int tls_mgr_delete(const char *cache_type, const char *cache_id)
{
int status;
/*
* Create the tlsmgr client handle.
*/
if (tls_mgr == 0)
tls_mgr_open();
/*
* Send the request and receive the reply.
*/
if (attr_clnt_request(tls_mgr,
ATTR_FLAG_NONE, /* Request */
ATTR_TYPE_STR, TLS_MGR_ATTR_REQ, TLS_MGR_REQ_DELETE,
ATTR_TYPE_STR, TLS_MGR_ATTR_CACHE_TYPE, cache_type,
ATTR_TYPE_STR, TLS_MGR_ATTR_CACHE_ID, cache_id,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply */
ATTR_TYPE_INT, TLS_MGR_ATTR_STATUS, &status,
ATTR_TYPE_END) != 1)
status = TLS_MGR_STAT_FAIL;
return (status);
}
int tls_mgr_policy(const char *cache_type, int *cachable, int *timeout)
{
int status;
/*
* Create the tlsmgr client handle.
*/
if (tls_mgr == 0)
tls_mgr_open();
/*
* Request policy.
*/
if (attr_clnt_request(tls_mgr,
ATTR_FLAG_NONE, /* Request attributes */
ATTR_TYPE_STR, TLS_MGR_ATTR_REQ, TLS_MGR_REQ_POLICY,
ATTR_TYPE_STR, TLS_MGR_ATTR_CACHE_TYPE, cache_type,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes */
ATTR_TYPE_INT, TLS_MGR_ATTR_STATUS, &status,
ATTR_TYPE_INT, TLS_MGR_ATTR_CACHABLE, cachable,
ATTR_TYPE_INT, TLS_MGR_ATTR_SESSTOUT, timeout,
ATTR_TYPE_END) != 3)
status = TLS_MGR_STAT_FAIL;
return (status);
}
int tls_mgr_lookup(const char *cache_type, const char *cache_id,
VSTRING *buf)
{
int status;
/*
* Create the tlsmgr client handle.
*/
if (tls_mgr == 0)
tls_mgr_open();
/*
* Send the request and receive the reply.
*/
if (attr_clnt_request(tls_mgr,
ATTR_FLAG_NONE, /* Request */
ATTR_TYPE_STR, TLS_MGR_ATTR_REQ, TLS_MGR_REQ_LOOKUP,
ATTR_TYPE_STR, TLS_MGR_ATTR_CACHE_TYPE, cache_type,
ATTR_TYPE_STR, TLS_MGR_ATTR_CACHE_ID, cache_id,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply */
ATTR_TYPE_INT, TLS_MGR_ATTR_STATUS, &status,
ATTR_TYPE_DATA, TLS_MGR_ATTR_SESSION, buf,
ATTR_TYPE_END) != 2)
status = TLS_MGR_STAT_FAIL;
return (status);
}
int anvil_clnt_lookup(ANVIL_CLNT *anvil_clnt, const char *service,
const char *addr, int *count, int *rate,
int *msgs, int *rcpts, int *newtls, int *auths)
{
char *ident = ANVIL_IDENT(service, addr);
int status;
if (attr_clnt_request((ATTR_CLNT *) anvil_clnt,
ATTR_FLAG_NONE, /* Query attributes. */
SEND_ATTR_STR(ANVIL_ATTR_REQ, ANVIL_REQ_LOOKUP),
SEND_ATTR_STR(ANVIL_ATTR_IDENT, ident),
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes. */
RECV_ATTR_INT(ANVIL_ATTR_STATUS, &status),
RECV_ATTR_INT(ANVIL_ATTR_COUNT, count),
RECV_ATTR_INT(ANVIL_ATTR_RATE, rate),
RECV_ATTR_INT(ANVIL_ATTR_MAIL, msgs),
RECV_ATTR_INT(ANVIL_ATTR_RCPT, rcpts),
RECV_ATTR_INT(ANVIL_ATTR_NTLS, newtls),
RECV_ATTR_INT(ANVIL_ATTR_AUTH, auths),
ATTR_TYPE_END) != 7)
status = ANVIL_STAT_FAIL;
else if (status != ANVIL_STAT_OK)
status = ANVIL_STAT_FAIL;
myfree(ident);
return (status);
}
int tls_mgr_seed(VSTRING *buf, int len)
{
int status;
/*
* Create the tlsmgr client handle.
*/
if (tls_mgr == 0)
tls_mgr_open();
/*
* Request seed.
*/
if (attr_clnt_request(tls_mgr,
ATTR_FLAG_NONE, /* Request attributes */
ATTR_TYPE_STR, TLS_MGR_ATTR_REQ, TLS_MGR_REQ_SEED,
ATTR_TYPE_INT, TLS_MGR_ATTR_SIZE, len,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes */
ATTR_TYPE_INT, TLS_MGR_ATTR_STATUS, &status,
ATTR_TYPE_DATA, TLS_MGR_ATTR_SEED, buf,
ATTR_TYPE_END) != 2)
status = TLS_MGR_STAT_FAIL;
return (status);
}
int tls_mgr_update(const char *cache_type, const char *cache_id,
const char *buf, ssize_t len)
{
int status;
/*
* Create the tlsmgr client handle.
*/
if (tls_mgr == 0) {
acl_msg_warn("tls_mgr_update: call tls_mgr_open first");
return TLS_MGR_STAT_FAIL;
}
/*
* Send the request and receive the reply.
*/
if (attr_clnt_request(tls_mgr,
ATTR_FLAG_NONE, /* Request */
ATTR_TYPE_STR, TLS_MGR_ATTR_REQ, TLS_MGR_REQ_UPDATE,
ATTR_TYPE_STR, TLS_MGR_ATTR_CACHE_TYPE, cache_type,
ATTR_TYPE_STR, TLS_MGR_ATTR_CACHE_ID, cache_id,
ATTR_TYPE_DATA, TLS_MGR_ATTR_SESSION, len, buf,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply */
ATTR_TYPE_INT, TLS_MGR_ATTR_STATUS, &status,
ATTR_TYPE_END) != 1)
status = TLS_MGR_STAT_FAIL;
return (status);
}
int tls_mgr_policy(const char *cache_type, int *cachable)
{
int status;
/*
* Create the tlsmgr client handle.
*/
if (tls_mgr == 0) {
if (acl_msg_verbose)
acl_msg_info("tls_mgr_policy: call tls_mgr_open first");
return TLS_MGR_STAT_FAIL;
}
/*
* Request policy.
*/
if (attr_clnt_request(tls_mgr,
ATTR_FLAG_NONE, /* Request attributes */
ATTR_TYPE_STR, TLS_MGR_ATTR_REQ, TLS_MGR_REQ_POLICY,
ATTR_TYPE_STR, TLS_MGR_ATTR_CACHE_TYPE, cache_type,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes */
ATTR_TYPE_INT, TLS_MGR_ATTR_STATUS, &status,
ATTR_TYPE_INT, TLS_MGR_ATTR_CACHABLE, cachable,
ATTR_TYPE_END) != 2)
status = TLS_MGR_STAT_FAIL;
return (status);
}
int tls_mgr_update(const char *cache_type, const char *cache_id,
const char *buf, ssize_t len)
{
int status;
/*
* Create the tlsmgr client handle.
*/
if (tls_mgr == 0)
tls_mgr_open();
/*
* Send the request and receive the reply.
*/
if (attr_clnt_request(tls_mgr,
ATTR_FLAG_NONE, /* Request */
SEND_ATTR_STR(TLS_MGR_ATTR_REQ, TLS_MGR_REQ_UPDATE),
SEND_ATTR_STR(TLS_MGR_ATTR_CACHE_TYPE, cache_type),
SEND_ATTR_STR(TLS_MGR_ATTR_CACHE_ID, cache_id),
SEND_ATTR_DATA(TLS_MGR_ATTR_SESSION, len, buf),
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply */
RECV_ATTR_INT(TLS_MGR_ATTR_STATUS, &status),
ATTR_TYPE_END) != 1)
status = TLS_MGR_STAT_FAIL;
return (status);
}
int anvil_clnt_disconnect(ANVIL_CLNT *anvil_clnt, const char *service,
const char *addr)
{
char *ident = ANVIL_IDENT(service, addr);
int status;
if (attr_clnt_request((ATTR_CLNT *) anvil_clnt,
ATTR_FLAG_NONE, /* Query attributes. */
SEND_ATTR_STR(ANVIL_ATTR_REQ, ANVIL_REQ_DISC),
SEND_ATTR_STR(ANVIL_ATTR_IDENT, ident),
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes. */
RECV_ATTR_INT(ANVIL_ATTR_STATUS, &status),
ATTR_TYPE_END) != 1)
status = ANVIL_STAT_FAIL;
else if (status != ANVIL_STAT_OK)
status = ANVIL_STAT_FAIL;
myfree(ident);
return (status);
}
int anvil_clnt_newtls_stat(ANVIL_CLNT *anvil_clnt, const char *service,
const char *addr, int *newtls)
{
char *ident = ANVIL_IDENT(service, addr);
int status;
if (attr_clnt_request((ATTR_CLNT *) anvil_clnt,
ATTR_FLAG_NONE, /* Query attributes. */
ATTR_TYPE_STR, ANVIL_ATTR_REQ, ANVIL_REQ_NTLS_STAT,
ATTR_TYPE_STR, ANVIL_ATTR_IDENT, ident,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply attributes. */
ATTR_TYPE_INT, ANVIL_ATTR_STATUS, &status,
ATTR_TYPE_INT, ANVIL_ATTR_RATE, newtls,
ATTR_TYPE_END) != 2)
status = ANVIL_STAT_FAIL;
else if (status != ANVIL_STAT_OK)
status = ANVIL_STAT_FAIL;
myfree(ident);
return (status);
}
static TLS_TICKET_KEY *request_scache_key(unsigned char *keyname)
{
TLS_TICKET_KEY tmp;
static VSTRING *keybuf;
char *name;
size_t len;
int status;
/*
* Create the tlsmgr client handle.
*/
if (tls_mgr == 0)
tls_mgr_open();
if (keybuf == 0)
keybuf = vstring_alloc(sizeof(tmp));
/* In tlsmgr requests we encode null key names as empty strings. */
name = keyname ? (char *) keyname : "";
len = keyname ? TLS_TICKET_NAMELEN : 0;
/*
* Send the request and receive the reply.
*/
if (attr_clnt_request(tls_mgr,
ATTR_FLAG_NONE, /* Request */
ATTR_TYPE_STR, TLS_MGR_ATTR_REQ, TLS_MGR_REQ_TKTKEY,
ATTR_TYPE_DATA, TLS_MGR_ATTR_KEYNAME, len, name,
ATTR_TYPE_END,
ATTR_FLAG_MISSING, /* Reply */
ATTR_TYPE_INT, TLS_MGR_ATTR_STATUS, &status,
ATTR_TYPE_DATA, TLS_MGR_ATTR_KEYBUF, keybuf,
ATTR_TYPE_END) != 2
|| status != TLS_MGR_STAT_OK
|| LEN(keybuf) != sizeof(tmp))
return (0);
memcpy((char *) &tmp, STR(keybuf), sizeof(tmp));
return (tls_scache_key_rotate(&tmp));
}
