mirror of
https://bitbucket.org/jsuto/piler.git
synced 2024-12-25 09:10:12 +01:00
pilergetd support unencrypted connections too
This commit is contained in:
parent
e118705551
commit
86a236311d
@ -209,7 +209,7 @@ CLEANUP:
|
||||
}
|
||||
|
||||
|
||||
int file_from_archive_to_network(char *filename, int sd, struct __data *data, struct __config *cfg){
|
||||
int file_from_archive_to_network(char *filename, int sd, int tls_enable, struct __data *data, struct __config *cfg){
|
||||
int n, olen, tlen, len, fd=-1;
|
||||
unsigned char *s=NULL, *addr=NULL, inbuf[REALLYBIGBUFSIZE];
|
||||
struct stat st;
|
||||
@ -266,12 +266,12 @@ int file_from_archive_to_network(char *filename, int sd, struct __data *data, st
|
||||
|
||||
|
||||
tlen += olen;
|
||||
write1(sd, s, tlen, 1, data->ssl);
|
||||
write1(sd, s, tlen, tls_enable, data->ssl);
|
||||
|
||||
}
|
||||
else {
|
||||
addr = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
|
||||
write1(sd, addr, st.st_size, 1, data->ssl);
|
||||
write1(sd, addr, st.st_size, tls_enable, data->ssl);
|
||||
munmap(addr, st.st_size);
|
||||
}
|
||||
|
||||
|
@ -14,7 +14,7 @@
|
||||
|
||||
#define VERSION "0.1.24-master-branch"
|
||||
|
||||
#define BUILD 792
|
||||
#define BUILD 793
|
||||
|
||||
#define HOSTID "mailarchiver"
|
||||
|
||||
|
@ -51,7 +51,7 @@ void check_and_create_directories(struct __config *cfg, uid_t uid, gid_t gid);
|
||||
void update_counters(struct session_data *sdata, struct __data *data, struct __counters *counters, struct __config *cfg);
|
||||
|
||||
int retrieve_email_from_archive(struct session_data *sdata, struct __data *data, FILE *dest, struct __config *cfg);
|
||||
int file_from_archive_to_network(char *filename, int sd, struct __data *data, struct __config *cfg);
|
||||
int file_from_archive_to_network(char *filename, int sd, int tls_enable, struct __data *data, struct __config *cfg);
|
||||
|
||||
int prepare_a_mysql_statement(struct session_data *sdata, MYSQL_STMT **stmt, char *s);
|
||||
|
||||
|
@ -333,7 +333,7 @@ int main(int argc, char **argv){
|
||||
|
||||
initialise_configuration();
|
||||
|
||||
if(init_ssl() == ERR) fatal("cannot init ssl");
|
||||
if(cfg.tls_enable > 0 && init_ssl() == ERR) fatal("cannot init ssl");
|
||||
|
||||
set_signal_handler (SIGPIPE, SIG_IGN);
|
||||
|
||||
|
76
src/retr.c
76
src/retr.c
@ -64,10 +64,50 @@ int stat_message(struct session_data *sdata, struct __data *data, char **buf, in
|
||||
}
|
||||
|
||||
|
||||
int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cfg){
|
||||
int len, n, ssl_ok=0, auth_ok=0, n_files=0;
|
||||
char *q, buf[MAXBUFSIZE], puf[MAXBUFSIZE], muf[TINYBUFSIZE], resp[MAXBUFSIZE];
|
||||
int do_ssl_handshake(struct session_data *sdata, struct __data *data, int new_sd, struct __config *cfg){
|
||||
int ssl_ok=0, rc;
|
||||
char ssl_error[SMALLBUFSIZE];
|
||||
|
||||
if(data->ctx){
|
||||
data->ssl = SSL_new(data->ctx);
|
||||
|
||||
if(data->ssl){
|
||||
if(SSL_set_fd(data->ssl, new_sd) == 1){
|
||||
ssl_ok = 1;
|
||||
}
|
||||
else syslog(LOG_PRIORITY, "SSL_set_fd() failed");
|
||||
}
|
||||
else syslog(LOG_PRIORITY, "SSL_new() failed");
|
||||
}
|
||||
else syslog(LOG_PRIORITY, "SSL ctx is null!");
|
||||
|
||||
|
||||
if(ssl_ok == 0){
|
||||
send(new_sd, SMTP_RESP_421_ERR_TMP, strlen(SMTP_RESP_421_ERR_TMP), 0);
|
||||
return ERR;
|
||||
}
|
||||
|
||||
|
||||
rc = SSL_accept(data->ssl);
|
||||
|
||||
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "SSL_accept() finished");
|
||||
|
||||
if(rc == 1){
|
||||
sdata->tls = 1;
|
||||
return OK;
|
||||
}
|
||||
else {
|
||||
ERR_error_string_n(ERR_get_error(), ssl_error, SMALLBUFSIZE);
|
||||
syslog(LOG_PRIORITY, "SSL_accept() failed, rc=%d, errorcode: %d, error text: %s\n", rc, SSL_get_error(data->ssl, rc), ssl_error);
|
||||
return ERR;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cfg){
|
||||
int len, n, auth_ok=0, n_files=0;
|
||||
char *q, buf[MAXBUFSIZE], puf[MAXBUFSIZE], muf[TINYBUFSIZE], resp[MAXBUFSIZE];
|
||||
struct session_data sdata;
|
||||
int db_conn=0;
|
||||
int rc;
|
||||
@ -131,33 +171,11 @@ int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cf
|
||||
gettimeofday(&tv1, &tz);
|
||||
|
||||
|
||||
if(data->ctx){
|
||||
data->ssl = SSL_new(data->ctx);
|
||||
if(data->ssl){
|
||||
if(SSL_set_fd(data->ssl, new_sd) == 1){
|
||||
ssl_ok = 1;
|
||||
} else syslog(LOG_PRIORITY, "SSL_set_fd() failed");
|
||||
} else syslog(LOG_PRIORITY, "SSL_new() failed");
|
||||
} else syslog(LOG_PRIORITY, "SSL ctx is null!");
|
||||
|
||||
|
||||
if(ssl_ok == 0){
|
||||
send(new_sd, SMTP_RESP_421_ERR_TMP, strlen(SMTP_RESP_421_ERR_TMP), 0);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
rc = SSL_accept(data->ssl);
|
||||
|
||||
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "SSL_accept() finished");
|
||||
|
||||
if(rc == 1){
|
||||
sdata.tls = 1;
|
||||
if(cfg->tls_enable > 0){
|
||||
if(do_ssl_handshake(&sdata, data, new_sd, cfg) == ERR) goto QUITTING;
|
||||
}
|
||||
else {
|
||||
ERR_error_string_n(ERR_get_error(), ssl_error, SMALLBUFSIZE);
|
||||
syslog(LOG_PRIORITY, "SSL_accept() failed, rc=%d, errorcode: %d, error text: %s\n", rc, SSL_get_error(data->ssl, rc), ssl_error);
|
||||
goto QUITTING;
|
||||
auth_ok = 1;
|
||||
}
|
||||
|
||||
|
||||
@ -223,7 +241,7 @@ int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cf
|
||||
|
||||
if(strlen(&puf[5]) >= RND_STR_LEN){
|
||||
len = stat_file(&sdata, &puf[5], &q, sizeof(muf)-2, cfg);
|
||||
file_from_archive_to_network(muf, new_sd, data, cfg);
|
||||
file_from_archive_to_network(muf, new_sd, sdata.tls, data, cfg);
|
||||
n_files++;
|
||||
}
|
||||
else {
|
||||
|
@ -64,9 +64,10 @@ class ModelSearchMessage extends Model {
|
||||
|
||||
$l = fgets($sd, 4096);
|
||||
|
||||
if(substr(PILERGETD_HOST, 0, 6) == 'ssl://') {
|
||||
fputs($sd, "AUTH " . PILERGETD_PASSWORD . "\r\n");
|
||||
|
||||
$l = fgets($sd, 4096);
|
||||
}
|
||||
|
||||
Registry::set('sd', $sd);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user