Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Make OpenSSL a mandatory requirement

There is no point in having SSL/TLS IMAP support as optional, it's as
useful if not more than the the non-encrypted connections.

The Makefile was better organized to make it easier to change some
options during compile.

The SHAREDIR variable passed as configuration option has changed name.
  • Loading branch information...
commit e907fe5fdf893d117a8d9775e47c384b906a8f6c 1 parent 820e9db
@lefcha authored
View
2  Makefile
@@ -1,2 +1,2 @@
-all nossl install uninstall clean:
+all install uninstall clean:
cd src && $(MAKE) $@
View
2  README
@@ -26,7 +26,7 @@ Changes
Installation
Compile time requirements are Lua (version 5.2 or 5.1), the PCRE library, and
- optionally the OpenSSL library (for SSL/TLS and CRAM-MD5 support).
+ the OpenSSL library.
Compile and install the program:
View
22 src/Makefile
@@ -4,9 +4,21 @@ BINDIR = $(PREFIX)/bin
SHAREDIR = $(PREFIX)/share/imapfilter
MANDIR = $(PREFIX)/man
-CFLAGS = -Wall -O -DMAKEFILE_SHAREDIR='"$(SHAREDIR)"'
-LDFLAGS =
-LIBS = -lm -llua -lpcre -lssl -lcrypto
+MYCFLAGS =
+MYLDFLAGS =
+MYLIBS =
+
+INCDIRS =
+LIBDIRS =
+
+LIBLUA = -llua
+LIBPCRE = -lpcre
+LIBSSL = -lssl
+LIBCRYPTO = -lcrypto
+
+CFLAGS = -Wall -O -DCONFIG_SHAREDIR='"$(SHAREDIR)"' $(INCDIRS) $(MYCFLAGS)
+LDFLAGS = $(LIBDIRS) $(MYLDFLAGS)
+LIBS = -lm $(LIBLUA) $(LIBPCRE) $(LIBSSL) $(LIBCRYPTO) $(MYLIBS)
MAN1 = imapfilter.1
MAN5 = imapfilter_config.5
@@ -21,10 +33,6 @@ OBJ = auth.o buffer.o cert.o core.o file.o imapfilter.o list.o log.o lua.o \
all: $(BIN)
-nossl:
- $(MAKE) $(BIN) CFLAGS="-Wall -O -DMAKEFILE_SHAREDIR='\"$(SHAREDIR)\"' \
- -DNO_SSLTLS -DNO_CRAMMD5" LIBS="-lm -llua -lpcre"
-
$(BIN): $(OBJ)
$(CC) -o $(BIN) $(LDFLAGS) $(OBJ) $(LIBS)
View
6 src/auth.c
@@ -1,12 +1,11 @@
#include <stdio.h>
#include <string.h>
-#include "imapfilter.h"
-
-#ifndef NO_CRAMMD5
#include <openssl/hmac.h>
#include <openssl/evp.h>
+#include "imapfilter.h"
+
/*
* Authenticate to the server with the Challenge-Response Authentication
@@ -57,4 +56,3 @@ auth_cram_md5(const char *user, const char *pass, unsigned char *chal)
return out;
}
-#endif /* NO_CRAMMD5 */
View
9 src/cert.c
@@ -1,5 +1,3 @@
-#ifndef NO_SSLTLS
-
#include <stdio.h>
#include <string.h>
#include <ctype.h>
@@ -7,14 +5,14 @@
#include <sys/stat.h>
#include <unistd.h>
-#include "imapfilter.h"
-#include "session.h"
-
#include <openssl/x509.h>
#include <openssl/ssl.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
+#include "imapfilter.h"
+#include "session.h"
+
extern environment env;
@@ -207,4 +205,3 @@ mismatch_cert(void)
else
return -1;
}
-#endif /* NO_SSLTLS */
View
1  src/file.c
@@ -1,4 +1,5 @@
#include <stdio.h>
+#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
View
12 src/imapfilter.c
@@ -7,6 +7,9 @@
#include <sys/stat.h>
#include <locale.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
#include "imapfilter.h"
#include "session.h"
#include "list.h"
@@ -15,11 +18,6 @@
#include "pathnames.h"
#include "regexp.h"
-#ifndef NO_SSLTLS
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#endif
-
extern buffer ibuf, obuf, nbuf, cbuf;
extern regexp responses[];
@@ -100,10 +98,8 @@ main(int argc, char *argv[])
regexp_compile(responses);
-#ifndef NO_SSLTLS
SSL_library_init();
SSL_load_error_strings();
-#endif
start_lua();
#if LUA_VERSION_NUM < 502
@@ -122,9 +118,7 @@ main(int argc, char *argv[])
#endif
stop_lua();
-#ifndef NO_SSLTLS
ERR_free_strings();
-#endif
regexp_free(responses);
View
12 src/imapfilter.h
@@ -9,11 +9,9 @@
#include <lua.h>
#include <lualib.h>
-#include "session.h"
-
-#ifndef NO_SSLTLS
#include <openssl/ssl.h>
-#endif
+
+#include "session.h"
/* Fatal error exit codes. */
@@ -79,15 +77,11 @@ typedef struct environment {
/* auth.c */
-#ifndef NO_CRAMMD5
unsigned char *auth_cram_md5(const char *user, const char *pass,
unsigned char *chal);
-#endif
/* cert.c */
-#ifndef NO_SSLTLS
int get_cert(session *ssn);
-#endif
/* core.c */
LUALIB_API int luaopen_ifcore(lua_State *lua);
@@ -218,12 +212,10 @@ int close_connection(session *ssn);
ssize_t socket_read(session *ssn, char *buf, size_t len, long timeout,
int timeoutfail);
ssize_t socket_write(session *ssn, const char *buf, size_t len);
-#ifndef NO_SSLTLS
int open_secure_connection(session *ssn);
int close_secure_connection(session *ssn);
ssize_t socket_secure_read(session *ssn, char *buf, size_t len);
ssize_t socket_secure_write(session *ssn, const char *buf, size_t len);
-#endif
/* system.c */
LUALIB_API int luaopen_ifsys(lua_State *lua);
View
16 src/pathnames.h
@@ -3,28 +3,28 @@
/* Lua imapfilter set functions file. */
-#define PATHNAME_COMMON MAKEFILE_SHAREDIR "/common.lua"
+#define PATHNAME_COMMON CONFIG_SHAREDIR "/common.lua"
/* Lua imapfilter set functions file. */
-#define PATHNAME_SET MAKEFILE_SHAREDIR "/set.lua"
+#define PATHNAME_SET CONFIG_SHAREDIR "/set.lua"
/* Lua imapfilter account functions file. */
-#define PATHNAME_ACCOUNT MAKEFILE_SHAREDIR "/account.lua"
+#define PATHNAME_ACCOUNT CONFIG_SHAREDIR "/account.lua"
/* Lua imapfilter mailbox functions file. */
-#define PATHNAME_MAILBOX MAKEFILE_SHAREDIR "/mailbox.lua"
+#define PATHNAME_MAILBOX CONFIG_SHAREDIR "/mailbox.lua"
/* Lua imapfilter message functions file. */
-#define PATHNAME_MESSAGE MAKEFILE_SHAREDIR "/message.lua"
+#define PATHNAME_MESSAGE CONFIG_SHAREDIR "/message.lua"
/* Lua imapfilter message functions file. */
-#define PATHNAME_OPTIONS MAKEFILE_SHAREDIR "/options.lua"
+#define PATHNAME_OPTIONS CONFIG_SHAREDIR "/options.lua"
/* Lua imapfilter regex functions file. */
-#define PATHNAME_REGEX MAKEFILE_SHAREDIR "/regex.lua"
+#define PATHNAME_REGEX CONFIG_SHAREDIR "/regex.lua"
/* Lua imapfilter auxiliary functions file. */
-#define PATHNAME_AUXILIARY MAKEFILE_SHAREDIR "/auxiliary.lua"
+#define PATHNAME_AUXILIARY CONFIG_SHAREDIR "/auxiliary.lua"
#endif /* PATHNAMES_H */
View
4 src/request.c
@@ -181,7 +181,6 @@ request_login(session **ssnptr, const char *server, const char *port, const
if (response_capability(ssn, t) == -1)
goto fail;
-#ifndef NO_SSLTLS
if (!ssn->ssl && ssn->capabilities & CAPABILITY_STARTTLS &&
get_option_boolean("starttls")) {
t = send_request(ssn, "STARTTLS");
@@ -198,10 +197,8 @@ request_login(session **ssnptr, const char *server, const char *port, const
break;
}
}
-#endif
if (rg != STATUS_PREAUTH) {
-#ifndef NO_CRAMMD5
if (ssn->capabilities & CAPABILITY_CRAMMD5 &&
get_option_boolean("crammd5")) {
unsigned char *in, *out;
@@ -221,7 +218,6 @@ request_login(session **ssnptr, const char *server, const char *port, const
} else
goto fail;
}
-#endif
if (r != STATUS_OK) {
t = send_request(ssn, "LOGIN \"%s\" \"%s\"",
ssn->username, ssn->password);
View
6 src/response.c
@@ -320,14 +320,10 @@ response_capability(session *ssn, int tag)
if (xstrcasestr(s, "NAMESPACE"))
ssn->capabilities |= CAPABILITY_NAMESPACE;
-#ifndef NO_CRAMMD5
if (xstrcasestr(s, "AUTH=CRAM-MD5"))
ssn->capabilities |= CAPABILITY_CRAMMD5;
-#endif
-#ifndef NO_SSLTLS
if (xstrcasestr(s, "STARTTLS"))
ssn->capabilities |= CAPABILITY_STARTTLS;
-#endif
if (xstrcasestr(s, "CHILDREN"))
ssn->capabilities |= CAPABILITY_CHILDREN;
@@ -341,7 +337,6 @@ response_capability(session *ssn, int tag)
}
-#ifndef NO_CRAMMD5
/*
* Process the data that server sent due to IMAP AUTHENTICATE client request.
*/
@@ -361,7 +356,6 @@ response_authenticate(session *ssn, int tag, unsigned char **cont)
return r;
}
-#endif
/*
View
2  src/session.c
@@ -41,9 +41,7 @@ session_init(session *ssn)
ssn->username = NULL;
ssn->password = NULL;
ssn->socket = -1;
-#ifndef NO_SSLTLS
ssn->sslsocket = NULL;
-#endif
ssn->protocol = PROTOCOL_NONE;
ssn->capabilities = CAPABILITY_NONE;
ssn->ns.prefix = NULL;
View
4 src/session.h
@@ -2,9 +2,7 @@
#define SESSION_H
-#ifndef NO_SSLTLS
#include <openssl/ssl.h>
-#endif
/* IMAP session. */
@@ -15,9 +13,7 @@ typedef struct session {
const char *username; /* User name. */
const char *password; /* User password. */
int socket; /* Socket. */
-#ifndef NO_SSLTLS
SSL *sslsocket; /* SSL socket. */
-#endif
unsigned int protocol; /* IMAP protocol. Currently IMAP4rev1 and
* IMAP4 are supported. */
unsigned int capabilities; /* Capabilities of the mail server. */
View
37 src/socket.c
@@ -10,13 +10,11 @@
#include <sys/time.h>
#include <sys/select.h>
-#include "imapfilter.h"
-#include "session.h"
-
-#ifndef NO_SSLTLS
#include <openssl/ssl.h>
#include <openssl/err.h>
-#endif
+
+#include "imapfilter.h"
+#include "session.h"
/*
@@ -28,13 +26,6 @@ open_connection(session *ssn)
struct addrinfo hints, *res, *ressave;
int n, sockfd;
-#ifdef NO_SSLTLS
- if (ssn->ssl) {
- error("SSL not supported by this build\n");
- return -1;
- }
-#endif
-
memset(&hints, 0, sizeof(struct addrinfo));
hints.ai_family = AF_UNSPEC;
@@ -75,20 +66,17 @@ open_connection(session *ssn)
ssn->socket = sockfd;
-#ifndef NO_SSLTLS
if (ssn->ssl) {
if (open_secure_connection(ssn) == -1) {
close_connection(ssn);
return -1;
}
}
-#endif
return ssn->socket;
}
-#ifndef NO_SSLTLS
/*
* Initialize SSL/TLS connection.
*/
@@ -166,7 +154,6 @@ open_secure_connection(session *ssn)
return -1;
}
-#endif /* NO_SSLTLS */
/*
@@ -179,9 +166,7 @@ close_connection(session *ssn)
r = 0;
-#ifndef NO_SSLTLS
close_secure_connection(ssn);
-#endif
if (ssn->socket != -1) {
r = close(ssn->socket);
@@ -194,7 +179,6 @@ close_connection(session *ssn)
}
-#ifndef NO_SSLTLS
/*
* Shutdown SSL/TLS connection.
*/
@@ -210,7 +194,6 @@ close_secure_connection(session *ssn)
return 0;
}
-#endif
/*
@@ -242,7 +225,6 @@ socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail)
FD_ZERO(&fds);
FD_SET(ssn->socket, &fds);
-#ifndef NO_SSLTLS
if (ssn->sslsocket) {
if (SSL_pending(ssn->sslsocket) > 0 ||
((s = select(ssn->socket + 1, &fds, NULL, NULL, tvp)) > 0 &&
@@ -252,9 +234,7 @@ socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail)
if (r <= 0)
goto fail;
}
- } else
-#endif
- {
+ } else {
if ((s = select(ssn->socket + 1, &fds, NULL, NULL, tvp)) > 0 &&
FD_ISSET(ssn->socket, &fds)) {
r = read(ssn->socket, buf, len);
@@ -285,7 +265,6 @@ socket_read(session *ssn, char *buf, size_t len, long timeout, int timeoutfail)
}
-#ifndef NO_SSLTLS
/*
* Read data from a TLS/SSL connection.
*/
@@ -332,7 +311,6 @@ socket_secure_read(session *ssn, char *buf, size_t len)
return r;
}
-#endif
/*
@@ -354,15 +332,12 @@ socket_write(session *ssn, const char *buf, size_t len)
while (len) {
if ((s = select(ssn->socket + 1, NULL, &fds, NULL, NULL) > 0 &&
FD_ISSET(ssn->socket, &fds))) {
-#ifndef NO_SSLTLS
if (ssn->sslsocket) {
r = socket_secure_write(ssn, buf, len);
if (r <= 0)
goto fail;
- } else
-#endif
- {
+ } else {
r = write(ssn->socket, buf, len);
if (r == -1) {
@@ -398,7 +373,6 @@ socket_write(session *ssn, const char *buf, size_t len)
}
-#ifndef NO_SSLTLS
/*
* Write data to a TLS/SSL connection.
*/
@@ -445,4 +419,3 @@ socket_secure_write(session *ssn, const char *buf, size_t len)
return r;
}
-#endif
Please sign in to comment.
Something went wrong with that request. Please try again.