int mailstream_close(mailstream * s) { if (s->idle != NULL) { mailstream_cancel_free(s->idle); } mailstream_low_close(s->low); mailstream_low_free(s->low); free(s->read_buffer); free(s->write_buffer); free(s); return 0; }
void mailstream_unsetup_idle(mailstream * s) { if (!s->idling) { return; } if (s->low->driver == mailstream_cfstream_driver) { mailstream_cfstream_unsetup_idle(s); } else { mailstream_cancel_free(s->idle); s->idle = NULL; } s->idling = 0; }
void mailstream_unsetup_idle(mailstream * s) { int r; if (!s->idling) { return; } r = mailstream_low_unsetup_idle(s->low); if (r < 0) { mailstream_cancel_free(s->idle); s->idle = NULL; } s->idling = 0; }
static void ssl_data_free(struct mailstream_ssl_data * ssl_data) { mailstream_cancel_free(ssl_data->cancel); free(ssl_data); }
static struct mailstream_ssl_data * ssl_data_new(int fd, time_t timeout, void (* callback)(struct mailstream_ssl_context * ssl_context, void * cb_data), void * cb_data) { struct mailstream_ssl_data * ssl_data; gnutls_session session; struct mailstream_cancel * cancel; gnutls_certificate_credentials_t xcred; int r; struct mailstream_ssl_context * ssl_context = NULL; mailstream_ssl_init(); if (gnutls_certificate_allocate_credentials (&xcred) != 0) return NULL; r = gnutls_init(&session, GNUTLS_CLIENT); if (session == NULL || r != 0) return NULL; if (callback != NULL) { ssl_context = mailstream_ssl_context_new(session, fd); callback(ssl_context, cb_data); } gnutls_session_set_ptr(session, ssl_context); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred); gnutls_certificate_client_set_retrieve_function(xcred, mailstream_gnutls_client_cert_cb); gnutls_set_default_priority(session); gnutls_priority_set_direct(session, "NORMAL", NULL); gnutls_record_disable_padding(session); gnutls_dh_set_prime_bits(session, 512); gnutls_transport_set_ptr(session, (gnutls_transport_ptr) fd); /* lower limits on server key length restriction */ gnutls_dh_set_prime_bits(session, 512); if (timeout == 0) { timeout_value = mailstream_network_delay.tv_sec * 1000 + timeout.tv_usec / 1000; } else { timeout_value = timeout; } gnutls_handshake_set_timeout(session, timeout_value); do { r = gnutls_handshake(session); } while (r == GNUTLS_E_AGAIN || r == GNUTLS_E_INTERRUPTED); if (r < 0) { gnutls_perror(r); goto free_ssl_conn; } cancel = mailstream_cancel_new(); if (cancel == NULL) goto free_ssl_conn; r = mailstream_prepare_fd(fd); if (r < 0) goto free_cancel; ssl_data = malloc(sizeof(* ssl_data)); if (ssl_data == NULL) goto err; ssl_data->fd = fd; ssl_data->session = session; ssl_data->xcred = xcred; ssl_data->cancel = cancel; mailstream_ssl_context_free(ssl_context); return ssl_data; free_cancel: mailstream_cancel_free(cancel); free_ssl_conn: gnutls_certificate_free_credentials(xcred); mailstream_ssl_context_free(ssl_context); gnutls_deinit(session); err: return NULL; }
static struct mailstream_ssl_data * ssl_data_new_full(int fd, time_t timeout, SSL_METHOD * method, void (* callback)(struct mailstream_ssl_context * ssl_context, void * cb_data), void * cb_data) { struct mailstream_ssl_data * ssl_data; SSL * ssl_conn; int r; SSL_CTX * tmp_ctx; struct mailstream_cancel * cancel; struct mailstream_ssl_context * ssl_context = NULL; mailstream_ssl_init(); tmp_ctx = SSL_CTX_new(method); if (tmp_ctx == NULL) goto err; if (callback != NULL) { ssl_context = mailstream_ssl_context_new(tmp_ctx, fd); callback(ssl_context, cb_data); } SSL_CTX_set_app_data(tmp_ctx, ssl_context); SSL_CTX_set_client_cert_cb(tmp_ctx, mailstream_openssl_client_cert_cb); ssl_conn = (SSL *) SSL_new(tmp_ctx); if (ssl_conn == NULL) goto free_ctx; if (SSL_set_fd(ssl_conn, fd) == 0) goto free_ssl_conn; again: r = SSL_connect(ssl_conn); switch(SSL_get_error(ssl_conn, r)) { case SSL_ERROR_WANT_READ: r = wait_SSL_connect(fd, 1, timeout); if (r < 0) goto free_ssl_conn; else goto again; break; case SSL_ERROR_WANT_WRITE: r = wait_SSL_connect(fd, 0, timeout); if (r < 0) goto free_ssl_conn; else goto again; break; } if (r <= 0) goto free_ssl_conn; cancel = mailstream_cancel_new(); if (cancel == NULL) goto free_ssl_conn; r = mailstream_prepare_fd(fd); if (r < 0) goto free_cancel; ssl_data = malloc(sizeof(* ssl_data)); if (ssl_data == NULL) goto free_cancel; ssl_data->fd = fd; ssl_data->ssl_conn = ssl_conn; ssl_data->ssl_ctx = tmp_ctx; ssl_data->cancel = cancel; mailstream_ssl_context_free(ssl_context); return ssl_data; free_cancel: mailstream_cancel_free(cancel); free_ssl_conn: SSL_free(ssl_conn); free_ctx: SSL_CTX_free(tmp_ctx); mailstream_ssl_context_free(ssl_context); err: return NULL; }
static struct mailstream_ssl_data * ssl_data_new_full(int fd, time_t timeout, const SSL_METHOD * method, void (* callback)(struct mailstream_ssl_context * ssl_context, void * cb_data), void * cb_data) { struct mailstream_ssl_data * ssl_data; SSL * ssl_conn; int r; SSL_CTX * tmp_ctx; struct mailstream_cancel * cancel; struct mailstream_ssl_context * ssl_context = NULL; #if SSL_MODE_RELEASE_BUFFERS long mode = 0; #endif mailstream_ssl_init(); tmp_ctx = SSL_CTX_new(method); if (tmp_ctx == NULL) goto err; if (callback != NULL) { ssl_context = mailstream_ssl_context_new(tmp_ctx, fd); callback(ssl_context, cb_data); } SSL_CTX_set_app_data(tmp_ctx, ssl_context); SSL_CTX_set_client_cert_cb(tmp_ctx, mailstream_openssl_client_cert_cb); ssl_conn = (SSL *) SSL_new(tmp_ctx); #if SSL_MODE_RELEASE_BUFFERS mode = SSL_get_mode(ssl_conn); SSL_set_mode(ssl_conn, mode | SSL_MODE_RELEASE_BUFFERS); #endif if (ssl_conn == NULL) goto free_ctx; #if (OPENSSL_VERSION_NUMBER >= 0x10000000L) if (ssl_context != NULL && ssl_context->server_name != NULL) { SSL_set_tlsext_host_name(ssl_conn, ssl_context->server_name); free(ssl_context->server_name); ssl_context->server_name = NULL; } #endif /* (OPENSSL_VERSION_NUMBER >= 0x10000000L) */ if (SSL_set_fd(ssl_conn, fd) == 0) goto free_ssl_conn; again: r = SSL_connect(ssl_conn); switch(SSL_get_error(ssl_conn, r)) { case SSL_ERROR_WANT_READ: r = wait_SSL_connect(fd, 1, timeout); if (r < 0) goto free_ssl_conn; else goto again; break; case SSL_ERROR_WANT_WRITE: r = wait_SSL_connect(fd, 0, timeout); if (r < 0) goto free_ssl_conn; else goto again; break; } if (r <= 0) goto free_ssl_conn; cancel = mailstream_cancel_new(); if (cancel == NULL) goto free_ssl_conn; r = mailstream_prepare_fd(fd); if (r < 0) goto free_cancel; ssl_data = malloc(sizeof(* ssl_data)); if (ssl_data == NULL) goto free_cancel; ssl_data->fd = fd; ssl_data->ssl_conn = ssl_conn; ssl_data->ssl_ctx = tmp_ctx; ssl_data->cancel = cancel; mailstream_ssl_context_free(ssl_context); return ssl_data; free_cancel: mailstream_cancel_free(cancel); free_ssl_conn: SSL_free(ssl_conn); free_ctx: SSL_CTX_free(tmp_ctx); mailstream_ssl_context_free(ssl_context); err: return NULL; }
static struct mailstream_ssl_data * ssl_data_new(int fd, void (* callback)(struct mailstream_ssl_context * ssl_context, void * cb_data), void * cb_data) { struct mailstream_ssl_data * ssl_data; gnutls_session session; struct mailstream_cancel * cancel; const int cipher_prio[] = { GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_ARCFOUR_128, 0 }; const int kx_prio[] = { GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, 0 }; const int mac_prio[] = { GNUTLS_MAC_SHA1, GNUTLS_MAC_MD5, 0 }; const int proto_prio[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; gnutls_certificate_credentials_t xcred; int r; struct mailstream_ssl_context * ssl_context = NULL; mailstream_ssl_init(); if (gnutls_certificate_allocate_credentials (&xcred) != 0) return NULL; r = gnutls_init(&session, GNUTLS_CLIENT); if (session == NULL || r != 0) return NULL; if (callback != NULL) { ssl_context = mailstream_ssl_context_new(session, fd); callback(ssl_context, cb_data); } gnutls_session_set_ptr(session, ssl_context); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred); gnutls_certificate_client_set_retrieve_function(xcred, mailstream_gnutls_client_cert_cb); gnutls_set_default_priority(session); gnutls_protocol_set_priority (session, proto_prio); gnutls_cipher_set_priority (session, cipher_prio); gnutls_kx_set_priority (session, kx_prio); gnutls_mac_set_priority (session, mac_prio); gnutls_record_disable_padding(session); gnutls_dh_set_prime_bits(session, 512); gnutls_transport_set_ptr(session, (gnutls_transport_ptr) fd); /* lower limits on server key length restriction */ gnutls_dh_set_prime_bits(session, 512); do { r = gnutls_handshake(session); } while (r == GNUTLS_E_AGAIN || r == GNUTLS_E_INTERRUPTED); if (r < 0) { gnutls_perror(r); goto free_ssl_conn; } cancel = mailstream_cancel_new(); if (cancel == NULL) goto free_ssl_conn; r = mailstream_prepare_fd(fd); if (r < 0) goto free_cancel; ssl_data = malloc(sizeof(* ssl_data)); if (ssl_data == NULL) goto err; ssl_data->fd = fd; ssl_data->session = session; ssl_data->xcred = xcred; ssl_data->cancel = cancel; mailstream_ssl_context_free(ssl_context); return ssl_data; free_cancel: mailstream_cancel_free(cancel); free_ssl_conn: gnutls_certificate_free_credentials(xcred); mailstream_ssl_context_free(ssl_context); gnutls_deinit(session); err: return NULL; }
static void socket_data_free(struct mailstream_socket_data * socket_data) { mailstream_cancel_free(socket_data->cancel); free(socket_data); }