*/
/********************************************************/
/* */
+/* Procedure to purge incoming plain text channel */
+/* before going to TLS mode. */
+/* */
+/* See VE-2011-0411, "plaintext command injection" */
+/* */
+/********************************************************/
+static void socpurge(SOCTYP *soc)
+
+{
+_Bool needpurge;
+int count;
+
+needpurge=true;
+count=0;
+while (needpurge==true) {
+ TIMESPEC attend;
+
+ (void) printf("JMPDBG purge\n");
+ needpurge=false;
+ soc->carin=0;
+ soc->carpile[0]='\000';
+ attend.tv_sec=0;
+ attend.tv_nsec=1000000; //waiting one milli sec
+ if (soc_waitforchar(soc,&attend)>0) {
+ (void) printf("JMPDBG need purge count='%d'\n",count);
+ needpurge=true;
+ (void) soc_receive(soc);
+ count++;
+ if (count>10)
+ (void) exit(-1);
+ }
+ }
+}
+/*
+\f
+*/
+/********************************************************/
+/* */
/* Procedure to free memory used by a */
/* binding info. */
/* */
if (soc!=(SOCTYP *)0) {
struct pollfd polling[1];
- polling[0].events=POLLIN|POLLPRI;
+ polling[0].events=POLLIN;
polling[0].revents=(short)0;
switch (soc->modtls) {
case true :
/* crypted channel, return true is successful. */
/* */
/********************************************************/
-_Bool soc_starttls(SOCPTR *socptr,_Bool server)
+_Bool soc_starttls(SOCPTR *socptr)
{
_Bool ok;
ok=false;
soc=(SOCTYP *)socptr;
if ((soc!=(SOCTYP *)0)&&(soc->modtls==false)) {
- if ((soc->tls=tls_opentls(soc->handle,server))!=(TLSTYP *)0) {
+ int tosend;
+ char buffer[100];
+
+ tosend=snprintf(buffer,sizeof(buffer),"%d 2.0.0 Ready to start TLS%s",
+ SIGNON,CRLF);
+ (void) soc_writebuffer(soc,buffer,tosend);
+ if ((soc->tls=tls_opentls(soc->handle,true))!=(TLSTYP *)0) {
+ soc->proto=pro_smtps;
soc->modtls=true;
+ (void) socpurge(soc);
ok=true;
}
}
+++ /dev/null
-\e[4mSYSLOG\e[24m(3) Linux Programmer’s Manual \e[4mSYSLOG\e[24m(3)
-
-\e[1mNAME\e[0m
- closelog, openlog, syslog, vsyslog - send messages to the system logger
-
-\e[1mSYNOPSIS\e[0m
- \e[1m#include <syslog.h>\e[0m
-
- \e[1mvoid openlog(const char *\e[4m\e[22mident\e[24m\e[1m, int \e[4m\e[22moption\e[24m\e[1m, int \e[4m\e[22mfacility\e[24m\e[1m);\e[0m
- \e[1mvoid syslog(int \e[4m\e[22mpriority\e[24m\e[1m, const char *\e[4m\e[22mformat\e[24m\e[1m, ...);\e[0m
- \e[1mvoid closelog(void);\e[0m
-
- \e[1mvoid vsyslog(int \e[4m\e[22mpriority\e[24m\e[1m, const char *\e[4m\e[22mformat\e[24m\e[1m, va_list \e[4m\e[22map\e[24m\e[1m);\e[0m
-
- Feature Test Macro Requirements for glibc (see \e[1mfeature_test_macros\e[22m(7)):
-
- \e[1mvsyslog\e[22m():
- Since glibc 2.19:
- _DEFAULT_SOURCE
- Glibc 2.19 and earlier:
- _BSD_SOURCE
-
-\e[1mDESCRIPTION\e[0m
- \e[1mopenlog()\e[0m
- \e[1mopenlog\e[22m() opens a connection to the system logger for a program.
-
- The string pointed to by \e[4mident\e[24m is prepended to every message, and is typi‐
- cally set to the program name. If \e[4mident\e[24m is NULL, the program name is
- used. (POSIX.1‐2008 does not specify the behavior when \e[4mident\e[24m is NULL.)
-
- The \e[4moption\e[24m argument specifies flags which control the operation of \e[1mopen‐\e[0m
- \e[1mlog\e[22m() and subsequent calls to \e[1msyslog\e[22m(). The \e[4mfacility\e[24m argument establishes
- a default to be used if none is specified in subsequent calls to \e[1msyslog\e[22m().
- The values that may be specified for \e[4moption\e[24m and \e[4mfacility\e[24m are described be‐
- low.
-
- The use of \e[1mopenlog\e[22m() is optional; it will automatically be called by \e[1msys‐\e[0m
- \e[1mlog\e[22m() if necessary, in which case \e[4mident\e[24m will default to NULL.
-
- \e[1msyslog() and vsyslog()\e[0m
- \e[1msyslog\e[22m() generates a log message, which will be distributed by \e[1msyslogd\e[22m(8).
-
- The \e[4mpriority\e[24m argument is formed by ORing together a \e[4mfacility\e[24m value and a
- \e[4mlevel\e[24m value (described below). If no \e[4mfacility\e[24m value is ORed into \e[4mprior‐\e[0m
- \e[4mity\e[24m, then the default value set by \e[1mopenlog\e[22m() is used, or, if there was no
- preceding \e[1mopenlog\e[22m() call, a default of \e[1mLOG_USER \e[22mis employed.
-
- The remaining arguments are a \e[4mformat\e[24m, as in \e[1mprintf\e[22m(3), and any arguments
- required by the \e[4mformat\e[24m, except that the two‐character sequence \e[1m%m \e[22mwill be
- replaced by the error message string \e[4mstrerror\e[24m(\e[4merrno\e[24m). The format string
- need not include a terminating newline character.
-
- The function \e[1mvsyslog\e[22m() performs the same task as \e[1msyslog\e[22m() with the differ‐
- ence that it takes a set of arguments which have been obtained using the
- \e[1mstdarg\e[22m(3) variable argument list macros.
-
- \e[1mcloselog()\e[0m
- \e[1mcloselog\e[22m() closes the file descriptor being used to write to the system
- logger. The use of \e[1mcloselog\e[22m() is optional.
-
- \e[1mValues for \e[4moption\e[0m
- The \e[4moption\e[24m argument to \e[1mopenlog\e[22m() is a bit mask constructed by ORing to‐
- gether any of the following values:
-
- \e[1mLOG_CONS \e[22mWrite directly to the system console if there is an error
- while sending to the system logger.
-
- \e[1mLOG_NDELAY \e[22mOpen the connection immediately (normally, the connection
- is opened when the first message is logged). This may be
- useful, for example, if a subsequent \e[1mchroot\e[22m(2) would make
- the pathname used internally by the logging facility un‐
- reachable.
-
- \e[1mLOG_NOWAIT \e[22mDon’t wait for child processes that may have been created
- while logging the message. (The GNU C library does not
- create a child process, so this option has no effect on
- Linux.)
-
- \e[1mLOG_ODELAY \e[22mThe converse of \e[1mLOG_NDELAY\e[22m; opening of the connection is
- delayed until \e[1msyslog\e[22m() is called. (This is the default,
- and need not be specified.)
-
- \e[1mLOG_PERROR \e[22m(Not in POSIX.1‐2001 or POSIX.1‐2008.) Also log the mes‐
- sage to \e[4mstderr\e[24m.
-
- \e[1mLOG_PID \e[22mInclude the caller’s PID with each message.
-
- \e[1mValues for \e[4mfacility\e[0m
- The \e[4mfacility\e[24m argument is used to specify what type of program is logging
- the message. This lets the configuration file specify that messages from
- different facilities will be handled differently.
-
- \e[1mLOG_AUTH \e[22msecurity/authorization messages
-
- \e[1mLOG_AUTHPRIV \e[22msecurity/authorization messages (private)
-
- \e[1mLOG_CRON \e[22mclock daemon (\e[1mcron \e[22mand \e[1mat\e[22m)
-
- \e[1mLOG_DAEMON \e[22msystem daemons without separate facility value
-
- \e[1mLOG_FTP \e[22mftp daemon
-
- \e[1mLOG_KERN \e[22mkernel messages (these can’t be generated from user
- processes)
-
- \e[1mLOG_LOCAL0 \e[22mthrough \e[1mLOG_LOCAL7\e[0m
- reserved for local use
-
- \e[1mLOG_LPR \e[22mline printer subsystem
-
- \e[1mLOG_MAIL \e[22mmail subsystem
-
- \e[1mLOG_NEWS \e[22mUSENET news subsystem
-
- \e[1mLOG_SYSLOG \e[22mmessages generated internally by \e[1msyslogd\e[22m(8)
-
- \e[1mLOG_USER \e[22m(default)
- generic user‐level messages
-
- \e[1mLOG_UUCP \e[22mUUCP subsystem
-
- \e[1mValues for \e[4mlevel\e[0m
- This determines the importance of the message. The levels are, in order
- of decreasing importance:
-
- \e[1mLOG_EMERG \e[22msystem is unusable
-
- \e[1mLOG_ALERT \e[22maction must be taken immediately
-
- \e[1mLOG_CRIT \e[22mcritical conditions
-
- \e[1mLOG_ERR \e[22merror conditions
-
- \e[1mLOG_WARNING \e[22mwarning conditions
-
- \e[1mLOG_NOTICE \e[22mnormal, but significant, condition
-
- \e[1mLOG_INFO \e[22minformational message
-
- \e[1mLOG_DEBUG \e[22mdebug‐level message
-
- The function \e[1msetlogmask\e[22m(3) can be used to restrict logging to specified
- levels only.
-
-\e[1mATTRIBUTES\e[0m
- For an explanation of the terms used in this section, see \e[1mattributes\e[22m(7).
- ┌───────────────────────┬───────────────┬────────────────────┐
- │ \e[1mInterface \e[22m│ \e[1mAttribute \e[22m│ \e[1mValue \e[22m│
- ├───────────────────────┼───────────────┼────────────────────┤
- │ \e[1mopenlog\e[22m(), \e[1mcloselog\e[22m() │ Thread safety │ MT‐Safe │
- ├───────────────────────┼───────────────┼────────────────────┤
- │ \e[1msyslog\e[22m(), \e[1mvsyslog\e[22m() │ Thread safety │ MT‐Safe env locale │
- └───────────────────────┴───────────────┴────────────────────┘
-
-\e[1mCONFORMING TO\e[0m
- The functions \e[1mopenlog\e[22m(), \e[1mcloselog\e[22m(), and \e[1msyslog\e[22m() (but not \e[1mvsyslog\e[22m()) are
- specified in SUSv2, POSIX.1‐2001, and POSIX.1‐2008.
-
- POSIX.1‐2001 specifies only the \e[1mLOG_USER \e[22mand \e[1mLOG_LOCAL* \e[22mvalues for \e[4mfacil‐\e[0m
- \e[4mity\e[24m. However, with the exception of \e[1mLOG_AUTHPRIV \e[22mand \e[1mLOG_FTP\e[22m, the other
- \e[4mfacility\e[24m values appear on most UNIX systems.
-
- The \e[1mLOG_PERROR \e[22mvalue for \e[4moption\e[24m is not specified by POSIX.1‐2001 or
- POSIX.1‐2008, but is available in most versions of UNIX.
-
-\e[1mNOTES\e[0m
- The argument \e[4mident\e[24m in the call of \e[1mopenlog\e[22m() is probably stored as‐is.
- Thus, if the string it points to is changed, \e[1msyslog\e[22m() may start prepending
- the changed string, and if the string it points to ceases to exist, the
- results are undefined. Most portable is to use a string constant.
-
- Never pass a string with user‐supplied data as a format, use the following
- instead:
-
- syslog(priority, "%s", string);
-
-\e[1mSEE ALSO\e[0m
- \e[1mjournalctl\e[22m(1), \e[1mlogger\e[22m(1), \e[1msetlogmask\e[22m(3), \e[1msyslog.conf\e[22m(5), \e[1msyslogd\e[22m(8)
-
-\e[1mCOLOPHON\e[0m
- This page is part of release 5.09 of the Linux \e[4mman‐pages\e[24m project. A de‐
- scription of the project, information about reporting bugs, and the latest
- version of this page, can be found at
- https://www.kernel.org/doc/man-pages/.
-
-Linux 2017‐09‐15 \e[4mSYSLOG\e[24m(3)