void client_cmd_starttls(struct client *client) { if (client->tls) { client->v.notify_starttls(client, FALSE, "TLS is already active."); return; } if (!client_is_tls_enabled(client)) { client->v.notify_starttls(client, FALSE, "TLS support isn't enabled."); return; } /* remove input handler, SSL proxy gives us a new fd. we also have to remove it in case we have to wait for buffer to be flushed */ if (client->io != NULL) io_remove(&client->io); client->v.notify_starttls(client, TRUE, "Begin TLS negotiation now."); /* uncork the old fd */ o_stream_uncork(client->output); if (o_stream_flush(client->output) <= 0) { /* the buffer has to be flushed */ o_stream_set_flush_pending(client->output, TRUE); o_stream_set_flush_callback(client->output, client_output_starttls, client); } else { client_start_tls(client); } }
static const char *get_capability(struct client *client) { struct imap_client *imap_client = (struct imap_client *)client; string_t *cap_str = t_str_new(256); bool explicit_capability = FALSE; if (*imap_client->set->imap_capability == '\0') str_append(cap_str, CAPABILITY_BANNER_STRING); else if (*imap_client->set->imap_capability != '+') { explicit_capability = TRUE; str_append(cap_str, imap_client->set->imap_capability); } else { str_append(cap_str, CAPABILITY_BANNER_STRING); str_append_c(cap_str, ' '); str_append(cap_str, imap_client->set->imap_capability + 1); } if (!explicit_capability) { if (imap_client->set->imap_literal_minus) str_append(cap_str, " LITERAL-"); else str_append(cap_str, " LITERAL+"); } if (client_is_tls_enabled(client) && !client->tls) str_append(cap_str, " STARTTLS"); if (is_login_cmd_disabled(client)) str_append(cap_str, " LOGINDISABLED"); client_authenticate_get_capabilities(client, cap_str); return str_c(cap_str); }