[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Mailutils branch, master, updated. release-2.2-727-g6ff197c
|
From: |
Sergey Poznyakoff |
|
Subject: |
[SCM] GNU Mailutils branch, master, updated. release-2.2-727-g6ff197c |
|
Date: |
Sat, 11 Jul 2015 08:24:40 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Mailutils".
http://git.savannah.gnu.org/cgit/mailutils.git/commit/?id=6ff197ca52419567c123c4e9069e207ec55aadcb
The branch, master has been updated
via 6ff197ca52419567c123c4e9069e207ec55aadcb (commit)
via 4d642922b63bdf1a312b5f76b1f827e794e23da6 (commit)
from 10adba5274b12a3c27e1a96bb6d934e430ce5f13 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6ff197ca52419567c123c4e9069e207ec55aadcb
Author: Sergey Poznyakoff <address@hidden>
Date: Sat Jul 11 11:14:16 2015 +0300
Log ciphersuite info after successful initiation of TLS connection
* include/mailutils/stream.h (MU_IOCTL_TLSSTREAM): New ioctl code.
(MU_IOCTL_TLS_GET_CIPHER_INFO): New ioctl opcode.
* libmailutils/property/assocprop.c (_assoc_prop_fill)
(_assoc_prop_save): allow for NULL stream pointer.
* libmu_auth/tls.c (_tls_io_ioctl,_tls_ioctl): Handle
MU_IOCTL_TLSSTREAM/MU_IOCTL_TLS_GET_CIPHER_INFO ioctl.
* imap4d/io.c (log_cipher): New function.
(io_setio, imap4d_init_tls_server): Call log_cipher after successfully
establishing the TLS connection.
* imap4d/starttls.c (tls_encryption_on): Remove diagnostic output.
* pop3d/extra.c (log_cipher): New function.
(pop3d_setio,pop3d_init_tls_server): Call log_cipher after successfully
establishing the TLS connection.
commit 4d642922b63bdf1a312b5f76b1f827e794e23da6
Author: Sergey Poznyakoff <address@hidden>
Date: Sat Jul 11 11:12:20 2015 +0300
Minor fixes
* libmailutils/mailbox/mbx_default.c (mu_normalize_mailbox_url): don't
place / in front of the username.
(plus_expand): Use mu_make_file_name and mu_asprintf. Check for errors.
(mu_mailbox_create_default): Check for errors.
-----------------------------------------------------------------------
Summary of changes:
imap4d/io.c | 33 +++++++++++++++++++++++
imap4d/starttls.c | 1 -
include/mailutils/stream.h | 10 ++++++-
libmailutils/mailbox/mbx_default.c | 46 ++++++++++++++++++++------------
libmailutils/property/assocprop.c | 4 +-
libmu_auth/tls.c | 51 ++++++++++++++++++++++++++++++++++++
pop3d/extra.c | 34 +++++++++++++++++++++++-
7 files changed, 157 insertions(+), 22 deletions(-)
diff --git a/imap4d/io.c b/imap4d/io.c
index c0f62de..d3a14dc 100644
--- a/imap4d/io.c
+++ b/imap4d/io.c
@@ -16,9 +16,39 @@
along with GNU Mailutils. If not, see <http://www.gnu.org/licenses/>. */
#include "imap4d.h"
+#include <mailutils/property.h>
mu_stream_t iostream;
+static void
+log_cipher (mu_stream_t stream)
+{
+ mu_property_t prop;
+ int rc = mu_stream_ioctl (stream, MU_IOCTL_TLSSTREAM,
+ MU_IOCTL_TLS_GET_CIPHER_INFO, &prop);
+ if (rc)
+ {
+ mu_diag_output (MU_DIAG_INFO, _("TLS established"));
+ mu_diag_output (MU_DIAG_ERROR, _("can't get TLS details: %s"),
+ mu_strerror (rc));
+ }
+ else
+ {
+ char const *cipher, *mac, *proto;
+ if (mu_property_sget_value (prop, "cipher", &cipher))
+ cipher = "UNKNOWN";
+ if (mu_property_sget_value (prop, "mac", &mac))
+ mac = "UNKNOWN";
+ if (mu_property_sget_value (prop, "protocol", &proto))
+ proto = "UNKNOWN";
+
+ mu_diag_output (MU_DIAG_INFO, _("TLS established using %s-%s (%s)"),
+ cipher, mac, proto);
+
+ mu_property_destroy (&prop);
+ }
+}
+
void
io_setio (int ifd, int ofd, int tls)
{
@@ -49,6 +79,7 @@ io_setio (int ifd, int ofd, int tls)
mu_error (_("failed to create TLS stream: %s"), mu_strerror (rc));
imap4d_bye (ERR_STREAM_CREATE);
}
+ log_cipher (str);
}
else
#endif
@@ -112,6 +143,8 @@ imap4d_init_tls_server ()
return 1;
}
+ log_cipher (tlsstream);
+
mu_stream_unref (stream[0]);
mu_stream_unref (stream[1]);
stream[0] = stream[1] = tlsstream;
diff --git a/imap4d/starttls.c b/imap4d/starttls.c
index 1ee3f70..1530931 100644
--- a/imap4d/starttls.c
+++ b/imap4d/starttls.c
@@ -71,7 +71,6 @@ tls_encryption_on (struct imap4d_session *session)
session->tls_mode = tls_no;
imap4d_capability_remove (IMAP_CAPA_XTLSREQUIRED);
- mu_diag_output (MU_DIAG_INFO, _("TLS established"));
}
void
diff --git a/include/mailutils/stream.h b/include/mailutils/stream.h
index 6230ca2..07f99c3 100644
--- a/include/mailutils/stream.h
+++ b/include/mailutils/stream.h
@@ -77,7 +77,8 @@ enum mu_buffer_type
#define MU_IOCTL_TOPSTREAM 12 /* Same as MU_IOCTL_SUBSTREAM, but
always returns the topmost substream.
*/
-
+#define MU_IOCTL_TLSSTREAM 13 /* TLS stream */
+
/* Opcodes common for various families */
#define MU_IOCTL_OP_GET 0
#define MU_IOCTL_OP_SET 1
@@ -192,6 +193,13 @@ enum mu_buffer_type
*/
#define MU_IOCTL_FILTER_GET_DISABLED 0
#define MU_IOCTL_FILTER_SET_DISABLED 1
+
+ /* TLS transport streams */
+ /* Get cipher info.
+ Arg: mu_property_t *
+ On success, the following keys are defined: "protocol", "cipher", "mac"
+ */
+#define MU_IOCTL_TLS_GET_CIPHER_INFO 0
#define MU_TRANSPORT_INPUT 0
#define MU_TRANSPORT_OUTPUT 1
diff --git a/libmailutils/mailbox/mbx_default.c
b/libmailutils/mailbox/mbx_default.c
index 4024208..5082027 100644
--- a/libmailutils/mailbox/mbx_default.c
+++ b/libmailutils/mailbox/mbx_default.c
@@ -64,13 +64,20 @@ mu_normalize_mailbox_url (char **pout, const char *dir)
{
if (!(len > 5 && strcmp (dir + len - 5, "user=") == 0))
return MU_ERR_BAD_FILENAME;
+ else
+ {
+ int rc = mu_asprintf (pout, "%s%s", dir, USERSUFFIX);
+ if (rc)
+ return rc;
+ }
}
else
- *pout = mu_make_file_name (dir, USERSUFFIX);
-
- if (!*pout)
- return errno;
-
+ {
+ *pout = mu_make_file_name (dir, USERSUFFIX);
+ if (!*pout)
+ return errno;
+ }
+
return 0;
}
@@ -280,7 +287,6 @@ plus_expand (const char *file, char **buf)
{
char *home;
const char *folder_dir = mu_folder_directory ();
- int len;
home = get_homedir (NULL);
if (!home)
@@ -290,17 +296,16 @@ plus_expand (const char *file, char **buf)
if (folder_dir[0] == '/' || mu_is_proto (folder_dir))
{
- len = strlen (folder_dir) + strlen (file) + 2;
- *buf = malloc (len);
- sprintf (*buf, "%s/%s", folder_dir, file);
+ *buf = mu_make_file_name (folder_dir, file);
+ if (!*buf)
+ return errno;
}
else
{
- len = strlen (home) + strlen (folder_dir) + strlen (file) + 3;
- *buf = malloc (len);
- sprintf (*buf, "%s/%s/%s", home, folder_dir, file);
+ int rc = mu_asprintf (buf, "%s/%s/%s", home, folder_dir, file);
+ if (rc)
+ return rc;
}
- (*buf)[len-1] = 0;
free (home);
return 0;
@@ -419,7 +424,7 @@ mu_mailbox_create_default (mu_mailbox_t *pmbox, const char
*mail)
mail = tmp_mbox;
if (!mail)
return ENOMEM;
-
+
switch (mail[0])
{
case '%':
@@ -433,18 +438,25 @@ mu_mailbox_create_default (mu_mailbox_t *pmbox, const
char *mail)
case '/':
mbox = strdup (mail);
+ if (!mbox)
+ status = errno;
break;
default:
if (!mu_is_proto (mail))
{
p = mu_getcwd();
- mbox = malloc (strlen (p) + strlen (mail) + 2);
- sprintf (mbox, "%s/%s", p, mail);
+ mbox = mu_make_file_name (p, mail);
+ if (!mbox)
+ status = errno;
free (p);
}
else
- mbox = strdup (mail);
+ {
+ mbox = strdup (mail);
+ if (!mbox)
+ status = errno;
+ }
break;
}
diff --git a/libmailutils/property/assocprop.c
b/libmailutils/property/assocprop.c
index 6742737..dd730c3 100644
--- a/libmailutils/property/assocprop.c
+++ b/libmailutils/property/assocprop.c
@@ -145,7 +145,7 @@ _assoc_prop_fill (struct _mu_property *prop)
size_t size[2] = { 0, 0 }, n;
if (!str)
- return EINVAL;
+ return 0;
mu_stream_seek (str, 0, MU_SEEK_SET, NULL);
while ((rc = mu_stream_getdelim (str, &buf[state], &size[state],
0, &n)) == 0 &&
@@ -169,7 +169,7 @@ _assoc_prop_save (struct _mu_property *prop)
mu_off_t off;
if (!str)
- return EINVAL;
+ return 0;
rc = mu_property_get_iterator (prop, &itr);
if (rc)
return rc;
diff --git a/libmu_auth/tls.c b/libmu_auth/tls.c
index a503814..a9bfb7a 100644
--- a/libmu_auth/tls.c
+++ b/libmu_auth/tls.c
@@ -34,6 +34,7 @@
#include <mailutils/stream.h>
#include <mailutils/errno.h>
#include <mailutils/util.h>
+#include <mailutils/property.h>
struct mu_tls_module_config mu_tls_module_config = {
#ifdef WITH_TLS
@@ -295,6 +296,34 @@ _tls_wr_wait (struct _mu_stream *stream, int *pflags,
struct timeval *tvp)
}
static int
+get_cipher_info (gnutls_session_t session, mu_property_t *pprop)
+{
+ mu_property_t prop;
+ const char *s;
+ int rc;
+
+ if (!pprop)
+ return EINVAL;
+
+ rc = mu_property_create_init (&prop, mu_assoc_property_init, NULL);
+ if (rc)
+ return rc;
+
+ s = gnutls_protocol_get_name (gnutls_protocol_get_version (session));
+ mu_property_set_value (prop, "protocol", s, 1);
+
+ s = gnutls_cipher_get_name (gnutls_cipher_get (session));
+ mu_property_set_value (prop, "cipher", s, 1);
+
+ s = gnutls_mac_get_name (gnutls_mac_get (session));
+ mu_property_set_value (prop, "mac", s, 1);
+
+ *pprop = prop;
+
+ return 0;
+}
+
+static int
_tls_io_ioctl (struct _mu_stream *stream, int code, int opcode, void *arg)
{
struct _mu_tls_io_stream *sp = (struct _mu_tls_io_stream *) stream;
@@ -323,6 +352,17 @@ _tls_io_ioctl (struct _mu_stream *stream, int code, int
opcode, void *arg)
}
break;
+ case MU_IOCTL_TLSSTREAM:
+ switch (opcode)
+ {
+ case MU_IOCTL_TLS_GET_CIPHER_INFO:
+ return get_cipher_info (sp->up->session, arg);
+
+ default:
+ return EINVAL;
+ }
+ break;
+
default:
return ENOSYS;
}
@@ -586,6 +626,17 @@ _tls_ioctl (struct _mu_stream *stream, int code, int
opcode, void *arg)
}
break;
+ case MU_IOCTL_TLSSTREAM:
+ switch (opcode)
+ {
+ case MU_IOCTL_TLS_GET_CIPHER_INFO:
+ return get_cipher_info (sp->session, arg);
+
+ default:
+ return EINVAL;
+ }
+ break;
+
default:
return ENOSYS;
}
diff --git a/pop3d/extra.c b/pop3d/extra.c
index 57aab2d..2ce84be 100644
--- a/pop3d/extra.c
+++ b/pop3d/extra.c
@@ -17,6 +17,7 @@
#include "pop3d.h"
#include "mailutils/libargp.h"
+#include "mailutils/property.h"
mu_stream_t iostream;
@@ -128,6 +129,35 @@ pop3d_abquit (int reason)
exit (code);
}
+static void
+log_cipher (mu_stream_t stream)
+{
+ mu_property_t prop;
+ int rc = mu_stream_ioctl (stream, MU_IOCTL_TLSSTREAM,
+ MU_IOCTL_TLS_GET_CIPHER_INFO, &prop);
+ if (rc)
+ {
+ mu_diag_output (MU_DIAG_INFO, _("TLS established"));
+ mu_diag_output (MU_DIAG_ERROR, _("can't get TLS details: %s"),
+ mu_strerror (rc));
+ }
+ else
+ {
+ char const *cipher, *mac, *proto;
+ if (mu_property_sget_value (prop, "cipher", &cipher))
+ cipher = "UNKNOWN";
+ if (mu_property_sget_value (prop, "mac", &mac))
+ mac = "UNKNOWN";
+ if (mu_property_sget_value (prop, "protocol", &proto))
+ proto = "UNKNOWN";
+
+ mu_diag_output (MU_DIAG_INFO, _("TLS established using %s-%s (%s)"),
+ cipher, mac, proto);
+
+ mu_property_destroy (&prop);
+ }
+}
+
void
pop3d_setio (int ifd, int ofd, int tls)
{
@@ -158,7 +188,7 @@ pop3d_setio (int ifd, int ofd, int tls)
pop3d_abquit (ERR_FILE);
}
tls_done = 1;
- mu_diag_output (MU_DIAG_INFO, _("TLS established"));
+ log_cipher (str);
}
else
#endif
@@ -220,6 +250,8 @@ pop3d_init_tls_server ()
if (rc)
return 1;
+ log_cipher (tlsstream);
+
stream[0] = stream[1] = tlsstream;
rc = mu_stream_ioctl (iostream, MU_IOCTL_SUBSTREAM, MU_IOCTL_OP_SET, stream);
mu_stream_unref (stream[0]);
hooks/post-receive
--
GNU Mailutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Mailutils branch, master, updated. release-2.2-727-g6ff197c,
Sergey Poznyakoff <=