xref: /netbsd-src/external/ibm-public/postfix/dist/src/tls/tls_proxy_client_misc.c (revision 181254a7b1bdde6873432bffef2d2decc4b5c22f) 
1 /*	$NetBSD: tls_proxy_client_misc.c,v 1.2 2020/03/18 19:05:21 christos Exp $	*/
2 
3 /*++
4 /* NAME
5 /*	tls_proxy_client_misc 3
6 /* SUMMARY
7 /*	TLS_CLIENT_XXX structure support
8 /* SYNOPSIS
9 /*	#include <tls_proxy.h>
10 /*
11 /*	TLS_CLIENT_PARAMS *tls_proxy_client_param_from_config(params)
12 /*	TLS_CLIENT_PARAMS *params;
13 /*
14 /*	char	*tls_proxy_client_param_to_string(buf, params)
15 /*	VSTRING *buf;
16 /*	TLS_CLIENT_PARAMS *params;
17 /*
18 /*	char	*tls_proxy_client_param_with_names_to_string(buf, params)
19 /*	VSTRING *buf;
20 /*	TLS_CLIENT_PARAMS *params;
21 /*
22 /*	char	*tls_proxy_client_init_to_string(buf, init_props)
23 /*	VSTRING *buf;
24 /*	TLS_CLIENT_INIT_PROPS *init_props;
25 /* DESCRIPTION
26 /*	tls_proxy_client_param_from_config() initializes a TLS_CLIENT_PARAMS
27 /*	structure from configuration parameters and returns its
28 /*	argument. Strings are not copied. The result must therefore
29 /*	not be passed to tls_proxy_client_param_free().
30 /*
31 /*	tls_proxy_client_param_to_string() produces a lookup key
32 /*	that is unique for the TLS_CLIENT_PARAMS member values.
33 /*
34 /*	tls_proxy_client_param_with_names_to_string() produces a
35 /*	string with "name = value\n" for each TLS_CLIENT_PARAMS
36 /*	member. This may be useful for reporting differences between
37 /*	TLS_CLIENT_PARAMS instances.
38 /*
39 /*	tls_proxy_client_init_to_string() produces a lookup key
40 /*	that is unique for the properties received by
41 /*	tls_proxy_client_init_scan().
42 /*
43 /*	tls_proxy_client_init_with_names_to_string() produces a
44 /*	string with "name = value\n" for each TLS_CLIENT_INIT_PROPS
45 /*	member. This may be useful for reporting differences between
46 /*	TLS_CLIENT_INIT_PROPS instances.
47 /* LICENSE
48 /* .ad
49 /* .fi
50 /*	The Secure Mailer license must be distributed with this software.
51 /* AUTHOR(S)
52 /*	Wietse Venema
53 /*	Google, Inc.
54 /*	111 8th Avenue
55 /*	New York, NY 10011, USA
56 /*--*/
57 
58 #ifdef USE_TLS
59 
60 /* System library. */
61 
62 #include <sys_defs.h>
63 
64 /* Utility library */
65 
66 #include <attr.h>
67 #include <msg.h>
68 
69 /* Global library. */
70 
71 #include <mail_params.h>
72 
73 /* TLS library. */
74 
75 #include <tls.h>
76 #include <tls_proxy.h>
77 
78 /* tls_proxy_client_param_from_config - initialize TLS_CLIENT_PARAMS from configuration */
79 
80 TLS_CLIENT_PARAMS *tls_proxy_client_param_from_config(TLS_CLIENT_PARAMS *params)
81 {
82     TLS_PROXY_PARAMS(params,
83 		     tls_high_clist = var_tls_high_clist,
84 		     tls_medium_clist = var_tls_medium_clist,
85 		     tls_low_clist = var_tls_low_clist,
86 		     tls_export_clist = var_tls_export_clist,
87 		     tls_null_clist = var_tls_null_clist,
88 		     tls_eecdh_auto = var_tls_eecdh_auto,
89 		     tls_eecdh_strong = var_tls_eecdh_strong,
90 		     tls_eecdh_ultra = var_tls_eecdh_ultra,
91 		     tls_bug_tweaks = var_tls_bug_tweaks,
92 		     tls_ssl_options = var_tls_ssl_options,
93 		     tls_dane_digests = var_tls_dane_digests,
94 		     tls_mgr_service = var_tls_mgr_service,
95 		     tls_tkt_cipher = var_tls_tkt_cipher,
96 		     tls_daemon_rand_bytes = var_tls_daemon_rand_bytes,
97 		     tls_append_def_CA = var_tls_append_def_CA,
98 		     tls_bc_pkey_fprint = var_tls_bc_pkey_fprint,
99 		     tls_preempt_clist = var_tls_preempt_clist,
100 		     tls_multi_wildcard = var_tls_multi_wildcard);
101     return (params);
102 }
103 
104 /* tls_proxy_client_param_to_string - serialize TLS_CLIENT_PARAMS to string */
105 
106 char   *tls_proxy_client_param_to_string(VSTRING *buf, TLS_CLIENT_PARAMS *params)
107 {
108     vstring_sprintf(buf, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n"
109 		    "%s\n%s\n%d\n%d\n%d\n%d\n%d\n",
110 		    params->tls_high_clist, params->tls_medium_clist,
111 		    params->tls_low_clist, params->tls_export_clist,
112 		    params->tls_null_clist, params->tls_eecdh_auto,
113 		    params->tls_eecdh_strong, params->tls_eecdh_ultra,
114 		    params->tls_bug_tweaks, params->tls_ssl_options,
115 		    params->tls_dane_digests, params->tls_mgr_service,
116 		    params->tls_tkt_cipher, params->tls_daemon_rand_bytes,
117 		    params->tls_append_def_CA, params->tls_bc_pkey_fprint,
118 		    params->tls_preempt_clist, params->tls_multi_wildcard);
119     return (vstring_str(buf));
120 }
121 
122 /* tls_proxy_client_param_with_names_to_string - serialize TLS_CLIENT_PARAMS to string */
123 
124 char   *tls_proxy_client_param_with_names_to_string(VSTRING *buf, TLS_CLIENT_PARAMS *params)
125 {
126     vstring_sprintf(buf, "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n"
127 		    "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n"
128 		    "%s = %s\n%s = %s\n%s = %d\n"
129 		    "%s = %d\n%s = %d\n%s = %d\n%s = %d\n",
130 		    VAR_TLS_HIGH_CLIST, params->tls_high_clist,
131 		    VAR_TLS_MEDIUM_CLIST, params->tls_medium_clist,
132 		    VAR_TLS_LOW_CLIST, params->tls_low_clist,
133 		    VAR_TLS_EXPORT_CLIST, params->tls_export_clist,
134 		    VAR_TLS_NULL_CLIST, params->tls_null_clist,
135 		    VAR_TLS_EECDH_AUTO, params->tls_eecdh_auto,
136 		    VAR_TLS_EECDH_STRONG, params->tls_eecdh_strong,
137 		    VAR_TLS_EECDH_ULTRA, params->tls_eecdh_ultra,
138 		    VAR_TLS_BUG_TWEAKS, params->tls_bug_tweaks,
139 		    VAR_TLS_SSL_OPTIONS, params->tls_ssl_options,
140 		    VAR_TLS_DANE_DIGESTS, params->tls_dane_digests,
141 		    VAR_TLS_MGR_SERVICE, params->tls_mgr_service,
142 		    VAR_TLS_TKT_CIPHER, params->tls_tkt_cipher,
143 		    VAR_TLS_DAEMON_RAND_BYTES, params->tls_daemon_rand_bytes,
144 		    VAR_TLS_APPEND_DEF_CA, params->tls_append_def_CA,
145 		    VAR_TLS_BC_PKEY_FPRINT, params->tls_bc_pkey_fprint,
146 		    VAR_TLS_PREEMPT_CLIST, params->tls_preempt_clist,
147 		    VAR_TLS_MULTI_WILDCARD, params->tls_multi_wildcard);
148     return (vstring_str(buf));
149 }
150 
151 /* tls_proxy_client_init_to_string - serialize to string */
152 
153 char   *tls_proxy_client_init_to_string(VSTRING *buf,
154 					        TLS_CLIENT_INIT_PROPS *props)
155 {
156     vstring_sprintf(buf, "%s\n%s\n%d\n%s\n%s\n%s\n%s\n%s\n%s\n"
157 		    "%s\n%s\n%s\n%s\n%s\n", props->log_param,
158 		    props->log_level, props->verifydepth,
159 		    props->cache_type, props->chain_files,
160 		    props->cert_file, props->key_file,
161 		    props->dcert_file, props->dkey_file,
162 		    props->eccert_file, props->eckey_file,
163 		    props->CAfile, props->CApath, props->mdalg);
164     return (vstring_str(buf));
165 }
166 
167 /* tls_proxy_client_init_with_names_to_string - serialize to string */
168 
169 char   *tls_proxy_client_init_with_names_to_string(VSTRING *buf,
170 					        TLS_CLIENT_INIT_PROPS *props)
171 {
172     vstring_sprintf(buf, "%s = %s\n%s = %s\n%s = %d\n%s = %s\n%s = %s\n"
173 		    "%s = %s\n%s = %s\n%s = %s\n%s = %s\n%s = %s\n"
174 		    "%s = %s\n%s = %s\n%s = %s\n%s = %s\n",
175 		    TLS_ATTR_LOG_PARAM, props->log_param,
176 		    TLS_ATTR_LOG_LEVEL, props->log_level,
177 		    TLS_ATTR_VERIFYDEPTH, props->verifydepth,
178 		    TLS_ATTR_CACHE_TYPE, props->cache_type,
179 		    TLS_ATTR_CHAIN_FILES, props->chain_files,
180 		    TLS_ATTR_CERT_FILE, props->cert_file,
181 		    TLS_ATTR_KEY_FILE, props->key_file,
182 		    TLS_ATTR_DCERT_FILE, props->dcert_file,
183 		    TLS_ATTR_DKEY_FILE, props->dkey_file,
184 		    TLS_ATTR_ECCERT_FILE, props->eccert_file,
185 		    TLS_ATTR_ECKEY_FILE, props->eckey_file,
186 		    TLS_ATTR_CAFILE, props->CAfile,
187 		    TLS_ATTR_CAPATH, props->CApath,
188 		    TLS_ATTR_MDALG, props->mdalg);
189     return (vstring_str(buf));
190 }
191 
192 #endif
193