search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Import sendmail 8.13.7
[dragonfly.git] / contrib / sendmail-8.13.7 / sendmail / sfsasl.c
blob216d87ef0a604cc6b6417d8c9fdf514a7426d21b
1 /*
2 * Copyright (c) 1999-2006 Sendmail, Inc. and its suppliers.
3 * All rights reserved.
4 *
5 * By using this file, you agree to the terms and conditions set
6 * forth in the LICENSE file which can be found at the top level of
7 * the sendmail distribution.
8 *
9 */
10
11 #include <sm/gen.h>
12 SM_RCSID("@(#)$Id: sfsasl.c,v 8.115 2006/04/18 21:34:07 ca Exp $")
13 #include <stdlib.h>
14 #include <sendmail.h>
15 #include <sm/time.h>
16 #include <errno.h>
17
18 /* allow to disable error handling code just in case... */
19 #ifndef DEAL_WITH_ERROR_SSL
20 # define DEAL_WITH_ERROR_SSL 1
21 #endif /* ! DEAL_WITH_ERROR_SSL */
22
23 #if SASL
24 # include "sfsasl.h"
25
26 /* Structure used by the "sasl" file type */
27 struct sasl_obj
28 {
29 SM_FILE_T *fp;
30 sasl_conn_t *conn;
31 };
32
33 struct sasl_info
34 {
35 SM_FILE_T *fp;
36 sasl_conn_t *conn;
37 };
38
39 /*
40 ** SASL_GETINFO - returns requested information about a "sasl" file
41 ** descriptor.
42 **
43 ** Parameters:
44 ** fp -- the file descriptor
45 ** what -- the type of information requested
46 ** valp -- the thang to return the information in
47 **
48 ** Returns:
49 ** -1 for unknown requests
50 ** >=0 on success with valp filled in (if possible).
51 */
52
53 static int sasl_getinfo __P((SM_FILE_T *, int, void *));
54
55 static int
56 sasl_getinfo(fp, what, valp)
57 SM_FILE_T *fp;
58 int what;
59 void *valp;
60 {
61 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
62
63 switch (what)
64 {
65 case SM_IO_WHAT_FD:
66 if (so->fp == NULL)
67 return -1;
68 return so->fp->f_file; /* for stdio fileno() compatability */
69
70 case SM_IO_IS_READABLE:
71 if (so->fp == NULL)
72 return 0;
73
74 /* get info from underlying file */
75 return sm_io_getinfo(so->fp, what, valp);
76
77 default:
78 return -1;
79 }
80 }
81
82 /*
83 ** SASL_OPEN -- creates the sasl specific information for opening a
84 ** file of the sasl type.
85 **
86 ** Parameters:
87 ** fp -- the file pointer associated with the new open
88 ** info -- contains the sasl connection information pointer and
89 ** the original SM_FILE_T that holds the open
90 ** flags -- ignored
91 ** rpool -- ignored
92 **
93 ** Returns:
94 ** 0 on success
95 */
96
97 static int sasl_open __P((SM_FILE_T *, const void *, int, const void *));
98
99 /* ARGSUSED2 */
100 static int
101 sasl_open(fp, info, flags, rpool)
102 SM_FILE_T *fp;
103 const void *info;
104 int flags;
105 const void *rpool;
106 {
107 struct sasl_obj *so;
108 struct sasl_info *si = (struct sasl_info *) info;
109
110 so = (struct sasl_obj *) sm_malloc(sizeof(struct sasl_obj));
111 if (so == NULL)
112 {
113 errno = ENOMEM;
114 return -1;
115 }
116 so->fp = si->fp;
117 so->conn = si->conn;
118
119 /*
120 ** The underlying 'fp' is set to SM_IO_NOW so that the entire
121 ** encoded string is written in one chunk. Otherwise there is
122 ** the possibility that it may appear illegal, bogus or
123 ** mangled to the other side of the connection.
124 ** We will read or write through 'fp' since it is the opaque
125 ** connection for the communications. We need to treat it this
126 ** way in case the encoded string is to be sent down a TLS
127 ** connection rather than, say, sm_io's stdio.
128 */
129
130 (void) sm_io_setvbuf(so->fp, SM_TIME_DEFAULT, NULL, SM_IO_NOW, 0);
131 fp->f_cookie = so;
132 return 0;
133 }
134
135 /*
136 ** SASL_CLOSE -- close the sasl specific parts of the sasl file pointer
137 **
138 ** Parameters:
139 ** fp -- the file pointer to close
140 **
141 ** Returns:
142 ** 0 on success
143 */
144
145 static int sasl_close __P((SM_FILE_T *));
146
147 static int
148 sasl_close(fp)
149 SM_FILE_T *fp;
150 {
151 struct sasl_obj *so;
152
153 so = (struct sasl_obj *) fp->f_cookie;
154 if (so == NULL)
155 return 0;
156 if (so->fp != NULL)
157 {
158 sm_io_close(so->fp, SM_TIME_DEFAULT);
159 so->fp = NULL;
160 }
161 sm_free(so);
162 so = NULL;
163 return 0;
164 }
165
166 /* how to deallocate a buffer allocated by SASL */
167 extern void sm_sasl_free __P((void *));
168 # define SASL_DEALLOC(b) sm_sasl_free(b)
169
170 /*
171 ** SASL_READ -- read encrypted information and decrypt it for the caller
172 **
173 ** Parameters:
174 ** fp -- the file pointer
175 ** buf -- the location to place the decrypted information
176 ** size -- the number of bytes to read after decryption
177 **
178 ** Results:
179 ** -1 on error
180 ** otherwise the number of bytes read
181 */
182
183 static ssize_t sasl_read __P((SM_FILE_T *, char *, size_t));
184
185 static ssize_t
186 sasl_read(fp, buf, size)
187 SM_FILE_T *fp;
188 char *buf;
189 size_t size;
190 {
191 int result;
192 ssize_t len;
193 # if SASL >= 20000
194 static const char *outbuf = NULL;
195 # else /* SASL >= 20000 */
196 static char *outbuf = NULL;
197 # endif /* SASL >= 20000 */
198 static unsigned int outlen = 0;
199 static unsigned int offset = 0;
200 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
201
202 /*
203 ** sasl_decode() may require more data than a single read() returns.
204 ** Hence we have to put a loop around the decoding.
205 ** This also requires that we may have to split up the returned
206 ** data since it might be larger than the allowed size.
207 ** Therefore we use a static pointer and return portions of it
208 ** if necessary.
209 ** XXX Note: This function is not thread-safe nor can it be used
210 ** on more than one file. A correct implementation would store
211 ** this data in fp->f_cookie.
212 */
213
214 # if SASL >= 20000
215 while (outlen == 0)
216 # else /* SASL >= 20000 */
217 while (outbuf == NULL && outlen == 0)
218 # endif /* SASL >= 20000 */
219 {
220 len = sm_io_read(so->fp, SM_TIME_DEFAULT, buf, size);
221 if (len <= 0)
222 return len;
223 result = sasl_decode(so->conn, buf,
224 (unsigned int) len, &outbuf, &outlen);
225 if (result != SASL_OK)
226 {
227 if (LogLevel > 7)
228 sm_syslog(LOG_WARNING, NOQID,
229 "AUTH: sasl_decode error=%d", result);
230 outbuf = NULL;
231 offset = 0;
232 outlen = 0;
233 return -1;
234 }
235 }
236
237 if (outbuf == NULL)
238 {
239 /* be paranoid: outbuf == NULL but outlen != 0 */
240 syserr("@sasl_read failure: outbuf == NULL but outlen != 0");
241 /* NOTREACHED */
242 }
243 if (outlen - offset > size)
244 {
245 /* return another part of the buffer */
246 (void) memcpy(buf, outbuf + offset, size);
247 offset += size;
248 len = size;
249 }
250 else
251 {
252 /* return the rest of the buffer */
253 len = outlen - offset;
254 (void) memcpy(buf, outbuf + offset, (size_t) len);
255 # if SASL < 20000
256 SASL_DEALLOC(outbuf);
257 # endif /* SASL < 20000 */
258 outbuf = NULL;
259 offset = 0;
260 outlen = 0;
261 }
262 return len;
263 }
264
265 /*
266 ** SASL_WRITE -- write information out after encrypting it
267 **
268 ** Parameters:
269 ** fp -- the file pointer
270 ** buf -- holds the data to be encrypted and written
271 ** size -- the number of bytes to have encrypted and written
272 **
273 ** Returns:
274 ** -1 on error
275 ** otherwise number of bytes written
276 */
277
278 static ssize_t sasl_write __P((SM_FILE_T *, const char *, size_t));
279
280 static ssize_t
281 sasl_write(fp, buf, size)
282 SM_FILE_T *fp;
283 const char *buf;
284 size_t size;
285 {
286 int result;
287 # if SASL >= 20000
288 const char *outbuf;
289 # else /* SASL >= 20000 */
290 char *outbuf;
291 # endif /* SASL >= 20000 */
292 unsigned int outlen, *maxencode;
293 size_t ret = 0, total = 0;
294 struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
295
296 /*
297 ** Fetch the maximum input buffer size for sasl_encode().
298 ** This can be less than the size set in attemptauth()
299 ** due to a negotation with the other side, e.g.,
300 ** Cyrus IMAP lmtp program sets maxbuf=4096,
301 ** digestmd5 substracts 25 and hence we'll get 4071
302 ** instead of 8192 (MAXOUTLEN).
303 ** Hack (for now): simply reduce the size, callers are (must be)
304 ** able to deal with that and invoke sasl_write() again with
305 ** the rest of the data.
306 ** Note: it would be better to store this value in the context
307 ** after the negotiation.
308 */
309
310 result = sasl_getprop(so->conn, SASL_MAXOUTBUF,
311 (const void **) &maxencode);
312 if (result == SASL_OK && size > *maxencode && *maxencode > 0)
313 size = *maxencode;
314
315 result = sasl_encode(so->conn, buf,
316 (unsigned int) size, &outbuf, &outlen);
317
318 if (result != SASL_OK)
319 {
320 if (LogLevel > 7)
321 sm_syslog(LOG_WARNING, NOQID,
322 "AUTH: sasl_encode error=%d", result);
323 return -1;
324 }
325
326 if (outbuf != NULL)
327 {
328 while (outlen > 0)
329 {
330 errno = 0;
331 /* XXX result == 0? */
332 ret = sm_io_write(so->fp, SM_TIME_DEFAULT,
333 &outbuf[total], outlen);
334 if (ret <= 0)
335 return ret;
336 outlen -= ret;
337 total += ret;
338 }
339 # if SASL < 20000
340 SASL_DEALLOC(outbuf);
341 # endif /* SASL < 20000 */
342 }
343 return size;
344 }
345
346 /*
347 ** SFDCSASL -- create sasl file type and open in and out file pointers
348 ** for sendmail to read from and write to.
349 **
350 ** Parameters:
351 ** fin -- the sm_io file encrypted data to be read from
352 ** fout -- the sm_io file encrypted data to be written to
353 ** conn -- the sasl connection pointer
354 ** tmo -- timeout
355 **
356 ** Returns:
357 ** -1 on error
358 ** 0 on success
359 **
360 ** Side effects:
361 ** The arguments "fin" and "fout" are replaced with the new
362 ** SM_FILE_T pointers.
363 */
364
365 int
366 sfdcsasl(fin, fout, conn, tmo)
367 SM_FILE_T **fin;
368 SM_FILE_T **fout;
369 sasl_conn_t *conn;
370 int tmo;
371 {
372 SM_FILE_T *newin, *newout;
373 SM_FILE_T SM_IO_SET_TYPE(sasl_vector, "sasl", sasl_open, sasl_close,
374 sasl_read, sasl_write, NULL, sasl_getinfo, NULL,
375 SM_TIME_DEFAULT);
376 struct sasl_info info;
377
378 if (conn == NULL)
379 {
380 /* no need to do anything */
381 return 0;
382 }
383
384 SM_IO_INIT_TYPE(sasl_vector, "sasl", sasl_open, sasl_close,
385 sasl_read, sasl_write, NULL, sasl_getinfo, NULL,
386 SM_TIME_DEFAULT);
387 info.fp = *fin;
388 info.conn = conn;
389 newin = sm_io_open(&sasl_vector, SM_TIME_DEFAULT, &info,
390 SM_IO_RDONLY_B, NULL);
391
392 if (newin == NULL)
393 return -1;
394
395 info.fp = *fout;
396 info.conn = conn;
397 newout = sm_io_open(&sasl_vector, SM_TIME_DEFAULT, &info,
398 SM_IO_WRONLY_B, NULL);
399
400 if (newout == NULL)
401 {
402 (void) sm_io_close(newin, SM_TIME_DEFAULT);
403 return -1;
404 }
405 sm_io_automode(newin, newout);
406
407 sm_io_setinfo(*fin, SM_IO_WHAT_TIMEOUT, &tmo);
408 sm_io_setinfo(*fout, SM_IO_WHAT_TIMEOUT, &tmo);
409
410 *fin = newin;
411 *fout = newout;
412 return 0;
413 }
414 #endif /* SASL */
415
416 #if STARTTLS
417 # include "sfsasl.h"
418 # include <openssl/err.h>
419
420 /* Structure used by the "tls" file type */
421 struct tls_obj
422 {
423 SM_FILE_T *fp;
424 SSL *con;
425 };
426
427 struct tls_info
428 {
429 SM_FILE_T *fp;
430 SSL *con;
431 };
432
433 /*
434 ** TLS_GETINFO - returns requested information about a "tls" file
435 ** descriptor.
436 **
437 ** Parameters:
438 ** fp -- the file descriptor
439 ** what -- the type of information requested
440 ** valp -- the thang to return the information in (unused)
441 **
442 ** Returns:
443 ** -1 for unknown requests
444 ** >=0 on success with valp filled in (if possible).
445 */
446
447 static int tls_getinfo __P((SM_FILE_T *, int, void *));
448
449 /* ARGSUSED2 */
450 static int
451 tls_getinfo(fp, what, valp)
452 SM_FILE_T *fp;
453 int what;
454 void *valp;
455 {
456 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
457
458 switch (what)
459 {
460 case SM_IO_WHAT_FD:
461 if (so->fp == NULL)
462 return -1;
463 return so->fp->f_file; /* for stdio fileno() compatability */
464
465 case SM_IO_IS_READABLE:
466 return SSL_pending(so->con) > 0;
467
468 default:
469 return -1;
470 }
471 }
472
473 /*
474 ** TLS_OPEN -- creates the tls specific information for opening a
475 ** file of the tls type.
476 **
477 ** Parameters:
478 ** fp -- the file pointer associated with the new open
479 ** info -- the sm_io file pointer holding the open and the
480 ** TLS encryption connection to be read from or written to
481 ** flags -- ignored
482 ** rpool -- ignored
483 **
484 ** Returns:
485 ** 0 on success
486 */
487
488 static int tls_open __P((SM_FILE_T *, const void *, int, const void *));
489
490 /* ARGSUSED2 */
491 static int
492 tls_open(fp, info, flags, rpool)
493 SM_FILE_T *fp;
494 const void *info;
495 int flags;
496 const void *rpool;
497 {
498 struct tls_obj *so;
499 struct tls_info *ti = (struct tls_info *) info;
500
501 so = (struct tls_obj *) sm_malloc(sizeof(struct tls_obj));
502 if (so == NULL)
503 {
504 errno = ENOMEM;
505 return -1;
506 }
507 so->fp = ti->fp;
508 so->con = ti->con;
509
510 /*
511 ** We try to get the "raw" file descriptor that TLS uses to
512 ** do the actual read/write with. This is to allow us control
513 ** over the file descriptor being a blocking or non-blocking type.
514 ** Under the covers TLS handles the change and this allows us
515 ** to do timeouts with sm_io.
516 */
517
518 fp->f_file = sm_io_getinfo(so->fp, SM_IO_WHAT_FD, NULL);
519 (void) sm_io_setvbuf(so->fp, SM_TIME_DEFAULT, NULL, SM_IO_NOW, 0);
520 fp->f_cookie = so;
521 return 0;
522 }
523
524 /*
525 ** TLS_CLOSE -- close the tls specific parts of the tls file pointer
526 **
527 ** Parameters:
528 ** fp -- the file pointer to close
529 **
530 ** Returns:
531 ** 0 on success
532 */
533
534 static int tls_close __P((SM_FILE_T *));
535
536 static int
537 tls_close(fp)
538 SM_FILE_T *fp;
539 {
540 struct tls_obj *so;
541
542 so = (struct tls_obj *) fp->f_cookie;
543 if (so == NULL)
544 return 0;
545 if (so->fp != NULL)
546 {
547 sm_io_close(so->fp, SM_TIME_DEFAULT);
548 so->fp = NULL;
549 }
550 sm_free(so);
551 so = NULL;
552 return 0;
553 }
554
555 /* maximum number of retries for TLS related I/O due to handshakes */
556 # define MAX_TLS_IOS 4
557
558 /*
559 ** TLS_RETRY -- check whether a failed SSL operation can be retried
560 **
561 ** Parameters:
562 ** ssl -- TLS structure
563 ** rfd -- read fd
564 ** wfd -- write fd
565 ** tlsstart -- start time of TLS operation
566 ** timeout -- timeout for TLS operation
567 ** err -- SSL error
568 ** where -- description of operation
569 **
570 ** Results:
571 ** >0 on success
572 ** 0 on timeout
573 ** <0 on error
574 */
575
576 int
577 tls_retry(ssl, rfd, wfd, tlsstart, timeout, err, where)
578 SSL *ssl;
579 int rfd;
580 int wfd;
581 time_t tlsstart;
582 int timeout;
583 int err;
584 const char *where;
585 {
586 int ret;
587 time_t left;
588 time_t now = curtime();
589 struct timeval tv;
590
591 ret = -1;
592
593 /*
594 ** For SSL_ERROR_WANT_{READ,WRITE}:
595 ** There is not a complete SSL record available yet
596 ** or there is only a partial SSL record removed from
597 ** the network (socket) buffer into the SSL buffer.
598 ** The SSL_connect will only succeed when a full
599 ** SSL record is available (assuming a "real" error
600 ** doesn't happen). To handle when a "real" error
601 ** does happen the select is set for exceptions too.
602 ** The connection may be re-negotiated during this time
603 ** so both read and write "want errors" need to be handled.
604 ** A select() exception loops back so that a proper SSL
605 ** error message can be gotten.
606 */
607
608 left = timeout - (now - tlsstart);
609 if (left <= 0)
610 return 0; /* timeout */
611 tv.tv_sec = left;
612 tv.tv_usec = 0;
613
614 if (LogLevel > 14)
615 {
616 sm_syslog(LOG_INFO, NOQID,
617 "STARTTLS=%s, info: fds=%d/%d, err=%d",
618 where, rfd, wfd, err);
619 }
620
621 if (FD_SETSIZE > 0 &&
622 ((err == SSL_ERROR_WANT_READ && rfd >= FD_SETSIZE) ||
623 (err == SSL_ERROR_WANT_WRITE && wfd >= FD_SETSIZE)))
624 {
625 if (LogLevel > 5)
626 {
627 sm_syslog(LOG_ERR, NOQID,
628 "STARTTLS=%s, error: fd %d/%d too large",
629 where, rfd, wfd);
630 if (LogLevel > 8)
631 tlslogerr(where);
632 }
633 errno = EINVAL;
634 }
635 else if (err == SSL_ERROR_WANT_READ)
636 {
637 fd_set ssl_maskr, ssl_maskx;
638
639 FD_ZERO(&ssl_maskr);
640 FD_SET(rfd, &ssl_maskr);
641 FD_ZERO(&ssl_maskx);
642 FD_SET(rfd, &ssl_maskx);
643 do
644 {
645 ret = select(rfd + 1, &ssl_maskr, NULL, &ssl_maskx,
646 &tv);
647 } while (ret < 0 && errno == EINTR);
648 if (ret < 0 && errno > 0)
649 ret = -errno;
650 }
651 else if (err == SSL_ERROR_WANT_WRITE)
652 {
653 fd_set ssl_maskw, ssl_maskx;
654
655 FD_ZERO(&ssl_maskw);
656 FD_SET(wfd, &ssl_maskw);
657 FD_ZERO(&ssl_maskx);
658 FD_SET(rfd, &ssl_maskx);
659 do
660 {
661 ret = select(wfd + 1, NULL, &ssl_maskw, &ssl_maskx,
662 &tv);
663 } while (ret < 0 && errno == EINTR);
664 if (ret < 0 && errno > 0)
665 ret = -errno;
666 }
667 return ret;
668 }
669
670 /* errno to force refill() etc to stop (see IS_IO_ERROR()) */
671 #ifdef ETIMEDOUT
672 # define SM_ERR_TIMEOUT ETIMEDOUT
673 #else /* ETIMEDOUT */
674 # define SM_ERR_TIMEOUT EIO
675 #endif /* ETIMEDOUT */
676
677 /*
678 ** TLS_READ -- read secured information for the caller
679 **
680 ** Parameters:
681 ** fp -- the file pointer
682 ** buf -- the location to place the data
683 ** size -- the number of bytes to read from connection
684 **
685 ** Results:
686 ** -1 on error
687 ** otherwise the number of bytes read
688 */
689
690 static ssize_t tls_read __P((SM_FILE_T *, char *, size_t));
691
692 static ssize_t
693 tls_read(fp, buf, size)
694 SM_FILE_T *fp;
695 char *buf;
696 size_t size;
697 {
698 int r, rfd, wfd, try, ssl_err;
699 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
700 time_t tlsstart;
701 char *err;
702
703 try = 99;
704 err = NULL;
705 tlsstart = curtime();
706
707 retry:
708 r = SSL_read(so->con, (char *) buf, size);
709
710 if (r > 0)
711 return r;
712
713 err = NULL;
714 switch (ssl_err = SSL_get_error(so->con, r))
715 {
716 case SSL_ERROR_NONE:
717 case SSL_ERROR_ZERO_RETURN:
718 break;
719 case SSL_ERROR_WANT_WRITE:
720 err = "read W BLOCK";
721 /* FALLTHROUGH */
722 case SSL_ERROR_WANT_READ:
723 if (err == NULL)
724 err = "read R BLOCK";
725 rfd = SSL_get_rfd(so->con);
726 wfd = SSL_get_wfd(so->con);
727 try = tls_retry(so->con, rfd, wfd, tlsstart,
728 TimeOuts.to_datablock, ssl_err, "read");
729 if (try > 0)
730 goto retry;
731 errno = SM_ERR_TIMEOUT;
732 break;
733
734 case SSL_ERROR_WANT_X509_LOOKUP:
735 err = "write X BLOCK";
736 break;
737 case SSL_ERROR_SYSCALL:
738 if (r == 0 && errno == 0) /* out of protocol EOF found */
739 break;
740 err = "syscall error";
741 /*
742 get_last_socket_error());
743 */
744 break;
745 case SSL_ERROR_SSL:
746 #if DEAL_WITH_ERROR_SSL
747 if (r == 0 && errno == 0) /* out of protocol EOF found */
748 break;
749 #endif /* DEAL_WITH_ERROR_SSL */
750 err = "generic SSL error";
751 if (LogLevel > 9)
752 tlslogerr("read");
753
754 #if DEAL_WITH_ERROR_SSL
755 /* avoid repeated calls? */
756 if (r == 0)
757 r = -1;
758 #endif /* DEAL_WITH_ERROR_SSL */
759 break;
760 }
761 if (err != NULL)
762 {
763 int save_errno;
764
765 save_errno = (errno == 0) ? EIO : errno;
766 if (try == 0 && save_errno == SM_ERR_TIMEOUT)
767 {
768 if (LogLevel > 7)
769 sm_syslog(LOG_WARNING, NOQID,
770 "STARTTLS: read error=timeout");
771 }
772 else if (LogLevel > 8)
773 sm_syslog(LOG_WARNING, NOQID,
774 "STARTTLS: read error=%s (%d), errno=%d, get_error=%s, retry=%d, ssl_err=%d",
775 err, r, errno,
776 ERR_error_string(ERR_get_error(), NULL), try,
777 ssl_err);
778 else if (LogLevel > 7)
779 sm_syslog(LOG_WARNING, NOQID,
780 "STARTTLS: read error=%s (%d), retry=%d, ssl_err=%d",
781 err, r, errno, try, ssl_err);
782 errno = save_errno;
783 }
784 return r;
785 }
786
787 /*
788 ** TLS_WRITE -- write information out through secure connection
789 **
790 ** Parameters:
791 ** fp -- the file pointer
792 ** buf -- holds the data to be securely written
793 ** size -- the number of bytes to write
794 **
795 ** Returns:
796 ** -1 on error
797 ** otherwise number of bytes written
798 */
799
800 static ssize_t tls_write __P((SM_FILE_T *, const char *, size_t));
801
802 static ssize_t
803 tls_write(fp, buf, size)
804 SM_FILE_T *fp;
805 const char *buf;
806 size_t size;
807 {
808 int r, rfd, wfd, try, ssl_err;
809 struct tls_obj *so = (struct tls_obj *) fp->f_cookie;
810 time_t tlsstart;
811 char *err;
812
813 try = 99;
814 err = NULL;
815 tlsstart = curtime();
816
817 retry:
818 r = SSL_write(so->con, (char *) buf, size);
819
820 if (r > 0)
821 return r;
822 err = NULL;
823 switch (ssl_err = SSL_get_error(so->con, r))
824 {
825 case SSL_ERROR_NONE:
826 case SSL_ERROR_ZERO_RETURN:
827 break;
828 case SSL_ERROR_WANT_WRITE:
829 err = "read W BLOCK";
830 /* FALLTHROUGH */
831 case SSL_ERROR_WANT_READ:
832 if (err == NULL)
833 err = "read R BLOCK";
834 rfd = SSL_get_rfd(so->con);
835 wfd = SSL_get_wfd(so->con);
836 try = tls_retry(so->con, rfd, wfd, tlsstart,
837 DATA_PROGRESS_TIMEOUT, ssl_err, "write");
838 if (try > 0)
839 goto retry;
840 errno = SM_ERR_TIMEOUT;
841 break;
842 case SSL_ERROR_WANT_X509_LOOKUP:
843 err = "write X BLOCK";
844 break;
845 case SSL_ERROR_SYSCALL:
846 if (r == 0 && errno == 0) /* out of protocol EOF found */
847 break;
848 err = "syscall error";
849 /*
850 get_last_socket_error());
851 */
852 break;
853 case SSL_ERROR_SSL:
854 err = "generic SSL error";
855 /*
856 ERR_GET_REASON(ERR_peek_error()));
857 */
858 if (LogLevel > 9)
859 tlslogerr("write");
860
861 #if DEAL_WITH_ERROR_SSL
862 /* avoid repeated calls? */
863 if (r == 0)
864 r = -1;
865 #endif /* DEAL_WITH_ERROR_SSL */
866 break;
867 }
868 if (err != NULL)
869 {
870 int save_errno;
871
872 save_errno = (errno == 0) ? EIO : errno;
873 if (try == 0 && save_errno == SM_ERR_TIMEOUT)
874 {
875 if (LogLevel > 7)
876 sm_syslog(LOG_WARNING, NOQID,
877 "STARTTLS: write error=timeout");
878 }
879 else if (LogLevel > 8)
880 sm_syslog(LOG_WARNING, NOQID,
881 "STARTTLS: write error=%s (%d), errno=%d, get_error=%s, retry=%d, ssl_err=%d",
882 err, r, errno,
883 ERR_error_string(ERR_get_error(), NULL), try,
884 ssl_err);
885 else if (LogLevel > 7)
886 sm_syslog(LOG_WARNING, NOQID,
887 "STARTTLS: write error=%s (%d), errno=%d, retry=%d, ssl_err=%d",
888 err, r, errno, try, ssl_err);
889 errno = save_errno;
890 }
891 return r;
892 }
893
894 /*
895 ** SFDCTLS -- create tls file type and open in and out file pointers
896 ** for sendmail to read from and write to.
897 **
898 ** Parameters:
899 ** fin -- data input source being replaced
900 ** fout -- data output source being replaced
901 ** con -- the tls connection pointer
902 **
903 ** Returns:
904 ** -1 on error
905 ** 0 on success
906 **
907 ** Side effects:
908 ** The arguments "fin" and "fout" are replaced with the new
909 ** SM_FILE_T pointers.
910 ** The original "fin" and "fout" are preserved in the tls file
911 ** type but are not actually used because of the design of TLS.
912 */
913
914 int
915 sfdctls(fin, fout, con)
916 SM_FILE_T **fin;
917 SM_FILE_T **fout;
918 SSL *con;
919 {
920 SM_FILE_T *tlsin, *tlsout;
921 SM_FILE_T SM_IO_SET_TYPE(tls_vector, "tls", tls_open, tls_close,
922 tls_read, tls_write, NULL, tls_getinfo, NULL,
923 SM_TIME_FOREVER);
924 struct tls_info info;
925
926 SM_ASSERT(con != NULL);
927
928 SM_IO_INIT_TYPE(tls_vector, "tls", tls_open, tls_close,
929 tls_read, tls_write, NULL, tls_getinfo, NULL,
930 SM_TIME_FOREVER);
931 info.fp = *fin;
932 info.con = con;
933 tlsin = sm_io_open(&tls_vector, SM_TIME_DEFAULT, &info, SM_IO_RDONLY_B,
934 NULL);
935 if (tlsin == NULL)
936 return -1;
937
938 info.fp = *fout;
939 tlsout = sm_io_open(&tls_vector, SM_TIME_DEFAULT, &info, SM_IO_WRONLY_B,
940 NULL);
941 if (tlsout == NULL)
942 {
943 (void) sm_io_close(tlsin, SM_TIME_DEFAULT);
944 return -1;
945 }
946 sm_io_automode(tlsin, tlsout);
947
948 *fin = tlsin;
949 *fout = tlsout;
950 return 0;
951 }
952 #endif /* STARTTLS */
DragonFly BSD