Browse Source

make config parsing more robust against bogus input and report errors

more clearly.
wip/ssl-fprint
Oswald Buddenhagen 19 years ago
parent
commit
927feae988
  1. 62
      src/drv_imap.c

62
src/drv_imap.c

@ -254,11 +254,9 @@ init_ssl_ctx( imap_store_t *ctx )
if (!srvc->cert_file) { if (!srvc->cert_file) {
fprintf( stderr, "Error, CertificateFile not defined\n" ); fprintf( stderr, "Error, CertificateFile not defined\n" );
return -1; return -1;
} else if (access( srvc->cert_file, R_OK )) } else if (!SSL_CTX_load_verify_locations( imap->SSLContext, srvc->cert_file, NULL )) {
warn( "*** Warning: can't read CertificateFile, so can't verify server certificates\n" ); fprintf( stderr, "Error while loading certificate file '%s': %s\n",
else if (!SSL_CTX_load_verify_locations( imap->SSLContext, srvc->cert_file, NULL )) { srvc->cert_file, ERR_error_string( ERR_get_error(), 0 ) );
fprintf( stderr, "Error, SSL_CTX_load_verify_locations: %s\n",
ERR_error_string( ERR_get_error(), 0 ) );
return -1; return -1;
} }
@ -1695,6 +1693,7 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep, int *err )
{ {
imap_store_conf_t *store; imap_store_conf_t *store;
imap_server_conf_t *server, *srv, sserver; imap_server_conf_t *server, *srv, sserver;
int acc_opt = 0;
if (!strcasecmp( "IMAPAccount", cfg->cmd )) { if (!strcasecmp( "IMAPAccount", cfg->cmd )) {
server = nfcalloc( sizeof(*server) ); server = nfcalloc( sizeof(*server) );
@ -1707,6 +1706,7 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep, int *err )
store->gen.driver = &imap_driver; store->gen.driver = &imap_driver;
store->gen.name = nfstrdup( cfg->val ); store->gen.name = nfstrdup( cfg->val );
store->use_namespace = 1; store->use_namespace = 1;
*storep = &store->gen;
memset( &sserver, 0, sizeof(sserver) ); memset( &sserver, 0, sizeof(sserver) );
server = &sserver; server = &sserver;
} else } else
@ -1721,17 +1721,7 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep, int *err )
#endif #endif
while (getcline( cfg ) && cfg->cmd) { while (getcline( cfg ) && cfg->cmd) {
if (!strcasecmp( "Account", cfg->cmd )) { if (!strcasecmp( "Host", cfg->cmd )) {
for (srv = servers; srv; srv = srv->next)
if (srv->name && !strcmp( srv->name, cfg->val ))
goto gotsrv;
fprintf( stderr, "%s:%d: unknown IMAP account '%s'\n",
cfg->file, cfg->line, cfg->val );
*err = 1;
continue;
gotsrv:
store->server = srv;
} else if (!strcasecmp( "Host", cfg->cmd )) {
#if HAVE_LIBSSL #if HAVE_LIBSSL
if (!memcmp( "imaps:", cfg->val, 6 )) { if (!memcmp( "imaps:", cfg->val, 6 )) {
cfg->val += 6; cfg->val += 6;
@ -1759,9 +1749,14 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep, int *err )
else if (!strcasecmp( "Port", cfg->cmd )) else if (!strcasecmp( "Port", cfg->cmd ))
server->port = parse_int( cfg ); server->port = parse_int( cfg );
#if HAVE_LIBSSL #if HAVE_LIBSSL
else if (!strcasecmp( "CertificateFile", cfg->cmd )) else if (!strcasecmp( "CertificateFile", cfg->cmd )) {
server->cert_file = expand_strdup( cfg->val ); server->cert_file = expand_strdup( cfg->val );
else if (!strcasecmp( "RequireSSL", cfg->cmd )) if (access( server->cert_file, R_OK )) {
fprintf( stderr, "%s:%d: CertificateFile '%s': %s\n",
cfg->file, cfg->line, server->cert_file, strerror( errno ) );
*err = 1;
}
} else if (!strcasecmp( "RequireSSL", cfg->cmd ))
server->require_ssl = parse_bool( cfg ); server->require_ssl = parse_bool( cfg );
else if (!strcasecmp( "UseSSLv2", cfg->cmd )) else if (!strcasecmp( "UseSSLv2", cfg->cmd ))
server->use_sslv2 = parse_bool( cfg ); server->use_sslv2 = parse_bool( cfg );
@ -1775,34 +1770,49 @@ imap_parse_store( conffile_t *cfg, store_conf_t **storep, int *err )
else if (!strcasecmp( "Tunnel", cfg->cmd )) else if (!strcasecmp( "Tunnel", cfg->cmd ))
server->tunnel = nfstrdup( cfg->val ); server->tunnel = nfstrdup( cfg->val );
else if (store) { else if (store) {
if (!strcasecmp( "UseNamespace", cfg->cmd )) if (!strcasecmp( "Account", cfg->cmd )) {
for (srv = servers; srv; srv = srv->next)
if (srv->name && !strcmp( srv->name, cfg->val ))
goto gotsrv;
fprintf( stderr, "%s:%d: unknown IMAP account '%s'\n",
cfg->file, cfg->line, cfg->val );
*err = 1;
continue;
gotsrv:
store->server = srv;
} else if (!strcasecmp( "UseNamespace", cfg->cmd ))
store->use_namespace = parse_bool( cfg ); store->use_namespace = parse_bool( cfg );
else if (!strcasecmp( "Path", cfg->cmd )) else if (!strcasecmp( "Path", cfg->cmd ))
store->gen.path = nfstrdup( cfg->val ); store->gen.path = nfstrdup( cfg->val );
else else
parse_generic_store( &store->gen, cfg, err ); parse_generic_store( &store->gen, cfg, err );
continue;
} else { } else {
fprintf( stderr, "%s:%d: unknown keyword '%s'\n", fprintf( stderr, "%s:%d: unknown/misplaced keyword '%s'\n",
cfg->file, cfg->line, cfg->cmd ); cfg->file, cfg->line, cfg->cmd );
*err = 1; *err = 1;
continue;
} }
acc_opt = 1;
} }
if (!store || !store->server) { if (!store || !store->server) {
if (!server->tunnel && !server->host) { if (!server->tunnel && !server->host) {
if (store) if (store)
fprintf( stderr, "IMAP store '%s' has incomplete connection details\n", store->gen.name ); fprintf( stderr, "IMAP store '%s' has incomplete/missing connection details\n", store->gen.name );
else else
fprintf( stderr, "IMAP account '%s' has incomplete connection details\n", server->name ); fprintf( stderr, "IMAP account '%s' has incomplete/missing connection details\n", server->name );
*err = 1; *err = 1;
/* leaking server/store */
*storep = 0;
return 1; return 1;
} }
} }
*storep = &store->gen; if (store) {
if (store && !store->server) { if (!store->server) {
store->server = nfmalloc( sizeof(sserver) ); store->server = nfmalloc( sizeof(sserver) );
memcpy( store->server, &sserver, sizeof(sserver) ); memcpy( store->server, &sserver, sizeof(sserver) );
} else if (acc_opt) {
fprintf( stderr, "IMAP store '%s' has both Account and account-specific options\n", store->gen.name );
*err = 1;
}
} }
return 1; return 1;
} }

Loading…
Cancel
Save