diff options
| -rw-r--r-- | usr.sbin/smtpd/smtp_session.c | 21 | ||||
| -rw-r--r-- | usr.sbin/smtpd/smtpd.h | 9 | ||||
| -rw-r--r-- | usr.sbin/smtpd/ssl.c | 21 |
3 files changed, 23 insertions, 28 deletions
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c index 292fb69cbbd..f5e782e2f6f 100644 --- a/usr.sbin/smtpd/smtp_session.c +++ b/usr.sbin/smtpd/smtp_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtp_session.c,v 1.168 2012/08/25 10:23:12 gilles Exp $ */ +/* $OpenBSD: smtp_session.c,v 1.169 2012/09/14 19:22:04 eric Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -600,6 +600,7 @@ void session_io(struct io *io, int evt) { struct session *s = io->arg; + void *ssl; char *line; ssize_t len; @@ -665,8 +666,8 @@ session_io(struct io *io, int evt) /* wait for the client to start tls */ if (s->s_state == S_TLS) { - ssl_session_init(s); - io_start_tls(io, s->s_ssl); + ssl = ssl_smtp_init(s->s_l->ssl_ctx); + io_start_tls(io, ssl); } break; @@ -690,6 +691,8 @@ session_io(struct io *io, int evt) void session_pickup(struct session *s, struct submit_status *ss) { + void *ssl; + s->s_flags &= ~F_WAITIMSG; if ((ss != NULL && ss->code == 421) || @@ -718,9 +721,9 @@ session_pickup(struct session *s, struct submit_status *ss) } if (s->s_l->flags & F_SMTPS) { - ssl_session_init(s); + ssl = ssl_smtp_init(s->s_l->ssl_ctx); io_set_read(&s->s_io); - io_start_tls(&s->s_io, s->s_ssl); + io_start_tls(&s->s_io, ssl); return; } @@ -821,9 +824,9 @@ session_pickup(struct session *s, struct submit_status *ss) if (s->s_flags & F_SECURE) { fprintf(s->datafp, "\n\t(version=%s cipher=%s bits=%d)", - SSL_get_cipher_version(s->s_ssl), - SSL_get_cipher_name(s->s_ssl), - SSL_get_cipher_bits(s->s_ssl, NULL)); + SSL_get_cipher_version(s->s_io.ssl), + SSL_get_cipher_name(s->s_io.ssl), + SSL_get_cipher_bits(s->s_io.ssl, NULL)); } if (s->rcptcount == 1) fprintf(s->datafp, "\n\tfor <%s@%s>; ", @@ -1007,7 +1010,7 @@ session_destroy(struct session *s, const char * reason) IMSG_QUEUE_REMOVE_MESSAGE, 0, 0, -1, &msgid, sizeof(msgid)); } - if (s->s_ssl) { + if (s->s_io.ssl) { if (s->s_l->flags & F_SMTPS) if (s->s_flags & F_SECURE) stat_decrement("smtp.smtps", 1); diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h index 9847456ed3a..696b69af45c 100644 --- a/usr.sbin/smtpd/smtpd.h +++ b/usr.sbin/smtpd/smtpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.h,v 1.347 2012/09/11 08:37:52 eric Exp $ */ +/* $OpenBSD: smtpd.h,v 1.348 2012/09/14 19:22:04 eric Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -551,7 +551,6 @@ struct session { char s_hostname[MAXHOSTNAMELEN]; struct event s_ev; struct listener *s_l; - void *s_ssl; struct timeval s_tv; struct envelope s_msg; short s_nresp[STATE_COUNT]; @@ -1130,13 +1129,11 @@ SPLAY_PROTOTYPE(childtree, child, entry, child_cmp); /* ssl.c */ void ssl_init(void); -void ssl_transaction(struct session *); -void ssl_session_init(struct session *); -void ssl_session_destroy(struct session *); int ssl_load_certfile(const char *, uint8_t); void ssl_setup(struct listener *); -int ssl_cmp(struct ssl *, struct ssl *); +void *ssl_smtp_init(void *); void *ssl_mta_init(struct ssl *); +int ssl_cmp(struct ssl *, struct ssl *); SPLAY_PROTOTYPE(ssltree, ssl, ssl_nodes, ssl_cmp); diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c index a76b14e315c..08ad30807cf 100644 --- a/usr.sbin/smtpd/ssl.c +++ b/usr.sbin/smtpd/ssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.c,v 1.46 2012/08/19 14:16:58 chl Exp $ */ +/* $OpenBSD: ssl.c,v 1.47 2012/09/14 19:22:04 eric Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -355,30 +355,25 @@ done: return (void*)(ssl); } -void -ssl_session_init(struct session *s) +void * +ssl_smtp_init(void *ssl_ctx) { - struct listener *l; - SSL *ssl; - - l = s->s_l; + SSL *ssl; - log_debug("session_start_ssl: switching to SSL"); + log_debug("session_start_ssl: switching to SSL"); - ssl = SSL_new(l->ssl_ctx); - if (ssl == NULL) + if ((ssl = SSL_new(ssl_ctx)) == NULL) goto err; - if (!SSL_set_ssl_method(ssl, SSLv23_server_method())) goto err; - s->s_ssl = ssl; - return; + return (void*)(ssl); err: if (ssl != NULL) SSL_free(ssl); ssl_error("ssl_session_init"); + return (NULL); } |