1/*
2 * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers.
3 * All rights reserved.
4 *
5 * By using this file, you agree to the terms and conditions set
6 * forth in the LICENSE file which can be found at the top level of
7 * the sendmail distribution.
8 *
9 */
10
11#include <sm/gen.h>
12SM_RCSID("@(#)$Id: sfsasl.c,v 8.91.2.1 2002/08/27 01:35:17 ca Exp $")
13#include <stdlib.h>
14#include <sendmail.h>
15#include <errno.h>
16#if SASL
17# include "sfsasl.h"
18
19/* Structure used by the "sasl" file type */
20struct sasl_obj
21{
22 SM_FILE_T *fp;
23 sasl_conn_t *conn;
24};
25
26struct sasl_info
27{
28 SM_FILE_T *fp;
29 sasl_conn_t *conn;
30};
31
32/*
33** SASL_GETINFO - returns requested information about a "sasl" file
34** descriptor.
35**
36** Parameters:
37** fp -- the file descriptor
38** what -- the type of information requested
39** valp -- the thang to return the information in
40**
41** Returns:
42** -1 for unknown requests
43** >=0 on success with valp filled in (if possible).
44*/
45
46static int sasl_getinfo __P((SM_FILE_T *, int, void *));
47
48static int
49sasl_getinfo(fp, what, valp)
50 SM_FILE_T *fp;
51 int what;
52 void *valp;
53{
54 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
55
56 switch (what)
57 {
58 case SM_IO_WHAT_FD:
59 if (so->fp == NULL)
60 return -1;
61 return so->fp->f_file; /* for stdio fileno() compatability */
62
63 case SM_IO_IS_READABLE:
64 if (so->fp == NULL)
65 return 0;
66
67 /* get info from underlying file */
68 return sm_io_getinfo(so->fp, what, valp);
69
70 default:
71 return -1;
72 }
73}
74
75/*
76** SASL_OPEN -- creates the sasl specific information for opening a
77** file of the sasl type.
78**
79** Parameters:
80** fp -- the file pointer associated with the new open
81** info -- contains the sasl connection information pointer and
82** the original SM_FILE_T that holds the open
83** flags -- ignored
84** rpool -- ignored
85**
86** Returns:
87** 0 on success
88*/
89
90static int sasl_open __P((SM_FILE_T *, const void *, int, const void *));
91
92/* ARGSUSED2 */
93static int
94sasl_open(fp, info, flags, rpool)
95 SM_FILE_T *fp;
96 const void *info;
97 int flags;
98 const void *rpool;
99{
100 struct sasl_obj *so;
101 struct sasl_info *si = (struct sasl_info *) info;
102
103 so = (struct sasl_obj *) sm_malloc(sizeof(struct sasl_obj));
104 so->fp = si->fp;
105 so->conn = si->conn;
106
107 /*
108 ** The underlying 'fp' is set to SM_IO_NOW so that the entire
109 ** encoded string is written in one chunk. Otherwise there is
110 ** the possibility that it may appear illegal, bogus or
111 ** mangled to the other side of the connection.
112 ** We will read or write through 'fp' since it is the opaque
113 ** connection for the communications. We need to treat it this
114 ** way in case the encoded string is to be sent down a TLS
115 ** connection rather than, say, sm_io's stdio.
116 */
117
118 (void) sm_io_setvbuf(so->fp, SM_TIME_DEFAULT, NULL, SM_IO_NOW, 0);
119 fp->f_cookie = so;
120 return 0;
121}
122
123/*
124** SASL_CLOSE -- close the sasl specific parts of the sasl file pointer
125**
126** Parameters:
127** fp -- the file pointer to close
128**
129** Returns:
130** 0 on success
131*/
132
133static int sasl_close __P((SM_FILE_T *));
134
135static int
136sasl_close(fp)
137 SM_FILE_T *fp;
138{
139 struct sasl_obj *so;
140
141 so = (struct sasl_obj *) fp->f_cookie;
142 if (so->fp != NULL)
143 {
144 sm_io_close(so->fp, SM_TIME_DEFAULT);
145 so->fp = NULL;
146 }
147 sm_free(so);
148 so = NULL;
149 return 0;
150}
151
152/* how to deallocate a buffer allocated by SASL */
153extern void sm_sasl_free __P((void *));
154# define SASL_DEALLOC(b) sm_sasl_free(b)
155
156/*
157** SASL_READ -- read encrypted information and decrypt it for the caller
158**
159** Parameters:
160** fp -- the file pointer
161** buf -- the location to place the decrypted information
162** size -- the number of bytes to read after decryption
163**
164** Results:
165** -1 on error
166** otherwise the number of bytes read
167*/
168
169static ssize_t sasl_read __P((SM_FILE_T *, char *, size_t));
170
171static ssize_t
172sasl_read(fp, buf, size)
173 SM_FILE_T *fp;
174 char *buf;
175 size_t size;
176{
177 int result;
178 ssize_t len;
179# if SASL >= 20000
180 const char *outbuf = NULL;
181# else /* SASL >= 20000 */
182 static char *outbuf = NULL;
183# endif /* SASL >= 20000 */
184 static unsigned int outlen = 0;
185 static unsigned int offset = 0;
186 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
187
188 /*
189 ** sasl_decode() may require more data than a single read() returns.
190 ** Hence we have to put a loop around the decoding.
191 ** This also requires that we may have to split up the returned
192 ** data since it might be larger than the allowed size.
193 ** Therefore we use a static pointer and return portions of it
194 ** if necessary.
195 */
196
197 while (outbuf == NULL && outlen == 0)
198 {
199 len = sm_io_read(so->fp, SM_TIME_DEFAULT, buf, size);
200 if (len <= 0)
201 return len;
202 result = sasl_decode(so->conn, buf,
203 (unsigned int) len, &outbuf, &outlen);
204 if (result != SASL_OK)
205 {
206 outbuf = NULL;
207 offset = 0;
208 outlen = 0;
209 return -1;
210 }
211 }
212
213 if (outbuf == NULL)
214 {
215 /* be paranoid: outbuf == NULL but outlen != 0 */
216 syserr("@sasl_read failure: outbuf == NULL but outlen != 0");
217 /* NOTREACHED */
218 }
219 if (outlen - offset > size)
220 {
221 /* return another part of the buffer */
222 (void) memcpy(buf, outbuf + offset, size);
223 offset += size;
224 len = size;
225 }
226 else
227 {
228 /* return the rest of the buffer */
229 len = outlen - offset;
230 (void) memcpy(buf, outbuf + offset, (size_t) len);
231# if SASL < 20000
232 SASL_DEALLOC(outbuf);
233# endif /* SASL < 20000 */
234 outbuf = NULL;
235 offset = 0;
236 outlen = 0;
237 }
238 return len;
239}
240
241/*
242** SASL_WRITE -- write information out after encrypting it
243**
244** Parameters:
245** fp -- the file pointer
246** buf -- holds the data to be encrypted and written
247** size -- the number of bytes to have encrypted and written
248**
249** Returns:
250** -1 on error
251** otherwise number of bytes written
252*/
253
254static ssize_t sasl_write __P((SM_FILE_T *, const char *, size_t));
255
256static ssize_t
257sasl_write(fp, buf, size)
258 SM_FILE_T *fp;
259 const char *buf;
260 size_t size;
261{
262 int result;
263# if SASL >= 20000
264 const char *outbuf;
265# else /* SASL >= 20000 */
266 char *outbuf;
267# endif /* SASL >= 20000 */
268 unsigned int outlen;
269 size_t ret = 0, total = 0;
270 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
271
272 result = sasl_encode(so->conn, buf,
273 (unsigned int) size, &outbuf, &outlen);
274
275 if (result != SASL_OK)
276 return -1;
277
278 if (outbuf != NULL)
279 {
280 while (outlen > 0)
281 {
282 /* XXX result == 0? */
283 ret = sm_io_write(so->fp, SM_TIME_DEFAULT,
284 &outbuf[total], outlen);
285 outlen -= ret;
286 total += ret;
287 }
288# if SASL < 20000
289 SASL_DEALLOC(outbuf);
290# endif /* SASL < 20000 */
291 }
292 return size;
293}
294
295/*
296** SFDCSASL -- create sasl file type and open in and out file pointers
297** for sendmail to read from and write to.
298**
299** Parameters:
300** fin -- the sm_io file encrypted data to be read from
301** fout -- the sm_io file encrypted data to be writen to
302** conn -- the sasl connection pointer
303**
304** Returns:
305** -1 on error
306** 0 on success
307**
308** Side effects:
309** The arguments "fin" and "fout" are replaced with the new
310** SM_FILE_T pointers.
311*/
312
313int
314sfdcsasl(fin, fout, conn)
315 SM_FILE_T **fin;
316 SM_FILE_T **fout;
317 sasl_conn_t *conn;
318{
319 SM_FILE_T *newin, *newout;
320 SM_FILE_T SM_IO_SET_TYPE(sasl_vector, "sasl", sasl_open, sasl_close,
321 sasl_read, sasl_write, NULL, sasl_getinfo, NULL,
322 SM_TIME_FOREVER);
323 struct sasl_info info;
324
325 if (conn == NULL)
326 {
327 /* no need to do anything */
328 return 0;
329 }
330
331 SM_IO_INIT_TYPE(sasl_vector, "sasl", sasl_open, sasl_close,
332 sasl_read, sasl_write, NULL, sasl_getinfo, NULL,
333 SM_TIME_FOREVER);
334 info.fp = *fin;
335 info.conn = conn;
336 newin = sm_io_open(&sasl_vector, SM_TIME_DEFAULT, &info, SM_IO_RDONLY,
337 NULL);
338
339 if (newin == NULL)
340 return -1;
341
342 info.fp = *fout;
343 info.conn = conn;
344 newout = sm_io_open(&sasl_vector, SM_TIME_DEFAULT, &info, SM_IO_WRONLY,
345 NULL);
346
347 if (newout == NULL)
348 {
349 (void) sm_io_close(newin, SM_TIME_DEFAULT);
350 return -1;
351 }
352 sm_io_automode(newin, newout);
353
354 *fin = newin;
355 *fout = newout;
356 return 0;
357}
358#endif /* SASL */
359
360#if STARTTLS
361# include "sfsasl.h"
362# include <openssl/err.h>
363
364/* Structure used by the "tls" file type */
365struct tls_obj
366{
367 SM_FILE_T *fp;
368 SSL *con;
369};
370
371struct tls_info
372{
373 SM_FILE_T *fp;
374 SSL *con;
375};
376
377/*
378** TLS_GETINFO - returns requested information about a "tls" file
379** descriptor.
380**
381** Parameters:
382** fp -- the file descriptor
383** what -- the type of information requested
384** valp -- the thang to return the information in (unused)
385**
386** Returns:
387** -1 for unknown requests
388** >=0 on success with valp filled in (if possible).
389*/
390
391static int tls_getinfo __P((SM_FILE_T *, int, void *));
392
393/* ARGSUSED2 */
394static int
395tls_getinfo(fp, what, valp)
396 SM_FILE_T *fp;
397 int what;
398 void *valp;
399{
400 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
401
402 switch (what)
403 {
404 case SM_IO_WHAT_FD:
405 if (so->fp == NULL)
406 return -1;
407 return so->fp->f_file; /* for stdio fileno() compatability */
408
409 case SM_IO_IS_READABLE:
410 return SSL_pending(so->con) > 0;
411
412 default:
413 return -1;
414 }
415}
416
417/*
418** TLS_OPEN -- creates the tls specific information for opening a
419** file of the tls type.
420**
421** Parameters:
422** fp -- the file pointer associated with the new open
423** info -- the sm_io file pointer holding the open and the
424** TLS encryption connection to be read from or written to
425** flags -- ignored
426** rpool -- ignored
427**
428** Returns:
429** 0 on success
430*/
431
432static int tls_open __P((SM_FILE_T *, const void *, int, const void *));
433
434/* ARGSUSED2 */
435static int
436tls_open(fp, info, flags, rpool)
437 SM_FILE_T *fp;
438 const void *info;
439 int flags;
440 const void *rpool;
441{
442 struct tls_obj *so;
443 struct tls_info *ti = (struct tls_info *) info;
444
445 so = (struct tls_obj *) sm_malloc(sizeof(struct tls_obj));
446 so->fp = ti->fp;
447 so->con = ti->con;
448
449 /*
450 ** We try to get the "raw" file descriptor that TLS uses to
451 ** do the actual read/write with. This is to allow us control
452 ** over the file descriptor being a blocking or non-blocking type.
453 ** Under the covers TLS handles the change and this allows us
454 ** to do timeouts with sm_io.
455 */
456
457 fp->f_file = sm_io_getinfo(so->fp, SM_IO_WHAT_FD, NULL);
458 (void) sm_io_setvbuf(so->fp, SM_TIME_DEFAULT, NULL, SM_IO_NOW, 0);
459 fp->f_cookie = so;
460 return 0;
461}
462
463/*
464** TLS_CLOSE -- close the tls specific parts of the tls file pointer
465**
466** Parameters:
467** fp -- the file pointer to close
468**
469** Returns:
470** 0 on success
471*/
472
473static int tls_close __P((SM_FILE_T *));
474
475static int
476tls_close(fp)
477 SM_FILE_T *fp;
478{
479 struct tls_obj *so;
480
481 so = (struct tls_obj *) fp->f_cookie;
482 if (so->fp != NULL)
483 {
484 sm_io_close(so->fp, SM_TIME_DEFAULT);
485 so->fp = NULL;
486 }
487 sm_free(so);
488 so = NULL;
489 return 0;
490}
491
492/* maximum number of retries for TLS related I/O due to handshakes */
493# define MAX_TLS_IOS 4
494
495/*
496** TLS_READ -- read secured information for the caller
497**
498** Parameters:
499** fp -- the file pointer
500** buf -- the location to place the data
501** size -- the number of bytes to read from connection
502**
503** Results:
504** -1 on error
505** otherwise the number of bytes read
506*/
507
508static ssize_t tls_read __P((SM_FILE_T *, char *, size_t));
509
510static ssize_t
511tls_read(fp, buf, size)
512 SM_FILE_T *fp;
513 char *buf;
514 size_t size;
515{
516 int r;
517 static int again = MAX_TLS_IOS;
518 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
519 char *err;
520
521 r = SSL_read(so->con, (char *) buf, size);
522
523 if (r > 0)
524 {
525 again = MAX_TLS_IOS;
526 return r;
527 }
528
529 err = NULL;
530 switch (SSL_get_error(so->con, r))
531 {
532 case SSL_ERROR_NONE:
533 case SSL_ERROR_ZERO_RETURN:
534 again = MAX_TLS_IOS;
535 break;
536 case SSL_ERROR_WANT_WRITE:
537 if (--again <= 0)
538 err = "read W BLOCK";
539 else
540 errno = EAGAIN;
541 break;
542 case SSL_ERROR_WANT_READ:
543 if (--again <= 0)
544 err = "read R BLOCK";
545 else
546 errno = EAGAIN;
547 break;
548 case SSL_ERROR_WANT_X509_LOOKUP:
549 err = "write X BLOCK";
550 break;
551 case SSL_ERROR_SYSCALL:
552 if (r == 0 && errno == 0) /* out of protocol EOF found */
553 break;
554 err = "syscall error";
555/*
556 get_last_socket_error());
557*/
558 break;
559 case SSL_ERROR_SSL:
560#if _FFR_DEAL_WITH_ERROR_SSL
561 if (r == 0 && errno == 0) /* out of protocol EOF found */
562 break;
563#endif /* _FFR_DEAL_WITH_ERROR_SSL */
564 err = "generic SSL error";
565 if (LogLevel > 9)
566 tlslogerr("read");
567
568#if _FFR_DEAL_WITH_ERROR_SSL
569 /* avoid repeated calls? */
570 if (r == 0)
571 r = -1;
572#endif /* _FFR_DEAL_WITH_ERROR_SSL */
573 break;
574 }
575 if (err != NULL)
576 {
577 int save_errno;
578
579 save_errno = (errno == 0) ? EIO : errno;
580 again = MAX_TLS_IOS;
581 if (LogLevel > 7)
582 sm_syslog(LOG_WARNING, NOQID,
583 "STARTTLS: read error=%s (%d)", err, r);
584 errno = save_errno;
585 }
586 return r;
587}
588
589/*
590** TLS_WRITE -- write information out through secure connection
591**
592** Parameters:
593** fp -- the file pointer
594** buf -- holds the data to be securely written
595** size -- the number of bytes to write
596**
597** Returns:
598** -1 on error
599** otherwise number of bytes written
600*/
601
602static ssize_t tls_write __P((SM_FILE_T *, const char *, size_t));
603
604static ssize_t
605tls_write(fp, buf, size)
606 SM_FILE_T *fp;
607 const char *buf;
608 size_t size;
609{
610 int r;
611 static int again = MAX_TLS_IOS;
612 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
613 char *err;
614
615 r = SSL_write(so->con, (char *) buf, size);
616
617 if (r > 0)
618 {
619 again = MAX_TLS_IOS;
620 return r;
621 }
622 err = NULL;
623 switch (SSL_get_error(so->con, r))
624 {
625 case SSL_ERROR_NONE:
626 case SSL_ERROR_ZERO_RETURN:
627 again = MAX_TLS_IOS;
628 break;
629 case SSL_ERROR_WANT_WRITE:
630 if (--again <= 0)
631 err = "write W BLOCK";
632 else
633 errno = EAGAIN;
634 break;
635 case SSL_ERROR_WANT_READ:
636 if (--again <= 0)
637 err = "write R BLOCK";
638 else
639 errno = EAGAIN;
640 break;
641 case SSL_ERROR_WANT_X509_LOOKUP:
642 err = "write X BLOCK";
643 break;
644 case SSL_ERROR_SYSCALL:
645 if (r == 0 && errno == 0) /* out of protocol EOF found */
646 break;
647 err = "syscall error";
648/*
649 get_last_socket_error());
650*/
651 break;
652 case SSL_ERROR_SSL:
653 err = "generic SSL error";
654/*
655 ERR_GET_REASON(ERR_peek_error()));
656*/
657 if (LogLevel > 9)
658 tlslogerr("write");
659
660#if _FFR_DEAL_WITH_ERROR_SSL
661 /* avoid repeated calls? */
662 if (r == 0)
663 r = -1;
664#endif /* _FFR_DEAL_WITH_ERROR_SSL */
665 break;
666 }
667 if (err != NULL)
668 {
669 int save_errno;
670
671 save_errno = (errno == 0) ? EIO : errno;
672 again = MAX_TLS_IOS;
673 if (LogLevel > 7)
674 sm_syslog(LOG_WARNING, NOQID,
675 "STARTTLS: write error=%s (%d)", err, r);
676 errno = save_errno;
677 }
678 return r;
679}
680
681/*
682** SFDCTLS -- create tls file type and open in and out file pointers
683** for sendmail to read from and write to.
684**
685** Parameters:
686** fin -- data input source being replaced
687** fout -- data output source being replaced
688** conn -- the tls connection pointer
689**
690** Returns:
691** -1 on error
692** 0 on success
693**
694** Side effects:
695** The arguments "fin" and "fout" are replaced with the new
696** SM_FILE_T pointers.
697** The original "fin" and "fout" are preserved in the tls file
698** type but are not actually used because of the design of TLS.
699*/
700
701int
702sfdctls(fin, fout, con)
703 SM_FILE_T **fin;
704 SM_FILE_T **fout;
705 SSL *con;
706{
707 SM_FILE_T *tlsin, *tlsout;
708 SM_FILE_T SM_IO_SET_TYPE(tls_vector, "tls", tls_open, tls_close,
709 tls_read, tls_write, NULL, tls_getinfo, NULL,
710 SM_TIME_FOREVER);
711 struct tls_info info;
712
713 SM_ASSERT(con != NULL);
714
715 SM_IO_INIT_TYPE(tls_vector, "tls", tls_open, tls_close,
716 tls_read, tls_write, NULL, tls_getinfo, NULL,
717 SM_TIME_FOREVER);
718 info.fp = *fin;
719 info.con = con;
720 tlsin = sm_io_open(&tls_vector, SM_TIME_DEFAULT, &info, SM_IO_RDONLY,
721 NULL);
722 if (tlsin == NULL)
723 return -1;
724
725 info.fp = *fout;
726 tlsout = sm_io_open(&tls_vector, SM_TIME_DEFAULT, &info, SM_IO_WRONLY,
727 NULL);
728 if (tlsout == NULL)
729 {
730 (void) sm_io_close(tlsin, SM_TIME_DEFAULT);
731 return -1;
732 }
733 sm_io_automode(tlsin, tlsout);
734
735 *fin = tlsin;
736 *fout = tlsout;
737 return 0;
738}
739#endif /* STARTTLS */
2 * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers.
3 * All rights reserved.
4 *
5 * By using this file, you agree to the terms and conditions set
6 * forth in the LICENSE file which can be found at the top level of
7 * the sendmail distribution.
8 *
9 */
10
11#include <sm/gen.h>
12SM_RCSID("@(#)$Id: sfsasl.c,v 8.91.2.1 2002/08/27 01:35:17 ca Exp $")
13#include <stdlib.h>
14#include <sendmail.h>
15#include <errno.h>
16#if SASL
17# include "sfsasl.h"
18
19/* Structure used by the "sasl" file type */
20struct sasl_obj
21{
22 SM_FILE_T *fp;
23 sasl_conn_t *conn;
24};
25
26struct sasl_info
27{
28 SM_FILE_T *fp;
29 sasl_conn_t *conn;
30};
31
32/*
33** SASL_GETINFO - returns requested information about a "sasl" file
34** descriptor.
35**
36** Parameters:
37** fp -- the file descriptor
38** what -- the type of information requested
39** valp -- the thang to return the information in
40**
41** Returns:
42** -1 for unknown requests
43** >=0 on success with valp filled in (if possible).
44*/
45
46static int sasl_getinfo __P((SM_FILE_T *, int, void *));
47
48static int
49sasl_getinfo(fp, what, valp)
50 SM_FILE_T *fp;
51 int what;
52 void *valp;
53{
54 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
55
56 switch (what)
57 {
58 case SM_IO_WHAT_FD:
59 if (so->fp == NULL)
60 return -1;
61 return so->fp->f_file; /* for stdio fileno() compatability */
62
63 case SM_IO_IS_READABLE:
64 if (so->fp == NULL)
65 return 0;
66
67 /* get info from underlying file */
68 return sm_io_getinfo(so->fp, what, valp);
69
70 default:
71 return -1;
72 }
73}
74
75/*
76** SASL_OPEN -- creates the sasl specific information for opening a
77** file of the sasl type.
78**
79** Parameters:
80** fp -- the file pointer associated with the new open
81** info -- contains the sasl connection information pointer and
82** the original SM_FILE_T that holds the open
83** flags -- ignored
84** rpool -- ignored
85**
86** Returns:
87** 0 on success
88*/
89
90static int sasl_open __P((SM_FILE_T *, const void *, int, const void *));
91
92/* ARGSUSED2 */
93static int
94sasl_open(fp, info, flags, rpool)
95 SM_FILE_T *fp;
96 const void *info;
97 int flags;
98 const void *rpool;
99{
100 struct sasl_obj *so;
101 struct sasl_info *si = (struct sasl_info *) info;
102
103 so = (struct sasl_obj *) sm_malloc(sizeof(struct sasl_obj));
104 so->fp = si->fp;
105 so->conn = si->conn;
106
107 /*
108 ** The underlying 'fp' is set to SM_IO_NOW so that the entire
109 ** encoded string is written in one chunk. Otherwise there is
110 ** the possibility that it may appear illegal, bogus or
111 ** mangled to the other side of the connection.
112 ** We will read or write through 'fp' since it is the opaque
113 ** connection for the communications. We need to treat it this
114 ** way in case the encoded string is to be sent down a TLS
115 ** connection rather than, say, sm_io's stdio.
116 */
117
118 (void) sm_io_setvbuf(so->fp, SM_TIME_DEFAULT, NULL, SM_IO_NOW, 0);
119 fp->f_cookie = so;
120 return 0;
121}
122
123/*
124** SASL_CLOSE -- close the sasl specific parts of the sasl file pointer
125**
126** Parameters:
127** fp -- the file pointer to close
128**
129** Returns:
130** 0 on success
131*/
132
133static int sasl_close __P((SM_FILE_T *));
134
135static int
136sasl_close(fp)
137 SM_FILE_T *fp;
138{
139 struct sasl_obj *so;
140
141 so = (struct sasl_obj *) fp->f_cookie;
142 if (so->fp != NULL)
143 {
144 sm_io_close(so->fp, SM_TIME_DEFAULT);
145 so->fp = NULL;
146 }
147 sm_free(so);
148 so = NULL;
149 return 0;
150}
151
152/* how to deallocate a buffer allocated by SASL */
153extern void sm_sasl_free __P((void *));
154# define SASL_DEALLOC(b) sm_sasl_free(b)
155
156/*
157** SASL_READ -- read encrypted information and decrypt it for the caller
158**
159** Parameters:
160** fp -- the file pointer
161** buf -- the location to place the decrypted information
162** size -- the number of bytes to read after decryption
163**
164** Results:
165** -1 on error
166** otherwise the number of bytes read
167*/
168
169static ssize_t sasl_read __P((SM_FILE_T *, char *, size_t));
170
171static ssize_t
172sasl_read(fp, buf, size)
173 SM_FILE_T *fp;
174 char *buf;
175 size_t size;
176{
177 int result;
178 ssize_t len;
179# if SASL >= 20000
180 const char *outbuf = NULL;
181# else /* SASL >= 20000 */
182 static char *outbuf = NULL;
183# endif /* SASL >= 20000 */
184 static unsigned int outlen = 0;
185 static unsigned int offset = 0;
186 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
187
188 /*
189 ** sasl_decode() may require more data than a single read() returns.
190 ** Hence we have to put a loop around the decoding.
191 ** This also requires that we may have to split up the returned
192 ** data since it might be larger than the allowed size.
193 ** Therefore we use a static pointer and return portions of it
194 ** if necessary.
195 */
196
197 while (outbuf == NULL && outlen == 0)
198 {
199 len = sm_io_read(so->fp, SM_TIME_DEFAULT, buf, size);
200 if (len <= 0)
201 return len;
202 result = sasl_decode(so->conn, buf,
203 (unsigned int) len, &outbuf, &outlen);
204 if (result != SASL_OK)
205 {
206 outbuf = NULL;
207 offset = 0;
208 outlen = 0;
209 return -1;
210 }
211 }
212
213 if (outbuf == NULL)
214 {
215 /* be paranoid: outbuf == NULL but outlen != 0 */
216 syserr("@sasl_read failure: outbuf == NULL but outlen != 0");
217 /* NOTREACHED */
218 }
219 if (outlen - offset > size)
220 {
221 /* return another part of the buffer */
222 (void) memcpy(buf, outbuf + offset, size);
223 offset += size;
224 len = size;
225 }
226 else
227 {
228 /* return the rest of the buffer */
229 len = outlen - offset;
230 (void) memcpy(buf, outbuf + offset, (size_t) len);
231# if SASL < 20000
232 SASL_DEALLOC(outbuf);
233# endif /* SASL < 20000 */
234 outbuf = NULL;
235 offset = 0;
236 outlen = 0;
237 }
238 return len;
239}
240
241/*
242** SASL_WRITE -- write information out after encrypting it
243**
244** Parameters:
245** fp -- the file pointer
246** buf -- holds the data to be encrypted and written
247** size -- the number of bytes to have encrypted and written
248**
249** Returns:
250** -1 on error
251** otherwise number of bytes written
252*/
253
254static ssize_t sasl_write __P((SM_FILE_T *, const char *, size_t));
255
256static ssize_t
257sasl_write(fp, buf, size)
258 SM_FILE_T *fp;
259 const char *buf;
260 size_t size;
261{
262 int result;
263# if SASL >= 20000
264 const char *outbuf;
265# else /* SASL >= 20000 */
266 char *outbuf;
267# endif /* SASL >= 20000 */
268 unsigned int outlen;
269 size_t ret = 0, total = 0;
270 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
271
272 result = sasl_encode(so->conn, buf,
273 (unsigned int) size, &outbuf, &outlen);
274
275 if (result != SASL_OK)
276 return -1;
277
278 if (outbuf != NULL)
279 {
280 while (outlen > 0)
281 {
282 /* XXX result == 0? */
283 ret = sm_io_write(so->fp, SM_TIME_DEFAULT,
284 &outbuf[total], outlen);
285 outlen -= ret;
286 total += ret;
287 }
288# if SASL < 20000
289 SASL_DEALLOC(outbuf);
290# endif /* SASL < 20000 */
291 }
292 return size;
293}
294
295/*
296** SFDCSASL -- create sasl file type and open in and out file pointers
297** for sendmail to read from and write to.
298**
299** Parameters:
300** fin -- the sm_io file encrypted data to be read from
301** fout -- the sm_io file encrypted data to be writen to
302** conn -- the sasl connection pointer
303**
304** Returns:
305** -1 on error
306** 0 on success
307**
308** Side effects:
309** The arguments "fin" and "fout" are replaced with the new
310** SM_FILE_T pointers.
311*/
312
313int
314sfdcsasl(fin, fout, conn)
315 SM_FILE_T **fin;
316 SM_FILE_T **fout;
317 sasl_conn_t *conn;
318{
319 SM_FILE_T *newin, *newout;
320 SM_FILE_T SM_IO_SET_TYPE(sasl_vector, "sasl", sasl_open, sasl_close,
321 sasl_read, sasl_write, NULL, sasl_getinfo, NULL,
322 SM_TIME_FOREVER);
323 struct sasl_info info;
324
325 if (conn == NULL)
326 {
327 /* no need to do anything */
328 return 0;
329 }
330
331 SM_IO_INIT_TYPE(sasl_vector, "sasl", sasl_open, sasl_close,
332 sasl_read, sasl_write, NULL, sasl_getinfo, NULL,
333 SM_TIME_FOREVER);
334 info.fp = *fin;
335 info.conn = conn;
336 newin = sm_io_open(&sasl_vector, SM_TIME_DEFAULT, &info, SM_IO_RDONLY,
337 NULL);
338
339 if (newin == NULL)
340 return -1;
341
342 info.fp = *fout;
343 info.conn = conn;
344 newout = sm_io_open(&sasl_vector, SM_TIME_DEFAULT, &info, SM_IO_WRONLY,
345 NULL);
346
347 if (newout == NULL)
348 {
349 (void) sm_io_close(newin, SM_TIME_DEFAULT);
350 return -1;
351 }
352 sm_io_automode(newin, newout);
353
354 *fin = newin;
355 *fout = newout;
356 return 0;
357}
358#endif /* SASL */
359
360#if STARTTLS
361# include "sfsasl.h"
362# include <openssl/err.h>
363
364/* Structure used by the "tls" file type */
365struct tls_obj
366{
367 SM_FILE_T *fp;
368 SSL *con;
369};
370
371struct tls_info
372{
373 SM_FILE_T *fp;
374 SSL *con;
375};
376
377/*
378** TLS_GETINFO - returns requested information about a "tls" file
379** descriptor.
380**
381** Parameters:
382** fp -- the file descriptor
383** what -- the type of information requested
384** valp -- the thang to return the information in (unused)
385**
386** Returns:
387** -1 for unknown requests
388** >=0 on success with valp filled in (if possible).
389*/
390
391static int tls_getinfo __P((SM_FILE_T *, int, void *));
392
393/* ARGSUSED2 */
394static int
395tls_getinfo(fp, what, valp)
396 SM_FILE_T *fp;
397 int what;
398 void *valp;
399{
400 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
401
402 switch (what)
403 {
404 case SM_IO_WHAT_FD:
405 if (so->fp == NULL)
406 return -1;
407 return so->fp->f_file; /* for stdio fileno() compatability */
408
409 case SM_IO_IS_READABLE:
410 return SSL_pending(so->con) > 0;
411
412 default:
413 return -1;
414 }
415}
416
417/*
418** TLS_OPEN -- creates the tls specific information for opening a
419** file of the tls type.
420**
421** Parameters:
422** fp -- the file pointer associated with the new open
423** info -- the sm_io file pointer holding the open and the
424** TLS encryption connection to be read from or written to
425** flags -- ignored
426** rpool -- ignored
427**
428** Returns:
429** 0 on success
430*/
431
432static int tls_open __P((SM_FILE_T *, const void *, int, const void *));
433
434/* ARGSUSED2 */
435static int
436tls_open(fp, info, flags, rpool)
437 SM_FILE_T *fp;
438 const void *info;
439 int flags;
440 const void *rpool;
441{
442 struct tls_obj *so;
443 struct tls_info *ti = (struct tls_info *) info;
444
445 so = (struct tls_obj *) sm_malloc(sizeof(struct tls_obj));
446 so->fp = ti->fp;
447 so->con = ti->con;
448
449 /*
450 ** We try to get the "raw" file descriptor that TLS uses to
451 ** do the actual read/write with. This is to allow us control
452 ** over the file descriptor being a blocking or non-blocking type.
453 ** Under the covers TLS handles the change and this allows us
454 ** to do timeouts with sm_io.
455 */
456
457 fp->f_file = sm_io_getinfo(so->fp, SM_IO_WHAT_FD, NULL);
458 (void) sm_io_setvbuf(so->fp, SM_TIME_DEFAULT, NULL, SM_IO_NOW, 0);
459 fp->f_cookie = so;
460 return 0;
461}
462
463/*
464** TLS_CLOSE -- close the tls specific parts of the tls file pointer
465**
466** Parameters:
467** fp -- the file pointer to close
468**
469** Returns:
470** 0 on success
471*/
472
473static int tls_close __P((SM_FILE_T *));
474
475static int
476tls_close(fp)
477 SM_FILE_T *fp;
478{
479 struct tls_obj *so;
480
481 so = (struct tls_obj *) fp->f_cookie;
482 if (so->fp != NULL)
483 {
484 sm_io_close(so->fp, SM_TIME_DEFAULT);
485 so->fp = NULL;
486 }
487 sm_free(so);
488 so = NULL;
489 return 0;
490}
491
492/* maximum number of retries for TLS related I/O due to handshakes */
493# define MAX_TLS_IOS 4
494
495/*
496** TLS_READ -- read secured information for the caller
497**
498** Parameters:
499** fp -- the file pointer
500** buf -- the location to place the data
501** size -- the number of bytes to read from connection
502**
503** Results:
504** -1 on error
505** otherwise the number of bytes read
506*/
507
508static ssize_t tls_read __P((SM_FILE_T *, char *, size_t));
509
510static ssize_t
511tls_read(fp, buf, size)
512 SM_FILE_T *fp;
513 char *buf;
514 size_t size;
515{
516 int r;
517 static int again = MAX_TLS_IOS;
518 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
519 char *err;
520
521 r = SSL_read(so->con, (char *) buf, size);
522
523 if (r > 0)
524 {
525 again = MAX_TLS_IOS;
526 return r;
527 }
528
529 err = NULL;
530 switch (SSL_get_error(so->con, r))
531 {
532 case SSL_ERROR_NONE:
533 case SSL_ERROR_ZERO_RETURN:
534 again = MAX_TLS_IOS;
535 break;
536 case SSL_ERROR_WANT_WRITE:
537 if (--again <= 0)
538 err = "read W BLOCK";
539 else
540 errno = EAGAIN;
541 break;
542 case SSL_ERROR_WANT_READ:
543 if (--again <= 0)
544 err = "read R BLOCK";
545 else
546 errno = EAGAIN;
547 break;
548 case SSL_ERROR_WANT_X509_LOOKUP:
549 err = "write X BLOCK";
550 break;
551 case SSL_ERROR_SYSCALL:
552 if (r == 0 && errno == 0) /* out of protocol EOF found */
553 break;
554 err = "syscall error";
555/*
556 get_last_socket_error());
557*/
558 break;
559 case SSL_ERROR_SSL:
560#if _FFR_DEAL_WITH_ERROR_SSL
561 if (r == 0 && errno == 0) /* out of protocol EOF found */
562 break;
563#endif /* _FFR_DEAL_WITH_ERROR_SSL */
564 err = "generic SSL error";
565 if (LogLevel > 9)
566 tlslogerr("read");
567
568#if _FFR_DEAL_WITH_ERROR_SSL
569 /* avoid repeated calls? */
570 if (r == 0)
571 r = -1;
572#endif /* _FFR_DEAL_WITH_ERROR_SSL */
573 break;
574 }
575 if (err != NULL)
576 {
577 int save_errno;
578
579 save_errno = (errno == 0) ? EIO : errno;
580 again = MAX_TLS_IOS;
581 if (LogLevel > 7)
582 sm_syslog(LOG_WARNING, NOQID,
583 "STARTTLS: read error=%s (%d)", err, r);
584 errno = save_errno;
585 }
586 return r;
587}
588
589/*
590** TLS_WRITE -- write information out through secure connection
591**
592** Parameters:
593** fp -- the file pointer
594** buf -- holds the data to be securely written
595** size -- the number of bytes to write
596**
597** Returns:
598** -1 on error
599** otherwise number of bytes written
600*/
601
602static ssize_t tls_write __P((SM_FILE_T *, const char *, size_t));
603
604static ssize_t
605tls_write(fp, buf, size)
606 SM_FILE_T *fp;
607 const char *buf;
608 size_t size;
609{
610 int r;
611 static int again = MAX_TLS_IOS;
612 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
613 char *err;
614
615 r = SSL_write(so->con, (char *) buf, size);
616
617 if (r > 0)
618 {
619 again = MAX_TLS_IOS;
620 return r;
621 }
622 err = NULL;
623 switch (SSL_get_error(so->con, r))
624 {
625 case SSL_ERROR_NONE:
626 case SSL_ERROR_ZERO_RETURN:
627 again = MAX_TLS_IOS;
628 break;
629 case SSL_ERROR_WANT_WRITE:
630 if (--again <= 0)
631 err = "write W BLOCK";
632 else
633 errno = EAGAIN;
634 break;
635 case SSL_ERROR_WANT_READ:
636 if (--again <= 0)
637 err = "write R BLOCK";
638 else
639 errno = EAGAIN;
640 break;
641 case SSL_ERROR_WANT_X509_LOOKUP:
642 err = "write X BLOCK";
643 break;
644 case SSL_ERROR_SYSCALL:
645 if (r == 0 && errno == 0) /* out of protocol EOF found */
646 break;
647 err = "syscall error";
648/*
649 get_last_socket_error());
650*/
651 break;
652 case SSL_ERROR_SSL:
653 err = "generic SSL error";
654/*
655 ERR_GET_REASON(ERR_peek_error()));
656*/
657 if (LogLevel > 9)
658 tlslogerr("write");
659
660#if _FFR_DEAL_WITH_ERROR_SSL
661 /* avoid repeated calls? */
662 if (r == 0)
663 r = -1;
664#endif /* _FFR_DEAL_WITH_ERROR_SSL */
665 break;
666 }
667 if (err != NULL)
668 {
669 int save_errno;
670
671 save_errno = (errno == 0) ? EIO : errno;
672 again = MAX_TLS_IOS;
673 if (LogLevel > 7)
674 sm_syslog(LOG_WARNING, NOQID,
675 "STARTTLS: write error=%s (%d)", err, r);
676 errno = save_errno;
677 }
678 return r;
679}
680
681/*
682** SFDCTLS -- create tls file type and open in and out file pointers
683** for sendmail to read from and write to.
684**
685** Parameters:
686** fin -- data input source being replaced
687** fout -- data output source being replaced
688** conn -- the tls connection pointer
689**
690** Returns:
691** -1 on error
692** 0 on success
693**
694** Side effects:
695** The arguments "fin" and "fout" are replaced with the new
696** SM_FILE_T pointers.
697** The original "fin" and "fout" are preserved in the tls file
698** type but are not actually used because of the design of TLS.
699*/
700
701int
702sfdctls(fin, fout, con)
703 SM_FILE_T **fin;
704 SM_FILE_T **fout;
705 SSL *con;
706{
707 SM_FILE_T *tlsin, *tlsout;
708 SM_FILE_T SM_IO_SET_TYPE(tls_vector, "tls", tls_open, tls_close,
709 tls_read, tls_write, NULL, tls_getinfo, NULL,
710 SM_TIME_FOREVER);
711 struct tls_info info;
712
713 SM_ASSERT(con != NULL);
714
715 SM_IO_INIT_TYPE(tls_vector, "tls", tls_open, tls_close,
716 tls_read, tls_write, NULL, tls_getinfo, NULL,
717 SM_TIME_FOREVER);
718 info.fp = *fin;
719 info.con = con;
720 tlsin = sm_io_open(&tls_vector, SM_TIME_DEFAULT, &info, SM_IO_RDONLY,
721 NULL);
722 if (tlsin == NULL)
723 return -1;
724
725 info.fp = *fout;
726 tlsout = sm_io_open(&tls_vector, SM_TIME_DEFAULT, &info, SM_IO_WRONLY,
727 NULL);
728 if (tlsout == NULL)
729 {
730 (void) sm_io_close(tlsin, SM_TIME_DEFAULT);
731 return -1;
732 }
733 sm_io_automode(tlsin, tlsout);
734
735 *fin = tlsin;
736 *fout = tlsout;
737 return 0;
738}
739#endif /* STARTTLS */