From d4613fb65a257a923c481264404eb77f353f4ee0 Mon Sep 17 00:00:00 2001 From: "Jean-Marc Pigeon (Delson)" Date: Fri, 9 Aug 2024 16:02:41 -0400 Subject: [PATCH] STARTTL seems to be working --- lib/devsoc.c | 52 +++++++++++++- lib/devsoc.h | 2 +- lib/gestcp.c | 1 + lib/lvleml.c | 3 +- lib/subrou.c | 2 +- lib/ubrou.c | 186 --------------------------------------------------- lib/unitls.c | 20 +++--- 7 files changed, 66 insertions(+), 200 deletions(-) delete mode 100644 lib/ubrou.c diff --git a/lib/devsoc.c b/lib/devsoc.c index 523b163..90e851c 100644 --- a/lib/devsoc.c +++ b/lib/devsoc.c @@ -53,6 +53,44 @@ static _Bool modopen; //module open/close status */ /********************************************************/ /* */ +/* Procedure to purge incoming plain text channel */ +/* before going to TLS mode. */ +/* */ +/* See VE-2011-0411, "plaintext command injection" */ +/* */ +/********************************************************/ +static void socpurge(SOCTYP *soc) + +{ +_Bool needpurge; +int count; + +needpurge=true; +count=0; +while (needpurge==true) { + TIMESPEC attend; + + (void) printf("JMPDBG purge\n"); + needpurge=false; + soc->carin=0; + soc->carpile[0]='\000'; + attend.tv_sec=0; + attend.tv_nsec=1000000; //waiting one milli sec + if (soc_waitforchar(soc,&attend)>0) { + (void) printf("JMPDBG need purge count='%d'\n",count); + needpurge=true; + (void) soc_receive(soc); + count++; + if (count>10) + (void) exit(-1); + } + } +} +/* + +*/ +/********************************************************/ +/* */ /* Procedure to free memory used by a */ /* binding info. */ /* */ @@ -646,7 +684,7 @@ soc=(SOCTYP *)socptr; if (soc!=(SOCTYP *)0) { struct pollfd polling[1]; - polling[0].events=POLLIN|POLLPRI; + polling[0].events=POLLIN; polling[0].revents=(short)0; switch (soc->modtls) { case true : @@ -1037,7 +1075,7 @@ return status; /* crypted channel, return true is successful. */ /* */ /********************************************************/ -_Bool soc_starttls(SOCPTR *socptr,_Bool server) +_Bool soc_starttls(SOCPTR *socptr) { _Bool ok; @@ -1046,8 +1084,16 @@ SOCTYP *soc; ok=false; soc=(SOCTYP *)socptr; if ((soc!=(SOCTYP *)0)&&(soc->modtls==false)) { - if ((soc->tls=tls_opentls(soc->handle,server))!=(TLSTYP *)0) { + int tosend; + char buffer[100]; + + tosend=snprintf(buffer,sizeof(buffer),"%d 2.0.0 Ready to start TLS%s", + SIGNON,CRLF); + (void) soc_writebuffer(soc,buffer,tosend); + if ((soc->tls=tls_opentls(soc->handle,true))!=(TLSTYP *)0) { + soc->proto=pro_smtps; soc->modtls=true; + (void) socpurge(soc); ok=true; } } diff --git a/lib/devsoc.h b/lib/devsoc.h index 3915caf..3f804b2 100644 --- a/lib/devsoc.h +++ b/lib/devsoc.h @@ -66,7 +66,7 @@ extern char *soc_getaddrinfo(SOCPTR *socptr,_Bool local,_Bool ip); extern SOCPTR *soc_release(SOCPTR *socptr); //procedure to initiate crypted mode on plain channel -extern _Bool soc_starttls(SOCPTR *socptr,_Bool server); +extern _Bool soc_starttls(SOCPTR *socptr); //homework to be done before starting/stopping module. extern int soc_modedevsoc(_Bool mode); diff --git a/lib/gestcp.c b/lib/gestcp.c index 65d692b..bcd7cb5 100644 --- a/lib/gestcp.c +++ b/lib/gestcp.c @@ -156,6 +156,7 @@ if (contact!=(CONTYP *)0) { } #undef FMT #undef OPEP +(void) printf("JMP signon sent='%d'",sent); return sent; } /* diff --git a/lib/lvleml.c b/lib/lvleml.c index d6f6f97..6e19ae0 100644 --- a/lib/lvleml.c +++ b/lib/lvleml.c @@ -142,7 +142,7 @@ while (proceed==true) { proceed=false; break; case c_starttls : //EHLO start encryptel link - switch (soc_starttls(contact->socptr,true)) { + switch (soc_starttls(contact->socptr)) { case true : //link now in TLS crypted mode (void) tcp_signon(contact); break; @@ -164,6 +164,7 @@ while (proceed==true) { status=-1; break; } + line=rou_freestr(line); } return status; #undef OPEP diff --git a/lib/subrou.c b/lib/subrou.c index e1e3496..99945cc 100644 --- a/lib/subrou.c +++ b/lib/subrou.c @@ -20,7 +20,7 @@ //version definition #define VERSION "0.3" -#define RELEASE "37" +#define RELEASE "38" //Public variables PUBLIC int debug=0; //debug level diff --git a/lib/ubrou.c b/lib/ubrou.c deleted file mode 100644 index 90ea5bd..0000000 --- a/lib/ubrou.c +++ /dev/null @@ -1,186 +0,0 @@ -SYSLOG(3) Linux Programmer’s Manual SYSLOG(3) - -NAME - closelog, openlog, syslog, vsyslog - send messages to the system logger - -SYNOPSIS - #include  - - void openlog(const char *ident, int option, int facility); - void syslog(int priority, const char *format, ...); - void closelog(void); - - void vsyslog(int priority, const char *format, va_list ap); - - Feature Test Macro Requirements for glibc (see feature_test_macros(7)): - - vsyslog(): - Since glibc 2.19: - _DEFAULT_SOURCE - Glibc 2.19 and earlier: - _BSD_SOURCE - -DESCRIPTION - openlog() - openlog() opens a connection to the system logger for a program. - - The string pointed to by ident is prepended to every message, and is typi‐ - cally set to the program name. If ident is NULL, the program name is - used. (POSIX.1‐2008 does not specify the behavior when ident is NULL.) - - The option argument specifies flags which control the operation of open‐ - log() and subsequent calls to syslog(). The facility argument establishes - a default to be used if none is specified in subsequent calls to syslog(). - The values that may be specified for option and facility are described be‐ - low. - - The use of openlog() is optional; it will automatically be called by sys‐ - log() if necessary, in which case ident will default to NULL. - - syslog() and vsyslog() - syslog() generates a log message, which will be distributed by syslogd(8). - - The priority argument is formed by ORing together a facility value and a - level value (described below). If no facility value is ORed into prior‐ - ity, then the default value set by openlog() is used, or, if there was no - preceding openlog() call, a default of LOG_USER is employed. - - The remaining arguments are a format, as in printf(3), and any arguments - required by the format, except that the two‐character sequence %m will be - replaced by the error message string strerror(errno). The format string - need not include a terminating newline character. - - The function vsyslog() performs the same task as syslog() with the differ‐ - ence that it takes a set of arguments which have been obtained using the - stdarg(3) variable argument list macros. - - closelog() - closelog() closes the file descriptor being used to write to the system - logger. The use of closelog() is optional. - - Values for option - The option argument to openlog() is a bit mask constructed by ORing to‐ - gether any of the following values: - - LOG_CONS Write directly to the system console if there is an error - while sending to the system logger. - - LOG_NDELAY Open the connection immediately (normally, the connection - is opened when the first message is logged). This may be - useful, for example, if a subsequent chroot(2) would make - the pathname used internally by the logging facility un‐ - reachable. - - LOG_NOWAIT Don’t wait for child processes that may have been created - while logging the message. (The GNU C library does not - create a child process, so this option has no effect on - Linux.) - - LOG_ODELAY The converse of LOG_NDELAY; opening of the connection is - delayed until syslog() is called. (This is the default, - and need not be specified.) - - LOG_PERROR (Not in POSIX.1‐2001 or POSIX.1‐2008.) Also log the mes‐ - sage to stderr. - - LOG_PID Include the caller’s PID with each message. - - Values for facility - The facility argument is used to specify what type of program is logging - the message. This lets the configuration file specify that messages from - different facilities will be handled differently. - - LOG_AUTH security/authorization messages - - LOG_AUTHPRIV security/authorization messages (private) - - LOG_CRON clock daemon (cron and at) - - LOG_DAEMON system daemons without separate facility value - - LOG_FTP ftp daemon - - LOG_KERN kernel messages (these can’t be generated from user - processes) - - LOG_LOCAL0 through LOG_LOCAL7 - reserved for local use - - LOG_LPR line printer subsystem - - LOG_MAIL mail subsystem - - LOG_NEWS USENET news subsystem - - LOG_SYSLOG messages generated internally by syslogd(8) - - LOG_USER (default) - generic user‐level messages - - LOG_UUCP UUCP subsystem - - Values for level - This determines the importance of the message. The levels are, in order - of decreasing importance: - - LOG_EMERG system is unusable - - LOG_ALERT action must be taken immediately - - LOG_CRIT critical conditions - - LOG_ERR error conditions - - LOG_WARNING warning conditions - - LOG_NOTICE normal, but significant, condition - - LOG_INFO informational message - - LOG_DEBUG debug‐level message - - The function setlogmask(3) can be used to restrict logging to specified - levels only. - -ATTRIBUTES - For an explanation of the terms used in this section, see attributes(7). - ┌───────────────────────┬───────────────┬────────────────────┐ - │ Interface │ Attribute │ Value │ - ├───────────────────────┼───────────────┼────────────────────┤ - │ openlog(), closelog() │ Thread safety │ MT‐Safe │ - ├───────────────────────┼───────────────┼────────────────────┤ - │ syslog(), vsyslog() │ Thread safety │ MT‐Safe env locale │ - └───────────────────────┴───────────────┴────────────────────┘ - -CONFORMING TO - The functions openlog(), closelog(), and syslog() (but not vsyslog()) are - specified in SUSv2, POSIX.1‐2001, and POSIX.1‐2008. - - POSIX.1‐2001 specifies only the LOG_USER and LOG_LOCAL* values for facil‐ - ity. However, with the exception of LOG_AUTHPRIV and LOG_FTP, the other - facility values appear on most UNIX systems. - - The LOG_PERROR value for option is not specified by POSIX.1‐2001 or - POSIX.1‐2008, but is available in most versions of UNIX. - -NOTES - The argument ident in the call of openlog() is probably stored as‐is. - Thus, if the string it points to is changed, syslog() may start prepending - the changed string, and if the string it points to ceases to exist, the - results are undefined. Most portable is to use a string constant. - - Never pass a string with user‐supplied data as a format, use the following - instead: - - syslog(priority, "%s", string); - -SEE ALSO - journalctl(1), logger(1), setlogmask(3), syslog.conf(5), syslogd(8) - -COLOPHON - This page is part of release 5.09 of the Linux man‐pages project. A de‐ - scription of the project, information about reporting bugs, and the latest - version of this page, can be found at - https://www.kernel.org/doc/man-pages/. - -Linux 2017‐09‐15 SYSLOG(3) diff --git a/lib/unitls.c b/lib/unitls.c index 5e4eef4..4bc6352 100644 --- a/lib/unitls.c +++ b/lib/unitls.c @@ -366,7 +366,6 @@ PUBLIC TLSTYP *tls_opentls(int handle,_Bool server) TLSTYP *tls; const SSL_METHOD *(*tls_methode)(); -_Bool ready; int phase; _Bool proceed; @@ -374,11 +373,10 @@ tls=(TLSTYP *)0; tls_methode=TLS_client_method; if (server==true) tls_methode=TLS_server_method; -ready=false; phase=0; proceed=true; while (proceed==true) { - (void) printf("JMPDBG opentls phase='%d'\n",phase); + (void) printf("JMPDBG opentls phase='%d' handle=%d\n",phase,handle); switch (phase) { case 0 : //prepare the structure first; tls=(TLSTYP *)calloc(1,sizeof(TLSTYP)); @@ -414,11 +412,10 @@ while (proceed==true) { break; case 4 : //Setting the TLS channel actif (void) verify(tls); - ready=true; + proceed=false; break; default : //SAFE guard - if (ready==false) - tls=freetls(tls); + tls=freetls(tls); proceed=false; break; } @@ -490,18 +487,25 @@ sent=0; if (tls!=(TLSTYP *)0) { _Bool proceed; int sofar; + int count; + count=0; proceed=true; (void) printf("JMPDBG sending <%s>\n",buffer); while (proceed==true) { + int status; + proceed=false; sofar=SSL_write(tls->ssl,buffer,tosend); + (void) printf("JMPDBG sent sofar='%d' count='%d'\n",sofar,count); switch (sofar) { case -1 : //trouble to write - switch (SSL_get_error(tls->ssl,-1)) { + switch (status=SSL_get_error(tls->ssl,-1)) { case SSL_ERROR_WANT_READ : //"wanted" error case SSL_ERROR_WANT_WRITE : - (void) usleep(1000); + (void) printf("JMPDBG SSL_get_error='%d'\n",status); + (void) usleep(1000000); + count++; proceed=true; break; default : -- 2.47.3