int iteration; //number of soc slot used on the IP
}SOCTYP;
-/*
-\f
-*/
-/********************************************************/
-/* */
-/* Procedure to purge incoming TLS channel */
-/* After crypted link is established but before */
-/* to use it. */
-/* */
-/* See VE-2011-0411, "plaintext command injection" */
-/* */
-/********************************************************/
-static void socpurge(SOCTYP *soc,const char *peerip)
-
-{
-#define OPEP "devsoc.c:socpurge"
-
-int max;
-int count;
-
-max=1000; //purging for 1 seconde max;
-count=0;
-for (;count<max;count++) {
- soc->carin=0;
- soc->carpile[0]='\000';
- (void) usleep(1000); //1 millisec
- (void) soc_receive(soc);
- if (soc->carin==0) //got no character
- break;
- }
-if (count>=max) //one second max!
- (void) rou_alert(0,"%s purge is too long with peer [%s]",OPEP,peerip);
-#undef OPEP
-}
/*
\f
*/
phase++;
}
return socptr;
+#undef OPEP
+}
+/*
+\f
+*/
+/********************************************************/
+/* */
+/* Procedure to purge incoming TLS channel */
+/* After crypted link is established but before */
+/* to use it. */
+/* */
+/* See VE-2011-0411, "plaintext command injection" */
+/* */
+/********************************************************/
+PUBLIC void soc_purge(SOCPTR *socptr,const char *peerip)
+
+{
+#define OPEP "devsoc.c:soc_purge,"
+
+int max;
+int count;
+
+max=1000; //purging for 1 seconde max;
+count=0;
+if (socptr!=(SOCPTR *)0) {
+ SOCTYP *soc;
+
+ soc=(SOCTYP *)socptr;
+ for (;count<max;count++) {
+ soc->carin=0;
+ soc->carpile[0]='\000';
+ (void) usleep(1000); //1 millisec
+ (void) soc_receive(soc);
+ if (soc->carin==0) //got no character
+ break;
+ }
+ }
+if (count>=max) //one second max!
+ (void) rou_alert(0,"%s purge is too long with peer [%s]",OPEP,peerip);
+
#undef OPEP
}
/*
ok=false;
soc=(SOCTYP *)socptr;
if ((soc!=(SOCTYP *)0)&&(soc->modtls==false)) {
- char *peerip;
-
- peerip=(char *)0;
switch (server) {
- case true :
- peerip=soc_getaddrinfo(socptr,false,false);
- (void) socpurge(soc,peerip);
- peerip=rou_freestr(peerip);
+ case true : //Nothing to do?
break;
- case false :
+ case false : //Nothing to do?
break;
}
soc->tls=tls_opentls(soc->handle,server);
break;
}
break;
- case 1 : //Stating starttls
+ case 1 : //Starting starttls
phase=999; //No need to go futher
rspcode=simple_smtp_command(rmt,"STARTTLS",rmt->orgdomain);
switch (rspcode) {
break;
case c_starttls : //EHLO start encrypted link in server mode
(void) usleep(100000);
+ (void) soc_purge(contact->socptr,contact->peerip);
(void) transmit(contact,true,"%d 2.0.0 Ready to start TLS",SIGNON);
switch (soc_starttls(contact->socptr,true)) {
case true : { //link now in TLS crypted mode (server mode)
vps2: / jmp / mailleur / commitdiff