Certifcate set according server/client mode

author Jean-Marc Pigeon (Delson) <jmp@safe.ca>

Sun, 8 Jun 2025 19:12:46 +0000 (15:12 -0400)

committer Jean-Marc Pigeon (Delson) <jmp@safe.ca>

Sun, 8 Jun 2025 19:12:46 +0000 (15:12 -0400)
author Jean-Marc Pigeon (Delson) <jmp@safe.ca>
Sun, 8 Jun 2025 19:12:46 +0000 (15:12 -0400)
committer Jean-Marc Pigeon (Delson) <jmp@safe.ca>
Sun, 8 Jun 2025 19:12:46 +0000 (15:12 -0400)
diff --git a/Makefile b/Makefile

index f1200f430d828253691fa97a5c02328225a13257..eac29f689d6110e70df141c2166ee96aaa6ee8ac 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -140,7 +140,7 @@ onefeed     :  debug
            @ bin/feeder                                 \
                         -f                              \
                         -d 9                            \
-                       -c ./conf/feeder.conf.dvl       \
+                       -c ./conf/$(APPNAME).conf.dvl   \
                         $(TESTIP)                       \
                         $(TESTPORT)                     \
                         ./$(DATATST)/feed01.tst
diff --git a/conf/mailleur.conf.dvl b/conf/mailleur.conf.dvl

index 9fbc63d1f36ce4d528e1c8973056026e0f869ed9..a58cd9f476406a8e251ad9b61b55f8d95244d3d1 100644 (file)
--- a/conf/mailleur.conf.dvl
+++ b/conf/mailleur.conf.dvl
@@ -1,12 +1,17 @@
  #file used to set environment configuration
  #Used for developpement purpose ONLY
  #------------------------------------------------
-#Defining Certificate
-CA_ROOT                =       "./certs/root-safe_CA.pem"
-CA_CERT                =       "./certs/mailleur_server-chain-cert_x509.pem"
-CA_KEY         =       "./certs/mailleur_server-key.pem"
+#Defining SERVER mode Certificate data
+CA_ROOT_SRV    =       "./certs/root-safe_CA.pem"
+CA_CERT_SRV    =       "./certs/mailleur_server-chain-cert_x509.pem"
+CA_KEY_SRV     =       "./certs/mailleur_server-key.pem"
  CA_VERIFY      =       1       #to check PEER certificat
  #------------------------------------------------
+#Defining CLIENT mode Certificate data
+CA_ROOT_CLT    =       "./certs/root-safe_CA.pem"
+CA_CERT_CLT    =       "./certs/localhost-chain-cert.pem"
+CA_KEY_CLT     =       "./certs/localhost-key.pem"
+#------------------------------------------------
  #Configured for Postgresql database
  DB_TYPE                =       POSTGRES
  DB_NAME                =       mailleur
diff --git a/data-feed/feed01.tst b/data-feed/feed01.tst

index c4c67e8aa3241ddb345d4edeea15f90270d2b270..1babf0ecaebd3abb6d927f5decaa9fab61ef4c85 100644 (file)
--- a/data-feed/feed01.tst
+++ b/data-feed/feed01.tst
@@ -1,10 +1,10 @@
  #====================================================
  T:(feed01) Sending a a simple mail to remote server
-R:220 mailleur.example.com ESMTP (cleartext) emlrcvr...
+R:220 mailleur.example.com, ESMTP (cleartext) emlrcvr...
  #====================================================
  S:HELO example.com
  #R:250-mailleur.example.com, link (cleartext) ready, your IP/FQDN=[127.127.0.2/feed2.example.com]
-R:250-mailleur.example.com, link (cleartext) ready,...
+R:250 mailleur.example.com, link (cleartext) ready,...
  C:GOTLS
  R:250 Link now encryp...
  S:MAIL FROM: <postmaster@example.com>
diff --git a/lib/geseml.c b/lib/geseml.c

index 31bcea7cdf1c3af66aee683db31a87b21ca85533..fff34d96475a82d94997b3aa2ceb5a7a39e66fe1 100644 (file)
--- a/lib/geseml.c
+++ b/lib/geseml.c
@@ -648,7 +648,6 @@ switch (fork()) {
        (void) rou_alert(0,"%s Unable to exec process=<%s> (error=<%s> Bug?)",
                          OPEP,execpath,strerror(errno));
        (void) rou_freestr(execpath);
-      (void) system("ls -ails /home/jmp/safe-mailleur/mailleur/test_area/var/spool/mailleur/queue/");
        (void) exit(-1);
        }
      break;
diff --git a/lib/lvleml.c b/lib/lvleml.c

index 6340a99f7d6b2a3916018494f0bbcbb9d22f17e5..7a9e59e01f9a7954251ae2fc39ffbce1bde0b6f6 100644 (file)
--- a/lib/lvleml.c
+++ b/lib/lvleml.c
@@ -140,7 +140,7 @@ va_end(args);
  static void signon(CONTYP *contact)
  
  {
-#define FMT     "%d %s ESMTP (%s) %s-%s; %s"
+#define FMT     "%d %s, ESMTP (%s) %s-%s; %s"
  
  if (contact!=(CONTYP *)0) {
    const char *mode;
@@ -176,7 +176,7 @@ sepa=' ';
  if (suite==true)
    sepa='-';
  mode=soc_getstrmode(contact->socptr);
-(void) transmit(contact,"%d%c%s link (%s) ready, your IP/FQDN=[%s/%s]",
+(void) transmit(contact,"%d%c%s, link (%s) ready, your IP/FQDN=[%s/%s]",
                           CMDOK,sepa,contact->locname,mode,
                           contact->peerip,contact->peername);
  }
diff --git a/lib/unitls.c b/lib/unitls.c

index 759d6b165c5707332c7bde8de36208457bad54b5..f22e89ca7e0a33d33d65e9296e30b0ec1eaa9177 100644 (file)
--- a/lib/unitls.c
+++ b/lib/unitls.c
@@ -155,7 +155,7 @@ return tls;
  /*     Procedure to set the link certificate           */
  /*                                                      */
  /********************************************************/
-static int set_crypting(TLSTYP *tls)
+static int set_crypting(TLSTYP *tls,_Bool server)
  
  {
  #define OPEP    "unitls.c:set_crypting"
@@ -166,14 +166,18 @@ static const char *envver="CA_VERIFY";
  int done;
  const char *certs[sizeof(cenv)/sizeof(char *)];
  const SSL_METHOD *(*tls_methode)();
+const char *certext;
  int mode;
  int phase;
  _Bool proceed;
  
  done=false;
  tls_methode=TLS_client_method;
-if (tls->server==true)
+certext="CLT";
+if (tls->server==true) {
    tls_methode=TLS_server_method;
+  certext="SRV";
+  }
  mode=SSL_VERIFY_NONE;
  phase=0;
  proceed=true;
@@ -182,10 +186,14 @@ while (proceed==true) {
    switch (phase) {
      case 0      :       //loading certificate names
        for (int i=0;i<(sizeof(cenv)/sizeof(char *));i++) {
-        certs[i]=getenv(cenv[i]);
+        char data[100];
+
+        (void) snprintf(data,sizeof(data),"%s_%s",cenv[i],certext);
+        certs[i]=getenv(data);
+        (void) rou_alert(0,"%s JMPDBG certs[%d]=<%s>",OPEP,i,certs[i]);
          if (certs[i]==(char *)0) {
            (void) rou_alert(0,"%s Missing <%s> environment variable (config?)",
-                              OPEP,cenv[i]);
+                              OPEP,data);
            phase=999;    //missing  certificate info.
            }
          }
@@ -266,8 +274,9 @@ while (proceed==true) {
        break;
      }
    phase++;
-  }
+ }
  return done;
+
  #undef  OPEP
  }
  /*
@@ -557,8 +566,8 @@ while (proceed==true) {
        tls->server=server;
        (void) getnames(tls);
        break;
-    case 1      :       //set certificate
-      if (set_crypting(tls)==false) {
+    case 1      :       //set certificate according client/server mode
+      if (set_crypting(tls,server)==false) {
          (void) rou_alert(1,"%s Unable to open a TLS channel",OPEP);
          tls=freetls(tls);
          phase=999;
author	Jean-Marc Pigeon (Delson) <jmp@safe.ca>
	Sun, 8 Jun 2025 19:12:46 +0000 (15:12 -0400)
committer	Jean-Marc Pigeon (Delson) <jmp@safe.ca>
	Sun, 8 Jun 2025 19:12:46 +0000 (15:12 -0400)
Makefile		patch \| blob \| history
conf/mailleur.conf.dvl		patch \| blob \| history
data-feed/feed01.tst		patch \| blob \| history
lib/geseml.c		patch \| blob \| history
lib/lvleml.c		patch \| blob \| history
lib/unitls.c		patch \| blob \| history