Browse Source

fix imaps:

0.9
Oswald Buddenhagen 22 years ago
parent
commit
feee93c26d
  1. 107
      src/imap.c

107
src/imap.c

@ -475,13 +475,13 @@ imap_exec (imap_t * imap, const char *fmt, ...)
{
if (!strcmp ("UIDPLUS", arg))
imap->have_uidplus = 1;
else if (!strcmp ("NAMESPACE", arg))
imap->have_namespace = 1;
#if HAVE_LIBSSL
else if (!strcmp ("STARTTLS", arg))
imap->have_starttls = 1;
else if (!strcmp ("AUTH=CRAM-MD5", arg))
imap->have_cram = 1;
else if (!strcmp ("NAMESPACE", arg))
imap->have_namespace = 1;
#endif
}
}
@ -594,17 +594,43 @@ imap_exec (imap_t * imap, const char *fmt, ...)
/* not reached */
}
static int
start_tls (imap_t *imap, config_t * cfg)
{
int ret;
/* initialize SSL */
if (init_ssl (cfg))
return 1;
imap->sock->ssl = SSL_new (SSLContext);
SSL_set_fd (imap->sock->ssl, imap->sock->fd);
if ((ret = SSL_connect (imap->sock->ssl)) <= 0)
{
socket_perror ("connect", imap->sock, ret);
return 1;
}
/* verify the server certificate */
if (verify_cert (imap->sock->ssl))
return 1;
imap->sock->use_ssl = 1;
puts ("SSL support enabled");
return 0;
}
imap_t *
imap_connect (config_t * cfg)
{
int s, ret;
int s;
struct sockaddr_in addr;
struct hostent *he;
imap_t *imap;
char *arg, *rsp;
int preauth = 0;
int preauth;
#if HAVE_LIBSSL
int use_ssl = 0;
int use_ssl;
#endif
int a[2];
@ -680,6 +706,15 @@ imap_connect (config_t * cfg)
imap->sock->fd = s;
}
#if HAVE_LIBSSL
use_ssl = 0;
if (cfg->use_imaps) {
if (start_tls (imap, cfg))
goto bail;
use_ssl = 1;
}
#endif
/* read the greeting string */
if (buffer_gets (imap->buf, &rsp))
{
@ -692,6 +727,7 @@ imap_connect (config_t * cfg)
fprintf (stderr, "IMAP error: invalid greeting response\n");
goto bail;
}
preauth = 0;
if (!strcmp ("PREAUTH", arg))
preauth = 1;
else if (strcmp ("OK", arg) != 0)
@ -699,16 +735,13 @@ imap_connect (config_t * cfg)
fprintf (stderr, "IMAP error: unknown greeting response\n");
goto bail;
}
#if HAVE_LIBSSL
if (cfg->use_imaps)
use_ssl = 1;
else
{
/* let's see what this puppy can do... */
if (imap_exec (imap, "CAPABILITY"))
goto bail;
#if HAVE_LIBSSL
if (!cfg->use_imaps)
{
if (cfg->use_sslv2 || cfg->use_sslv3 || cfg->use_tlsv1)
{
/* always try to select SSL support if available */
@ -716,38 +749,9 @@ imap_connect (config_t * cfg)
{
if (imap_exec (imap, "STARTTLS"))
goto bail;
use_ssl = 1;
}
}
}
if (!use_ssl)
{
if (cfg->require_ssl)
{
fprintf (stderr, "IMAP error: SSL support not available\n");
goto bail;
}
else if (cfg->use_sslv2 || cfg->use_sslv3 || cfg->use_tlsv1)
fprintf (stderr, "IMAP warning: SSL support not available\n");
}
else
{
/* initialize SSL */
if (init_ssl (cfg))
goto bail;
imap->sock->ssl = SSL_new (SSLContext);
SSL_set_fd (imap->sock->ssl, imap->sock->fd);
if ((ret = SSL_connect (imap->sock->ssl)) <= 0)
{
socket_perror ("connect", imap->sock, ret);
goto bail;
}
/* verify the server certificate */
if (verify_cert (imap->sock->ssl))
if (start_tls (imap, cfg))
goto bail;
use_ssl = 1;
/* to conform to RFC2595 we need to forget all information
* retrieved from CAPABILITY invocations before STARTTLS.
@ -755,17 +759,22 @@ imap_connect (config_t * cfg)
imap->have_uidplus = 0;
imap->have_namespace = 0;
imap->have_cram = 0;
imap->have_starttls = 0;
imap->sock->use_ssl = 1;
puts ("SSL support enabled");
/* imap->have_starttls = 0; */
if (imap_exec (imap, "CAPABILITY"))
goto bail;
}
#else
if (imap_exec (imap, "CAPABILITY"))
else
{
if (cfg->require_ssl)
{
fprintf (stderr, "IMAP error: SSL support not available\n");
goto bail;
}
else
fprintf (stderr, "IMAP warning: SSL support not available\n");
}
}
}
#endif
if (!preauth)

Loading…
Cancel
Save