]> SAFE projects GIT repository - jmp/mailleur/commitdiff
Working out certificate trouble
authorJean-Marc Pigeon (Delson) <jmp@safe.ca>
Sun, 8 Jun 2025 14:15:05 +0000 (10:15 -0400)
committerJean-Marc Pigeon (Delson) <jmp@safe.ca>
Sun, 8 Jun 2025 14:15:05 +0000 (10:15 -0400)
Makefile
data-feed/dbgfeed.tst [new file with mode: 0644]
lib/gestcp.c
lib/lvleml.c
lib/unipar.c
lib/unitls.c

index e0d6414768546334b0eeddc1aeaaf5bee0a54047..f1200f430d828253691fa97a5c02328225a13257 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -139,7 +139,7 @@ onefeed     :  debug
           @ rm -fr $(TESTDIR)/var/spool/$(APPNAME)/queue/*
           @ bin/feeder                                 \
                        -f                              \
-                       -d                            \
+                       -d 9                            \
                        -c ./conf/feeder.conf.dvl       \
                        $(TESTIP)                       \
                        $(TESTPORT)                     \
@@ -172,11 +172,11 @@ dbgfeed   :  debug
                --args                                  \
                        bin/feeder                      \
                          -f                            \
-                         -d                          \
+                         -d 9                          \
                          -c ./conf/feeder.conf.dvl     \
                          $(TESTIP)                     \
                          $(TESTPORT)                   \
-                         $./(DATATST)/xxfeed.tst
+                         $(DATATST)/dbgfeed.tst
 
 valfeed        :  debug                        #valgring of emlrcvr
           @ echo "feed valgrind test"
@@ -189,7 +189,7 @@ valfeed     :  debug                        #valgring of emlrcvr
                          -c ./conf/feeder.conf.dvl     \
                          $(TESTIP)                     \
                          $(TESTPORT)                   \
-                         ./$(DATATST)/xxfeed.tst
+                         ./$(DATATST)/feed.tst
 
             
 #              --track-fds=yes                         \
@@ -220,14 +220,18 @@ xxx       :
                @ openssl s_client                      \
                        -crlf                           \
                        --showcerts                     \
-                       -key certs/localhost_key.pem    \
-                       -cert certs/localhost_cert.pem  \
-                       -CAfile certs/safe_CA.pem       \
+                       -status                         \
+                       -msg                            \
+                       -debug                          \
+                       -key certs/localhost-key.pem    \
+                       -cert certs/localhost-cert.pem  \
+                       -CAfile certs/root-safe_CA.pem  \
                        -starttls smtp                  \
-                       -connect $(TESTSRV):1025
+                       -connect smtp1.example.com:25 
 
 #                      -showcerts                      
 #                      -tls1_2
+#                      -connect smtp1.example.com:587 
 #                      -connect mailprod1.safe.ca:25
 #                      -connect $(TESTSRV):$(TESTPORT) 
 #                      -connect smtp.google.com:25
@@ -258,7 +262,7 @@ dorcvr      :
           @ bin/emlrcvr                                \
                $(EMLPAR)$(TESTITER)
 
-emlrcvr        :  #starting email receiver
+emlrcvr        :  clean debug newtest #starting email receiver
           @ echo
           @ echo "--------------"
           @ echo "starting $@"
diff --git a/data-feed/dbgfeed.tst b/data-feed/dbgfeed.tst
new file mode 100644 (file)
index 0000000..efe12e1
--- /dev/null
@@ -0,0 +1,17 @@
+#====================================================
+#starting test 
+T:debug test function
+R:220 mailleur.example.com ESMTP (cleartext) ...
+S:HELO example.com
+R:250 mailleur.example.com link (cleartext) ready...
+C:GOTLS
+R:250 Link now encryp...
+S:EHLO example.com
+R:250-mailleur.example.com link (crypted) ready, your IP/FQDN...
+R:250-SIZE 52428800
+R:250-8BITMIME
+R:250-ENHANCEDSTATUSCODES
+R:250-AUTH PLAIN LOGIN
+R:250 HELP
+S:QUIT
+R:221 2.0.0 Bye, closing connection...
index 3bdce19061d5984037c4dd957d7f38f5db845dd2..3d12d02ff09277dfbfb8437e2b08d6f116d6212b 100644 (file)
@@ -142,7 +142,7 @@ while (maxlines>0) {
                                     ERRPROC,wait,rmt->curmx->mxname);
     line=strdup(cmt);
     }
-  (void) log_fprintlog(rmt->logptr,false,line);
+  (void) log_fprintlog(rmt->logptr,true,line);
   if (sscanf(line,"%d%n",&code,&sofar)==1) {
     if (line[sofar]==' ')
       maxlines=0;       //found remote status
index a9362fb3e867373d22aff30d66122b74f8948759..6340a99f7d6b2a3916018494f0bbcbb9d22f17e5 100644 (file)
@@ -166,14 +166,18 @@ if (contact!=(CONTYP *)0) {
 /*      is a correct one                                */
 /*                                                      */
 /********************************************************/
-static void linkready(CONTYP *contact)
+static void linkready(CONTYP *contact,_Bool suite)
 
 {
 const char *mode;
+char sepa;
 
+sepa=' ';
+if (suite==true)
+  sepa='-';
 mode=soc_getstrmode(contact->socptr);
-(void) transmit(contact,"%d-%s, link (%s) ready, your IP/FQDN=[%s/%s]",
-                         CMDOK,contact->locname,mode,
+(void) transmit(contact,"%d%c%s link (%s) ready, your IP/FQDN=[%s/%s]",
+                         CMDOK,sepa,contact->locname,mode,
                          contact->peerip,contact->peername);
 }
 /*
@@ -437,7 +441,7 @@ _Bool done;
 if ((done=isgoodfqdn(contact,parameter))==false) 
   (void) transmit(contact,"%d 5.5.4 %s.",BADPAR,DETAIL);
 else
-  (void) linkready(contact);
+  (void) linkready(contact,false);
 return done;
 #undef  DETAIL
 #undef  OPEP
@@ -485,7 +489,7 @@ while (proceed==true) {
         }
       break;
     case 1      :       //thereis an FQDN
-      (void) linkready(contact);
+      (void) linkready(contact,true);
       (void) transmit(contact,"%d-SIZE %ld",CMDOK,MXMSIZE);
       if (soc_iscrypted(contact->socptr)==true) 
         strstart++;
@@ -700,16 +704,31 @@ while (proceed==true) {
       rspcode=tcp_smtp_command(rmt,"EHLO %s",rmt->orgdomain);
       switch (rspcode) {
         case CMDOK      :       //So fare, so good
-          done=true;
-          phase=999;
           break;
         default         :       //Trouble
-          (void) rou_alert(0,"%s, EHLO Remote <%s> unexpected answer code '%d'",
+          (void) rou_alert(0,"%s EHLO Remote <%s> unexpected answer code '%d'",
                               OPEP,rmt->curmx,rspcode);
+          phase++;              //No STARTTLS available
+          break;
+        }
+      break;
+    case 1      :       //Stating starttls
+      phase=999;        //No need to go futher
+      rspcode=tcp_smtp_command(rmt,"STARTTLS",rmt->orgdomain);
+      switch (rspcode) {
+        case SIGNON      :       //link is now encrypted
+          debug=9;
+          (void) usleep(100000); 
+          done=soc_starttls(rmt->socptr,false);
+          (void) rou_alert(0,"%s JMPDBG should start tls done='%d'",OPEP,done);
+          break;
+        default         :       //Trouble
+          (void) rou_alert(0,"%s Unable to establish crypted link with <%s>",
+                              OPEP,rmt->curmx);
           break;
         }
       break;
-    case 1      :       //Sending HELO
+    case 2      :       //Sending HELO
       rspcode=tcp_smtp_command(rmt,"HELO %s",rmt->orgdomain);
       switch (rspcode) {
         case CMDOK      :       //So fare, so good
index 1a609fbe51f42f7fa18053e5319176bcf6216274..465840092af15b5b40f260063bcf135491850ba3 100644 (file)
@@ -151,6 +151,7 @@ while (((c=getopt(argc,argv,optstring))!=EOF)&&(params!=(ARGTYP *)0)) {
     case 'c'   :       //config file
       (void) memset(config,'\000',sizeof(config));
       (void) strncpy(config,optarg,sizeof(config)-1);
+      break;
     case 'd'   :       //debug level
       debug=atoi(optarg);
       (void) rou_alert(1,"debug level is now '%d'",debug);
index a2992df87a7b4e8c0c698ff92c5fdbbb5b1719d3..759d6b165c5707332c7bde8de36208457bad54b5 100644 (file)
@@ -178,6 +178,7 @@ mode=SSL_VERIFY_NONE;
 phase=0;
 proceed=true;
 while (proceed==true) {
+  (void) rou_alert(7,"%s phase='%d'",OPEP,phase);
   switch (phase) {
     case 0      :       //loading certificate names
       for (int i=0;i<(sizeof(cenv)/sizeof(char *));i++) {
@@ -204,6 +205,7 @@ while (proceed==true) {
         }
       break;
     case 2      :       //first load certificate key
+      (void) rou_alert(7,"%s key file=<%s>",OPEP,certs[0]);
       if (SSL_CTX_use_PrivateKey_file(tls->ctx,certs[0],SSL_FILETYPE_PEM)!=1) {
         char msg[200];
 
@@ -214,6 +216,7 @@ while (proceed==true) {
         }
       break;
     case 3      :       //load certificate + chain file
+      (void) rou_alert(7,"%s chain file=<%s>",OPEP,certs[1]);
       if (SSL_CTX_use_certificate_chain_file(tls->ctx,certs[1])!=1) {
         char msg[200];
 
@@ -224,6 +227,7 @@ while (proceed==true) {
         }
       break;
     case 4      :       //loading root certificate
+      (void) rou_alert(7,"%s root certificate=<%s>",OPEP,certs[2]);
       if (SSL_CTX_load_verify_locations(tls->ctx,certs[2],(const char *)0)!=1) {
         char msg[200];
 
@@ -545,7 +549,7 @@ tls=(TLSTYP *)0;
 phase=0;
 proceed=true;
 while (proceed==true) {
-  //(void) rou_alert(0,"%s JMPDBG phase='%d', serveur='%d'",OPEP,phase,server);
+  (void) rou_alert(6,"%s phase='%d', serveur='%d'",OPEP,phase,server);
   switch (phase) {
     case 0      :       //prepare the structure first;
       tls=(TLSTYP *)calloc(1,sizeof(TLSTYP));