Mail-SpamAssassin
view release on metacpan or search on metacpan
spamc/libspamc.c view on Meta::CPAN
const SSL_METHOD *meth;
SSL_CTX *ctx;
SSLeay_add_ssl_algorithms();
SSL_load_error_strings();
/* this method allows negotiation of version */
meth = SSLv23_client_method();
ctx = SSL_CTX_new(meth);
if (ctx == NULL) {
libspamc_log(flags, LOG_ERR, "cannot create SSL CTX context: %s",
_ssl_err_as_string());
return NULL;
}
if (flags & SPAMC_TLSV1) {
/* allow TLSv1.0 or better */
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
} else {
/* allow SSLv3 or better */
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
}
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
return ctx;
}
static int _try_ssl_connect(SSL_CTX *ctx, struct transport *tp,
SSL **pssl, int flags, int sock)
{
SSL *ssl;
int ssl_rtn;
if (tp->ssl_ca_file || tp->ssl_ca_path) {
if (!SSL_CTX_load_verify_locations(ctx, tp->ssl_ca_file,
tp->ssl_ca_path)) {
libspamc_log(flags, LOG_ERR,
"error loading CA file %s or path %s: %s",
tp->ssl_ca_file ? tp->ssl_ca_file : "(void)",
tp->ssl_ca_path ? tp->ssl_ca_path : "(void)",
_ssl_err_as_string());
return EX_OSERR;
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
} else {
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
}
if (flags & SPAMC_CLIENT_SSL_CERT) {
/* libspamc_log(flags, LOG_ERR, "loading client cert %s key %s",
tp->ssl_cert_file, tp->ssl_key_file); */
if (!SSL_CTX_use_certificate_file(ctx, tp->ssl_cert_file,
SSL_FILETYPE_PEM)) {
libspamc_log(flags, LOG_ERR,
"unable to load certificate file %s: %s",
tp->ssl_cert_file, _ssl_err_as_string());
return EX_OSERR;
}
if (!SSL_CTX_use_PrivateKey_file(ctx, tp->ssl_key_file,
SSL_FILETYPE_PEM)) {
libspamc_log(flags, LOG_ERR,
"unable to load key file %s: %s",
tp->ssl_key_file, _ssl_err_as_string());
return EX_OSERR;
}
if (!SSL_CTX_check_private_key(ctx)) {
libspamc_log(flags, LOG_ERR,
"key file %s and cert file %s do not match: %s",
tp->ssl_key_file, tp->ssl_cert_file,
_ssl_err_as_string());
return EX_OSERR;
}
}
ssl = SSL_new(ctx);
if (ssl == NULL) {
libspamc_log(flags, LOG_ERR,
"SSL_new failed: %s", _ssl_err_as_string());
return EX_OSERR;
}
*pssl = ssl;
if (!SSL_set_fd(ssl, sock)) {
libspamc_log(flags, LOG_ERR,
"SSL_set_fd failed: %s", _ssl_err_as_string());
return EX_OSERR;
}
ssl_rtn = SSL_connect(ssl);
if (ssl_rtn != 1) {
int ssl_err = SSL_get_error(ssl, ssl_rtn);
libspamc_log(flags, LOG_ERR,
"SSL_connect error: %s", _ssl_err_as_string());
return EX_UNAVAILABLE;
}
return EX_OK;
}
#endif
/* Aug 14, 2002 bj: Reworked things. Now we have message_read, message_write,
* message_dump, lookup_host, message_filter, and message_process, and a bunch
* of helper functions.
*/
static void _clear_message(struct message *m)
{
m->type = MESSAGE_NONE;
m->raw = NULL;
m->raw_len = 0;
m->pre = NULL;
m->pre_len = 0;
m->msg = NULL;
m->msg_len = 0;
m->post = NULL;
m->post_len = 0;
m->is_spam = EX_TOOBIG;
m->score = 0.0;
m->threshold = 0.0;
m->outbuf = NULL;
m->out = NULL;
m->out_len = 0;
m->content_length = -1;
}
static void _free_zlib_buffer(unsigned char **zlib_buf, int *zlib_bufsiz)
{
if(*zlib_buf) {
free(*zlib_buf);
*zlib_buf=NULL;
( run in 1.414 second using v1.01-cache-2.11-cpan-ceb78f64989 )