * mailutils that returns *both* transport streams on MU_IOCTL_TOPSTREAM/
+ * MU_IOCTL_OP_GET ioctl. Rest of streams that support MU_IOCTL_TOPSTREAM,
+ * return the transport stream in stream[0] and NULL in stream[1].
+ */
+ tstr = istr = transport;
+ while ((rc = mu_stream_ioctl (istr,
+ MU_IOCTL_TOPSTREAM, MU_IOCTL_OP_GET,
+ stream)) == 0
+ && stream[1] == NULL)
+ {
+ tstr = istr;
+ istr = stream[0];
+ mu_stream_unref (istr);
+ }
+
+ switch (rc)
+ {
+ case 0:
+ /* OK */
+ mu_stream_unref (stream[0]);
+ mu_stream_unref (stream[1]);
+ break;
+
+ case ENOSYS:
+ /* There's no underlying stream. */
+ tstr = NULL;
+ stream[0] = transport;
+ stream[1] = NULL;
+ break;
+
+ default:
+ /* Error */
+ mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
+ ("%s", _("INTERNAL ERROR: cannot locate I/O stream")));
+ return MU_ERR_TRANSPORT_GET;
+ }
+
+ rc = mu_tlsfd_stream2_convert (&tlsstream, stream[0], stream[1], conf, type);
if (rc)
{
mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
- ("ioctl(istr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET): %s",
- mu_stream_strerror (istr, rc)));
- return MU_ERR_TRANSPORT_SET;
+ (_("cannot open TLS stream: %s"), mu_strerror (rc)));
+ if (rc == MU_ERR_TRANSPORT_SET)
+ {
+ stream_reset_transport (tlsstream);
+ mu_stream_destroy (&tlsstream);
+ /* NOTE: iostream is unusable now */
+ return MU_ERR_FAILURE;
+ }
+ return rc;
}
- if (ostr)
+
+ if (tstr)
{
- t[0] = NULL;
- t[1] = (mu_transport_t) -1;
- rc = mu_stream_ioctl (ostr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET, t);
+ stream[0] = tlsstream;
+ stream[1] = NULL;
+ rc = mu_stream_ioctl (tstr, MU_IOCTL_TOPSTREAM, MU_IOCTL_OP_SET, stream);
if (rc)
{
mu_debug (MU_DEBCAT_TLS, MU_DEBUG_ERROR,
- ("ioctl(ostr, MU_IOCTL_TRANSPORT, MU_IOCTL_OP_SET): %s",
- mu_stream_strerror (ostr, rc)));
- return MU_ERR_TRANSPORT_SET;
+ (_("INTERNAL ERROR: failed to install TLS stream: %s"),
+ mu_strerror (rc)));
+ return MU_ERR_FAILURE;
}
+ mu_stream_unref (tlsstream);
}
+ else
+ {
+ mu_stream_destroy (&transport);
+ *pstream = tlsstream;
+ }
+
return 0;
}
diff --git a/libproto/imap/folder.c b/libproto/imap/folder.c
index d99b5bc65..8df52b94f 100644
--- a/libproto/imap/folder.c
+++ b/libproto/imap/folder.c
@@ -138,14 +138,16 @@ _mu_imap_folder_open (mu_folder_t folder, int flags)
if (tls)
{
mu_stream_t tlsstream;
-
- rc = mu_tls_client_stream_create (&tlsstream, transport, transport, 0);
+
+ rc = mu_tlsfd_stream_convert (&tlsstream, transport, NULL,
+ MU_TLS_CLIENT);
mu_stream_unref (transport);
if (rc)
{
+ if (rc == MU_ERR_TRANSPORT_SET)
+ mu_stream_destroy (&tlsstream);
mu_debug (MU_DEBCAT_FOLDER, MU_DEBUG_ERROR,
- (_("cannot create TLS stream: %s"),
- mu_strerror (rc)));
+ ("cannot create TLS stream: %s", mu_strerror (rc)));
return rc;
}
transport = tlsstream;
@@ -153,7 +155,8 @@ _mu_imap_folder_open (mu_folder_t folder, int flags)
#endif
mu_imap_set_carrier (imap, transport);
-
+ mu_stream_unref (transport);
+
if (mu_debug_level_p (MU_DEBCAT_FOLDER, MU_DEBUG_PROT) ||
mu_debug_level_p (MU_DEBCAT_MAILBOX, MU_DEBUG_PROT))
mu_imap_trace (imap, MU_IMAP_TRACE_SET);
diff --git a/libproto/imap/starttls.c b/libproto/imap/starttls.c
index 330c4e780..fcfa72896 100644
--- a/libproto/imap/starttls.c
+++ b/libproto/imap/starttls.c
@@ -32,7 +32,7 @@ mu_imap_starttls (mu_imap_t imap)
{
#ifdef WITH_TLS
int status;
- mu_stream_t tlsstream, streams[2];
+ mu_stream_t transport;
if (imap == NULL)
return EINVAL;
@@ -63,17 +63,15 @@ mu_imap_starttls (mu_imap_t imap)
switch (imap->response)
{
case MU_IMAP_OK:
- status = mu_imapio_get_streams (imap->io, streams);
+ status = mu_imapio_get_transport (imap->io, &transport);
MU_IMAP_CHECK_EAGAIN (imap, status);
- status = mu_tls_client_stream_create (&tlsstream,
- streams[0], streams[1], 0);
- mu_stream_unref (streams[0]);
- mu_stream_unref (streams[1]);
+ mu_stream_unref (transport);
+
+ status = mu_starttls (&transport, NULL, MU_TLS_CLIENT);
MU_IMAP_CHECK_EAGAIN (imap, status);
- streams[0] = streams[1] = tlsstream;
- status = mu_imapio_set_streams (imap->io, streams);
- mu_stream_unref (streams[0]);
- mu_stream_unref (streams[1]);
+
+ status = mu_imapio_set_transport (imap->io, transport);
+ mu_stream_unref (transport);
MU_IMAP_CHECK_EAGAIN (imap, status);
/* Invalidate the capability list */
mu_list_destroy (&imap->capa);
diff --git a/libproto/mailer/smtp.c b/libproto/mailer/smtp.c
index cb9ac0a6b..783ed5b9b 100644
--- a/libproto/mailer/smtp.c
+++ b/libproto/mailer/smtp.c
@@ -251,20 +251,23 @@ smtp_open (mu_mailer_t mailer, int flags)
if (smtp_mailer->tls == MAILER_TLS_ALWAYS)
{
mu_stream_t tlsstream;
-
- rc = mu_tls_client_stream_create (&tlsstream, transport, transport, 0);
+
+ rc = mu_tlsfd_stream_convert (&tlsstream, transport, NULL,
+ MU_TLS_CLIENT);
mu_stream_unref (transport);
if (rc)
{
- mu_debug (MU_DEBCAT_MAILER, MU_DEBUG_ERROR,
- (_("cannot create TLS stream: %s"),
- mu_strerror (rc)));
- mu_sockaddr_free (sa);
+ if (rc == MU_ERR_TRANSPORT_SET)
+ {
+ mu_stream_destroy (&tlsstream);
+ mu_tls_enable = 0;
+ }
+ mu_debug (MU_DEBCAT_FOLDER, MU_DEBUG_ERROR,
+ ("cannot create TLS stream: %s", mu_strerror (rc)));
if (mu_tls_enable)
return rc;
}
- else
- transport = tlsstream;
+ transport = tlsstream;
}
#endif
mu_stream_set_buffer (transport, mu_buffer_line, 0);
diff --git a/libproto/mailer/smtp_starttls.c b/libproto/mailer/smtp_starttls.c
index 4db88be10..f31c16270 100644
--- a/libproto/mailer/smtp_starttls.c
+++ b/libproto/mailer/smtp_starttls.c
@@ -81,7 +81,6 @@ mu_smtp_starttls (mu_smtp_t smtp)
{
#ifdef WITH_TLS
int status;
- mu_stream_t tlsstream, streams[2];
if (!smtp)
return EINVAL;
@@ -101,19 +100,7 @@ mu_smtp_starttls (mu_smtp_t smtp)
else if (smtp->replcode[0] != '2')
return MU_ERR_FAILURE;
- mu_stream_flush (smtp->carrier);
- status = _mu_smtp_get_streams (smtp, streams);
- MU_SMTP_CHECK_ERROR (smtp, status);
-
- status = mu_tls_client_stream_create (&tlsstream,
- streams[0], streams[1], 0);
- mu_stream_unref (streams[0]);
- mu_stream_unref (streams[1]);
- MU_SMTP_CHECK_ERROR (smtp, status);
- streams[0] = streams[1] = tlsstream;
- status = _mu_smtp_set_streams (smtp, streams);
- mu_stream_unref (streams[0]);
- mu_stream_unref (streams[1]);
+ status = mu_starttls (&smtp->carrier, NULL, MU_TLS_CLIENT);
MU_SMTP_CHECK_ERROR (smtp, status);
/* Invalidate the capability list */
mu_list_destroy (&smtp->capa);
diff --git a/libproto/pop/mailbox.c b/libproto/pop/mailbox.c
index 2f7f1028e..8ad38e3a4 100644
--- a/libproto/pop/mailbox.c
+++ b/libproto/pop/mailbox.c
@@ -140,17 +140,20 @@ pop_open (mu_mailbox_t mbox, int flags)
#ifdef WITH_TLS
if (mpd->pops)
{
- mu_stream_t newstr;
-
- status = mu_tls_client_stream_create (&newstr, stream, stream, 0);
+ mu_stream_t tlsstream;
+
+ status = mu_tlsfd_stream_convert (&tlsstream, stream, NULL,
+ MU_TLS_CLIENT);
mu_stream_unref (stream);
if (status)
{
- mu_error ("pop_open: mu_tls_client_stream_create: %s",
- mu_strerror (status));
+ if (status == MU_ERR_TRANSPORT_SET)
+ mu_stream_destroy (&tlsstream);
+ mu_debug (MU_DEBCAT_FOLDER, MU_DEBUG_ERROR,
+ ("cannot create TLS stream: %s", mu_strerror (status)));
return status;
}
- stream = newstr;
+ stream = tlsstream;
}
#endif /* WITH_TLS */
@@ -164,7 +167,8 @@ pop_open (mu_mailbox_t mbox, int flags)
return status;
}
mu_pop3_set_carrier (mpd->pop3, stream);
-
+ mu_stream_unref (stream);
+
if (mu_debug_level_p (MU_DEBCAT_MAILBOX, MU_DEBUG_PROT))
mu_pop3_trace (mpd->pop3, MU_POP3_TRACE_SET);
if (mu_debug_level_p (MU_DEBCAT_MAILBOX, MU_DEBUG_TRACE6))
diff --git a/libproto/pop/pop3_stls.c b/libproto/pop/pop3_stls.c
index a5a292776..d4653ca25 100644
--- a/libproto/pop/pop3_stls.c
+++ b/libproto/pop/pop3_stls.c
@@ -28,55 +28,6 @@
#include <mailutils/tls.h>
#include <mailutils/list.h>
-static int
-pop3_get_streams (mu_pop3_t pop3, mu_stream_t *streams)
-{
- int rc;
-
- if (MU_POP3_FISSET (pop3, MU_POP3_TRACE))
- rc = mu_stream_ioctl (pop3->carrier, MU_IOCTL_SUBSTREAM,
- MU_IOCTL_OP_GET, streams);
- else
- {
- streams[0] = pop3->carrier;
- mu_stream_ref (streams[0]);
- streams[1] = pop3->carrier;
- mu_stream_ref (streams[1]);
- rc = 0;
- }
- return rc;
-}
-
-static int
-pop3_set_streams (mu_pop3_t pop3, mu_stream_t *streams)
-{
- int rc;
-
- if (MU_POP3_FISSET (pop3, MU_POP3_TRACE))
- rc = mu_stream_ioctl (pop3->carrier, MU_IOCTL_SUBSTREAM,
- MU_IOCTL_OP_SET, streams);
- else
- {
- mu_stream_t tmp;
-
- if (streams[0] == streams[1])
- {
- tmp = streams[0];
- mu_stream_ref (tmp);
- mu_stream_ref (tmp);
- rc = 0;
- }
- else
- rc = mu_iostream_create (&tmp, streams[0], streams[1]);
- if (rc == 0)
- {
- mu_stream_unref (pop3->carrier);
- pop3->carrier = tmp;
- }
- }
- return rc;
-}
-
/*
* STLS
* We have to assume that the caller check the CAPA and TLS was supported.
@@ -86,7 +37,6 @@ mu_pop3_stls (mu_pop3_t pop3)
{
#ifdef WITH_TLS
int status;
- mu_stream_t tlsstream, streams[2];
/* Sanity checks. */
if (pop3 == NULL)
@@ -107,17 +57,7 @@ mu_pop3_stls (mu_pop3_t pop3)
pop3->state = MU_POP3_STLS_CONNECT;
case MU_POP3_STLS_CONNECT:
- status = pop3_get_streams (pop3, streams);
- MU_POP3_CHECK_EAGAIN (pop3, status);
- status = mu_tls_client_stream_create (&tlsstream,
- streams[0], streams[1], 0);
- mu_stream_unref (streams[0]);
- mu_stream_unref (streams[1]);
- MU_POP3_CHECK_EAGAIN (pop3, status);
- streams[0] = streams[1] = tlsstream;
- status = pop3_set_streams (pop3, streams);
- mu_stream_unref (streams[0]);
- mu_stream_unref (streams[1]);
+ status = mu_starttls (&pop3->carrier, NULL, MU_TLS_CLIENT);
MU_POP3_CHECK_EAGAIN (pop3, status);
/* Invalidate the capability list */
mu_list_destroy (&pop3->capa);
diff --git a/mu/libexec/imap.c b/mu/libexec/imap.c
index 7d4b75a84..d7289dd03 100644
--- a/mu/libexec/imap.c
+++ b/mu/libexec/imap.c
@@ -521,12 +521,15 @@ com_connect (int argc, char **argv)
if (tls)
{
mu_stream_t tlsstream;
-
- status = mu_tls_client_stream_create (&tlsstream, tcp, tcp, 0);
+
+ status = mu_tlsfd_stream_convert (&tlsstream, tcp, NULL,
+ MU_TLS_CLIENT);
mu_stream_unref (tcp);
if (status)
{
- mu_error (_("cannot create TLS stream: %s"),
+ if (status == MU_ERR_TRANSPORT_SET)
+ mu_stream_destroy (&tlsstream);
+ mu_error ("cannot create TLS stream: %s",
mu_strerror (status));
return 0;
}
@@ -534,7 +537,8 @@ com_connect (int argc, char **argv)
}
#endif
mu_imap_set_carrier (imap, tcp);
-
+ mu_stream_unref (tcp);
+
if (QRY_VERBOSE ())
{
imap_set_verbose ();
diff --git a/mu/libexec/pop.c b/mu/libexec/pop.c
index 625096aac..ffcf85443 100644
--- a/mu/libexec/pop.c
+++ b/mu/libexec/pop.c
@@ -476,11 +476,14 @@ com_connect (int argc, char **argv)
if (tls)
{
mu_stream_t tlsstream;
-
- status = mu_tls_client_stream_create (&tlsstream, tcp, tcp, 0);
+
+ status = mu_tlsfd_stream_convert (&tlsstream, tcp, NULL,
+ MU_TLS_CLIENT);
mu_stream_unref (tcp);
if (status)
{
+ if (status == MU_ERR_TRANSPORT_SET)
+ mu_stream_destroy (&tlsstream);
mu_error ("cannot create TLS stream: %s",
mu_strerror (status));
return 0;
@@ -490,6 +493,7 @@ com_connect (int argc, char **argv)
#endif
mu_pop3_set_carrier (pop3, tcp);
status = mu_pop3_connect (pop3);
+ mu_stream_unref (tcp);
}
else
{
diff --git a/mu/libexec/smtp.c b/mu/libexec/smtp.c
index 0091bdd67..824cfdc39 100644
--- a/mu/libexec/smtp.c
+++ b/mu/libexec/smtp.c
@@ -211,11 +211,14 @@ com_connect (int argc, char **argv)
if (tls)
{
mu_stream_t tlsstream;
-
- status = mu_tls_client_stream_create (&tlsstream, tcp, tcp, 0);
+
+ status = mu_tlsfd_stream_convert (&tlsstream, tcp, NULL,
+ MU_TLS_CLIENT);
mu_stream_unref (tcp);
if (status)
{
+ if (status == MU_ERR_TRANSPORT_SET)
+ mu_stream_destroy (&tlsstream);
mu_error ("cannot create TLS stream: %s",
mu_strerror (status));
return 0;
@@ -224,6 +227,7 @@ com_connect (int argc, char **argv)
}
#endif
mu_smtp_set_carrier (smtp, tcp);
+ mu_stream_unref (tcp);
status = smtp_error_handler (mu_smtp_open (smtp));
}
else
diff --git a/pop3d/extra.c b/pop3d/extra.c
index a21785a5a..526364a8d 100644
--- a/pop3d/extra.c
+++ b/pop3d/extra.c
@@ -233,72 +233,22 @@ pop3d_setio (int ifd, int ofd, struct mu_tls_config *tls_conf)
int
pop3d_init_tls_server (struct mu_tls_config *tls_conf)
{
- mu_stream_t tlsstream, stream[2], tstr, istr;
int rc;
- /*
- * Find the iostream.
- * Unless transcript is enabled the iostream variable refers to a
- * CRLF filter, and its sub-stream is the iostream object. If transcript
- * is enabled, the treanscript stream is added on top and iostream refers
- * to it.
- *
- * The loop below uses the fact that iostream is the only stream in
- * mailutils that returns *both* transport streams on MU_IOCTL_TOPSTREAM/
- * MU_IOCTL_OP_GET ioctl. Rest of streams that support MU_IOCTL_TOPSTREAM,
- * return the transport stream in stream[0] and NULL in stream[1].
- */
- tstr = NULL;
- istr = iostream;
- while ((rc = mu_stream_ioctl (istr,
- MU_IOCTL_TOPSTREAM, MU_IOCTL_OP_GET,
- stream)) == 0
- && stream[1] == NULL)
- {
- tstr = istr;
- istr = stream[0];
- mu_stream_unref (istr);
- }
-
- if (rc)
- {
- mu_error ("%s", _("INTERNAL ERROR: cannot locate iostream"));
- return 1;
- }
-
- mu_stream_unref (stream[0]);
- mu_stream_unref (stream[1]);
-
- rc = mu_tlsfd_stream2_convert (&tlsstream, stream[0], stream[1],
- tls_conf, MU_TLS_SERVER);
+ rc = mu_starttls (&iostream, tls_conf, MU_TLS_SERVER);
if (rc)
+ log_cipher (iostream);
+ else
{
- mu_error(_("cannot open TLS stream: %s"), mu_strerror (rc));
+ mu_diag_funcall (MU_DIAG_ERROR, "mu_starttls", NULL, rc);
if (rc == MU_ERR_TRANSPORT_SET)
- {
- mu_stream_destroy (&tlsstream);
- /* iostream is unusable now */
- exit (EX_UNAVAILABLE);
- }
- return rc;
- }
-
- stream[0] = tlsstream;
- stream[1] = NULL;
- rc = mu_stream_ioctl (tstr, MU_IOCTL_TOPSTREAM, MU_IOCTL_OP_SET, stream);
- if (rc)
- {
- mu_error (_("INTERNAL ERROR: failed to install TLS stream: %s"),
- mu_strerror (rc));
- exit (EX_UNAVAILABLE);
+ pop3d_abquit (ERR_FILE);
}
- mu_stream_unref (tlsstream);
- log_cipher (tlsstream);
- return 0;
+ return rc;
}
void
-pop3d_bye ()
+pop3d_bye (void)
{
mu_stream_close (iostream);
mu_stream_destroy (&iostream);

Return to:

Send suggestions and report system problems to the System administrator.