| sfsasl.c (132943) | sfsasl.c (141858) |
|---|---|
| 1/* 2 * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * 5 * By using this file, you agree to the terms and conditions set 6 * forth in the LICENSE file which can be found at the top level of 7 * the sendmail distribution. 8 * 9 */ 10 11#include <sm/gen.h> | 1/* 2 * Copyright (c) 1999-2004 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * 5 * By using this file, you agree to the terms and conditions set 6 * forth in the LICENSE file which can be found at the top level of 7 * the sendmail distribution. 8 * 9 */ 10 11#include <sm/gen.h> |
| 12SM_RCSID("@(#)$Id: sfsasl.c,v 8.98 2004/03/03 19:20:31 ca Exp $") | 12SM_RCSID("@(#)$Id: sfsasl.c,v 8.101 2004/12/15 22:45:55 ca Exp $") |
| 13#include <stdlib.h> 14#include <sendmail.h> 15#include <errno.h> | 13#include <stdlib.h> 14#include <sendmail.h> 15#include <errno.h> |
| 16 17/* allow to disable error handling code just in case... */ 18#ifndef DEAL_WITH_ERROR_SSL 19# define DEAL_WITH_ERROR_SSL 1 20#endif /* ! DEAL_WITH_ERROR_SSL */ 21 |
|
| 16#if SASL 17# include "sfsasl.h" 18 19/* Structure used by the "sasl" file type */ 20struct sasl_obj 21{ 22 SM_FILE_T *fp; 23 sasl_conn_t *conn; --- 250 unchanged lines hidden (view full) --- 274 size_t size; 275{ 276 int result; 277# if SASL >= 20000 278 const char *outbuf; 279# else /* SASL >= 20000 */ 280 char *outbuf; 281# endif /* SASL >= 20000 */ | 22#if SASL 23# include "sfsasl.h" 24 25/* Structure used by the "sasl" file type */ 26struct sasl_obj 27{ 28 SM_FILE_T *fp; 29 sasl_conn_t *conn; --- 250 unchanged lines hidden (view full) --- 280 size_t size; 281{ 282 int result; 283# if SASL >= 20000 284 const char *outbuf; 285# else /* SASL >= 20000 */ 286 char *outbuf; 287# endif /* SASL >= 20000 */ |
| 282 unsigned int outlen; | 288 unsigned int outlen, *maxencode; |
| 283 size_t ret = 0, total = 0; 284 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie; 285 | 289 size_t ret = 0, total = 0; 290 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie; 291 |
| 292 /* 293 ** Fetch the maximum input buffer size for sasl_encode(). 294 ** This can be less than the size set in attemptauth() 295 ** due to a negotation with the other side, e.g., 296 ** Cyrus IMAP lmtp program sets maxbuf=4096, 297 ** digestmd5 substracts 25 and hence we'll get 4071 298 ** instead of 8192 (MAXOUTLEN). 299 ** Hack (for now): simply reduce the size, callers are (must be) 300 ** able to deal with that and invoke sasl_write() again with 301 ** the rest of the data. 302 ** Note: it would be better to store this value in the context 303 ** after the negotiation. 304 */ 305 306 result = sasl_getprop(so->conn, SASL_MAXOUTBUF, 307 (const void **) &maxencode); 308 if (result == SASL_OK && size > *maxencode && *maxencode > 0) 309 size = *maxencode; 310 |
|
| 286 result = sasl_encode(so->conn, buf, 287 (unsigned int) size, &outbuf, &outlen); 288 289 if (result != SASL_OK) 290 return -1; 291 292 if (outbuf != NULL) 293 { --- 281 unchanged lines hidden (view full) --- 575 if (r == 0 && errno == 0) /* out of protocol EOF found */ 576 break; 577 err = "syscall error"; 578/* 579 get_last_socket_error()); 580*/ 581 break; 582 case SSL_ERROR_SSL: | 311 result = sasl_encode(so->conn, buf, 312 (unsigned int) size, &outbuf, &outlen); 313 314 if (result != SASL_OK) 315 return -1; 316 317 if (outbuf != NULL) 318 { --- 281 unchanged lines hidden (view full) --- 600 if (r == 0 && errno == 0) /* out of protocol EOF found */ 601 break; 602 err = "syscall error"; 603/* 604 get_last_socket_error()); 605*/ 606 break; 607 case SSL_ERROR_SSL: |
| 583#if _FFR_DEAL_WITH_ERROR_SSL | 608#if DEAL_WITH_ERROR_SSL |
| 584 if (r == 0 && errno == 0) /* out of protocol EOF found */ 585 break; | 609 if (r == 0 && errno == 0) /* out of protocol EOF found */ 610 break; |
| 586#endif /* _FFR_DEAL_WITH_ERROR_SSL */ | 611#endif /* DEAL_WITH_ERROR_SSL */ |
| 587 err = "generic SSL error"; 588 if (LogLevel > 9) 589 tlslogerr("read"); 590 | 612 err = "generic SSL error"; 613 if (LogLevel > 9) 614 tlslogerr("read"); 615 |
| 591#if _FFR_DEAL_WITH_ERROR_SSL | 616#if DEAL_WITH_ERROR_SSL |
| 592 /* avoid repeated calls? */ 593 if (r == 0) 594 r = -1; | 617 /* avoid repeated calls? */ 618 if (r == 0) 619 r = -1; |
| 595#endif /* _FFR_DEAL_WITH_ERROR_SSL */ | 620#endif /* DEAL_WITH_ERROR_SSL */ |
| 596 break; 597 } 598 if (err != NULL) 599 { 600 int save_errno; 601 602 save_errno = (errno == 0) ? EIO : errno; 603 again = MAX_TLS_IOS; --- 76 unchanged lines hidden (view full) --- 680 case SSL_ERROR_SSL: 681 err = "generic SSL error"; 682/* 683 ERR_GET_REASON(ERR_peek_error())); 684*/ 685 if (LogLevel > 9) 686 tlslogerr("write"); 687 | 621 break; 622 } 623 if (err != NULL) 624 { 625 int save_errno; 626 627 save_errno = (errno == 0) ? EIO : errno; 628 again = MAX_TLS_IOS; --- 76 unchanged lines hidden (view full) --- 705 case SSL_ERROR_SSL: 706 err = "generic SSL error"; 707/* 708 ERR_GET_REASON(ERR_peek_error())); 709*/ 710 if (LogLevel > 9) 711 tlslogerr("write"); 712 |
| 688#if _FFR_DEAL_WITH_ERROR_SSL | 713#if DEAL_WITH_ERROR_SSL |
| 689 /* avoid repeated calls? */ 690 if (r == 0) 691 r = -1; | 714 /* avoid repeated calls? */ 715 if (r == 0) 716 r = -1; |
| 692#endif /* _FFR_DEAL_WITH_ERROR_SSL */ | 717#endif /* DEAL_WITH_ERROR_SSL */ |
| 693 break; 694 } 695 if (err != NULL) 696 { 697 int save_errno; 698 699 save_errno = (errno == 0) ? EIO : errno; 700 again = MAX_TLS_IOS; --- 72 unchanged lines hidden --- | 718 break; 719 } 720 if (err != NULL) 721 { 722 int save_errno; 723 724 save_errno = (errno == 0) ? EIO : errno; 725 again = MAX_TLS_IOS; --- 72 unchanged lines hidden --- |