~ubuntu-branches/ubuntu/oneiric/heirloom-mailx/oneiric

« back to all changes in this revision

Viewing changes to ssl.c

Committer: Bazaar Package Importer
Author(s): Hilko Bengen
Date: 2008-02-18 20:45:00 UTC
Revision ID: james.westby@ubuntu.com-20080218204500-ezficstzczzr7v19

Tags: upstream-12.3

Import upstream version 12.3

files added:

AUTHORS

COPYING

ChangeLog

INSTALL

Makefile

README

TODO

aux.c

base64.c

cache.c

catd

catd/en_US

cmd1.c

cmd2.c

cmd3.c

cmdtab.c

collect.c

def.h

dotlock.c

edit.c

extern.h

fio.c

getname.c

getopt.c

glob.h

head.c

hmac.c

imap.c

imap_gssapi.c

imap_search.c

junk.c

lex.c

list.c

lzw.c

macro.c

maildir.c

mailx.1

mailx.1.html

mailx.spec

main.c

makeconfig

md5.c

md5.h

mime.c

nail.rc

names.c

nss.c

nsserr.c

openssl.c

pkginfo

pop3.c

popen.c

quit.c

rcv.h

send.c

sendout.c

smtp.c

ssl.c

strings.c

temp.c

thread.c

tty.c

v7.local.c

vars.c

version.c

Show diffs side-by-side

added added

removed removed

ssl.c

* Heirloom mailx - a mail user agent derived from Berkeley Mail.

* Redistribution and use in source and binary forms, with or without

* modification, are permitted provided that the following conditions

* are met:

* 1. Redistributions of source code must retain the above copyright

* notice, this list of conditions and the following disclaimer.

* 2. Redistributions in binary form must reproduce the above copyright

* notice, this list of conditions and the following disclaimer in the

* documentation and/or other materials provided with the distribution.

* 3. All advertising materials mentioning features or use of this software

* must display the following acknowledgement:

* This product includes software developed by Gunnar Ritter

* and his contributors.

* 4. Neither the name of Gunnar Ritter nor the names of his contributors

* may be used to endorse or promote products derived from this software

* without specific prior written permission.

* THIS SOFTWARE IS PROVIDED BY GUNNAR RITTER AND CONTRIBUTORS ``AS IS'' AND

* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

* ARE DISCLAIMED. IN NO EVENT SHALL GUNNAR RITTER OR CONTRIBUTORS BE LIABLE

* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

#ifndef lint

#ifdef DOSCCS

static char sccsid[] = "@(#)ssl.c 1.39 (gritter) 6/12/06";

#endif

#endif /* not lint */

#include "config.h"

#ifdef USE_SSL

#include "rcv.h"

#include "extern.h"

void

ssl_set_vrfy_level(const char *uhp)

{

char *cp;

char *vrvar;

ssl_vrfy_level = VRFY_ASK;

vrvar = ac_alloc(strlen(uhp) + 12);

strcpy(vrvar, "ssl-verify-");

strcpy(&vrvar[11], uhp);

if ((cp = value(vrvar)) == NULL)

cp = value("ssl-verify");

ac_free(vrvar);

if (cp != NULL) {

if (equal(cp, "strict"))

ssl_vrfy_level = VRFY_STRICT;

else if (equal(cp, "ask"))

ssl_vrfy_level = VRFY_ASK;

else if (equal(cp, "warn"))

ssl_vrfy_level = VRFY_WARN;

else if (equal(cp, "ignore"))

ssl_vrfy_level = VRFY_IGNORE;

else

fprintf(stderr, catgets(catd, CATSET, 265,

"invalid value of ssl-verify: %s\n"),

cp);

}

enum okay

ssl_vrfy_decide(void)

{

enum okay ok = STOP;

switch (ssl_vrfy_level) {

case VRFY_STRICT:

ok = STOP;

break;

case VRFY_ASK:

{

char *line = NULL;

size_t linesize = 0;

fprintf(stderr, catgets(catd, CATSET, 264,

"Continue (y/n)? "));

if (readline(stdin, &line, &linesize) > 0 &&

*line == 'y')

ok = OKAY;

100

else

101

ok = STOP;

102

if (line)

103

free(line);

104

}

105

break;

106

case VRFY_WARN:

107

case VRFY_IGNORE:

108

ok = OKAY;

109

}

110

return ok;

111

}

112

113

char *

114

ssl_method_string(const char *uhp)

115

{

116

char *cp, *mtvar;

117

118

mtvar = ac_alloc(strlen(uhp) + 12);

119

strcpy(mtvar, "ssl-method-");

120

strcpy(&mtvar[11], uhp);

121

if ((cp = value(mtvar)) == NULL)

122

cp = value("ssl-method");

123

ac_free(mtvar);

124

return cp;

125

}

126

127

enum okay

128

smime_split(FILE *ip, FILE **hp, FILE **bp, long xcount, int keep)

129

{

130

char *buf, *hn, *bn;

131

char *savedfields = NULL;

132

size_t bufsize, buflen, count, savedsize = 0;

133

int c;

134

135

if ((*hp = Ftemp(&hn, "Rh", "w+", 0600, 1)) == NULL ||

136

(*bp = Ftemp(&bn, "Rb", "w+", 0600, 1)) == NULL) {

137

perror("tempfile");

138

return STOP;

139

}

140

rm(hn);

141

rm(bn);

142

Ftfree(&hn);

143

Ftfree(&bn);

144

buf = smalloc(bufsize = LINESIZE);

145

savedfields = smalloc(savedsize = 1);

146

*savedfields = '\0';

147

if (xcount < 0)

148

count = fsize(ip);

149

else

150

count = xcount;

151

while (fgetline(&buf, &bufsize, &count, &buflen, ip, 0) != NULL &&

152

*buf != '\n') {

153

if (ascncasecmp(buf, "content-", 8) == 0) {

154

if (keep)

155

fputs("X-Encoded-", *hp);

156

for (;;) {

157

savedsize += buflen;

158

savedfields = srealloc(savedfields, savedsize);

159

strcat(savedfields, buf);

160

if (keep)

161

fwrite(buf, sizeof *buf, buflen, *hp);

162

c = getc(ip);

163

ungetc(c, ip);

164

if (!blankchar(c))

165

break;

166

fgetline(&buf, &bufsize, &count, &buflen,

167

ip, 0);

168

}

169

continue;

170

}

171

fwrite(buf, sizeof *buf, buflen, *hp);

172

}

173

fflush(*hp);

174

rewind(*hp);

175

fputs(savedfields, *bp);

176

putc('\n', *bp);

177

while (fgetline(&buf, &bufsize, &count, &buflen, ip, 0) != NULL)

178

fwrite(buf, sizeof *buf, buflen, *bp);

179

fflush(*bp);

180

rewind(*bp);

181

free(buf);

182

return OKAY;

183

}

184

185

FILE *

186

smime_sign_assemble(FILE *hp, FILE *bp, FILE *sp)

187

{

188

char *boundary, *cp;

189

FILE *op;

190

int c, lastc = EOF;

191

192

if ((op = Ftemp(&cp, "Rs", "w+", 0600, 1)) == NULL) {

193

perror("tempfile");

194

return NULL;

195

}

196

rm(cp);

197

Ftfree(&cp);

198

boundary = makeboundary();

199

while ((c = getc(hp)) != EOF) {

200

if (c == '\n' && lastc == '\n')

201

break;

202

putc(c, op);

203

lastc = c;

204

}

205

fprintf(op, "Content-Type: multipart/signed;\n"

206

" protocol=\"application/x-pkcs7-signature\"; micalg=sha1;\n"

207

" boundary=\"%s\"\n\n", boundary);

208

fprintf(op, "This is an S/MIME signed message.\n\n--%s\n",

209

boundary);

210

while ((c = getc(bp)) != EOF)

211

putc(c, op);

212

fprintf(op, "\n--%s\n", boundary);

213

fputs("Content-Type: application/x-pkcs7-signature; "

214

"name=\"smime.p7s\"\n"

215

"Content-Transfer-Encoding: base64\n"

216

"Content-Disposition: attachment; filename=\"smime.p7s\"\n\n",

217

op);

218

while ((c = getc(sp)) != EOF) {

219

if (c == '-') {

220

while ((c = getc(sp)) != EOF && c != '\n');

221

continue;

222

}

223

putc(c, op);

224

}

225

fprintf(op, "\n--%s--\n", boundary);

226

Fclose(hp);

227

Fclose(bp);

228

Fclose(sp);

229

fflush(op);

230

if (ferror(op)) {

231

perror("signed output data");

232

Fclose(op);

233

return NULL;

234

}

235

rewind(op);

236

return op;

237

}

238

239

FILE *

240

smime_encrypt_assemble(FILE *hp, FILE *yp)

241

{

242

char *cp;

243

FILE *op;

244

int c, lastc = EOF;

245

246

if ((op = Ftemp(&cp, "Rs", "w+", 0600, 1)) == NULL) {

247

perror("tempfile");

248

return NULL;

249

}

250

rm(cp);

251

Ftfree(&cp);

252

while ((c = getc(hp)) != EOF) {

253

if (c == '\n' && lastc == '\n')

254

break;

255

putc(c, op);

256

lastc = c;

257

}

258

fprintf(op, "Content-Type: application/x-pkcs7-mime; "

259

"name=\"smime.p7m\"\n"

260

"Content-Transfer-Encoding: base64\n"

261

"Content-Disposition: attachment; "

262

"filename=\"smime.p7m\"\n\n");

263

while ((c = getc(yp)) != EOF) {

264

if (c == '-') {

265

while ((c = getc(yp)) != EOF && c != '\n');

266

continue;

267

}

268

putc(c, op);

269

}

270

Fclose(hp);

271

Fclose(yp);

272

fflush(op);

273

if (ferror(op)) {

274

perror("encrypted output data");

275

Fclose(op);

276

return NULL;

277

}

278

rewind(op);

279

return op;

280

}

281

282

struct message *

283

smime_decrypt_assemble(struct message *m, FILE *hp, FILE *bp)

284

{

285

int binary = 0, lastnl = 0;

286

char *buf = NULL, *cp;

287

size_t bufsize = 0, buflen, count;

288

long lines = 0, octets = 0;

289

struct message *x;

290

off_t offset;

291

292

x = salloc(sizeof *x);

293

*x = *m;

294

fflush(mb.mb_otf);

295

fseek(mb.mb_otf, 0L, SEEK_END);

296

offset = ftell(mb.mb_otf);

297

count = fsize(hp);

298

while (fgetline(&buf, &bufsize, &count, &buflen, hp, 0) != NULL) {

299

if (buf[0] == '\n')

300

break;

301

if ((cp = thisfield(buf, "content-transfer-encoding")) != NULL)

302

if (ascncasecmp(cp, "binary", 7) == 0)

303

binary = 1;

304

fwrite(buf, sizeof *buf, buflen, mb.mb_otf);

305

octets += buflen;

306

lines++;

307

}

308

octets += mkdate(mb.mb_otf, "X-Decoding-Date");

309

lines++;

310

count = fsize(bp);

311

while (fgetline(&buf, &bufsize, &count, &buflen, bp, 0) != NULL) {

312

lines++;

313

if (!binary && buf[buflen-1] == '\n' && buf[buflen-2] == '\r')

314

buf[--buflen-1] = '\n';

315

fwrite(buf, sizeof *buf, buflen, mb.mb_otf);

316

octets += buflen;

317

if (buf[0] == '\n')

318

lastnl++;

319

else if (buf[buflen-1] == '\n')

320

lastnl = 1;

321

else

322

lastnl = 0;

323

}

324

while (!binary && lastnl < 2) {

325

putc('\n', mb.mb_otf);

326

lines++;

327

octets++;

328

lastnl++;

329

}

330

Fclose(hp);

331

Fclose(bp);

332

free(buf);

333

fflush(mb.mb_otf);

334

if (ferror(mb.mb_otf)) {

335

perror("decrypted output data");

336

return NULL;

337

}

338

x->m_size = x->m_xsize = octets;

339

x->m_lines = x->m_xlines = lines;

340

x->m_block = mailx_blockof(offset);

341

x->m_offset = mailx_offsetof(offset);

342

return x;

343

}

344

345

int

346

ccertsave(void *v)

347

{

348

int *ip;

349

int f, *msgvec;

350

char *file = NULL, *str = v;

351

int val = 0;

352

FILE *fp;

353

354

msgvec = salloc((msgCount + 2) * sizeof *msgvec);

355

if ((file = laststring(str, &f, 1)) == NULL) {

356

fprintf(stderr, "No file to save certificate given.\n");

357

return 1;

358

}

359

if (!f) {

360

*msgvec = first(0, MMNORM);

361

if (*msgvec == 0) {

362

if (inhook)

363

return 0;

364

fprintf(stderr,

365

"No messages to get certificates from.\n");

366

return 1;

367

}

368

msgvec[1] = 0;

369

} else if (getmsglist(str, msgvec, 0) < 0)

370

return 1;

371

if (*msgvec == 0) {

372

if (inhook)

373

return 0;

374

fprintf(stderr, "No applicable messages.\n");

375

return 1;

376

}

377

if ((fp = Fopen(file, "a")) == NULL) {

378

perror(file);

379

return 1;

380

}

381

for (ip = msgvec; *ip && ip-msgvec < msgCount; ip++)

382

if (smime_certsave(&message[*ip-1], *ip, fp) != OKAY)

383

val = 1;

384

Fclose(fp);

385

if (val == 0)

386

printf("Certificate(s) saved.\n");

387

return val;

388

}

389

enum okay

390

rfc2595_hostname_match(const char *host, const char *pattern)

391

{

392

if (pattern[0] == '*' && pattern[1] == '.') {

393

pattern++;

394

while (*host && *host != '.')

395

host++;

396

}

397

return asccasecmp(host, pattern) == 0 ? OKAY : STOP;

398

}

399

#endif /* USE_SSL */

Older »