2
* Heirloom mailx - a mail user agent derived from Berkeley Mail.
4
* Copyright (c) 2000-2004 Gunnar Ritter, Freiburg i. Br., Germany.
8
* Gunnar Ritter. All rights reserved.
10
* Redistribution and use in source and binary forms, with or without
11
* modification, are permitted provided that the following conditions
13
* 1. Redistributions of source code must retain the above copyright
14
* notice, this list of conditions and the following disclaimer.
15
* 2. Redistributions in binary form must reproduce the above copyright
16
* notice, this list of conditions and the following disclaimer in the
17
* documentation and/or other materials provided with the distribution.
18
* 3. All advertising materials mentioning features or use of this software
19
* must display the following acknowledgement:
20
* This product includes software developed by Gunnar Ritter
21
* and his contributors.
22
* 4. Neither the name of Gunnar Ritter nor the names of his contributors
23
* may be used to endorse or promote products derived from this software
24
* without specific prior written permission.
26
* THIS SOFTWARE IS PROVIDED BY GUNNAR RITTER AND CONTRIBUTORS ``AS IS'' AND
27
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29
* ARE DISCLAIMED. IN NO EVENT SHALL GUNNAR RITTER OR CONTRIBUTORS BE LIABLE
30
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41
static char sccsid[] = "@(#)ssl.c 1.39 (gritter) 6/12/06";
53
ssl_set_vrfy_level(const char *uhp)
58
ssl_vrfy_level = VRFY_ASK;
59
vrvar = ac_alloc(strlen(uhp) + 12);
60
strcpy(vrvar, "ssl-verify-");
61
strcpy(&vrvar[11], uhp);
62
if ((cp = value(vrvar)) == NULL)
63
cp = value("ssl-verify");
66
if (equal(cp, "strict"))
67
ssl_vrfy_level = VRFY_STRICT;
68
else if (equal(cp, "ask"))
69
ssl_vrfy_level = VRFY_ASK;
70
else if (equal(cp, "warn"))
71
ssl_vrfy_level = VRFY_WARN;
72
else if (equal(cp, "ignore"))
73
ssl_vrfy_level = VRFY_IGNORE;
75
fprintf(stderr, catgets(catd, CATSET, 265,
76
"invalid value of ssl-verify: %s\n"),
86
switch (ssl_vrfy_level) {
95
fprintf(stderr, catgets(catd, CATSET, 264,
97
if (readline(stdin, &line, &linesize) > 0 &&
114
ssl_method_string(const char *uhp)
118
mtvar = ac_alloc(strlen(uhp) + 12);
119
strcpy(mtvar, "ssl-method-");
120
strcpy(&mtvar[11], uhp);
121
if ((cp = value(mtvar)) == NULL)
122
cp = value("ssl-method");
128
smime_split(FILE *ip, FILE **hp, FILE **bp, long xcount, int keep)
131
char *savedfields = NULL;
132
size_t bufsize, buflen, count, savedsize = 0;
135
if ((*hp = Ftemp(&hn, "Rh", "w+", 0600, 1)) == NULL ||
136
(*bp = Ftemp(&bn, "Rb", "w+", 0600, 1)) == NULL) {
144
buf = smalloc(bufsize = LINESIZE);
145
savedfields = smalloc(savedsize = 1);
151
while (fgetline(&buf, &bufsize, &count, &buflen, ip, 0) != NULL &&
153
if (ascncasecmp(buf, "content-", 8) == 0) {
155
fputs("X-Encoded-", *hp);
158
savedfields = srealloc(savedfields, savedsize);
159
strcat(savedfields, buf);
161
fwrite(buf, sizeof *buf, buflen, *hp);
166
fgetline(&buf, &bufsize, &count, &buflen,
171
fwrite(buf, sizeof *buf, buflen, *hp);
175
fputs(savedfields, *bp);
177
while (fgetline(&buf, &bufsize, &count, &buflen, ip, 0) != NULL)
178
fwrite(buf, sizeof *buf, buflen, *bp);
186
smime_sign_assemble(FILE *hp, FILE *bp, FILE *sp)
192
if ((op = Ftemp(&cp, "Rs", "w+", 0600, 1)) == NULL) {
198
boundary = makeboundary();
199
while ((c = getc(hp)) != EOF) {
200
if (c == '\n' && lastc == '\n')
205
fprintf(op, "Content-Type: multipart/signed;\n"
206
" protocol=\"application/x-pkcs7-signature\"; micalg=sha1;\n"
207
" boundary=\"%s\"\n\n", boundary);
208
fprintf(op, "This is an S/MIME signed message.\n\n--%s\n",
210
while ((c = getc(bp)) != EOF)
212
fprintf(op, "\n--%s\n", boundary);
213
fputs("Content-Type: application/x-pkcs7-signature; "
214
"name=\"smime.p7s\"\n"
215
"Content-Transfer-Encoding: base64\n"
216
"Content-Disposition: attachment; filename=\"smime.p7s\"\n\n",
218
while ((c = getc(sp)) != EOF) {
220
while ((c = getc(sp)) != EOF && c != '\n');
225
fprintf(op, "\n--%s--\n", boundary);
231
perror("signed output data");
240
smime_encrypt_assemble(FILE *hp, FILE *yp)
246
if ((op = Ftemp(&cp, "Rs", "w+", 0600, 1)) == NULL) {
252
while ((c = getc(hp)) != EOF) {
253
if (c == '\n' && lastc == '\n')
258
fprintf(op, "Content-Type: application/x-pkcs7-mime; "
259
"name=\"smime.p7m\"\n"
260
"Content-Transfer-Encoding: base64\n"
261
"Content-Disposition: attachment; "
262
"filename=\"smime.p7m\"\n\n");
263
while ((c = getc(yp)) != EOF) {
265
while ((c = getc(yp)) != EOF && c != '\n');
274
perror("encrypted output data");
283
smime_decrypt_assemble(struct message *m, FILE *hp, FILE *bp)
285
int binary = 0, lastnl = 0;
286
char *buf = NULL, *cp;
287
size_t bufsize = 0, buflen, count;
288
long lines = 0, octets = 0;
292
x = salloc(sizeof *x);
295
fseek(mb.mb_otf, 0L, SEEK_END);
296
offset = ftell(mb.mb_otf);
298
while (fgetline(&buf, &bufsize, &count, &buflen, hp, 0) != NULL) {
301
if ((cp = thisfield(buf, "content-transfer-encoding")) != NULL)
302
if (ascncasecmp(cp, "binary", 7) == 0)
304
fwrite(buf, sizeof *buf, buflen, mb.mb_otf);
308
octets += mkdate(mb.mb_otf, "X-Decoding-Date");
311
while (fgetline(&buf, &bufsize, &count, &buflen, bp, 0) != NULL) {
313
if (!binary && buf[buflen-1] == '\n' && buf[buflen-2] == '\r')
314
buf[--buflen-1] = '\n';
315
fwrite(buf, sizeof *buf, buflen, mb.mb_otf);
319
else if (buf[buflen-1] == '\n')
324
while (!binary && lastnl < 2) {
325
putc('\n', mb.mb_otf);
334
if (ferror(mb.mb_otf)) {
335
perror("decrypted output data");
338
x->m_size = x->m_xsize = octets;
339
x->m_lines = x->m_xlines = lines;
340
x->m_block = mailx_blockof(offset);
341
x->m_offset = mailx_offsetof(offset);
350
char *file = NULL, *str = v;
354
msgvec = salloc((msgCount + 2) * sizeof *msgvec);
355
if ((file = laststring(str, &f, 1)) == NULL) {
356
fprintf(stderr, "No file to save certificate given.\n");
360
*msgvec = first(0, MMNORM);
365
"No messages to get certificates from.\n");
369
} else if (getmsglist(str, msgvec, 0) < 0)
374
fprintf(stderr, "No applicable messages.\n");
377
if ((fp = Fopen(file, "a")) == NULL) {
381
for (ip = msgvec; *ip && ip-msgvec < msgCount; ip++)
382
if (smime_certsave(&message[*ip-1], *ip, fp) != OKAY)
386
printf("Certificate(s) saved.\n");
390
rfc2595_hostname_match(const char *host, const char *pattern)
392
if (pattern[0] == '*' && pattern[1] == '.') {
394
while (*host && *host != '.')
397
return asccasecmp(host, pattern) == 0 ? OKAY : STOP;