5
/* read TLS session state from stream
7
/* #include <tls_proxy.h>
9
/* int tls_proxy_context_scan(scan_fn, stream, flags, ptr)
10
/* ATTR_SCAN_MASTER_FN scan_fn;
15
/* tls_proxy_context_scan() reads a TLS_SESS_STATE structure
16
/* from the named stream using the specified attribute scan
17
/* routine. tls_proxy_context_scan() is meant to be passed as
18
/* a call-back to attr_scan(), thusly:
20
/* ... ATTR_TYPE_FUNC, tls_proxy_context_scan, (void *) tls_context, ...
22
/* Fatal: out of memory.
26
/* The Secure Mailer license must be distributed with this software.
29
/* IBM T.J. Watson Research
31
/* Yorktown Heights, NY 10598, USA
46
#include <mail_proto.h>
51
#include <tls_proxy.h>
53
/* tls_proxy_context_scan - receive TLS session state from stream */
55
int tls_proxy_context_scan(ATTR_SCAN_MASTER_FN scan_fn, VSTREAM *fp,
58
TLS_SESS_STATE *tls_context = (TLS_SESS_STATE *) ptr;
60
VSTRING *peer_CN = vstring_alloc(25);
61
VSTRING *issuer_CN = vstring_alloc(25);
62
VSTRING *peer_fingerprint = vstring_alloc(25);
63
VSTRING *protocol = vstring_alloc(25);
64
VSTRING *cipher_name = vstring_alloc(25);
67
* Note: memset() is not a portable way to initialize non-integer types.
69
memset(ptr, 0, sizeof(TLS_SESS_STATE));
70
ret = scan_fn(fp, flags | ATTR_FLAG_MORE,
71
ATTR_TYPE_STR, MAIL_ATTR_PEER_CN, peer_CN,
72
ATTR_TYPE_STR, MAIL_ATTR_ISSUER_CN, issuer_CN,
73
ATTR_TYPE_STR, MAIL_ATTR_PEER_FPT, peer_fingerprint,
74
ATTR_TYPE_INT, MAIL_ATTR_PEER_STATUS,
75
&tls_context->peer_status,
76
ATTR_TYPE_STR, MAIL_ATTR_CIPHER_PROTOCOL, protocol,
77
ATTR_TYPE_STR, MAIL_ATTR_CIPHER_NAME, cipher_name,
78
ATTR_TYPE_INT, MAIL_ATTR_CIPHER_USEBITS,
79
&tls_context->cipher_usebits,
80
ATTR_TYPE_INT, MAIL_ATTR_CIPHER_ALGBITS,
81
&tls_context->cipher_algbits,
83
tls_context->peer_CN = vstring_export(peer_CN);
84
tls_context->issuer_CN = vstring_export(issuer_CN);
85
tls_context->peer_fingerprint = vstring_export(peer_fingerprint);
86
tls_context->protocol = vstring_export(protocol);
87
tls_context->cipher_name = vstring_export(cipher_name);
88
return (ret == 8 ? 1 : -1);