1/* $NetBSD$ */ 2 3/*++ 4/* NAME 5/* tls_proxy_scan 6/* SUMMARY 7/* read TLS session state from stream 8/* SYNOPSIS 9/* #include <tls_proxy.h> 10/* 11/* int tls_proxy_context_scan(scan_fn, stream, flags, ptr) 12/* ATTR_SCAN_MASTER_FN scan_fn; 13/* VSTREAM *stream; 14/* int flags; 15/* void *ptr; 16/* DESCRIPTION 17/* tls_proxy_context_scan() reads a TLS_SESS_STATE structure 18/* from the named stream using the specified attribute scan 19/* routine. tls_proxy_context_scan() is meant to be passed as 20/* a call-back to attr_scan(), thusly: 21/* 22/* ... ATTR_TYPE_FUNC, tls_proxy_context_scan, (void *) tls_context, ... 23/* DIAGNOSTICS 24/* Fatal: out of memory. 25/* LICENSE 26/* .ad 27/* .fi 28/* The Secure Mailer license must be distributed with this software. 29/* AUTHOR(S) 30/* Wietse Venema 31/* IBM T.J. Watson Research 32/* P.O. Box 704 33/* Yorktown Heights, NY 10598, USA 34/*--*/ 35 36#ifdef USE_TLS 37 38/* System library. */ 39 40#include <sys_defs.h> 41 42/* Utility library */ 43 44#include <attr.h> 45 46/* Global library. */ 47 48#include <mail_proto.h> 49 50/* TLS library. */ 51 52#include <tls.h> 53#include <tls_proxy.h> 54 55/* tls_proxy_context_scan - receive TLS session state from stream */ 56 57int tls_proxy_context_scan(ATTR_SCAN_MASTER_FN scan_fn, VSTREAM *fp, 58 int flags, void *ptr) 59{ 60 TLS_SESS_STATE *tls_context = (TLS_SESS_STATE *) ptr; 61 int ret; 62 VSTRING *peer_CN = vstring_alloc(25); 63 VSTRING *issuer_CN = vstring_alloc(25); 64 VSTRING *peer_fingerprint = vstring_alloc(25); 65 VSTRING *protocol = vstring_alloc(25); 66 VSTRING *cipher_name = vstring_alloc(25); 67 68 /* 69 * Note: memset() is not a portable way to initialize non-integer types. 70 */ 71 memset(ptr, 0, sizeof(TLS_SESS_STATE)); 72 ret = scan_fn(fp, flags | ATTR_FLAG_MORE, 73 ATTR_TYPE_STR, MAIL_ATTR_PEER_CN, peer_CN, 74 ATTR_TYPE_STR, MAIL_ATTR_ISSUER_CN, issuer_CN, 75 ATTR_TYPE_STR, MAIL_ATTR_PEER_FPT, peer_fingerprint, 76 ATTR_TYPE_INT, MAIL_ATTR_PEER_STATUS, 77 &tls_context->peer_status, 78 ATTR_TYPE_STR, MAIL_ATTR_CIPHER_PROTOCOL, protocol, 79 ATTR_TYPE_STR, MAIL_ATTR_CIPHER_NAME, cipher_name, 80 ATTR_TYPE_INT, MAIL_ATTR_CIPHER_USEBITS, 81 &tls_context->cipher_usebits, 82 ATTR_TYPE_INT, MAIL_ATTR_CIPHER_ALGBITS, 83 &tls_context->cipher_algbits, 84 ATTR_TYPE_END); 85 tls_context->peer_CN = vstring_export(peer_CN); 86 tls_context->issuer_CN = vstring_export(issuer_CN); 87 tls_context->peer_fingerprint = vstring_export(peer_fingerprint); 88 tls_context->protocol = vstring_export(protocol); 89 tls_context->cipher_name = vstring_export(cipher_name); 90 return (ret == 8 ? 1 : -1); 91} 92 93#endif 94